Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
78.70.235.238 | Sweden | ![]() |
208.95.112.1 | United States | ![]() |
149.154.167.220 | United Kingdom | ![]() |
Name | IP | Detection |
---|---|---|
f8terat.ddns.net | 78.70.235.238 | ![]() |
ip-api.com | 208.95.112.1 | ![]() |
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com | 217.20.58.100 | ![]() |
Click to see the 1 hidden entries | ||
api.telegram.org | 149.154.167.220 | ![]() |
Name | Detection |
---|---|
78.70.235.238:1912 | ![]() |
78.70.235.238 | ![]() |
https://github.com/Pester/Pester | ![]() |
Click to see the 97 hidden entries | |
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue | ![]() |
http://schemas.xmlsoap.org/wsdl/ | ![]() |
http://schemas.xmlsoap.org/ws/2004/08/addressing | ![]() |
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey | ![]() |
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC | ![]() |
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego | ![]() |
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay | ![]() |
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested | ![]() |
https://contoso.com/Icon | ![]() |
http://tempuri.org/Entity/Id1Response | ![]() |
http://tempuri.org/Entity/Id24Response | ![]() |
https://slickdeals.net/?cno=6959959&sdtrk=bing | ![]() |
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue | ![]() |
http://tempuri.org/Entity/Id24 | ![]() |
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1 | ![]() |
http://tempuri.org/Entity/Id23 | ![]() |
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1 | ![]() |
http://tempuri.org/Entity/Id22 | ![]() |
http://tempuri.org/Entity/Id21 | ![]() |
http://tempuri.org/Entity/Id20 | ![]() |
http://crl.mic | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce | ![]() |
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey | ![]() |
https://api.telegram.org/bot7742194912:AAGSH51C4BpkbbvEQlO-cv-lDoJZMVxqyN4/sendMessage?chat_id=5456205643&text=%E2%98%A0%20%5BXWorm%20V5.6%5D%0D%0A%0D%0ANew%20Clinet%20:%20%0D%0A1BE7C2BE68B9D4CE53EB%0D%0A%0D%0AUserName%20:%20user%0D%0AOSFullName%20:%20Microsoft%20Windows%2010%20Pro%0D%0AUSB%20:%20False%0D%0ACPU%20:%20Error%0D%0AGPU%20:%20VPWLLKOO%20%0D%0ARAM%20:%207.99%20GB%0D%0AGroub%20:%20HawkEye%20V1.0 | ![]() |
https://api.retailmenot.com/security/public/out/5V4O3ZVBGJBZLEJTSCCWGL5B4Y?marketingcampaign=5V4O3ZV | ![]() |
http://tempuri.org/Entity/Id8Response | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew | ![]() |
http://tempuri.org/Entity/Id10Response | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns | ![]() |
http://tempuri.org/Entity/Id19 | ![]() |
http://tempuri.org/Entity/Id5Response | ![]() |
http://tempuri.org/Entity/Id18 | ![]() |
http://tempuri.org/Entity/Id17 | ![]() |
http://schemas.xmlsoap.org/ws/2004/04/trust | ![]() |
https://www.savings.com/m/p/32073281/12104416/c?afsrc=1&up=2022-10-24-16-43&auto_show_edge_shopping_ | ![]() |
http://tempuri.org/Entity/Id16 | ![]() |
http://tempuri.org/Entity/Id15 | ![]() |
http://tempuri.org/Entity/Id14 | ![]() |
http://tempuri.org/Entity/Id13 | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel | ![]() |
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse | ![]() |
http://tempuri.org/Entity/Id16Response | ![]() |
http://tempuri.org/Entity/Id12 | ![]() |
http://tempuri.org/Entity/Id11 | ![]() |
http://tempuri.org/Entity/Id10 | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1 | ![]() |
http://tempuri.org/Entity/Id19Response | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret | ![]() |
http://tempuri.org/Entity/Id6 | ![]() |
http://tempuri.org/Entity/Id7 | ![]() |
http://tempuri.org/Entity/Id4 | ![]() |
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare | ![]() |
http://tempuri.org/Entity/Id5 | ![]() |
http://tempuri.org/Entity/Id8 | ![]() |
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID | ![]() |
http://tempuri.org/Entity/Id9 | ![]() |
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap | ![]() |
http://tempuri.org/Entity/Id21Response | ![]() |
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license | ![]() |
http://tempuri.org/Entity/Id2Response | ![]() |
http://tempuri.org/ | ![]() |
https://api.retailmenot.com/security/public/out/3RWA3MREY5DRNIWOCMG7AH4FOY?marketingcampaign=3RWA3MR | ![]() |
http://www.microsoft.co | ![]() |
http://tempuri.org/Entity/Id12Response | ![]() |
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary | ![]() |
http://crl.microsoft | ![]() |
http://tempuri.org/Entity/Id23ResponseD | ![]() |
https://api.telegram.org/bot | ![]() |
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/sc/sct | ![]() |
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register | ![]() |
http://tempuri.org/Entity/Id9Response | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel | ![]() |
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC | ![]() |
http://tempuri.org/Entity/Id1ResponseD | ![]() |
http://schemas.xmlsoap.org/ws/2004/04/sc | ![]() |
http://www.apache.org/licenses/LICENSE-2.0.html | ![]() |
http://schemas.xmlsoap.org/soap/encoding/ | ![]() |
http://pesterbdd.com/images/Pester.png | ![]() |
https://api.ip.sb/ip | ![]() |
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey | ![]() |
http://tempuri.org/Entity/Id6Response | ![]() |
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | ![]() |
http://tempuri.org/Entity/Id15Response | ![]() |
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey | ![]() |
http://schemas.xmlsoap.org/ws/2004/10/wsat | ![]() |
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault | ![]() |
https://nuget.org/nuget.exe | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence | ![]() |
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted | ![]() |
https://github.com/LimerBoy/StormKitty | ![]() |
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue | ![]() |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Comms\UnistoreDB\USS.jtx.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00001.jrs.ENC |
Alpha compressed COFF | # | ![]() |
C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00002.jrs.ENC |
Alpha compressed COFF | # | ![]() |
Click to see the 100 hidden entries | |||
C:\Users\user\AppData\Local\Comms\UnistoreDB\USStmp.jtx.ENC |
Alpha compressed COFF | # | ![]() |
C:\Users\user\AppData\Local\Comms\UnistoreDB\store.jfm.ENC |
DOS executable (COM, 0x8C-variant) | # | ![]() |
C:\Users\user\AppData\Local\Comms\UnistoreDB\store.vol.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\D3DSCache\f4d41c5d09ae781\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-651E6B08-3C.pma.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Affiliation Database.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\DawnCache\index.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\index.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\InterestGroups.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Trust Tokens.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PrivateAggregation.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Shortcuts.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Top Sites.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\index.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Google\Chrome\User Data\first_party_sets.db.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\spoolsv.exe.log |
CSV text | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.8\v1FieldTypes.json.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\CertificateRevocation\6498.2023.8.1\crl-set.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.2.33\data.txt.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\edge_driver.js.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\product_page.js.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shopping.js.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.5975.0\shoppingfre.js.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-cu.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-cy.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-1901.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-1996.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-de-ch-1901.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-en-gb.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-en-us.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-et.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-ga.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-hu.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-nb.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\hyphen-data\101.0.4906.0\hyph-nn.hyb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\23001069669.ttf.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\28367963232.ttf.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\29442803203.ttf.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\30264859306.ttf.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\24153076628.ttf.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\30284701761.ttf.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\31558910439.ttf.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\37262344671.ttf.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\FontCache\4\PreviewFont\flat_officeFontsPreview_4_35.ttf.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\GameDVR\KnownGameList.bin.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\officec2rclient.exe_Rules\rule230170v1.xml.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\officec2rclient.exe_Rules\rule230172v1.xml.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230170v1.xml.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230172v1.xml.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Office\OTele\excel.exe.db.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog_RunOnce.etl.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Windows\Safety\edge\remote\topTraffic_638004170464094982.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Windows\Shell\DefaultLayouts.xml.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01res00001.jrs.ENC |
Alpha compressed COFF | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01res00002.jrs.ENC |
Alpha compressed COFF | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\10f5ef49-b826-4bae-a469-4fe1cdaa885f.tmp.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\18e190413af045db88dfbd29609eb877.db.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\18e190413af045db88dfbd29609eb877.db.session64.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\user-PC-20231005-0843.log.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\user-PC-20231005-0844.log.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\user-PC-20231005-0847.log.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\JSAMSIProvider32.dll.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\JSAMSIProvider64.dll.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\edge_BITS_3244_1097730144\873489b1-33b2-480a-baa2-641b9e09edcd.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\edge_BITS_3244_1414705840\e8d11bd0-b939-446e-b741-2c68ed471a53.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\edge_BITS_3244_1974482915\01d00eb7-ae22-4601-b5b4-6bd76494c105.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\edge_BITS_3244_1990501612\1187695d-8276-4e31-8de1-9e57768989bd.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\edge_BITS_3244_2117939348\c78f9967-7a8c-44b0-ad94-732b63c89638.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\edge_BITS_3244_308048737\12ed7c6f-b741-47d7-afa5-30f752dc978b.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\edge_BITS_3244_492380506\2132f61f-f790-4ae6-a355-8cf9a1533800.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\edge_BITS_3244_529259725\9e51170b-7adf-40ab-83b6-5f97b13bedcb.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\edge_BITS_3244_669696935\c50698d5-282c-4c8d-9fa6-c155f2d8d379.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\edge_BITS_3244_677372717\84fb0759-2f62-4b78-b3f8-d06ffbe5ed10.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\f92dd30f-d70e-4c79-98e6-b827a8bb342f.tmp.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\prep_foundation_win32_bundle_V8_perf.cache.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\prep_privacy-sdx_win32_bundle_js_V8_perf.cache.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\scoped_dir5952_991612011\CRX_INSTALL\common\analytics.js.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\scoped_dir5952_991612011\CRX_INSTALL\libs\jquery-3.1.1.js.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\scoped_dir5952_991612011\CRX_INSTALL\libs\jquery-3.1.1.min.js.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\wct7120.tmp.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\wctB366.tmp.ENC |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\wctDE6E.tmp.ENC |
data | # | ![]() |