| description | ioc | process |
|---|
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-newdev_31bf3856ad364e35_6.1.7600.16385_none_114ca177b1fcad24_newdev.dll_7eb7622f | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-a..structure.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_f6a00d30a34ae11a_sdbinst.exe.mui_258ad624 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-g..licy-base.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_4bf9d57947dd35b9_gpapi.dll.mui_ef0a9748 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-profsvc.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c2b105891e24eb61_profsvc.dll.mui_32482e9e | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-rasrtutils_31bf3856ad364e35_6.1.7601.17514_none_6b3b9980011a19de_rtutils.dll_243724ab | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-crypt32-dll.resources_31bf3856ad364e35_6.1.7600.16385_de-de_250c5db92cbbfe4b_crypt32.dll.mui_4268f86a | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_4c840294b551dbf9_comdlg32.dll.mui_ac8e62f4 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-dui70.resources_31bf3856ad364e35_6.1.7600.16385_en-us_619e13eec4db6369_dui70.dll.mui_de5f27e2 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-m..ditevtlog.resources_31bf3856ad364e35_6.1.7600.16385_es-es_59a756fabb56ede3.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-b..nager-efi.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_97769b281ba398b8_bootmgr.efi.mui_be5d0075 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-g..licy-base.resources_31bf3856ad364e35_6.1.7600.16385_es-es_1cf4ea268abe27fe_gpsvc.dll.mui_0c160ac2 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..pp-client.resources_31bf3856ad364e35_6.1.7600.16385_de-de_ec4e337f0ce0896b_slc.dll.mui_dc24f809 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-webio.resources_31bf3856ad364e35_6.1.7601.17514_ja-jp_8c6fe68c0c8fba1a_webio.dll.mui_e805c4b7 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-wmi-core.resources_31bf3856ad364e35_6.1.7600.16385_en-us_30bc7fe1e159c5d3.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-mlang.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_856144d7e24caf0a.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-s..subsystem.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_961efb4172b82af7_scarddlg.dll.mui_300ae9df | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-font-bitmap-oem_31bf3856ad364e35_6.1.7600.16385_none_59590e92c817a4e0_s8514oem.fon_304f98b5 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-i..tional-codepage-936_31bf3856ad364e35_6.1.7600.16385_none_2acfd536b4ed2a23.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-p..structure.resources_31bf3856ad364e35_6.1.7601.17514_fr-fr_65c533f1c582e47c_perfi.dat_e3a35ecf | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-rasserver_31bf3856ad364e35_6.1.7601.17514_none_09cf3ec67e6c6b50_rasservermigplugin-dl.man_babd2d8e | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\wow64_microsoft-windows-appid.resources_31bf3856ad364e35_6.1.7600.16385_en-us_9c7424fcfaec8d6b.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-i..er-engine.resources_31bf3856ad364e35_6.1.7601.17514_tr-tr_d752a669f3ec89fa_msimsg.dll.mui_72e8994f | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-u..erservice.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f09dccd4f32812c2.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-i..tional-codepage-775_31bf3856ad364e35_6.1.7600.16385_none_2ae98cfeb4d93dfc.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-m..ents-mdac.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_5c8a8ee4f97b7f12.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-shell32.resources_31bf3856ad364e35_6.1.7601.17514_es-es_b79b28ecefa21fda.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-wmi-core.resources_31bf3856ad364e35_6.1.7601.17514_es-es_32b8f08dde6f3b12_ncprov.dll.mui_40240de1 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.1.7600.16385_zh-tw_82dac7a36bd74688.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-font-truetype-raavi_31bf3856ad364e35_6.1.7600.16385_none_a2d43ed8e3097243.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-w..-encoding.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c49975d6cf9550ff.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-a..llservice.resources_31bf3856ad364e35_6.1.7600.16385_de-de_10d22dcfce04430a.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-appid.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_34a24d8db984d377_appidsvc.dll.mui_6717e231 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-comctl32-v5.resources_31bf3856ad364e35_6.1.7600.16385_lv-lv_359174e350f0ded0_comctl32.dll.mui_0da4e682 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-dfsclient_31bf3856ad364e35_6.1.7601.17514_none_e5c0334cfcbb6f1f.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-font-bitmap-fixed_31bf3856ad364e35_6.1.7600.16385_none_db04d3f548508fd9_h8514fix.fon_9a1c84fa | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-font-bitmap-terminal_31bf3856ad364e35_6.1.7600.16385_none_70644a8bdb0d9303_ega80737.fon_604f84b5 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-font-fms_31bf3856ad364e35_6.1.7601.17514_none_a5f8bb0ccaefbe07.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-newdev.resources_31bf3856ad364e35_6.1.7600.16385_en-us_cf00a033363ace4b.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-keyiso.resources_31bf3856ad364e35_6.1.7600.16385_de-de_6170816be6863ccb_keyiso.dll.mui_4bbf12ff | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-mlang.resources_31bf3856ad364e35_6.1.7600.16385_hr-hr_6ed8265c4c3dbb0a.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-d2d_31bf3856ad364e35_7.1.7601.16492_none_f6dafd66fdb9c254.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_21d625cff367fd81.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-d..lient-dll.resources_31bf3856ad364e35_6.1.7601.17514_en-us_57ee6a4218527f7e_dhcpcore6.dll.mui_27872349 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-mlang.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_14424567ab0c4d42_mlang.dll.mui_2904864a | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-p..ndprintui.resources_31bf3856ad364e35_6.1.7600.16385_es-es_d2945884bb037beb.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-comdlg32.resources_31bf3856ad364e35_6.1.7601.17514_bg-bg_5abc71b3b20b3a94.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-commonlog.resources_31bf3856ad364e35_6.1.7600.16385_es-es_6e1909b6145934ca.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-e..rtingcore.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_8dd8c4f40dc38dd9_wer.dll.mui_e68ddae7 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\wow64_microsoft-windows-kernelbase.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_80e9298bf792ff3e.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-wintrust-dll_31bf3856ad364e35_6.1.7601.17514_none_f1b5a3b0f852fe0e_wintrust.dll_abec426a | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-x..nrollment.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_d84bdc3098a2df3d_certenrollctrl.exe.mui_3b48c5a6 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.1.7601.17514_none_227e1c01642654f4_werdiagcontroller.dll_208f2db3 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_299cd5b40ed6d155_winresume.exe.mui_ff8b5358 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-d..owmanager.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_34be759892c77101_dwmcore.dll.mui_ebf60d96 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-duser.resources_31bf3856ad364e35_6.1.7600.16385_de-de_283494514da2fa34_duser.dll.mui_3c369ac4 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-lddmcore_31bf3856ad364e35_6.1.7601.17514_none_09ee9e0dfa2c4fbd_dxgmms1.sys_9c98a5d4 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-session0viewer_31bf3856ad364e35_6.1.7600.16385_none_3ddbd9a9605f0519_ui0detect.exe_639495e3 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\x86_microsoft-windows-mfc42x.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_64fae1eae3516fc5_mfc42.dll.mui_66106d85 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-commonlog_31bf3856ad364e35_6.1.7600.16385_none_da778c54413d0c9c.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-f..ruetype-new_tai_lue_31bf3856ad364e35_6.1.7600.16385_none_325f57c8c0ee36a8_ntailu.ttf_c1891505 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277_lsasrv.dll_56db747f | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a_netrass.inf_8745cd37 | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..resources.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_f9fce189b9d4bb7e.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
| File opened for modification | C:\Windows\winsxs\Backup\amd64_microsoft-windows-comdlg32.resources_31bf3856ad364e35_6.1.7601.17514_zh-tw_ac9edb6e6b20299f.manifest | c3669070ec6f303b54314f9301e1294f86afbe22e379773397100d85fc9a4390.exe |
