Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
33s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
-
submitted
02/12/2022, 19:37
General
-
Target
a86a9907fd13d21e207058684b41a153941a94dc43857c7eddacc3fb05dd9fe5.exe
-
Size
72KB
-
MD5
a520459ae9493ede7bab6ec66a7079b5
-
SHA1
354fa1b74c68781079fdfa572aa3575959615850
-
SHA256
a86a9907fd13d21e207058684b41a153941a94dc43857c7eddacc3fb05dd9fe5
-
SHA512
1d1612e5c172ff342cc33ee9a60c27ddb8731be36fb9e944bf8455e4b6cf9a17e4aadd5995d71ddb71f6933566f821289059ad26c7072354716fb8ea671f03f8
-
SSDEEP
384:N6wayA+1mwnA353BXR+oGfPmfm4MlcTGXdhjwroyY2rebV5O6KgxWb/83BXR+oGr:NpQNwC3BESe4Vqth+0V5vKlE3BEJwRrW
Score
10/10
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Loads dropped DLL 64 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\a86a9907fd13d21e207058684b41a153941a94dc43857c7eddacc3fb05dd9fe5.exe"C:\Users\Admin\AppData\Local\Temp\a86a9907fd13d21e207058684b41a153941a94dc43857c7eddacc3fb05dd9fe5.exe"1⤵
- Loads dropped DLL
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\4131664865\backup.exeC:\Users\Admin\AppData\Local\Temp\4131664865\backup.exe C:\Users\Admin\AppData\Local\Temp\4131664865\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\backup.exe\backup.exe \3⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\backup.exeC:\PerfLogs\backup.exe C:\PerfLogs\4⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\Admin\backup.exeC:\PerfLogs\Admin\backup.exe C:\PerfLogs\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\backup.exe"C:\Program Files\backup.exe" C:\Program Files\4⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\7-Zip\backup.exe"C:\Program Files\7-Zip\backup.exe" C:\Program Files\7-Zip\5⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Common Files\Microsoft Shared\backup.exe"C:\Program Files\Common Files\Microsoft Shared\backup.exe" C:\Program Files\Common Files\Microsoft Shared\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Common Files\Microsoft Shared\Filters\data.exe"C:\Program Files\Common Files\Microsoft Shared\Filters\data.exe" C:\Program Files\Common Files\Microsoft Shared\Filters\7⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\7⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\en-US\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\update.exe"C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\update.exe" C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\8⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\update.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\update.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\9⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\update.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\update.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\data.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\data.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\update.exe"C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\update.exe" C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\7⤵
- Executes dropped EXE
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\update.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\update.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\7⤵
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\8⤵
- System policy modification
-
-
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Stationery\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\7⤵
- Drops file in Program Files directory
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\es-ES\data.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\es-ES\data.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\fr-FR\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\it-IT\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\de-DE\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\de-DE\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\de-DE\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\es-ES\update.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\es-ES\update.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\es-ES\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\fr-FR\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\it-IT\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\ja-JP\8⤵
- System policy modification
-
-
-
C:\Program Files\Common Files\Microsoft Shared\VC\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VC\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VC\7⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\VGX\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VGX\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VGX\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\VSTO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VSTO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VSTO\7⤵
-
C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\8⤵
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\9⤵
- Modifies visibility of file extensions in Explorer
-
-
-
-
-
C:\Program Files\Common Files\Services\backup.exe"C:\Program Files\Common Files\Services\backup.exe" C:\Program Files\Common Files\Services\6⤵
- System policy modification
-
-
C:\Program Files\Common Files\SpeechEngines\backup.exe"C:\Program Files\Common Files\SpeechEngines\backup.exe" C:\Program Files\Common Files\SpeechEngines\6⤵
-
C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe"C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe" C:\Program Files\Common Files\SpeechEngines\Microsoft\7⤵
-
-
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Common Files\System\ado\backup.exe"C:\Program Files\Common Files\System\ado\backup.exe" C:\Program Files\Common Files\System\ado\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Common Files\System\ado\de-DE\backup.exe"C:\Program Files\Common Files\System\ado\de-DE\backup.exe" C:\Program Files\Common Files\System\ado\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\ado\en-US\backup.exe"C:\Program Files\Common Files\System\ado\en-US\backup.exe" C:\Program Files\Common Files\System\ado\en-US\8⤵
-
-
C:\Program Files\Common Files\System\ado\es-ES\backup.exe"C:\Program Files\Common Files\System\ado\es-ES\backup.exe" C:\Program Files\Common Files\System\ado\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\ado\fr-FR\backup.exe"C:\Program Files\Common Files\System\ado\fr-FR\backup.exe" C:\Program Files\Common Files\System\ado\fr-FR\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\ado\it-IT\backup.exe"C:\Program Files\Common Files\System\ado\it-IT\backup.exe" C:\Program Files\Common Files\System\ado\it-IT\8⤵
-
-
C:\Program Files\Common Files\System\ado\ja-JP\backup.exe"C:\Program Files\Common Files\System\ado\ja-JP\backup.exe" C:\Program Files\Common Files\System\ado\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\System\de-DE\backup.exe"C:\Program Files\Common Files\System\de-DE\backup.exe" C:\Program Files\Common Files\System\de-DE\7⤵
- System policy modification
-
-
C:\Program Files\Common Files\System\en-US\backup.exe"C:\Program Files\Common Files\System\en-US\backup.exe" C:\Program Files\Common Files\System\en-US\7⤵
-
-
C:\Program Files\Common Files\System\es-ES\backup.exe"C:\Program Files\Common Files\System\es-ES\backup.exe" C:\Program Files\Common Files\System\es-ES\7⤵
-
-
C:\Program Files\Common Files\System\fr-FR\backup.exe"C:\Program Files\Common Files\System\fr-FR\backup.exe" C:\Program Files\Common Files\System\fr-FR\7⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\System\it-IT\backup.exe"C:\Program Files\Common Files\System\it-IT\backup.exe" C:\Program Files\Common Files\System\it-IT\7⤵
- System policy modification
-
-
C:\Program Files\Common Files\System\ja-JP\backup.exe"C:\Program Files\Common Files\System\ja-JP\backup.exe" C:\Program Files\Common Files\System\ja-JP\7⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\msadc\backup.exe"C:\Program Files\Common Files\System\msadc\backup.exe" C:\Program Files\Common Files\System\msadc\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Common Files\System\msadc\de-DE\backup.exe"C:\Program Files\Common Files\System\msadc\de-DE\backup.exe" C:\Program Files\Common Files\System\msadc\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\msadc\en-US\backup.exe"C:\Program Files\Common Files\System\msadc\en-US\backup.exe" C:\Program Files\Common Files\System\msadc\en-US\8⤵
-
-
C:\Program Files\Common Files\System\msadc\es-ES\backup.exe"C:\Program Files\Common Files\System\msadc\es-ES\backup.exe" C:\Program Files\Common Files\System\msadc\es-ES\8⤵
-
-
C:\Program Files\Common Files\System\msadc\fr-FR\backup.exe"C:\Program Files\Common Files\System\msadc\fr-FR\backup.exe" C:\Program Files\Common Files\System\msadc\fr-FR\8⤵
-
-
C:\Program Files\Common Files\System\msadc\it-IT\backup.exe"C:\Program Files\Common Files\System\msadc\it-IT\backup.exe" C:\Program Files\Common Files\System\msadc\it-IT\8⤵
-
-
C:\Program Files\Common Files\System\msadc\ja-JP\backup.exe"C:\Program Files\Common Files\System\msadc\ja-JP\backup.exe" C:\Program Files\Common Files\System\msadc\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\System\Ole DB\backup.exe"C:\Program Files\Common Files\System\Ole DB\backup.exe" C:\Program Files\Common Files\System\Ole DB\7⤵
- Drops file in Program Files directory
-
C:\Program Files\Common Files\System\Ole DB\de-DE\backup.exe"C:\Program Files\Common Files\System\Ole DB\de-DE\backup.exe" C:\Program Files\Common Files\System\Ole DB\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\en-US\backup.exe"C:\Program Files\Common Files\System\Ole DB\en-US\backup.exe" C:\Program Files\Common Files\System\Ole DB\en-US\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\es-ES\backup.exe"C:\Program Files\Common Files\System\Ole DB\es-ES\backup.exe" C:\Program Files\Common Files\System\Ole DB\es-ES\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\fr-FR\backup.exe"C:\Program Files\Common Files\System\Ole DB\fr-FR\backup.exe" C:\Program Files\Common Files\System\Ole DB\fr-FR\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\it-IT\backup.exe"C:\Program Files\Common Files\System\Ole DB\it-IT\backup.exe" C:\Program Files\Common Files\System\Ole DB\it-IT\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\ja-JP\backup.exe"C:\Program Files\Common Files\System\Ole DB\ja-JP\backup.exe" C:\Program Files\Common Files\System\Ole DB\ja-JP\8⤵
- System policy modification
-
-
-
-
-
C:\Program Files\DVD Maker\backup.exe"C:\Program Files\DVD Maker\backup.exe" C:\Program Files\DVD Maker\5⤵
- Drops file in Program Files directory
-
C:\Program Files\DVD Maker\de-DE\backup.exe"C:\Program Files\DVD Maker\de-DE\backup.exe" C:\Program Files\DVD Maker\de-DE\6⤵
- System policy modification
-
-
C:\Program Files\DVD Maker\en-US\backup.exe"C:\Program Files\DVD Maker\en-US\backup.exe" C:\Program Files\DVD Maker\en-US\6⤵
-
-
C:\Program Files\DVD Maker\es-ES\backup.exe"C:\Program Files\DVD Maker\es-ES\backup.exe" C:\Program Files\DVD Maker\es-ES\6⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\DVD Maker\fr-FR\backup.exe"C:\Program Files\DVD Maker\fr-FR\backup.exe" C:\Program Files\DVD Maker\fr-FR\6⤵
-
-
C:\Program Files\DVD Maker\it-IT\backup.exe"C:\Program Files\DVD Maker\it-IT\backup.exe" C:\Program Files\DVD Maker\it-IT\6⤵
-
-
C:\Program Files\DVD Maker\ja-JP\backup.exe"C:\Program Files\DVD Maker\ja-JP\backup.exe" C:\Program Files\DVD Maker\ja-JP\6⤵
- System policy modification
-
-
C:\Program Files\DVD Maker\Shared\backup.exe"C:\Program Files\DVD Maker\Shared\backup.exe" C:\Program Files\DVD Maker\Shared\6⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\DVD Maker\Shared\DvdStyles\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\7⤵
- Drops file in Program Files directory
-
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\update.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\update.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Full\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Full\8⤵
- System policy modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\8⤵
- System policy modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Push\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Push\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\data.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\data.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\8⤵
-
-
-
-
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
-
C:\Program Files\Google\Chrome\backup.exe"C:\Program Files\Google\Chrome\backup.exe" C:\Program Files\Google\Chrome\6⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Google\Chrome\Application\backup.exe"C:\Program Files\Google\Chrome\Application\backup.exe" C:\Program Files\Google\Chrome\Application\7⤵
- System policy modification
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\8⤵
- Drops file in Program Files directory
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\9⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\9⤵
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\9⤵
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\9⤵
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\MEIPreload\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\MEIPreload\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\MEIPreload\9⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\update.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\update.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\10⤵
-
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\swiftshader\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\swiftshader\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\swiftshader\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\9⤵
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\9⤵
- System policy modification
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\10⤵
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\win_x64\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\win_x64\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\win_x64\11⤵
- System policy modification
-
-
-
-
-
C:\Program Files\Google\Chrome\Application\Dictionaries\backup.exe"C:\Program Files\Google\Chrome\Application\Dictionaries\backup.exe" C:\Program Files\Google\Chrome\Application\Dictionaries\8⤵
-
-
C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe"C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe" C:\Program Files\Google\Chrome\Application\SetupMetrics\8⤵
-
-
-
-
-
C:\Program Files\Internet Explorer\backup.exe"C:\Program Files\Internet Explorer\backup.exe" C:\Program Files\Internet Explorer\5⤵
- Drops file in Program Files directory
-
C:\Program Files\Internet Explorer\de-DE\backup.exe"C:\Program Files\Internet Explorer\de-DE\backup.exe" C:\Program Files\Internet Explorer\de-DE\6⤵
-
-
C:\Program Files\Internet Explorer\en-US\backup.exe"C:\Program Files\Internet Explorer\en-US\backup.exe" C:\Program Files\Internet Explorer\en-US\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Internet Explorer\es-ES\backup.exe"C:\Program Files\Internet Explorer\es-ES\backup.exe" C:\Program Files\Internet Explorer\es-ES\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Internet Explorer\fr-FR\backup.exe"C:\Program Files\Internet Explorer\fr-FR\backup.exe" C:\Program Files\Internet Explorer\fr-FR\6⤵
-
-
C:\Program Files\Internet Explorer\images\backup.exe"C:\Program Files\Internet Explorer\images\backup.exe" C:\Program Files\Internet Explorer\images\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Internet Explorer\it-IT\backup.exe"C:\Program Files\Internet Explorer\it-IT\backup.exe" C:\Program Files\Internet Explorer\it-IT\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Internet Explorer\ja-JP\backup.exe"C:\Program Files\Internet Explorer\ja-JP\backup.exe" C:\Program Files\Internet Explorer\ja-JP\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Internet Explorer\SIGNUP\backup.exe"C:\Program Files\Internet Explorer\SIGNUP\backup.exe" C:\Program Files\Internet Explorer\SIGNUP\6⤵
- System policy modification
-
-
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
-
C:\Program Files\Java\jdk1.7.0_80\backup.exe"C:\Program Files\Java\jdk1.7.0_80\backup.exe" C:\Program Files\Java\jdk1.7.0_80\6⤵
- System policy modification
-
C:\Program Files\Java\jdk1.7.0_80\bin\backup.exe"C:\Program Files\Java\jdk1.7.0_80\bin\backup.exe" C:\Program Files\Java\jdk1.7.0_80\bin\7⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\db\backup.exe"C:\Program Files\Java\jdk1.7.0_80\db\backup.exe" C:\Program Files\Java\jdk1.7.0_80\db\7⤵
-
C:\Program Files\Java\jdk1.7.0_80\db\bin\backup.exe"C:\Program Files\Java\jdk1.7.0_80\db\bin\backup.exe" C:\Program Files\Java\jdk1.7.0_80\db\bin\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Java\jdk1.7.0_80\db\lib\backup.exe"C:\Program Files\Java\jdk1.7.0_80\db\lib\backup.exe" C:\Program Files\Java\jdk1.7.0_80\db\lib\8⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\include\backup.exe"C:\Program Files\Java\jdk1.7.0_80\include\backup.exe" C:\Program Files\Java\jdk1.7.0_80\include\7⤵
-
C:\Program Files\Java\jdk1.7.0_80\include\win32\backup.exe"C:\Program Files\Java\jdk1.7.0_80\include\win32\backup.exe" C:\Program Files\Java\jdk1.7.0_80\include\win32\8⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\backup.exe"C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\backup.exe" C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\9⤵
- Modifies visibility of file extensions in Explorer
-
-
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\7⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\jre\bin\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\bin\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\bin\8⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\data.exe"C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\data.exe" C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\9⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\8⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\data.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\data.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\9⤵
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\System Restore.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\System Restore.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\10⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\9⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\update.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\update.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\10⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\11⤵
- System policy modification
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\11⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\11⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\10⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\10⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\10⤵
- System policy modification
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\10⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\10⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\7⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\8⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\9⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\10⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\System Restore.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\System Restore.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\9⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\update.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\update.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\10⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\9⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\8⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\9⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\10⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\data.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\data.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\9⤵
-
-
-
-
-
C:\Program Files\Java\jre7\backup.exe"C:\Program Files\Java\jre7\backup.exe" C:\Program Files\Java\jre7\6⤵
-
C:\Program Files\Java\jre7\bin\backup.exe"C:\Program Files\Java\jre7\bin\backup.exe" C:\Program Files\Java\jre7\bin\7⤵
-
C:\Program Files\Java\jre7\bin\dtplugin\backup.exe"C:\Program Files\Java\jre7\bin\dtplugin\backup.exe" C:\Program Files\Java\jre7\bin\dtplugin\8⤵
-
-
C:\Program Files\Java\jre7\bin\plugin2\backup.exe"C:\Program Files\Java\jre7\bin\plugin2\backup.exe" C:\Program Files\Java\jre7\bin\plugin2\8⤵
-
-
C:\Program Files\Java\jre7\bin\server\backup.exe"C:\Program Files\Java\jre7\bin\server\backup.exe" C:\Program Files\Java\jre7\bin\server\8⤵
-
-
-
C:\Program Files\Java\jre7\lib\backup.exe"C:\Program Files\Java\jre7\lib\backup.exe" C:\Program Files\Java\jre7\lib\7⤵
-
C:\Program Files\Java\jre7\lib\amd64\backup.exe"C:\Program Files\Java\jre7\lib\amd64\backup.exe" C:\Program Files\Java\jre7\lib\amd64\8⤵
-
-
C:\Program Files\Java\jre7\lib\applet\backup.exe"C:\Program Files\Java\jre7\lib\applet\backup.exe" C:\Program Files\Java\jre7\lib\applet\8⤵
-
-
C:\Program Files\Java\jre7\lib\cmm\backup.exe"C:\Program Files\Java\jre7\lib\cmm\backup.exe" C:\Program Files\Java\jre7\lib\cmm\8⤵
-
-
C:\Program Files\Java\jre7\lib\deploy\data.exe"C:\Program Files\Java\jre7\lib\deploy\data.exe" C:\Program Files\Java\jre7\lib\deploy\8⤵
-
-
C:\Program Files\Java\jre7\lib\ext\backup.exe"C:\Program Files\Java\jre7\lib\ext\backup.exe" C:\Program Files\Java\jre7\lib\ext\8⤵
-
-
C:\Program Files\Java\jre7\lib\fonts\backup.exe"C:\Program Files\Java\jre7\lib\fonts\backup.exe" C:\Program Files\Java\jre7\lib\fonts\8⤵
-
-
C:\Program Files\Java\jre7\lib\images\backup.exe"C:\Program Files\Java\jre7\lib\images\backup.exe" C:\Program Files\Java\jre7\lib\images\8⤵
-
-
-
-
-
C:\Program Files\Microsoft Games\backup.exe"C:\Program Files\Microsoft Games\backup.exe" C:\Program Files\Microsoft Games\5⤵
-
C:\Program Files\Microsoft Games\Chess\backup.exe"C:\Program Files\Microsoft Games\Chess\backup.exe" C:\Program Files\Microsoft Games\Chess\6⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Microsoft Games\Chess\de-DE\backup.exe"C:\Program Files\Microsoft Games\Chess\de-DE\backup.exe" C:\Program Files\Microsoft Games\Chess\de-DE\7⤵
-
-
C:\Program Files\Microsoft Games\Chess\en-US\backup.exe"C:\Program Files\Microsoft Games\Chess\en-US\backup.exe" C:\Program Files\Microsoft Games\Chess\en-US\7⤵
-
-
C:\Program Files\Microsoft Games\Chess\es-ES\backup.exe"C:\Program Files\Microsoft Games\Chess\es-ES\backup.exe" C:\Program Files\Microsoft Games\Chess\es-ES\7⤵
-
-
C:\Program Files\Microsoft Games\Chess\fr-FR\backup.exe"C:\Program Files\Microsoft Games\Chess\fr-FR\backup.exe" C:\Program Files\Microsoft Games\Chess\fr-FR\7⤵
-
-
C:\Program Files\Microsoft Games\Chess\it-IT\backup.exe"C:\Program Files\Microsoft Games\Chess\it-IT\backup.exe" C:\Program Files\Microsoft Games\Chess\it-IT\7⤵
-
-
C:\Program Files\Microsoft Games\Chess\ja-JP\backup.exe"C:\Program Files\Microsoft Games\Chess\ja-JP\backup.exe" C:\Program Files\Microsoft Games\Chess\ja-JP\7⤵
-
-
-
C:\Program Files\Microsoft Games\FreeCell\backup.exe"C:\Program Files\Microsoft Games\FreeCell\backup.exe" C:\Program Files\Microsoft Games\FreeCell\6⤵
-
C:\Program Files\Microsoft Games\FreeCell\de-DE\System Restore.exe"C:\Program Files\Microsoft Games\FreeCell\de-DE\System Restore.exe" C:\Program Files\Microsoft Games\FreeCell\de-DE\7⤵
-
-
C:\Program Files\Microsoft Games\FreeCell\en-US\backup.exe"C:\Program Files\Microsoft Games\FreeCell\en-US\backup.exe" C:\Program Files\Microsoft Games\FreeCell\en-US\7⤵
-
-
C:\Program Files\Microsoft Games\FreeCell\es-ES\backup.exe"C:\Program Files\Microsoft Games\FreeCell\es-ES\backup.exe" C:\Program Files\Microsoft Games\FreeCell\es-ES\7⤵
-
-
C:\Program Files\Microsoft Games\FreeCell\fr-FR\backup.exe"C:\Program Files\Microsoft Games\FreeCell\fr-FR\backup.exe" C:\Program Files\Microsoft Games\FreeCell\fr-FR\7⤵
-
-
C:\Program Files\Microsoft Games\FreeCell\it-IT\backup.exe"C:\Program Files\Microsoft Games\FreeCell\it-IT\backup.exe" C:\Program Files\Microsoft Games\FreeCell\it-IT\7⤵
-
-
-
C:\Program Files\Microsoft Games\Hearts\System Restore.exe"C:\Program Files\Microsoft Games\Hearts\System Restore.exe" C:\Program Files\Microsoft Games\Hearts\6⤵
-
-
C:\Program Files\Microsoft Games\Mahjong\backup.exe"C:\Program Files\Microsoft Games\Mahjong\backup.exe" C:\Program Files\Microsoft Games\Mahjong\6⤵
-
-
C:\Program Files\Microsoft Games\Minesweeper\backup.exe"C:\Program Files\Microsoft Games\Minesweeper\backup.exe" C:\Program Files\Microsoft Games\Minesweeper\6⤵
-
-
C:\Program Files\Microsoft Games\More Games\backup.exe"C:\Program Files\Microsoft Games\More Games\backup.exe" C:\Program Files\Microsoft Games\More Games\6⤵
-
-
C:\Program Files\Microsoft Games\Multiplayer\backup.exe"C:\Program Files\Microsoft Games\Multiplayer\backup.exe" C:\Program Files\Microsoft Games\Multiplayer\6⤵
-
-
-
C:\Program Files\Microsoft Office\backup.exe"C:\Program Files\Microsoft Office\backup.exe" C:\Program Files\Microsoft Office\5⤵
-
-
C:\Program Files\Mozilla Firefox\update.exe"C:\Program Files\Mozilla Firefox\update.exe" C:\Program Files\Mozilla Firefox\5⤵
-
-
C:\Program Files\MSBuild\backup.exe"C:\Program Files\MSBuild\backup.exe" C:\Program Files\MSBuild\5⤵
-
-
C:\Program Files\Reference Assemblies\data.exe"C:\Program Files\Reference Assemblies\data.exe" C:\Program Files\Reference Assemblies\5⤵
-
-
C:\Program Files\VideoLAN\backup.exe"C:\Program Files\VideoLAN\backup.exe" C:\Program Files\VideoLAN\5⤵
-
-
C:\Program Files\Windows Defender\backup.exe"C:\Program Files\Windows Defender\backup.exe" C:\Program Files\Windows Defender\5⤵
-
-
-
C:\Program Files (x86)\backup.exe"C:\Program Files (x86)\backup.exe" C:\Program Files (x86)\4⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\update.exe"C:\Program Files (x86)\Adobe\update.exe" C:\Program Files (x86)\Adobe\5⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\6⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Esl\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Esl\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Esl\7⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\7⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\8⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\data.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\data.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\8⤵
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\9⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\10⤵
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\9⤵
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\System Restore.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\System Restore.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\10⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\11⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\9⤵
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\10⤵
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\9⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\10⤵
- System policy modification
-
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\8⤵
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\update.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\update.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\8⤵
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\System Restore.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\System Restore.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\7⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\8⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\9⤵
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\9⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\System Restore.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\System Restore.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\9⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\10⤵
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\11⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\8⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\9⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\10⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\10⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\11⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\11⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\11⤵
- System policy modification
-
-
-
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\7⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\8⤵
-
-
-
-
-
C:\Program Files (x86)\Common Files\data.exe"C:\Program Files (x86)\Common Files\data.exe" C:\Program Files (x86)\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Common Files\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\6⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Acrobat\7⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Common Files\Adobe\Help\data.exe"C:\Program Files (x86)\Common Files\Adobe\Help\data.exe" C:\Program Files (x86)\Common Files\Adobe\Help\7⤵
-
C:\Program Files (x86)\Common Files\Adobe\Help\en_US\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Help\en_US\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Help\en_US\8⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\10⤵
-
-
-
-
-
C:\Program Files (x86)\Common Files\Adobe\Updater6\data.exe"C:\Program Files (x86)\Common Files\Adobe\Updater6\data.exe" C:\Program Files (x86)\Common Files\Adobe\Updater6\7⤵
- System policy modification
-
-
-
C:\Program Files (x86)\Common Files\Adobe AIR\backup.exe"C:\Program Files (x86)\Common Files\Adobe AIR\backup.exe" C:\Program Files (x86)\Common Files\Adobe AIR\6⤵
-
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\backup.exe"C:\Program Files (x86)\Common Files\Adobe AIR\Versions\backup.exe" C:\Program Files (x86)\Common Files\Adobe AIR\Versions\7⤵
-
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\System Restore.exe"C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\System Restore.exe" C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\8⤵
-
-
-
-
C:\Program Files (x86)\Common Files\DESIGNER\backup.exe"C:\Program Files (x86)\Common Files\DESIGNER\backup.exe" C:\Program Files (x86)\Common Files\DESIGNER\6⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\6⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\DAO\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\DAO\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\DAO\7⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\DW\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\DW\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\DW\7⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\7⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\EURO\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\EURO\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\EURO\7⤵
-
-
-
C:\Program Files (x86)\Common Files\Services\backup.exe"C:\Program Files (x86)\Common Files\Services\backup.exe" C:\Program Files (x86)\Common Files\Services\6⤵
-
-
C:\Program Files (x86)\Common Files\SpeechEngines\backup.exe"C:\Program Files (x86)\Common Files\SpeechEngines\backup.exe" C:\Program Files (x86)\Common Files\SpeechEngines\6⤵
-
-
C:\Program Files (x86)\Common Files\System\backup.exe"C:\Program Files (x86)\Common Files\System\backup.exe" C:\Program Files (x86)\Common Files\System\6⤵
-
-
-
C:\Program Files (x86)\Google\backup.exe"C:\Program Files (x86)\Google\backup.exe" C:\Program Files (x86)\Google\5⤵
-
-
C:\Program Files (x86)\Internet Explorer\backup.exe"C:\Program Files (x86)\Internet Explorer\backup.exe" C:\Program Files (x86)\Internet Explorer\5⤵
-
C:\Program Files (x86)\Internet Explorer\de-DE\backup.exe"C:\Program Files (x86)\Internet Explorer\de-DE\backup.exe" C:\Program Files (x86)\Internet Explorer\de-DE\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\en-US\backup.exe"C:\Program Files (x86)\Internet Explorer\en-US\backup.exe" C:\Program Files (x86)\Internet Explorer\en-US\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\es-ES\backup.exe"C:\Program Files (x86)\Internet Explorer\es-ES\backup.exe" C:\Program Files (x86)\Internet Explorer\es-ES\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\fr-FR\backup.exe"C:\Program Files (x86)\Internet Explorer\fr-FR\backup.exe" C:\Program Files (x86)\Internet Explorer\fr-FR\6⤵
-
-
-
C:\Program Files (x86)\Microsoft Analysis Services\backup.exe"C:\Program Files (x86)\Microsoft Analysis Services\backup.exe" C:\Program Files (x86)\Microsoft Analysis Services\5⤵
-
-
C:\Program Files (x86)\Microsoft Office\backup.exe"C:\Program Files (x86)\Microsoft Office\backup.exe" C:\Program Files (x86)\Microsoft Office\5⤵
-
-
C:\Program Files (x86)\Microsoft SQL Server Compact Edition\backup.exe"C:\Program Files (x86)\Microsoft SQL Server Compact Edition\backup.exe" C:\Program Files (x86)\Microsoft SQL Server Compact Edition\5⤵
-
-
C:\Program Files (x86)\Microsoft Sync Framework\backup.exe"C:\Program Files (x86)\Microsoft Sync Framework\backup.exe" C:\Program Files (x86)\Microsoft Sync Framework\5⤵
-
-
C:\Program Files (x86)\Microsoft Synchronization Services\backup.exe"C:\Program Files (x86)\Microsoft Synchronization Services\backup.exe" C:\Program Files (x86)\Microsoft Synchronization Services\5⤵
-
-
-
C:\Users\backup.exeC:\Users\backup.exe C:\Users\4⤵
-
C:\Users\Admin\backup.exeC:\Users\Admin\backup.exe C:\Users\Admin\5⤵
-
C:\Users\Admin\Contacts\backup.exeC:\Users\Admin\Contacts\backup.exe C:\Users\Admin\Contacts\6⤵
-
-
C:\Users\Admin\Desktop\backup.exeC:\Users\Admin\Desktop\backup.exe C:\Users\Admin\Desktop\6⤵
-
-
C:\Users\Admin\Documents\backup.exeC:\Users\Admin\Documents\backup.exe C:\Users\Admin\Documents\6⤵
-
-
C:\Users\Admin\Downloads\backup.exeC:\Users\Admin\Downloads\backup.exe C:\Users\Admin\Downloads\6⤵
-
-
C:\Users\Admin\Favorites\backup.exeC:\Users\Admin\Favorites\backup.exe C:\Users\Admin\Favorites\6⤵
-
-
C:\Users\Admin\Links\backup.exeC:\Users\Admin\Links\backup.exe C:\Users\Admin\Links\6⤵
-
-
C:\Users\Admin\Music\backup.exeC:\Users\Admin\Music\backup.exe C:\Users\Admin\Music\6⤵
-
-
C:\Users\Admin\Pictures\backup.exeC:\Users\Admin\Pictures\backup.exe C:\Users\Admin\Pictures\6⤵
-
-
C:\Users\Admin\Saved Games\backup.exe"C:\Users\Admin\Saved Games\backup.exe" C:\Users\Admin\Saved Games\6⤵
-
-
C:\Users\Admin\Searches\backup.exeC:\Users\Admin\Searches\backup.exe C:\Users\Admin\Searches\6⤵
-
-
C:\Users\Admin\Videos\data.exeC:\Users\Admin\Videos\data.exe C:\Users\Admin\Videos\6⤵
-
-
-
C:\Users\Public\backup.exeC:\Users\Public\backup.exe C:\Users\Public\5⤵
-
-
-
C:\Windows\backup.exeC:\Windows\backup.exe C:\Windows\4⤵
-
C:\Windows\addins\backup.exeC:\Windows\addins\backup.exe C:\Windows\addins\5⤵
-
-
C:\Windows\AppCompat\backup.exeC:\Windows\AppCompat\backup.exe C:\Windows\AppCompat\5⤵
-
-
C:\Windows\AppPatch\backup.exeC:\Windows\AppPatch\backup.exe C:\Windows\AppPatch\5⤵
-
C:\Windows\AppPatch\AppPatch64\backup.exeC:\Windows\AppPatch\AppPatch64\backup.exe C:\Windows\AppPatch\AppPatch64\6⤵
-
-
C:\Windows\AppPatch\Custom\update.exeC:\Windows\AppPatch\Custom\update.exe C:\Windows\AppPatch\Custom\6⤵
-
-
C:\Windows\AppPatch\de-DE\update.exeC:\Windows\AppPatch\de-DE\update.exe C:\Windows\AppPatch\de-DE\6⤵
-
-
C:\Windows\AppPatch\en-US\backup.exeC:\Windows\AppPatch\en-US\backup.exe C:\Windows\AppPatch\en-US\6⤵
-
-
-
C:\Windows\assembly\backup.exeC:\Windows\assembly\backup.exe C:\Windows\assembly\5⤵
-
-
C:\Windows\Branding\backup.exeC:\Windows\Branding\backup.exe C:\Windows\Branding\5⤵
-
-
C:\Windows\CSC\backup.exeC:\Windows\CSC\backup.exe C:\Windows\CSC\5⤵
-
-
C:\Windows\Cursors\backup.exeC:\Windows\Cursors\backup.exe C:\Windows\Cursors\5⤵
-
-
C:\Windows\debug\backup.exeC:\Windows\debug\backup.exe C:\Windows\debug\5⤵
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\System Restore.exe"C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\System Restore.exe" C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exeC:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exe C:\Users\Admin\AppData\Local\Temp\WPDNSE\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD5c4155719fcb7e721787782e11ac73eb8
SHA107b7c3d9362d5d6a472edefe8bd61b34ad3d1649
SHA256091907700cf56415b2e8eeb5f96773adc46b505986f4bc7eab0a16bb66b3e4ab
SHA512e9231d444bf706140c582bf7adaba69932e8cd911baa96703cd8ae7dd7db81a7d4d91b0519643d24f19c986aa784b0abe02cce98ac2225cde7041b077ae9cb94
-
Filesize
72KB
MD5c4155719fcb7e721787782e11ac73eb8
SHA107b7c3d9362d5d6a472edefe8bd61b34ad3d1649
SHA256091907700cf56415b2e8eeb5f96773adc46b505986f4bc7eab0a16bb66b3e4ab
SHA512e9231d444bf706140c582bf7adaba69932e8cd911baa96703cd8ae7dd7db81a7d4d91b0519643d24f19c986aa784b0abe02cce98ac2225cde7041b077ae9cb94
-
Filesize
72KB
MD574c4a30cb06c27a9397e29f4b47ee2f4
SHA1de23856cf0bfe33de884d117ed582b0f8dae767a
SHA256bf55618ecf56623545c17fbf2d5f34ee9809e1709fd224305aa988e550178281
SHA512d912ab8b120e8d1df6d251fac7d100ecd51fc5e30ad15971ba553e4019345a5c01bf2463bd19b6e69f7bec8f4315b2bded7a9e24c7c8ec4a5cdf2bdaa0851856
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD5f0cb80335823f7cdcc1eb71d5b338db2
SHA1c4c18f31da32643e3ee085667c09b40a54601331
SHA25602c0a63eaca752666e10462eae52afc48862463d4c8913ff31df5a812b14909b
SHA512d5e29113f7833a911a9b2b14e83e13f3b9716f38d2688d8e6e95ee95207cfb1fe185bc54ce48fbdf0eb56ab98dd3df6e8a180e6b1fed50dd1fbefb50c28fda17
-
Filesize
72KB
MD574c4a30cb06c27a9397e29f4b47ee2f4
SHA1de23856cf0bfe33de884d117ed582b0f8dae767a
SHA256bf55618ecf56623545c17fbf2d5f34ee9809e1709fd224305aa988e550178281
SHA512d912ab8b120e8d1df6d251fac7d100ecd51fc5e30ad15971ba553e4019345a5c01bf2463bd19b6e69f7bec8f4315b2bded7a9e24c7c8ec4a5cdf2bdaa0851856
-
Filesize
72KB
MD574c4a30cb06c27a9397e29f4b47ee2f4
SHA1de23856cf0bfe33de884d117ed582b0f8dae767a
SHA256bf55618ecf56623545c17fbf2d5f34ee9809e1709fd224305aa988e550178281
SHA512d912ab8b120e8d1df6d251fac7d100ecd51fc5e30ad15971ba553e4019345a5c01bf2463bd19b6e69f7bec8f4315b2bded7a9e24c7c8ec4a5cdf2bdaa0851856
-
Filesize
72KB
MD59149190201b72af4830ecef45e753d80
SHA19e2fe18bf7fa97ceb739dc60520d8cefe8b9fe7e
SHA2569646734d927356a13939e4d92f75468c7108b1d8c8dc1bc46e4a7c50469f87c4
SHA512c9a594558e3e6be03585af0a4b94ae531f361d337cff4b6c03c93455dce5a534c077f2bbacd6d434ff70d5ba97e1b9f7a85e4e0559ebde8671042d36c208e2d4
-
Filesize
72KB
MD5f0cb80335823f7cdcc1eb71d5b338db2
SHA1c4c18f31da32643e3ee085667c09b40a54601331
SHA25602c0a63eaca752666e10462eae52afc48862463d4c8913ff31df5a812b14909b
SHA512d5e29113f7833a911a9b2b14e83e13f3b9716f38d2688d8e6e95ee95207cfb1fe185bc54ce48fbdf0eb56ab98dd3df6e8a180e6b1fed50dd1fbefb50c28fda17
-
Filesize
72KB
MD5f0cb80335823f7cdcc1eb71d5b338db2
SHA1c4c18f31da32643e3ee085667c09b40a54601331
SHA25602c0a63eaca752666e10462eae52afc48862463d4c8913ff31df5a812b14909b
SHA512d5e29113f7833a911a9b2b14e83e13f3b9716f38d2688d8e6e95ee95207cfb1fe185bc54ce48fbdf0eb56ab98dd3df6e8a180e6b1fed50dd1fbefb50c28fda17
-
Filesize
72KB
MD59149190201b72af4830ecef45e753d80
SHA19e2fe18bf7fa97ceb739dc60520d8cefe8b9fe7e
SHA2569646734d927356a13939e4d92f75468c7108b1d8c8dc1bc46e4a7c50469f87c4
SHA512c9a594558e3e6be03585af0a4b94ae531f361d337cff4b6c03c93455dce5a534c077f2bbacd6d434ff70d5ba97e1b9f7a85e4e0559ebde8671042d36c208e2d4
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD5c4155719fcb7e721787782e11ac73eb8
SHA107b7c3d9362d5d6a472edefe8bd61b34ad3d1649
SHA256091907700cf56415b2e8eeb5f96773adc46b505986f4bc7eab0a16bb66b3e4ab
SHA512e9231d444bf706140c582bf7adaba69932e8cd911baa96703cd8ae7dd7db81a7d4d91b0519643d24f19c986aa784b0abe02cce98ac2225cde7041b077ae9cb94
-
Filesize
72KB
MD5c4155719fcb7e721787782e11ac73eb8
SHA107b7c3d9362d5d6a472edefe8bd61b34ad3d1649
SHA256091907700cf56415b2e8eeb5f96773adc46b505986f4bc7eab0a16bb66b3e4ab
SHA512e9231d444bf706140c582bf7adaba69932e8cd911baa96703cd8ae7dd7db81a7d4d91b0519643d24f19c986aa784b0abe02cce98ac2225cde7041b077ae9cb94
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD575c972334e66e38db9288d62bde87af8
SHA1508918f72ae8f1d1d2746ca7c6fd4986751e8df0
SHA256d6b4efc563460ccccb6b63da8d93fbb5959091829312ff4746a5ef7e0f1d87c6
SHA51276bd35107b78130c833d89b9d99a3a5ecfd840faa0cf351ecb45d3b152e7197f88fe5000837a442631572c13271443c7a9ee00b48d93909d4b36f9f745b0463b
-
Filesize
72KB
MD575c972334e66e38db9288d62bde87af8
SHA1508918f72ae8f1d1d2746ca7c6fd4986751e8df0
SHA256d6b4efc563460ccccb6b63da8d93fbb5959091829312ff4746a5ef7e0f1d87c6
SHA51276bd35107b78130c833d89b9d99a3a5ecfd840faa0cf351ecb45d3b152e7197f88fe5000837a442631572c13271443c7a9ee00b48d93909d4b36f9f745b0463b
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD5c4155719fcb7e721787782e11ac73eb8
SHA107b7c3d9362d5d6a472edefe8bd61b34ad3d1649
SHA256091907700cf56415b2e8eeb5f96773adc46b505986f4bc7eab0a16bb66b3e4ab
SHA512e9231d444bf706140c582bf7adaba69932e8cd911baa96703cd8ae7dd7db81a7d4d91b0519643d24f19c986aa784b0abe02cce98ac2225cde7041b077ae9cb94
-
Filesize
72KB
MD5c4155719fcb7e721787782e11ac73eb8
SHA107b7c3d9362d5d6a472edefe8bd61b34ad3d1649
SHA256091907700cf56415b2e8eeb5f96773adc46b505986f4bc7eab0a16bb66b3e4ab
SHA512e9231d444bf706140c582bf7adaba69932e8cd911baa96703cd8ae7dd7db81a7d4d91b0519643d24f19c986aa784b0abe02cce98ac2225cde7041b077ae9cb94
-
Filesize
72KB
MD574c4a30cb06c27a9397e29f4b47ee2f4
SHA1de23856cf0bfe33de884d117ed582b0f8dae767a
SHA256bf55618ecf56623545c17fbf2d5f34ee9809e1709fd224305aa988e550178281
SHA512d912ab8b120e8d1df6d251fac7d100ecd51fc5e30ad15971ba553e4019345a5c01bf2463bd19b6e69f7bec8f4315b2bded7a9e24c7c8ec4a5cdf2bdaa0851856
-
Filesize
72KB
MD574c4a30cb06c27a9397e29f4b47ee2f4
SHA1de23856cf0bfe33de884d117ed582b0f8dae767a
SHA256bf55618ecf56623545c17fbf2d5f34ee9809e1709fd224305aa988e550178281
SHA512d912ab8b120e8d1df6d251fac7d100ecd51fc5e30ad15971ba553e4019345a5c01bf2463bd19b6e69f7bec8f4315b2bded7a9e24c7c8ec4a5cdf2bdaa0851856
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD5f0cb80335823f7cdcc1eb71d5b338db2
SHA1c4c18f31da32643e3ee085667c09b40a54601331
SHA25602c0a63eaca752666e10462eae52afc48862463d4c8913ff31df5a812b14909b
SHA512d5e29113f7833a911a9b2b14e83e13f3b9716f38d2688d8e6e95ee95207cfb1fe185bc54ce48fbdf0eb56ab98dd3df6e8a180e6b1fed50dd1fbefb50c28fda17
-
Filesize
72KB
MD5f0cb80335823f7cdcc1eb71d5b338db2
SHA1c4c18f31da32643e3ee085667c09b40a54601331
SHA25602c0a63eaca752666e10462eae52afc48862463d4c8913ff31df5a812b14909b
SHA512d5e29113f7833a911a9b2b14e83e13f3b9716f38d2688d8e6e95ee95207cfb1fe185bc54ce48fbdf0eb56ab98dd3df6e8a180e6b1fed50dd1fbefb50c28fda17
-
Filesize
72KB
MD574c4a30cb06c27a9397e29f4b47ee2f4
SHA1de23856cf0bfe33de884d117ed582b0f8dae767a
SHA256bf55618ecf56623545c17fbf2d5f34ee9809e1709fd224305aa988e550178281
SHA512d912ab8b120e8d1df6d251fac7d100ecd51fc5e30ad15971ba553e4019345a5c01bf2463bd19b6e69f7bec8f4315b2bded7a9e24c7c8ec4a5cdf2bdaa0851856
-
Filesize
72KB
MD574c4a30cb06c27a9397e29f4b47ee2f4
SHA1de23856cf0bfe33de884d117ed582b0f8dae767a
SHA256bf55618ecf56623545c17fbf2d5f34ee9809e1709fd224305aa988e550178281
SHA512d912ab8b120e8d1df6d251fac7d100ecd51fc5e30ad15971ba553e4019345a5c01bf2463bd19b6e69f7bec8f4315b2bded7a9e24c7c8ec4a5cdf2bdaa0851856
-
Filesize
72KB
MD59149190201b72af4830ecef45e753d80
SHA19e2fe18bf7fa97ceb739dc60520d8cefe8b9fe7e
SHA2569646734d927356a13939e4d92f75468c7108b1d8c8dc1bc46e4a7c50469f87c4
SHA512c9a594558e3e6be03585af0a4b94ae531f361d337cff4b6c03c93455dce5a534c077f2bbacd6d434ff70d5ba97e1b9f7a85e4e0559ebde8671042d36c208e2d4
-
Filesize
72KB
MD59149190201b72af4830ecef45e753d80
SHA19e2fe18bf7fa97ceb739dc60520d8cefe8b9fe7e
SHA2569646734d927356a13939e4d92f75468c7108b1d8c8dc1bc46e4a7c50469f87c4
SHA512c9a594558e3e6be03585af0a4b94ae531f361d337cff4b6c03c93455dce5a534c077f2bbacd6d434ff70d5ba97e1b9f7a85e4e0559ebde8671042d36c208e2d4
-
Filesize
72KB
MD5f0cb80335823f7cdcc1eb71d5b338db2
SHA1c4c18f31da32643e3ee085667c09b40a54601331
SHA25602c0a63eaca752666e10462eae52afc48862463d4c8913ff31df5a812b14909b
SHA512d5e29113f7833a911a9b2b14e83e13f3b9716f38d2688d8e6e95ee95207cfb1fe185bc54ce48fbdf0eb56ab98dd3df6e8a180e6b1fed50dd1fbefb50c28fda17
-
Filesize
72KB
MD5f0cb80335823f7cdcc1eb71d5b338db2
SHA1c4c18f31da32643e3ee085667c09b40a54601331
SHA25602c0a63eaca752666e10462eae52afc48862463d4c8913ff31df5a812b14909b
SHA512d5e29113f7833a911a9b2b14e83e13f3b9716f38d2688d8e6e95ee95207cfb1fe185bc54ce48fbdf0eb56ab98dd3df6e8a180e6b1fed50dd1fbefb50c28fda17
-
Filesize
72KB
MD59149190201b72af4830ecef45e753d80
SHA19e2fe18bf7fa97ceb739dc60520d8cefe8b9fe7e
SHA2569646734d927356a13939e4d92f75468c7108b1d8c8dc1bc46e4a7c50469f87c4
SHA512c9a594558e3e6be03585af0a4b94ae531f361d337cff4b6c03c93455dce5a534c077f2bbacd6d434ff70d5ba97e1b9f7a85e4e0559ebde8671042d36c208e2d4
-
Filesize
72KB
MD59149190201b72af4830ecef45e753d80
SHA19e2fe18bf7fa97ceb739dc60520d8cefe8b9fe7e
SHA2569646734d927356a13939e4d92f75468c7108b1d8c8dc1bc46e4a7c50469f87c4
SHA512c9a594558e3e6be03585af0a4b94ae531f361d337cff4b6c03c93455dce5a534c077f2bbacd6d434ff70d5ba97e1b9f7a85e4e0559ebde8671042d36c208e2d4
-
Filesize
72KB
MD59149190201b72af4830ecef45e753d80
SHA19e2fe18bf7fa97ceb739dc60520d8cefe8b9fe7e
SHA2569646734d927356a13939e4d92f75468c7108b1d8c8dc1bc46e4a7c50469f87c4
SHA512c9a594558e3e6be03585af0a4b94ae531f361d337cff4b6c03c93455dce5a534c077f2bbacd6d434ff70d5ba97e1b9f7a85e4e0559ebde8671042d36c208e2d4
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD59afd9ca434a716a8995eb3496140ded8
SHA1f13aff0867db69efac742dd5af988767e8680c3f
SHA256707f6275406225d3fe22bf6446136374c403f32f0c7f103b3d4badcb51e3d0af
SHA51245204a8156b28b262958ff710122df007a8170e199905057bd1171eac5ffbe33beaa04b9157cb94355a4d700206ce8052dc76a4d36be84513cc8b623ce3b501f
-
Filesize
72KB
MD5c4155719fcb7e721787782e11ac73eb8
SHA107b7c3d9362d5d6a472edefe8bd61b34ad3d1649
SHA256091907700cf56415b2e8eeb5f96773adc46b505986f4bc7eab0a16bb66b3e4ab
SHA512e9231d444bf706140c582bf7adaba69932e8cd911baa96703cd8ae7dd7db81a7d4d91b0519643d24f19c986aa784b0abe02cce98ac2225cde7041b077ae9cb94
-
Filesize
72KB
MD5c4155719fcb7e721787782e11ac73eb8
SHA107b7c3d9362d5d6a472edefe8bd61b34ad3d1649
SHA256091907700cf56415b2e8eeb5f96773adc46b505986f4bc7eab0a16bb66b3e4ab
SHA512e9231d444bf706140c582bf7adaba69932e8cd911baa96703cd8ae7dd7db81a7d4d91b0519643d24f19c986aa784b0abe02cce98ac2225cde7041b077ae9cb94
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
72KB
MD52f47e86c545dec2a1f163663b5b43fac
SHA1d6beda414beaab22968f445a7113f79527d0ce7f
SHA25666b9ed2a14bfe1b3c76ea483d4e8d149e588bad228bc93cd3ddd3c2bb6bc19e1
SHA512e8b1b10ede7506576586460c19b98b6a705dfed18feb33543889e4789d90f3084a3f7e4acbfc67aa53660b4fbf1a9b806e645232fc5244cfa3eb8c39cd120811
-
Filesize
8KB
-
Filesize
8KB