Overview

overview

10

Static

static

10

KAPE/Get-K...te.ps1

windows10-2004-x64

8

KAPE/Modul...us.ps1

windows10-2004-x64

KAPE/Modul...MI.ps1

windows10-2004-x64

1

KAPE/Modul...ne.ps1

windows10-2004-x64

1

KAPE/Modul...ng.ps1

windows10-2004-x64

1

KAPE/Modul...er.exe

windows10-2004-x64

1

KAPE/Modul...er.exe

windows10-2004-x64

1

KAPE/Modul...md.exe

windows10-2004-x64

1

KAPE/Modul...00.ps1

windows10-2004-x64

1

KAPE/Modul...03.ps1

windows10-2004-x64

1

KAPE/Modul...md.exe

windows10-2004-x64

1

KAPE/Modul...md.exe

windows10-2004-x64

1

KAPE/Modul...md.exe

windows10-2004-x64

1

KAPE/Modul...md.exe

windows10-2004-x64

1

KAPE/Modul...md.exe

windows10-2004-x64

1

KAPE/Modul...ry.dll

windows10-2004-x64

1

KAPE/Modul...be.dll

windows10-2004-x64

1

KAPE/Modul...on.dll

windows10-2004-x64

1

KAPE/Modul...le.dll

windows10-2004-x64

1

KAPE/Modul...ut.dll

windows10-2004-x64

1

KAPE/Modul...er.dll

windows10-2004-x64

1

KAPE/Modul...np.dll

windows10-2004-x64

1

KAPE/Modul...ry.dll

windows10-2004-x64

1

KAPE/Modul...he.dll

windows10-2004-x64

1

KAPE/Modul...gs.dll

windows10-2004-x64

1

KAPE/Modul...s2.dll

windows10-2004-x64

1

KAPE/Modul...hs.dll

windows10-2004-x64

1

KAPE/Modul...es.dll

windows10-2004-x64

1

KAPE/Modul...am.dll

windows10-2004-x64

1

KAPE/Modul...rt.dll

windows10-2004-x64

1

KAPE/gkape.exe

windows10-2004-x64

1

KAPE/kape.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    kape.zip

  • Size

    133.1MB

  • MD5

    16e43eca2d1c9fb1fd68946147ad3025

  • SHA1

    a20d7c99f4953ca5cdb70cb941738dfae7a1b98f

  • SHA256

    95db018c3da57f081886511338ea920272fb9a7e64e1f885a3307e692071b674

  • SHA512

    2d54a91ad606d8d58dd1dee7034a91eb0456a9adab4879c383188f94fa7cc2f5718017c28ead8a38f1335a0bfc165c98e98c4363f26513ca13d82d0ddb9b335d

  • SSDEEP

    3145728:f14qemI2GhAKEaguRqIe9OSJofzo7qN3e0uSdzKlTXc:fWqr6AxqqySJofzo7qN3e0uSzKl7c

Score
10/10
ploutus

Malware Config

Signatures

  • Detected Ploutus loader 2 IoCs
  • Ploutus family
    ploutus

Files

  • kape.zip
    .zip
  • KAPE/ChangeLog.txt
  • KAPE/Documentation/DocumentationAndEULA.txt
  • KAPE/Get-KAPEUpdate.ps1
    .ps1
  • KAPE/Modules/!Disabled/!ALL.mkape
  • KAPE/Modules/!Disabled/Plaso.mkape
  • KAPE/Modules/!Disabled/TZWorks_evtwalk64_EventLogs_ApplicationEvents.mkape
  • KAPE/Modules/!Disabled/Volatility_Disabled.mkape
  • KAPE/Modules/!Disabled/Volatility_apihooks.mkape
  • KAPE/Modules/!Disabled/Volatility_dlldump.mkape
  • KAPE/Modules/!Disabled/Volatility_dumpfiles.mkape
  • KAPE/Modules/!Disabled/Volatility_filescan.mkape
  • KAPE/Modules/!Disabled/Volatility_handles.mkape
  • KAPE/Modules/!Disabled/Volatility_malfind_dump.mkape
  • KAPE/Modules/!Disabled/Volatility_memdump.mkape
  • KAPE/Modules/!Disabled/Volatility_mftparser.mkape
  • KAPE/Modules/!Disabled/Volatility_moddump.mkape
  • KAPE/Modules/!Disabled/Volatility_procdump.mkape
  • KAPE/Modules/!Disabled/Volatility_shellbags.mkape
  • KAPE/Modules/!Disabled/Volatility_timeliner.mkape
  • KAPE/Modules/Apps/CrowdStrike_CrowdResponse.mkape
  • KAPE/Modules/Apps/DensityScout.mkape
  • KAPE/Modules/Apps/DumpIt_Memory.mkape
  • KAPE/Modules/Apps/Everything_ParseEFU.mkape
  • KAPE/Modules/Apps/ExifTool.mkape
  • KAPE/Modules/Apps/GitHub/BMC-Tools_RDPBitmapCacheParser.mkape
  • KAPE/Modules/Apps/GitHub/BitsParser.mkape
  • KAPE/Modules/Apps/GitHub/Bulk_extractor.mkape
  • KAPE/Modules/Apps/GitHub/CCMRUAFinder_RecentlyUsedApps.mkape
  • KAPE/Modules/Apps/GitHub/Chainsaw.mkape
  • KAPE/Modules/Apps/GitHub/DHParser.mkape
  • KAPE/Modules/Apps/GitHub/EvtxHussar.mkape
  • KAPE/Modules/Apps/GitHub/HatTrickFreenetParser.mkape
  • KAPE/Modules/Apps/GitHub/Hayabusa/hayabusa_EventStatistics.mkape
  • KAPE/Modules/Apps/GitHub/Hayabusa/hayabusa_LiveResponse.mkape
  • KAPE/Modules/Apps/GitHub/Hayabusa/hayabusa_LogonSummary.mkape
  • KAPE/Modules/Apps/GitHub/Hayabusa/hayabusa_OfflineEventLogs.mkape
  • KAPE/Modules/Apps/GitHub/Hayabusa/hayabusa_UpdateRules.mkape
  • KAPE/Modules/Apps/GitHub/INDXRipper.mkape
  • KAPE/Modules/Apps/GitHub/LevelDBDumper.mkape
  • KAPE/Modules/Apps/GitHub/Loki_LiveResponse.mkape
  • KAPE/Modules/Apps/GitHub/Loki_Scan.mkape
  • KAPE/Modules/Apps/GitHub/ObsidianForensics_Hindsight.mkape
  • KAPE/Modules/Apps/GitHub/OneDriveExplorer.mkape
  • KAPE/Modules/Apps/GitHub/PowerShell_Get-ChainsawSigmaRules.mkape
  • KAPE/Modules/Apps/GitHub/PowerShell_Get-DoSvc4n6.mkape
  • KAPE/Modules/Apps/GitHub/PowerShell_Get-InjectedThread.mkape
  • KAPE/Modules/Apps/GitHub/PowerShell_Get-NetworkConnection.mkape
  • KAPE/Modules/Apps/GitHub/PowerShell_MFTECmd_J-MFTParsing.mkape
  • KAPE/Modules/Apps/GitHub/PowerShell_Move-KAPEConsoleHost_history.mkape
  • KAPE/Modules/Apps/GitHub/PowerShell_Netscan.mkape
  • KAPE/Modules/Apps/GitHub/PowerShell_Signed.mkape
  • KAPE/Modules/Apps/GitHub/PowerShell_SrumECmd_SRUM-RepairAndParse.mkape
  • KAPE/Modules/Apps/GitHub/PowerShell_SumECmd_SUM-RepairAndParse.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_NTUser-Variable.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_NTUser.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SAM.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SECURITY-Variable.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SECURITY.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SOFTWARE-Variable.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SOFTWARE.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SYSTEM-Variable.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SYSTEM.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_UsrClass-Variable.mkape
  • KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_UsrClass.mkape
  • KAPE/Modules/Apps/GitHub/SEPparser.mkape
  • KAPE/Modules/Apps/GitHub/SRUMDump.mkape
  • KAPE/Modules/Apps/GitHub/TeamsParser.mkape
  • KAPE/Modules/Apps/GitHub/ThumbCacheViewer.mkape
  • KAPE/Modules/Apps/GitHub/VLSeeRecent_VLCRecentFiles.mkape
  • KAPE/Modules/Apps/GitHub/Velocidex_WinPmem.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_amcache.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_clipboard.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_cmdline.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_cmdscan.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_connections.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_connscan.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_consoles.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_dlllist.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_driverirp.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_hollowfind.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_idt.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_malfind.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_modscan.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_modules.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_netscan.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_notepad.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_pslist.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_psscan.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_pstree.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_psxview.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_shimcache.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_sockets.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_sockscan.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_ssdt.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_userassist.mkape
  • KAPE/Modules/Apps/GitHub/Volatility/Volatility_userhandles.mkape
  • KAPE/Modules/Apps/GitHub/WMI-Parser.mkape
  • KAPE/Modules/Apps/GitHub/Zircolite_Scan.mkape
  • KAPE/Modules/Apps/GitHub/Zircolite_Update.mkape
  • KAPE/Modules/Apps/GitHub/hasherezade_HollowsHunter.mkape
  • KAPE/Modules/Apps/GitHub/iTunesBackupReader.mkape
  • KAPE/Modules/Apps/GitHub/log4j-scanner.mkape
  • KAPE/Modules/Apps/GitHub/mimikatz_NTLMHashes.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_binary.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_email.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_encoding.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_ip.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_link.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_obfuscation.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_script.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_shell.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_shellcode.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_suspicious.mkape
    .ps1
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_unc.mkape
  • KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_url.mkape
  • KAPE/Modules/Apps/KAPE_Automation.mkape
  • KAPE/Modules/Apps/Kaspersky_TDSSKiller.mkape
  • KAPE/Modules/Apps/LogParser/LogParser_ApacheAccessLogs.mkape
  • KAPE/Modules/Apps/LogParser/LogParser_DetailedNetworkShareAccess.mkape
  • KAPE/Modules/Apps/LogParser/LogParser_LogonLogoffEvents.mkape
  • KAPE/Modules/Apps/LogParser/LogParser_RDPUsageEvents.mkape
  • KAPE/Modules/Apps/LogParser/LogParser_SMBServerAnonymousLogons.mkape
  • KAPE/Modules/Apps/MagnetForensics_EDD.mkape
  • KAPE/Modules/Apps/MagnetForensics_RAMCapture.mkape
  • KAPE/Modules/Apps/McAfeeStinger.mkape
  • KAPE/Modules/Apps/NTFSLogTracker_$J.mkape
  • KAPE/Modules/Apps/NTFSLogTracker_$LogFile.mkape
  • KAPE/Modules/Apps/NirSoft/NirSoft_BrowsingHistoryView.mkape
  • KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_AllEventLogs.mkape
  • KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_Application.mkape
  • KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_PowerShell-Operational.mkape
  • KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_PrintService-Operational.mkape
  • KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_ScheduledTasks.mkape
  • KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_Security.mkape
  • KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_System.mkape
  • KAPE/Modules/Apps/NirSoft/NirSoft_TurnedOnTimesView.mkape
  • KAPE/Modules/Apps/NirSoft/NirSoft_USBDeview.mkape
  • KAPE/Modules/Apps/PowerShell_5SecondPause.mkape
  • KAPE/Modules/Apps/PowerShell_log4j.mkape
  • KAPE/Modules/Apps/SOFELK/SOFELK_Parser_EvtxECmd.mkape
  • KAPE/Modules/Apps/SOFELK/SOFELK_Parser_LEcmd.mkape
  • KAPE/Modules/Apps/SOFELK/SOFELK_Parser_MFTECmd_J.mkape
  • KAPE/Modules/Apps/SOFELK/SOFELK_Parser_MFTECmd_MFT.mkape
  • KAPE/Modules/Apps/SOFELK/SOFELK_Parser_PECmd.mkape
  • KAPE/Modules/Apps/SQLite3_TeraCopy_History.mkape
  • KAPE/Modules/Apps/SQLite3_TeraCopy_Main.mkape
  • KAPE/Modules/Apps/Snap2HTML.mkape
  • KAPE/Modules/Apps/SysInternals/SysInternals_Autoruns.mkape
  • KAPE/Modules/Apps/SysInternals/SysInternals_Handle.mkape
  • KAPE/Modules/Apps/SysInternals/SysInternals_PsFile.mkape
  • KAPE/Modules/Apps/SysInternals/SysInternals_PsInfo.mkape
  • KAPE/Modules/Apps/SysInternals/SysInternals_PsList.mkape
  • KAPE/Modules/Apps/SysInternals/SysInternals_PsLoggedOn.mkape
  • KAPE/Modules/Apps/SysInternals/SysInternals_PsService.mkape
  • KAPE/Modules/Apps/SysInternals/SysInternals_PsTree.mkape
  • KAPE/Modules/Apps/SysInternals/SysInternals_SigCheck.mkape
  • KAPE/Modules/Apps/SysInternals/SysInternals_Tcpvcon.mkape
  • KAPE/Modules/Apps/TZWorks/TZWorks_CAFAE_Registry_System.mkape
  • KAPE/Modules/Apps/TZWorks/TZWorks_evtwalk64_EventLogs_ScheduledTasks.mkape
  • KAPE/Modules/Apps/Thor-Lite/Thor-Lite_LiveResponse.mkape
  • KAPE/Modules/Apps/Thor-Lite/Thor-Lite_LiveResponse_Lookback30days.mkape
  • KAPE/Modules/Apps/Thor-Lite/Thor-Lite_Scan.mkape
  • KAPE/Modules/Apps/Thor-Lite/Thor-Lite_Upgrade.mkape
  • KAPE/Modules/Apps/Thor/Thor_Scan.mkape
  • KAPE/Modules/Apps/Thor/Thor_Upgrade.mkape
  • KAPE/Modules/Apps/Winlogbeat_ALL.mkape
  • KAPE/Modules/Compound/!!ToolSync.mkape
  • KAPE/Modules/Compound/!EZParser.mkape
  • KAPE/Modules/Compound/Hayabusa.mkape
  • KAPE/Modules/Compound/KapeResearch_Registry_JSON.mkape
  • KAPE/Modules/Compound/LiveResponse_NetSystemInfo.mkape
  • KAPE/Modules/Compound/LiveResponse_NetworkDetails.mkape
  • KAPE/Modules/Compound/LiveResponse_ProcessDetails.mkape
  • KAPE/Modules/Compound/LogParser.mkape
  • KAPE/Modules/Compound/MFTECmd.mkape
  • KAPE/Modules/Compound/NTFSLogTracker.mkape
  • KAPE/Modules/Compound/RECmd_AllBatchFiles.mkape
  • KAPE/Modules/Compound/RegRipper.mkape
  • KAPE/Modules/Compound/Reghunter.mkape
  • KAPE/Modules/Compound/SOFELK_Parser.mkape
  • KAPE/Modules/Compound/bstrings.mkape
  • KAPE/Modules/Compound/bstrings_CryptoWallets.mkape
  • KAPE/Modules/CompoundModuleGuide.guide
  • KAPE/Modules/CompoundModuleTemplate.template
  • KAPE/Modules/EZTools/AmcacheParser.mkape
  • KAPE/Modules/EZTools/AppCompatCacheParser.mkape
  • KAPE/Modules/EZTools/EvtxECmd/EvtxECmd.mkape
  • KAPE/Modules/EZTools/EvtxECmd/EvtxECmd_RDP.mkape
  • KAPE/Modules/EZTools/JLECmd.mkape
  • KAPE/Modules/EZTools/LECmd.mkape
  • KAPE/Modules/EZTools/MFTECmd/MFTECmd_$Boot.mkape
  • KAPE/Modules/EZTools/MFTECmd/MFTECmd_$J.mkape
  • KAPE/Modules/EZTools/MFTECmd/MFTECmd_$MFT.mkape
  • KAPE/Modules/EZTools/MFTECmd/MFTECmd_$MFT_DumpResidentFiles.mkape
  • KAPE/Modules/EZTools/MFTECmd/MFTECmd_$MFT_FileListing.mkape
  • KAPE/Modules/EZTools/MFTECmd/MFTECmd_$MFT_ProcessMFTSlack.mkape
  • KAPE/Modules/EZTools/MFTECmd/MFTECmd_$SDS.mkape
  • KAPE/Modules/EZTools/PECmd.mkape
  • KAPE/Modules/EZTools/RBCmd.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_AllRegExecutablesFoundOrRun.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_BCDBootVolume.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_BasicSystemInfo.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_InstalledSoftware.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_Kroll.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_RECmd_Batch_MC.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_RegistryASEPs.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_SoftwareASEPs.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_SoftwareClassesASEPs.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_SoftwareWoW6432ASEPs.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_SystemASEPs.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_UserActivity.mkape
  • KAPE/Modules/EZTools/RECmd/RECmd_UserClassesASEPs.mkape
  • KAPE/Modules/EZTools/RecentFileCacheParser.mkape
  • KAPE/Modules/EZTools/SBECmd.mkape
  • KAPE/Modules/EZTools/SQLECmd/SQLECmd.mkape
  • KAPE/Modules/EZTools/SQLECmd/SQLECmd_Hunt.mkape
  • KAPE/Modules/EZTools/SrumECmd.mkape
  • KAPE/Modules/EZTools/SumECmd.mkape
  • KAPE/Modules/EZTools/WxTCmd.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_AeonWallet.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_BitCoinWallet.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_Bitlocker.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_ByteCoinWallet.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_CreditCards.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_DashCoinWallet.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_DashCoinWallet2.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_Email.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_FantomCoinWallet.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_IPv4.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_MACAddresses.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_MoneroWallet.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_SSN.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_SumoKoinWallet.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_UNC.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_URLs.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_USPhone.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_WinPath.mkape
  • KAPE/Modules/EZTools/bstrings/bstrings_ZipCodes.mkape
  • KAPE/Modules/EZTools/iisGeoLocate.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_EventLogs_XML.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_Amcache_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_BBI_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_BCD-Template_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_COMPONENTS_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_DEFAULT_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_DRIVERS_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_ELAM_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_NTUSER_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_SAM_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_SECURITY_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_SOFTWARE_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_SYSTEM_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_SysCache_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_UsrClass_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_VSMIDK_JSON.mkape
  • KAPE/Modules/KapeResearch/KapeResearch_Registry_userdiff_JSON.mkape
  • KAPE/Modules/KapeSync/Sync_EvtxECmd.mkape
  • KAPE/Modules/KapeSync/Sync_KAPE.mkape
  • KAPE/Modules/KapeSync/Sync_RECmd.mkape
  • KAPE/Modules/KapeSync/Sync_SQLECmd.mkape
  • KAPE/Modules/ModuleGuide.guide
  • KAPE/Modules/ModuleTemplate.template
  • KAPE/Modules/Windows/PowerShell_DLL_List.mkape
  • KAPE/Modules/Windows/PowerShell_Defender_Exclusions.mkape
  • KAPE/Modules/Windows/PowerShell_NamedPipes.mkape
  • KAPE/Modules/Windows/PowerShell_NetUserAdministrators.mkape
  • KAPE/Modules/Windows/PowerShell_ParseScheduledTasks.mkape
    .ps1
  • KAPE/Modules/Windows/PowerShell_ProcessList_CimInstance.mkape
  • KAPE/Modules/Windows/PowerShell_ProcessList_WMI.mkape
    .ps1
  • KAPE/Modules/Windows/PowerShell_Process_Cmdline.mkape
    .ps1
  • KAPE/Modules/Windows/PowerShell_Startup_Commands.mkape
  • KAPE/Modules/Windows/PowerShell_WMIRepositoryAuditing.mkape
    .ps1
  • KAPE/Modules/Windows/Windows_ARPCache.mkape
  • KAPE/Modules/Windows/Windows_DNSCache.mkape
  • KAPE/Modules/Windows/Windows_GpResult.mkape
  • KAPE/Modules/Windows/Windows_IPConfig.mkape
  • KAPE/Modules/Windows/Windows_ManageBDE_BitLockerKeys.mkape
  • KAPE/Modules/Windows/Windows_ManageBDE_BitLockerStatus.mkape
  • KAPE/Modules/Windows/Windows_MsInfo.mkape
  • KAPE/Modules/Windows/Windows_NetStat.mkape
  • KAPE/Modules/Windows/Windows_Net_Accounts.mkape
  • KAPE/Modules/Windows/Windows_Net_File.mkape
  • KAPE/Modules/Windows/Windows_Net_LocalGroup.mkape
  • KAPE/Modules/Windows/Windows_Net_Session.mkape
  • KAPE/Modules/Windows/Windows_Net_Share.mkape
  • KAPE/Modules/Windows/Windows_Net_Start.mkape
  • KAPE/Modules/Windows/Windows_Net_Use.mkape
  • KAPE/Modules/Windows/Windows_Net_User.mkape
  • KAPE/Modules/Windows/Windows_RoutingTable.mkape
  • KAPE/Modules/Windows/Windows_SystemInfo.mkape
  • KAPE/Modules/Windows/Windows_nbtstat_NetBIOSCache.mkape
  • KAPE/Modules/Windows/Windows_nbtstat_NetBIOSSessions.mkape
  • KAPE/Modules/Windows/Windows_netsh_portproxy.mkape
  • KAPE/Modules/Windows/Windows_qwinsta_RDPSessions.mkape
  • KAPE/Modules/Windows/Windows_schtasks.mkape
  • KAPE/Modules/bin/AmcacheParser.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/AppCompatCacheParser.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/EvtxECmd/EvtxECmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/EvtxECmd/Maps/!!!!README.md
  • KAPE/Modules/bin/EvtxECmd/Maps/!Channel-Name_Provider-Name_EventID.guide
  • KAPE/Modules/bin/EvtxECmd/Maps/!Channel-Name_Provider-Name_EventID.template
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Application-Error_1000.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Application-Hang_1002.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_CarbonBlackDefense_1.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_CarbonBlackDefense_17.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_CarbonBlackDefense_33.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_CarbonBlackDefense_49.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Citrix-Desktop-Service_1027.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Citrix-Desktop-Service_1049.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_CylanceSvc_1.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_CylanceSvc_2.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_ESENT_325.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_ESENT_326.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_ESENT_327.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_HitmanPro-Alert_911.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MSSQLSERVER_15457.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MSSQLSERVER_18456.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MSSQLSERVER_33205.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_McAfee-Endpoint-Security_3.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MetaFrameEvents_1106.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Microsoft-Windows-Audit-CVE_1.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Microsoft-Windows-RestartManager_10002.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Microsoft-Windows-Winsrv_10001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Microsoft-Windows-Winsrv_10002.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_1033.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_1034.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_1040.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_1042.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_11707.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_11708.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_11724.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Sophos-Anti-Virus_32.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Sophos-System-Protection_42.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Symantec_4003.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_System-Restore_8194.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_System-Restore_8195.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_System-Restore_8196.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_WSH_0.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Application_Windows-Error-Reporting_1001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/COMODO-Client-Security-CEF_File-Rating_3.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2039.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2048.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2072.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2079.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2085.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2086.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2127.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpndownloader_5005.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnui_3021.map
  • KAPE/Modules/bin/EvtxECmd/Maps/CrowdStrike-Falcon-Sensor-CSFalconService-Operational_CrowdStrike-Falcon-Sensor-CSFalconService_3.map
  • KAPE/Modules/bin/EvtxECmd/Maps/CrowdStrike-Falcon-Sensor-CSFalconService-Operational_CrowdStrike-Falcon-Sensor-CSFalconService_4.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Kaspersky-Endpoint-Security_avp_302.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Kaspersky-Endpoint-Security_avp_362.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppID-Operational_Microsoft-Windows-AppID_4004.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppLocker-EXE-and-DLL_Microsoft-Windows-AppLocker_8002.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppLocker-EXE-and-DLL_Microsoft-Windows-AppLocker_8004.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppLocker-MSI-and-Script_Microsoft-Windows-AppLocker_8005.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppLocker-MSI-and-Script_Microsoft-Windows-AppLocker_8007.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppLocker-PackagedApp-Execution_Microsoft-Windows-AppLocker_8020.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Application-Experience-Program-Compatibility-Assistant_Microsoft-Windows-Program-Compatibility-Assistant_17.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Application-Experience-Program-Telemetry_Microsoft-Windows-Application-Experience_500.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Application-Experience-Program-Telemetry_Microsoft-Windows-Application-Experience_505.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_3.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_4.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_5.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_59.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_60.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_61.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_64.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-DateTimeControlPanel-Operational_Microsoft-Windows-DateTimeControlPanel_20000.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-DeviceSetupManager-Admin_Microsoft-Windows-DeviceSetupManager_100.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-DeviceSetupManager-Admin_Microsoft-Windows-DeviceSetupManager_101.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-DeviceSetupManager-Admin_Microsoft-Windows-DeviceSetupManager_112.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Dhcp-Client-Admin_Microsoft-Windows-Dhcp-Client_50067.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Diagnostics-Performance-Operational_Microsoft-Windows-Diagnostics-Performance_100.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Diagnostics-Performance-Operational_Microsoft-Windows-Diagnostics-Performance_101.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Diagnostics-Performance-Operational_Microsoft-Windows-Diagnostics-Performance_200.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-DriverFrameworks-UserMode-Operational_Microsoft-Windows-DriverFrameworks-UserMode_2100.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-GroupPolicy-Operational_Microsoft-Windows-GroupPolicy_4004.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-GroupPolicy-Operational_Microsoft-Windows-GroupPolicy_4005.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-GroupPolicy-Operational_Microsoft-Windows-GroupPolicy_4016.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-GroupPolicy-Operational_Microsoft-Windows-GroupPolicy_4017.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Hyper-V-VMMS-Admin_Microsoft-Windows-Hyper-V-Worker_13002.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Hyper-V-Worker-Admin_Microsoft-Windows-Hyper-V-Worker_18500.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Hyper-V-Worker-Admin_Microsoft-Windows-Hyper-V-Worker_18502.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Hyper-V-Worker-Admin_Microsoft-Windows-Hyper-V-Worker_18508.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Hyper-V-Worker-Admin_Microsoft-Windows-Hyper-V-Worker_18514.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Kernel-PnP-Configuration_Microsoft-Windows-Kernel-PnP_400.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Kernel-PnP-Configuration_Microsoft-Windows-Kernel-PnP_410.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Kernel-PnP-Configuration_Microsoft-Windows-Kernel-PnP_430.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-NetworkProfile-Operational_Microsoft-Windows-NetworkProfile_10000.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-NetworkProfile-Operational_Microsoft-Windows-NetworkProfile_10001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Ntfs-Operational_Microsoft-Windows-Ntfs_142.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Ntfs-Operational_Microsoft-Windows-Ntfs_145.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Ntfs-Operational_Microsoft-Windows-Ntfs_146.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Ntfs-Operational_Microsoft-Windows-Ntfs_151.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Ntfs-Operational_Ntfs_55.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Partition-Diagnostic_Microsoft-Windows-Partition_1006.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-PowerShell-Operational_Microsoft-Windows-PowerShell_4100.map
    .ps1
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-PowerShell-Operational_Microsoft-Windows-PowerShell_4103.map
    .ps1
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-PowerShell-Operational_Microsoft-Windows-PowerShell_4104.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-PrintService-Operational_Microsoft-Windows-PrintService_307.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-PrintService-Operational_Microsoft-Windows-PrintService_316.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS-Operational_Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_104.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS-Operational_Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_131.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS-Operational_Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_140.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS-Operational_Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_72.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS-Operational_Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_98.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SMBServer-Audit_Microsoft-Windows-SMBServer_3000.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SMBServer-Operational_Microsoft-Windows-SMBServer_1016.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SMBServer-Operational_Microsoft-Windows-SMBServer_1017.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SMBServer-Operational_Microsoft-Windows-SMBServer_1020.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SMBServer-Security_Microsoft-Windows-SMBServer_551.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_28115.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9701.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9702.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9703.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9704.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9705.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9706.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9707.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9708.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9709.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9710.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9711.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9712.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SmbClient-Connectivity_Microsoft-Windows-SMBClient_30805.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SmbClient-Connectivity_Microsoft-Windows-SMBClient_30806.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SmbClient-Connectivity_Microsoft-Windows-SMBClient_30807.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SmbClient-Security_Microsoft-Windows-SMBClient_31001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SmbClient-Security_Microsoft-Windows-SMBClient_31010.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Storage-ClassPnP-Operational_Microsoft-Windows-StorDiag_507.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Storage-ClassPnP-Operational_Microsoft-Windows-Storage-ClassPnP_507.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Storage-Storport-Operational_Microsoft-Windows-StorPort_504.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Storage-Storport-Operational_Microsoft-Windows-StorPort_505.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-StorageSpaces-Driver-Operational_Microsoft-Windows-StorageSpaces-Driver_207.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Storsvc-Diagnostic_Microsoft-Windows-Storsvc_1001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_1.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_10.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_11.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_12.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_13.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_14.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_15.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_16.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_17.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_18.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_19.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_2.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_20.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_21.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_22.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_23.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_24.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_25.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_26.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_27.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_3.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_4.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_5.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_6.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_7.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_8.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_9.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TZUtil-Operational_Microsoft-Windows-TZUtil_20001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_100.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_102.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_106.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_119.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_129.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_140.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_141.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_200.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_201.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_200.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_300.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_302.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_303.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_312.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_313.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_21.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_22.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_23.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_24.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_25.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_39.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_40.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_41.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1024.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1025.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1026.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1027.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1029.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1102.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1103.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1105.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RemoteConnectionManager-Operational_Microsoft-Windows-TerminalServices-RemoteConnectionManager_1149.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RemoteConnectionManager-Operational_Microsoft-Windows-TerminalServices-RemoteConnectionManager_261.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-UniversalTelemetryClient-Operational_Microsoft-Windows-UniversalTelemetryClient_55.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-User-Profile-Service-Operational_Microsoft-Windows-User-Profiles-Service_2.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-User-Profile-Service-Operational_Microsoft-Windows-User-Profiles-Service_4.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-User-Profile-Service-Operational_Microsoft-Windows-User-Profiles-Service_67.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_1.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_1_Current.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_1_Legacy.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_2.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_2_Current.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_2_Legacy.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_50_Current.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_51_Current.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WER-Diag-Operational_Microsoft-Windows-WER-Diag_4.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WLAN-AutoConfig-Operational_Microsoft-Windows-WLAN-AutoConfig_8000.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WLAN-AutoConfig-Operational_Microsoft-Windows-WLAN-AutoConfig_8001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WLAN-AutoConfig-Operational_Microsoft-Windows-WLAN-AutoConfig_8002.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WLAN-AutoConfig-Operational_Microsoft-Windows-WLAN-AutoConfig_8003.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WMI-Activity-Operational_Microsoft-Windows-WMI-Activity_5857.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WMI-Activity-Operational_Microsoft-Windows-WMI-Activity_5858.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WMI-Activity-Operational_Microsoft-Windows-WMI-Activity_5860.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WMI-Activity-Operational_Microsoft-Windows-WMI-Activity_5861.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WPD-MTPClassDriver-Operational_Microsoft-Windows-WPD-MTPClassDriver_1005.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WinINet-Config-ProxyConfigChanged_Microsoft-Windows-WinINet-Config_5600.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WinRM-Operational_Microsoft-Windows-WinRM_169.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1000.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1002.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1003.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1004.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1005.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1006.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1008.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1011.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1013.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1116.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1117.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1150.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_2000.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_5000.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_5001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_5007.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Firewall-With-Advanced-Security-Firewall_Microsoft-Windows-Windows-Firewall-With-Advanced-Security_2003.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Firewall-With-Advanced-Security-Firewall_Microsoft-Windows-Windows-Firewall-With-Advanced-Security_2004.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Firewall-With-Advanced-Security-Firewall_Microsoft-Windows-Windows-Firewall-With-Advanced-Security_2005.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Firewall-With-Advanced-Security-Firewall_Microsoft-Windows-Windows-Firewall-With-Advanced-Security_2006.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Firewall-With-Advanced-Security-Firewall_Microsoft-Windows-Windows-Firewall-With-Advanced-Security_2011.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Winlogon-Operational_Microsoft-Windows-Winlogon_811.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Winlogon-Operational_Microsoft-Windows-Winlogon_812.map
  • KAPE/Modules/bin/EvtxECmd/Maps/OAlerts_Microsoft-Office-14-Alerts_300.map
  • KAPE/Modules/bin/EvtxECmd/Maps/OAlerts_Microsoft-Office-15-Alerts_300.map
  • KAPE/Modules/bin/EvtxECmd/Maps/OAlerts_Microsoft-Office-16-Alerts_300.map
  • KAPE/Modules/bin/EvtxECmd/Maps/OpenSSH-Operational_OpenSSH_4.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Eventlog_1100.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Eventlog_1102.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4608.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4611.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4616.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4624.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4625.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4634.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4647.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4648.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4656.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4657.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4658.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4661.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4662.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4663.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4672.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4673.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4674.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4688.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4689.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4696.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4697.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4698.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4699.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4700.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4701.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4702.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4703.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4704.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4705.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4706.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4707.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4713.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4716.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4717.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4718.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4719.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4720.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4722.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4723.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4724.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4725.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4726.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4728.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4731.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4732.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4733.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4734.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4735.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4738.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4740.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4741.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4742.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4743.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4764.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4768.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4769.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4770.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4771.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4772.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4773.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4774.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4775.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4776.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4777.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4778.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4779.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4781.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4782.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4793.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4797.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4798.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4799.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4800.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4801.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4802.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4803.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5136.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5137.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5138.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5139.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5140.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5141.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5142.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5143.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5144.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5145.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5152.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5154.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5156.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5157.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5158.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5159.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5379.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_6416.map
  • KAPE/Modules/bin/EvtxECmd/Maps/SentinelOne-Operational_26.map
  • KAPE/Modules/bin/EvtxECmd/Maps/SentinelOne-Operational_31.map
  • KAPE/Modules/bin/EvtxECmd/Maps/SentinelOne-Operational_32.map
  • KAPE/Modules/bin/EvtxECmd/Maps/SentinelOne-Operational_81.map
  • KAPE/Modules/bin/EvtxECmd/Maps/SentinelOne-Operational_91.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1000.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1100.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1101.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1110.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1111.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_100.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_101.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_12.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_129.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_2.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_200.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_201.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_202.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_21.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_23.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_24.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_3.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_34054.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_34056.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_51.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_69.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_7.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_80.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Application-Popup_26.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_EventLog_6005.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_EventLog_6006.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_EventLog_6008.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_EventLog_6013.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_LsaSrv_40960.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_LsaSrv_45057.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Antimalware_1116.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-GroupPolicy_1129.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Audit-CVE_2.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-DistributedCOM_10028.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-DriverFrameworks-UserMode_10000.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Eventlog_104.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-GroupPolicy_1130.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-GroupPolicy_1500.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-GroupPolicy_1501.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Kernel-General_1.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Kernel-General_12.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Kernel-General_13.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Kernel-Power_42.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Power-Troubleshooter_1.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Time-Service_35.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Time-Service_37.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-UserPnp_20001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-UserPnp_20003.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Winlogon_7001.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Winlogon_7002.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7031.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7034.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7035.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7036.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7040.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7045.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_TermDD_56.map
  • KAPE/Modules/bin/EvtxECmd/Maps/System_User32_1074.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueueReport_5118.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueueReport_5120.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5129.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5138.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5140.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5172.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5176.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5213.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5214.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5220.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsMon_5434.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsSvcFW_900.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Windows-PowerShell_PowerShell_400.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Windows-PowerShell_PowerShell_403.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Windows-PowerShell_PowerShell_600.map
  • KAPE/Modules/bin/EvtxECmd/Maps/Windows-PowerShell_PowerShell_800.map
  • KAPE/Modules/bin/EvtxECmd/Maps/adPWDManager_adPWDManager_110.map
  • KAPE/Modules/bin/JLECmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/LECmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/MFTECmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/PECmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RBCmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/BatchExamples/!RECmdBatch.guide
  • KAPE/Modules/bin/RECmd/BatchExamples/!RECmdBatch.template
  • KAPE/Modules/bin/RECmd/BatchExamples/AllRegExecutablesFoundOrRun.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/BCDBootVolume.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/BasicSystemInfo.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/BatchExample.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/BatchExampleServices.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/BatchExampleSysCache.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/BatchExampleUserAssist.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/BatchExampleWildCard.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/BinaryIncludeDemo.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/InstalledSoftware.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/Kroll_Batch.md
  • KAPE/Modules/bin/RECmd/BatchExamples/Kroll_Batch.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/README.md
  • KAPE/Modules/bin/RECmd/BatchExamples/RECmd_Batch_MC.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/RegistryASEPs.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/SoftwareASEPs.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/SoftwareClassesASEPs.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/SoftwareWoW6432ASEPs.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/SystemASEPs.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/UserActivity.reb
  • KAPE/Modules/bin/RECmd/BatchExamples/UserClassesASEPs.reb
  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.7-ZipHistory.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Adobe.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryApplication.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryApplicationFile.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryApplicationShortcut.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryDeviceContainer.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryDevicePnp.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryDriverBinary.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.AppCompatCache.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.AppCompatFlags.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.AppCompatFlags2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.AppPaths.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Ares.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.BamDam.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.BluetoothServicesBthPort.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.CIDSizeMRU.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.DHCPNetworkHint.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.DeviceClasses.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.FeatureUsage.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.FileExts.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.FirewallRules.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.FirstFolder.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.IconLayouts.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.JumplistData.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.KnownNetworks.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.LastVisitedMRU.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.LastVisitedPidlMRU.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.MountedDevices.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.NetworkAdapters.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.NetworkSettings.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.NetworkSetup2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.OfficeMRU.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.OpenSaveMRU.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.OpenSavePidlMRU.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Products.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.ProfileList.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.RADAR.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.RecentApps.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.RecentDocs.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.RunMRU.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.SAM.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.SAMBuiltin.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.SCSI.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Services.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.SyscacheObjectTable.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TaskCache.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TaskFlowShellActivities.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Taskband.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TerminalServerClient.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TimeZoneInformation.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TrustedDocuments.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TypedURLs.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.USB.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.USBSTOR.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Uninstall.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.UserAssist.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.VolumeInfoCache.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.WinRAR.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.WindowsApp.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.WindowsPortableDevices.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.WordWheelQuery.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RECmd/RECmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/RecentFileCacheParser.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/SBECmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/SQLECmd/Maps/!OS_Application_OptionalDescription.guide
  • KAPE/Modules/bin/SQLECmd/Maps/!OS_Application_OptionalDescription.template
  • KAPE/Modules/bin/SQLECmd/Maps/Accounts4_iOS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Accounts_iOS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/ActivitiesCache.smap
  • KAPE/Modules/bin/SQLECmd/Maps/AddressBook_iOS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Android_Calls.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Android_Contacts2DB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Android_Frosting.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Android_LocalAppState.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Android_Logs.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Android_SMS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Android_mmssmsDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Calls_Android.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Calls_iOS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/CarsDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/CellularUsage_iOS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Contacts.smap
  • KAPE/Modules/bin/SQLECmd/Maps/DataUsage_iOS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Dropbox_Configurations.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Dropbox_Filecache.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Dropbox_Instance.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Firefox.smap
  • KAPE/Modules/bin/SQLECmd/Maps/FirefoxCookies.smap
  • KAPE/Modules/bin/SQLECmd/Maps/FirefoxFormHistory.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Firefox_Bookmarks.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Frosting_Android.smap
  • KAPE/Modules/bin/SQLECmd/Maps/GoogleDriveCloud.smap
  • KAPE/Modules/bin/SQLECmd/Maps/GoogleDriveSnapshot.smap
  • KAPE/Modules/bin/SQLECmd/Maps/HealthDb.smap
  • KAPE/Modules/bin/SQLECmd/Maps/HealthDbSecure.smap
  • KAPE/Modules/bin/SQLECmd/Maps/HealthDbSecure_iOS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/HealthDb_iOS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Launcher_Android.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Localappstate_Android.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Logs_Android.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Photos-iOS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/SMS_Android.smap
  • KAPE/Modules/bin/SQLECmd/Maps/SMS_iOS.smap
  • KAPE/Modules/bin/SQLECmd/Maps/TeraCopy_History.smap
  • KAPE/Modules/bin/SQLECmd/Maps/TeraCopy_MainDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/TestFiles_CarsDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/TestFiles_Contacts.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_4KVideoDownloader_History.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ActivitiesCache.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Bitdefender_Antiphishing.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Bitdefender_RansomwareRecover.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Bitdefender_cache.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Bitdefender_es.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_AutofillEntries.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_AutofillProfiles.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_Cookies.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_Downloads.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_Favicons.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_HistoryVisits.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_KeywordSearches.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_MaskedCreditCards.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_MediaHistoryPlayback.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_MediaHistoryPlaybackSession.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_NetworkActionPredictor.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_OmniboxShortcuts.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_TopSites.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_AutofillEntries.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_AutofillProfiles.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_Cookies.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_Downloads.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_Favicons.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_HistoryVisits.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_KeywordSearches.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_MaskedCreditCards.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_MediaHistoryPlayback.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_MediaHistoryPlaybackSession.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_NetworkActionPredictor.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_OmniboxShortcuts.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_TopSites.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_AggregationDBX.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_Configurations.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_FileCache.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_IconDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_InstanceDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_NonLocalResources.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_RecentItems.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_SFJResources.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_StarredItems.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_SyncHistory.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_TrayThumbnails.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_EventTranscriptDB_DataSampling.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_EventTranscriptDB_NoDataSampling.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_FileZilla_Queue.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Bookmarks.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Cookies.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Downloads-Downloads.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Downloads-Places.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Downloads.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Favicons.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_FormHistory.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_History.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_Changes.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_Cloud.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_CloudGraphDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_Snapshot.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_SnapshotDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_SyncConfigDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_metadata_sqlite_db.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_MicrosoftStickyNotes_NotesDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Nessus_Preferences.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Notifications_DB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_Photos.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_TeraCopy_History.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_TeraCopy_MainDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_WPNDatabase_Notifications.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_WPNDatabase_WNSPushChannel.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_WindowsUpdate_StoreDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_YourPhone_ContactsDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_YourPhone_NotificationsDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_YourPhone_PhoneDB-SMSMessages.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_YourPhone_PhotosDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_YourPhone_SettingsDB.smap
  • KAPE/Modules/bin/SQLECmd/Maps/Windows_pCloud.smap
  • KAPE/Modules/bin/SQLECmd/Maps/iOS_Accounts.smap
  • KAPE/Modules/bin/SQLECmd/Maps/iOS_Accounts4.smap
  • KAPE/Modules/bin/SQLECmd/Maps/iOS_Calls.smap
  • KAPE/Modules/bin/SQLECmd/Maps/iOS_CellularUsage.smap
  • KAPE/Modules/bin/SQLECmd/Maps/iOS_HealthDb.smap
  • KAPE/Modules/bin/SQLECmd/Maps/iOS_HealthDb_Secure.smap
  • KAPE/Modules/bin/SQLECmd/Maps/iOS_Photos.smap
  • KAPE/Modules/bin/SQLECmd/Maps/iOS_SMS.smap
  • KAPE/Modules/bin/SQLECmd/SQLECmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/SrumECmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/SumECmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/WxTCmd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Modules/bin/bstrings.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/Targets/!Disabled/AppData.tkape
  • KAPE/Targets/!Disabled/DirectoryTraversal_AudioFiles.tkape
  • KAPE/Targets/!Disabled/DirectoryTraversal_ExcelDocuments.tkape
  • KAPE/Targets/!Disabled/DirectoryTraversal_PDFDocuments.tkape
  • KAPE/Targets/!Disabled/DirectoryTraversal_PictureFiles.tkape
  • KAPE/Targets/!Disabled/DirectoryTraversal_SQLiteDatabases.tkape
  • KAPE/Targets/!Disabled/DirectoryTraversal_VideoFiles.tkape
  • KAPE/Targets/!Disabled/DirectoryTraversal_WildCardExample.tkape
  • KAPE/Targets/!Disabled/DirectoryTraversal_WordDocuments.tkape
  • KAPE/Targets/!Disabled/LiveUserFiles.tkape
  • KAPE/Targets/Antivirus/AVG.tkape
  • KAPE/Targets/Antivirus/Avast.tkape
  • KAPE/Targets/Antivirus/AviraAVLogs.tkape
  • KAPE/Targets/Antivirus/Bitdefender.tkape
  • KAPE/Targets/Antivirus/Combofix.tkape
  • KAPE/Targets/Antivirus/Cybereason.tkape
  • KAPE/Targets/Antivirus/ESET.tkape
  • KAPE/Targets/Antivirus/Emsisoft.tkape
  • KAPE/Targets/Antivirus/FSecure.tkape
  • KAPE/Targets/Antivirus/HitmanPro.tkape
  • KAPE/Targets/Antivirus/Malwarebytes.tkape
  • KAPE/Targets/Antivirus/McAfee.tkape
  • KAPE/Targets/Antivirus/McAfee_ePO.tkape
  • KAPE/Targets/Antivirus/RogueKiller.tkape
  • KAPE/Targets/Antivirus/SUPERAntiSpyware.tkape
  • KAPE/Targets/Antivirus/SecureAge.tkape
  • KAPE/Targets/Antivirus/SentinelOne.tkape
  • KAPE/Targets/Antivirus/Sophos.tkape
  • KAPE/Targets/Antivirus/Symantec_AV_Logs.tkape
  • KAPE/Targets/Antivirus/TotalAV.tkape
  • KAPE/Targets/Antivirus/TrendMicro.tkape
  • KAPE/Targets/Antivirus/VIPRE.tkape
  • KAPE/Targets/Antivirus/Webroot.tkape
  • KAPE/Targets/Antivirus/WinDefendDetectionHist.tkape
  • KAPE/Targets/Antivirus/WindowsDefender.tkape
  • KAPE/Targets/Apps/1Password.tkape
  • KAPE/Targets/Apps/4KVideoDownloader.tkape
  • KAPE/Targets/Apps/AceText.tkape
  • KAPE/Targets/Apps/AcronisTrueImage.tkape
  • KAPE/Targets/Apps/Ammyy.tkape
  • KAPE/Targets/Apps/AnyDesk.tkape
  • KAPE/Targets/Apps/AsperaConnect.tkape
  • KAPE/Targets/Apps/AteraAgent.tkape
  • KAPE/Targets/Apps/BoxDrive_Metadata.tkape
  • KAPE/Targets/Apps/BoxDrive_UserFiles.tkape
  • KAPE/Targets/Apps/CiscoJabber.tkape
  • KAPE/Targets/Apps/ClipboardMaster.tkape
  • KAPE/Targets/Apps/ConfluenceLogs.tkape
  • KAPE/Targets/Apps/DirectoryOpus.tkape
  • KAPE/Targets/Apps/Discord.tkape
  • KAPE/Targets/Apps/DoubleCommander.tkape
  • KAPE/Targets/Apps/Dropbox_Metadata.tkape
  • KAPE/Targets/Apps/Dropbox_UserFiles.tkape
  • KAPE/Targets/Apps/EFCommander.tkape
  • KAPE/Targets/Apps/Evernote.tkape
  • KAPE/Targets/Apps/Everything (VoidTools).tkape
  • KAPE/Targets/Apps/ExchangeClientAccess.tkape
  • KAPE/Targets/Apps/ExchangeCve-2021-26855.tkape
  • KAPE/Targets/Apps/ExchangeTransport.tkape
  • KAPE/Targets/Apps/Fences.tkape
  • KAPE/Targets/Apps/FileZillaClient.tkape
  • KAPE/Targets/Apps/FileZillaServer.tkape
  • KAPE/Targets/Apps/FreeCommander.tkape
  • KAPE/Targets/Apps/FreeDownloadManager.tkape
  • KAPE/Targets/Apps/FreeFileSync.tkape
  • KAPE/Targets/Apps/GoogleDriveBackupSync_UserFiles.tkape
  • KAPE/Targets/Apps/GoogleDrive_Metadata.tkape
  • KAPE/Targets/Apps/GoogleEarth.tkape
  • KAPE/Targets/Apps/HeidiSQL.tkape
  • KAPE/Targets/Apps/HexChat.tkape
  • KAPE/Targets/Apps/IceChat.tkape
  • KAPE/Targets/Apps/IrfanView.tkape
  • KAPE/Targets/Apps/JDownloader2.tkape
  • KAPE/Targets/Apps/JavaWebCache.tkape
  • KAPE/Targets/Apps/Kaseya.tkape
  • KAPE/Targets/Apps/LogMeIn.tkape
  • KAPE/Targets/Apps/MacriumReflect.tkape
  • KAPE/Targets/Apps/Mattermost.tkape
  • KAPE/Targets/Apps/MediaMonkey.tkape
  • KAPE/Targets/Apps/MicrosoftOneNote.tkape
  • KAPE/Targets/Apps/MicrosoftStickyNotes.tkape
  • KAPE/Targets/Apps/MicrosoftTeams.tkape
  • KAPE/Targets/Apps/MicrosoftToDo.tkape
  • KAPE/Targets/Apps/MidnightCommander.tkape
  • KAPE/Targets/Apps/MultiCommander.tkape
  • KAPE/Targets/Apps/Nessus.tkape
  • KAPE/Targets/Apps/Notepad++.tkape
  • KAPE/Targets/Apps/OneCommander.tkape
  • KAPE/Targets/Apps/OneDrive_Metadata.tkape
  • KAPE/Targets/Apps/OneDrive_UserFiles.tkape
  • KAPE/Targets/Apps/OpenSSHClient.tkape
  • KAPE/Targets/Apps/OpenSSHServer.tkape
  • KAPE/Targets/Apps/OpenVPNClient.tkape
  • KAPE/Targets/Apps/OutlookPSTOST.tkape
  • KAPE/Targets/Apps/PeaZip.tkape
  • KAPE/Targets/Apps/ProtonVPN.tkape
  • KAPE/Targets/Apps/Q-Dir.tkape
  • KAPE/Targets/Apps/QFinderPro (QNAP).tkape
  • KAPE/Targets/Apps/Radmin.tkape
  • KAPE/Targets/Apps/RemoteUtilities_app.tkape
  • KAPE/Targets/Apps/ScreenConnect.tkape
  • KAPE/Targets/Apps/ShareX.tkape
  • KAPE/Targets/Apps/SiemensTIA.tkape
  • KAPE/Targets/Apps/Signal.tkape
  • KAPE/Targets/Apps/Skype.tkape
  • KAPE/Targets/Apps/Slack.tkape
  • KAPE/Targets/Apps/Snagit.tkape
  • KAPE/Targets/Apps/SpeedCommander.tkape
  • KAPE/Targets/Apps/Splashtop.tkape
  • KAPE/Targets/Apps/SublimeText.tkape
  • KAPE/Targets/Apps/SugarSync.tkape
  • KAPE/Targets/Apps/SumatraPDF.tkape
  • KAPE/Targets/Apps/SupremoRemoteDesktop.tkape
  • KAPE/Targets/Apps/TablacusExplorer.tkape
  • KAPE/Targets/Apps/TeamViewerLogs.tkape
  • KAPE/Targets/Apps/Telegram.tkape
  • KAPE/Targets/Apps/TeraCopy.tkape
  • KAPE/Targets/Apps/Thunderbird.tkape
  • KAPE/Targets/Apps/TotalCommander.tkape
  • KAPE/Targets/Apps/TreeSize.tkape
  • KAPE/Targets/Apps/Ultraviewer.tkape
  • KAPE/Targets/Apps/VLC Media Player.tkape
  • KAPE/Targets/Apps/VMwareInventory.tkape
  • KAPE/Targets/Apps/VMwareMemory.tkape
  • KAPE/Targets/Apps/VNCLogs.tkape
  • KAPE/Targets/Apps/Viber.tkape
  • KAPE/Targets/Apps/VirtualBoxConfig.tkape
  • KAPE/Targets/Apps/VirtualBoxLogs.tkape
  • KAPE/Targets/Apps/VirtualBoxMemory.tkape
  • KAPE/Targets/Apps/WhatsApp.tkape
  • KAPE/Targets/Apps/WinSCP.tkape
  • KAPE/Targets/Apps/WindowsYourPhone.tkape
  • KAPE/Targets/Apps/XYplorer.tkape
  • KAPE/Targets/Apps/Zoom.tkape
  • KAPE/Targets/Apps/iTunesBackup.tkape
  • KAPE/Targets/Apps/mIRC.tkape
  • KAPE/Targets/Apps/mRemoteNG.tkape
  • KAPE/Targets/Apps/pCloudDatabase.tkape
  • KAPE/Targets/Browsers/BraveBrowser.tkape
  • KAPE/Targets/Browsers/BrowserCache.tkape
  • KAPE/Targets/Browsers/Chrome.tkape
  • KAPE/Targets/Browsers/ChromeExtensions.tkape
  • KAPE/Targets/Browsers/ChromeFileSystem.tkape
  • KAPE/Targets/Browsers/Edge.tkape
  • KAPE/Targets/Browsers/EdgeChromium.tkape
  • KAPE/Targets/Browsers/Firefox.tkape
  • KAPE/Targets/Browsers/InternetExplorer.tkape
  • KAPE/Targets/Browsers/Opera.tkape
  • KAPE/Targets/Browsers/PuffinSecureBrowser.tkape
  • KAPE/Targets/Compound/!BasicCollection.tkape
  • KAPE/Targets/Compound/!SANS_Triage.tkape
  • KAPE/Targets/Compound/Antivirus.tkape
  • KAPE/Targets/Compound/CloudStorage_All.tkape
  • KAPE/Targets/Compound/CloudStorage_Metadata.tkape
  • KAPE/Targets/Compound/CloudStorage_OneDriveExplorer.tkape
  • KAPE/Targets/Compound/CombinedLogs.tkape
  • KAPE/Targets/Compound/EvidenceOfExecution.tkape
  • KAPE/Targets/Compound/Exchange.tkape
  • KAPE/Targets/Compound/FTPClients.tkape
  • KAPE/Targets/Compound/FileExplorerReplacements.tkape
  • KAPE/Targets/Compound/FileSystem.tkape
  • KAPE/Targets/Compound/IRCClients.tkape
  • KAPE/Targets/Compound/KapeTriage.tkape
  • KAPE/Targets/Compound/MessagingClients.tkape
  • KAPE/Targets/Compound/MiniTimelineCollection.tkape
  • KAPE/Targets/Compound/P2PClients.tkape
  • KAPE/Targets/Compound/RecycleBin.tkape
  • KAPE/Targets/Compound/RegistryHives.tkape
  • KAPE/Targets/Compound/RemoteAdmin.tkape
  • KAPE/Targets/Compound/SOFELK.tkape
  • KAPE/Targets/Compound/SQLiteDatabases.tkape
  • KAPE/Targets/Compound/ServerTriage.tkape
  • KAPE/Targets/Compound/TorrentClients.tkape
  • KAPE/Targets/Compound/USBDetective.tkape
  • KAPE/Targets/Compound/UsenetClients.tkape
  • KAPE/Targets/Compound/VMware.tkape
  • KAPE/Targets/Compound/VirtualBox.tkape
  • KAPE/Targets/Compound/WSL.tkape
  • KAPE/Targets/Compound/WebBrowsers.tkape
  • KAPE/Targets/Compound/WebServers.tkape
  • KAPE/Targets/CompoundTargetGuide.guide
  • KAPE/Targets/CompoundTargetTemplate.template
  • KAPE/Targets/Logs/ApacheAccessLog.tkape
  • KAPE/Targets/Logs/IISLogFiles.tkape
  • KAPE/Targets/Logs/MSSQLErrorLog.tkape
  • KAPE/Targets/Logs/ManageEngineLogs.tkape
  • KAPE/Targets/Logs/NGINXLogs.tkape
  • KAPE/Targets/Logs/PowerShellConsole.tkape
  • KAPE/Targets/P2P/BitTorrent.tkape
  • KAPE/Targets/P2P/DC++.tkape
  • KAPE/Targets/P2P/Freenet.tkape
  • KAPE/Targets/P2P/FrostWire.tkape
  • KAPE/Targets/P2P/Gigatribe.tkape
  • KAPE/Targets/P2P/NZBGet.tkape
  • KAPE/Targets/P2P/NewsbinPro.tkape
  • KAPE/Targets/P2P/Newsleecher.tkape
  • KAPE/Targets/P2P/Nicotine++.tkape
  • KAPE/Targets/P2P/SABnbzd.tkape
  • KAPE/Targets/P2P/Shareaza.tkape
  • KAPE/Targets/P2P/Soulseek.tkape
  • KAPE/Targets/P2P/Torrents.tkape
  • KAPE/Targets/P2P/Usenet.tkape
  • KAPE/Targets/P2P/qBittorrent.tkape
  • KAPE/Targets/P2P/uTorrent.tkape
  • KAPE/Targets/TargetGuide.guide
  • KAPE/Targets/TargetTemplate.template
  • KAPE/Targets/Windows/$Boot.tkape
  • KAPE/Targets/Windows/$J.tkape
  • KAPE/Targets/Windows/$LogFile.tkape
  • KAPE/Targets/Windows/$MFT.tkape
  • KAPE/Targets/Windows/$MFTMirr.tkape
  • KAPE/Targets/Windows/$SDS.tkape
  • KAPE/Targets/Windows/$T.tkape
  • KAPE/Targets/Windows/Amcache.tkape
  • KAPE/Targets/Windows/ApplicationEvents.tkape
  • KAPE/Targets/Windows/AssetAdvisorLog.tkape
  • KAPE/Targets/Windows/BCD.tkape
  • KAPE/Targets/Windows/BITS.tkape
  • KAPE/Targets/Windows/CertUtil.tkape
  • KAPE/Targets/Windows/EncapsulationLogging.tkape
  • KAPE/Targets/Windows/EventLogs-RDP.tkape
  • KAPE/Targets/Windows/EventLogs.tkape
  • KAPE/Targets/Windows/EventTraceLogs.tkape
  • KAPE/Targets/Windows/EventTranscriptDB.tkape
  • KAPE/Targets/Windows/GroupPolicy.tkape
  • KAPE/Targets/Windows/LNKFilesAndJumpLists.tkape
  • KAPE/Targets/Windows/LinuxOnWindowsProfileFiles.tkape
  • KAPE/Targets/Windows/LogFiles.tkape
  • KAPE/Targets/Windows/MOF.tkape
  • KAPE/Targets/Windows/MemoryFiles.tkape
  • KAPE/Targets/Windows/OfficeAutosave.tkape
  • KAPE/Targets/Windows/OfficeDiagnostics.tkape
  • KAPE/Targets/Windows/OfficeDocumentCache.tkape
  • KAPE/Targets/Windows/Prefetch.tkape
  • KAPE/Targets/Windows/RDPCache.tkape
  • KAPE/Targets/Windows/RDPLogs.tkape
  • KAPE/Targets/Windows/RecentFileCache.tkape
  • KAPE/Targets/Windows/RecycleBin_DataFiles.tkape
  • KAPE/Targets/Windows/RecycleBin_InfoFiles.tkape
  • KAPE/Targets/Windows/RegistryHivesOther.tkape
  • KAPE/Targets/Windows/RegistryHivesSystem.tkape
  • KAPE/Targets/Windows/RegistryHivesUser.tkape
  • KAPE/Targets/Windows/RoamingProfile.tkape
  • KAPE/Targets/Windows/SDB.tkape
  • KAPE/Targets/Windows/SRUM.tkape
  • KAPE/Targets/Windows/SUM.tkape
  • KAPE/Targets/Windows/ScheduledTasks.tkape
  • KAPE/Targets/Windows/SignatureCatalog.tkape
  • KAPE/Targets/Windows/SnipAndSketch.tkape
  • KAPE/Targets/Windows/StartupFolders.tkape
  • KAPE/Targets/Windows/StartupInfo.tkape
  • KAPE/Targets/Windows/Syscache.tkape
  • KAPE/Targets/Windows/ThumbCache.tkape
  • KAPE/Targets/Windows/USBDevicesLogs.tkape
  • KAPE/Targets/Windows/VirtualDisks.tkape
  • KAPE/Targets/Windows/WBEM.tkape
  • KAPE/Targets/Windows/WER.tkape
  • KAPE/Targets/Windows/WSA/WindowsSubsystemforAndroid.tkape
  • KAPE/Targets/Windows/WSL/Debian.tkape
  • KAPE/Targets/Windows/WSL/Kali.tkape
  • KAPE/Targets/Windows/WSL/SUSELinuxEnterpriseServer.tkape
  • KAPE/Targets/Windows/WSL/Ubuntu.tkape
  • KAPE/Targets/Windows/WSL/openSUSE.tkape
  • KAPE/Targets/Windows/WindowsFirewall.tkape
  • KAPE/Targets/Windows/WindowsIndexSearch.tkape
  • KAPE/Targets/Windows/WindowsNotificationsDB.tkape
  • KAPE/Targets/Windows/WindowsOSUpgradeArtifacts.tkape
  • KAPE/Targets/Windows/WindowsPowerDiagnostics.tkape
  • KAPE/Targets/Windows/WindowsTelemetryDiagnosticsLegacy.tkape
  • KAPE/Targets/Windows/WindowsTimeline.tkape
  • KAPE/Targets/Windows/XPRestorePoints.tkape
  • KAPE/gkape.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KAPE/kape.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections