Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
24s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
13/03/2024, 10:45
General
-
Target
c5ad35303d1ffad33cc1e0149b9944df.exe
-
Size
45KB
-
MD5
c5ad35303d1ffad33cc1e0149b9944df
-
SHA1
fc4a3308f089804f24adaa0852ab57ac8e2b13d4
-
SHA256
44310c7190866c75e9e1b11adf2e5024ea48c90230b6737e5aca7d6667600f57
-
SHA512
457a82a5f8d9f065cf819901bdcdeae90d5cec8ec6d191c9b4b717f7417b937c17d5c66ca62125a8284d857420182a66bf1b101ea454cd62aafd0eac6435bea3
-
SSDEEP
768:QLQYBHWBRmiYlg+RA+sT4+AxHelme8IdezhYvl62MzXO40jc07wNR:vYloR5l+RXshGHel8+vDMb10c
Score
7/10
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 48 IoCs
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE 48 IoCs
-
UPX packed file 64 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application 2 TTPs 48 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Runs net.exe
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c5ad35303d1ffad33cc1e0149b9944df.exe"C:\Users\Admin\AppData\Local\Temp\c5ad35303d1ffad33cc1e0149b9944df.exe"1⤵
- Checks computer location settings
- Adds Run key to start application
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess3⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"2⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess3⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess4⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"3⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess4⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess5⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"4⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess5⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess6⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"5⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess6⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess7⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"6⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess7⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess8⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"7⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess8⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess9⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"8⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess9⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess10⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"9⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess10⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess11⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"10⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess11⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess12⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"11⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess12⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess13⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"12⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess13⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess14⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"13⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess14⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess15⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"14⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess15⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess16⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"15⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess16⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess17⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"16⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess17⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess18⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"17⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess18⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess19⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"18⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess19⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess20⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"19⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess20⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV121⤵
-
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess21⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"20⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess21⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess22⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"21⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess22⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess23⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"22⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess23⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess24⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"23⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess24⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess25⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"24⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess25⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess26⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"25⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess26⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess27⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"26⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess27⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess28⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"27⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess28⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess29⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"28⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess29⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess30⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"29⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess30⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess31⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"30⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess31⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess32⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"31⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess32⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess33⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"32⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess33⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess34⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"33⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess34⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess35⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"34⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess35⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess36⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"35⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess36⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess37⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"36⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess37⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess38⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"37⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess38⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess39⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"38⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess39⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess40⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"39⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess40⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess41⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"40⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess41⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess42⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"41⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess42⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess43⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"42⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess43⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV144⤵
-
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess44⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"43⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess44⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV145⤵
-
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess45⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"44⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess45⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess46⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"45⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess46⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess47⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"46⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess47⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess48⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"47⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess48⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV149⤵
-
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess49⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"48⤵
- Checks computer location settings
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess49⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess50⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"49⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess50⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess51⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"50⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess51⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess52⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"51⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess52⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV153⤵
-
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess53⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"52⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess53⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess54⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"53⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess54⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess55⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"54⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess55⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV156⤵
-
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess56⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"55⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess56⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess57⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"56⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess57⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess58⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"57⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess58⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess59⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"58⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess59⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess60⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"59⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess60⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess61⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"60⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess61⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess62⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"61⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess62⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess63⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"62⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess63⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess64⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"63⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess64⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess65⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"64⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess65⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess66⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"65⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess66⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess67⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"66⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess67⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess68⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"67⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess68⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess69⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"68⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess69⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess70⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"69⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess70⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess71⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"70⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess71⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess72⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"71⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess72⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess73⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"72⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess73⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess74⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"73⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess74⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV175⤵
-
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess75⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"74⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess75⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess76⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"75⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess76⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess77⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"76⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess77⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess78⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"77⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess78⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess79⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"78⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess79⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess80⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"79⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess80⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess81⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"80⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess81⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess82⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"81⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess82⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess83⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"82⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess83⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess84⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"83⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess84⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess85⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"84⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess85⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess86⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"85⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess86⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess87⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"86⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess87⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess88⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"87⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess88⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess89⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"88⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess89⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess90⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"89⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess90⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess91⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"90⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess91⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess92⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"91⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess92⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess93⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"92⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess93⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess94⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"93⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess94⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess95⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"94⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess95⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV196⤵
-
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess96⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"95⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess96⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess97⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"96⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess97⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess98⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"97⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess98⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess99⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"98⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess99⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess100⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"99⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess100⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess101⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"100⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess101⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess102⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"101⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess102⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess103⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"102⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess103⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess104⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"103⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess104⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess105⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"104⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess105⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess106⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"105⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess106⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess107⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"106⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess107⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess108⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"107⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess108⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess109⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"108⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess109⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess110⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"109⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess110⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess111⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"110⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess111⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess112⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"111⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess112⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess113⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"112⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess113⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess114⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"113⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess114⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess115⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"114⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess115⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess116⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"115⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess116⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess117⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"116⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess117⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess118⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"117⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess118⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess119⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"118⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess119⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess120⤵
-
-
-
C:\Program Files\Internet Explorer\SPLOPE.exe"C:\Program Files\Internet Explorer\SPLOPE.exe"119⤵
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" stop sharedaccess120⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 stop sharedaccess121⤵
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-