Static

static

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SDU.zip

  • Size

    110.7MB

  • MD5

    666e91e7a25faa19d351852288249fcd

  • SHA1

    97ec9faff4af517d59519c1af467e05b669d4e90

  • SHA256

    23158be98194e1145e33539ee5a768f9fa251b380b7820e7be42d69b0030804f

  • SHA512

    6be825bf6154d64afbabaccaa24220d92744976cf91af6b33fb3046485c3af98f6da0124bb3bc47c71aee717b60ab8561239885b2f99f1285c6f55972e9e0f97

  • SSDEEP

    3145728:ZWlJCSMkGUM43Wn2S+O517xqOPZvVv+GNbRG:ZK6E3ZSD706xVv+GlRG

Score
1/10

Malware Config

Signatures

Files

  • SDU.zip
    .zip
  • Program Files (x86)/Sophos/AutoUpdate/integrity.dat
  • Program Files (x86)/Sophos/Health/integrity.dat
  • Program Files (x86)/Sophos/Management Communications System/Endpoint/integrity.dat
  • Program Files (x86)/Sophos/Sophos Diagnostic Utility/integrity.dat
  • Program Files/Sophos/Clean/integrity.dat
  • Program Files/Sophos/Endpoint Defense/integrity.dat
  • Program Files/Sophos/Endpoint Firewall/integrity.dat
  • Program Files/Sophos/Endpoint Self Help/integrity.dat
  • Program Files/Sophos/File Integrity Monitoring/integrity.dat
  • Program Files/Sophos/Live Query/integrity.dat
  • Program Files/Sophos/Live Terminal/integrity.dat
  • Program Files/Sophos/Sophos Endpoint Agent/integrity.dat
  • Program Files/Sophos/Sophos File Scanner/integrity.dat
  • Program Files/Sophos/Sophos ML Engine/integrity.dat
  • Program Files/Sophos/Sophos Network Threat Protection/integrity.dat
  • Program Files/Sophos/Sophos Standalone Engine/integrity.dat
  • Program Files/Sophos/Sophos UI/integrity.dat
  • ProgramData/Sophos/AutoUpdate/Logs/SophosUpdate.1.log
  • ProgramData/Sophos/AutoUpdate/Logs/SophosUpdate.2.log
  • ProgramData/Sophos/AutoUpdate/Logs/SophosUpdate.3.log
  • ProgramData/Sophos/AutoUpdate/Logs/SophosUpdate.4.log
  • ProgramData/Sophos/AutoUpdate/Logs/SophosUpdate.5.log
  • ProgramData/Sophos/AutoUpdate/Logs/SophosUpdate.log
  • ProgramData/Sophos/AutoUpdate/Logs/su-repair.log
  • ProgramData/Sophos/AutoUpdate/Logs/susvc.1.log
  • ProgramData/Sophos/AutoUpdate/Logs/susvc.log
  • ProgramData/Sophos/Clean/Logs/Clean.log
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv.1
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv.10
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv.2
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv.3
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv.4
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv.5
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv.6
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv.7
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv.8
  • ProgramData/Sophos/Endpoint Defense/Logs/Perf/SedPerformance.csv.9
  • ProgramData/Sophos/Endpoint Defense/Logs/SSP.log
  • ProgramData/Sophos/Endpoint Defense/Logs/sam.log
  • ProgramData/Sophos/Endpoint Defense/Logs/sed.log
  • ProgramData/Sophos/Endpoint Defense/Logs/sed1.log
  • ProgramData/Sophos/Endpoint Defense/Logs/sed2.log
  • ProgramData/Sophos/Endpoint Defense/Logs/sed3.log
  • ProgramData/Sophos/Endpoint Defense/Logs/sed4.log
  • ProgramData/Sophos/Endpoint Defense/Logs/seds.log
  • ProgramData/Sophos/Endpoint Defense/Logs/seds1.log
  • ProgramData/Sophos/Endpoint Defense/Logs/sna.log
  • ProgramData/Sophos/Endpoint Firewall/Logs/Endpoint Firewall.log
  • ProgramData/Sophos/File Integrity Monitoring/Logs/SophosFIM.txt
  • ProgramData/Sophos/Health/Logs/Health.log
  • ProgramData/Sophos/Heartbeat/Logs/Heartbeat.1.log
  • ProgramData/Sophos/Heartbeat/Logs/Heartbeat.log
  • ProgramData/Sophos/Live Query/Logs/SophosLiveQueryService.1.log
  • ProgramData/Sophos/Live Query/Logs/SophosLiveQueryService.2.log
  • ProgramData/Sophos/Live Query/Logs/SophosLiveQueryService.log
  • ProgramData/Sophos/Live Query/Logs/SophosMTRExtension.log
  • ProgramData/Sophos/Live Query/Logs/SophosOsquery.1.log
  • ProgramData/Sophos/Live Query/Logs/SophosOsquery.2.log
  • ProgramData/Sophos/Live Query/Logs/SophosOsquery.3.log
  • ProgramData/Sophos/Live Query/Logs/SophosOsquery.4.log
  • ProgramData/Sophos/Live Query/Logs/SophosOsquery.5.log
  • ProgramData/Sophos/Live Query/Logs/SophosOsquery.log
  • ProgramData/Sophos/Live Query/Logs/SophosOsqueryExtension.log
  • ProgramData/Sophos/Live Terminal/Logs/LiveTerminal.log
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/AGENT.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/ALC.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/ALC1.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/APPSPROXY.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-06646f5922c043f9faf7a54de6f9e8e33b01f87ef4cc6ead454bc1d78dbc9a31
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-290d4a964de956c2cd86b0fbb4f70f2681d31fedd8f601a32266ab9447c8f6bb
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-3e6c42578f6710163736db7fe5b18243c141c358a607baa2f686b0eb9fc38f3d
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-49998a2097a536a8bbed8516cdcf6c71458000889e2a979057b36edef040f154
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-6e4d52d03353c231eb0f8506b412a9bce6d3f991fd26b132425e92ebe4221d31
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-6fda562e867109d52667144177c1a0ddabbf98a8b964ae2777fe665544d77229
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-9132b0f1c565a6c64f15175e7349be396824d37c45bf49af806c55472c888eda
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-979f51b17cb2337cb88bc5270b9614e041a03c8463905279be62b0e30b478b79
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-9cd21edcdd43e8c9c0e8b23fd2dfa3253081a4731c2c5db6643e42eac602798e
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-a7e09e77fd6d9b04d4c18814ba6fccc44e6655c35e4ac2e7c1040a8d2428235d
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-bd2c8be0fdae89ffaa713d4efa46d0439e2ac8c03a7c589735ad48ecc14f3306
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-c72954840924410d4a893b345d700d0b694c6f93eda53c46b4c4c0feaa38fa15
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-cbc4779ec74cc02ba56c866845b2902e695521a60029809fe83543d9bea0873a
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-cc831bcb3ef021de072a18a94fec1a446465d16812b1b627199d4d22f267fac3
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37-d3adb79341d096535ebef63e141223aaa54f2be5ab99852c5ee495a90c5a3245
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORC37.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORE.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/CORE36.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/EFW.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/FIM.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-3bfc83db177ea67dc617c7abd0cebd16fcb4d29ede4f4a8996304239fae2c55c
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-42ae2e96e057620f319cc567581c1866382cf16f1435b315581bcfaa2102718c
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-477c1e80b44542af313ac863a1e5bc15a60e092dce7498d3ba746f876e09c92c
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-58c39b07a69c516bdbebdd2c6432c7271c9bf9282b406a11c402bb8a1337cb45
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-5f43fc47baaa20246ad037e5197aa072bd21a1db9cb7ea86b33fb36466656655
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-5f918641c9298bf04107d2f902951c672b44cb3724c44e1db67f5f237f90b11e
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-796331bd581e9c418ad04b8f2da11a282310d2fe528828b6ca91ac8c13502995
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-79d9bed81507bebae2574180030ab36d9847bb3bf46831bc1c5559c3f87149d2
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-a96834065c62d9f306557100e20f3ebfdcfef40fef713c4cde5d9c342c32916c
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-b1c7f27e81dc8ea082621086c27c3e73f224a4eac3e721fc3f38e6fc4b416333
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-dd53ba7a3930fa1a5f0a78420372de849c02243f3dbcef83d913838092acd9eb
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27-eb88edb6e72261f6e16bc72a8b763602c9f8fbbde431a89ba3e7cb3c8e9d3738
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HBT27.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HMPA.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/HMPA30.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/LiveQuery.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/LiveQuery56.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/MCS.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/MCS25.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/MDR.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/MDR54.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/NTP.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/NTP24.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV-56f5394a1cbc7e1468a84157aff709cc5ef30634596b5ee615293a59c100f52d
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV-90ca36f33b194a311fa05c9511bae06c39a8fff4471843cca55bc1d332eb508c
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV-b760109f02c2236871e8c2260d191bb2cfdabd7b8c4791d37c8dd91f0e52f56d
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV-bd808fd5533fd1e6719b07e88cf00de5b7e7a5c0fe9dee04cb3ce47452b990dd
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV-d29d289f1640872307750e6db5a2852b7e54dfcde005bb434a6b4dee06b4fa6b
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV-db39d18a2122a08c000dddfe4892e58e369f5854fd3095dbcdd9bae7caa68f0e
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV-eeb3542e7d363c91a4167f59dd1e07123327e96f5a7ad42caf04c68a5cd69f57
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV-febce58e6aaf4704ef0527bf2a2d0901ce9776e6abe2d0285ec150f4a57c80d0
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV.status
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV15-56f5394a1cbc7e1468a84157aff709cc5ef30634596b5ee615293a59c100f52d
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV15-90ca36f33b194a311fa05c9511bae06c39a8fff4471843cca55bc1d332eb508c
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV15-b760109f02c2236871e8c2260d191bb2cfdabd7b8c4791d37c8dd91f0e52f56d
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV15-bd808fd5533fd1e6719b07e88cf00de5b7e7a5c0fe9dee04cb3ce47452b990dd
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV15-d29d289f1640872307750e6db5a2852b7e54dfcde005bb434a6b4dee06b4fa6b
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV15-db39d18a2122a08c000dddfe4892e58e369f5854fd3095dbcdd9bae7caa68f0e
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV15-eeb3542e7d363c91a4167f59dd1e07123327e96f5a7ad42caf04c68a5cd69f57
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV15-febce58e6aaf4704ef0527bf2a2d0901ce9776e6abe2d0285ec150f4a57c80d0
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV15.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV16.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV19.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Cache/SAV2.policy
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Config/Config.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Config/MessageRelayConfig.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Flags/cepw8srv.json
  • ProgramData/Sophos/Management Communications System/Endpoint/Flags/cixw8srv.json
  • ProgramData/Sophos/Management Communications System/Endpoint/Logs/McsAgent.log
  • ProgramData/Sophos/Management Communications System/Endpoint/Logs/McsClient.1.log
  • ProgramData/Sophos/Management Communications System/Endpoint/Persist/Adapters
  • ProgramData/Sophos/Management Communications System/Endpoint/Persist/Credentials
  • ProgramData/Sophos/Management Communications System/Endpoint/Persist/CustomerIdentifier.txt
  • ProgramData/Sophos/Management Communications System/Endpoint/Persist/Endpoint.jwt
  • ProgramData/Sophos/Management Communications System/Endpoint/Persist/EndpointIdentity.txt
  • ProgramData/Sophos/Management Communications System/Endpoint/Persist/PreferredServer
  • ProgramData/Sophos/Management Communications System/Endpoint/Persist/PushServer
  • ProgramData/Sophos/Management Communications System/Endpoint/Persist/centralFlags.json
  • ProgramData/Sophos/Management Communications System/Endpoint/Persist/mcsAgentData.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Persist/mcsAgentTelemetry.json
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Map_CommandRoutingOverride.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Map_CommandTypeToAdapter.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Map_EventTypeToAdapter.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Map_FeatureToAdapters.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Map_PolicyTypeToApp.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Map_PolicyValuesForState.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Map_VirtualAdapters.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_ApplicationControl.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_Authority.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_Communication.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_DataControl.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_DeviceControl.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_Driver.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_ExtensionPoints.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_Legacy.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_Monitoring.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_NetworkPerimeter.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_ThreatProtection.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_Updating.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_UserInterface.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Policy_WebControl.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Status_LiveQuery.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Status_MR.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Status_NTP.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Status_SAV.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Status_SWC.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Status_UC.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Status_UI.xml
    .xml
  • ProgramData/Sophos/Management Communications System/Endpoint/Rules/Status_ZTNA.xml
    .xml
  • ProgramData/Sophos/Safestore/Logs/Safestore.log
  • ProgramData/Sophos/Sophos File Scanner/Logs/SophosFS.log
  • ProgramData/Sophos/Sophos File Scanner/Logs/SophosFileScanner.log
  • ProgramData/Sophos/Sophos Network Threat Protection/Logs/SntpService.1.log
  • ProgramData/Sophos/Sophos Network Threat Protection/Logs/SntpService.2.log
  • ProgramData/Sophos/Sophos Network Threat Protection/Logs/SntpService.3.log
  • ProgramData/Sophos/Sophos Network Threat Protection/Logs/SntpService.4.log
  • ProgramData/Sophos/Sophos Network Threat Protection/Logs/SntpService.5.log
  • ProgramData/Sophos/Sophos Network Threat Protection/Logs/SntpService.log
  • ProgramData/Sophos/Sophos Network Threat Protection/Logs/SophosNetFilter.log
  • ProgramData/Sophos/Sophos UI/Logs/SophosUI.Net.0.log
  • ProgramData/Sophos/Sophos UI/Logs/SophosUI.Net.1.log
  • ProgramData/Sophos/Sophos UI/Logs/SophosUI.Net.2.log
  • ProgramData/Sophos/Sophos UI/Logs/SophosUI.Net.3.log
  • ProgramData/Sophos/Sophos UI/Logs/SophosUI.Net.4.log
  • ProgramData/Sophos/Sophos UI/Logs/SophosUI.Net.5.log
  • ProgramData/Sophos/Sophos UI/Logs/SophosUI.Net.6.log
  • ProgramData/Sophos/Sophos UI/Logs/SophosUI.Net.log
  • REG-HKCR-ALL-shellex.xml
    .xml
  • REG-HKCR-Directory.xml
    .xml
  • REG-HKCR-Drive.xml
    .xml
  • REG-HKCR-Folder.xml
    .xml
  • REG-HKCU-Installer-Products.xml
    .xml
  • REG-HKCU-Software-MS-IE.xml
    .xml
  • REG-HKCU-Software-MS-WIN-IESettings.xml
    .xml
  • REG-HKCU-Software-Policies.xml
    .xml
  • REG-HKCU-Software-Sophos.xml
    .xml
  • REG-HKCU-Software-WindowsNT-CurrentVersion.xml
    .xml
  • REG-HKLM-Software-Classes-.exe.xml
    .xml
  • REG-HKLM-Software-Classes-Installer-Components.xml
    .xml
  • REG-HKLM-Software-Classes-Installer-Dependencies.xml
    .xml
  • REG-HKLM-Software-Classes-Installer-Features.xml
    .xml
  • REG-HKLM-Software-Classes-Installer-Patches.xml
    .xml
  • REG-HKLM-Software-Classes-Installer-Products.xml
    .xml
  • REG-HKLM-Software-Classes-Installer-UpgradeCodes.xml
    .xml
  • REG-HKLM-Software-Classes-exefile.xml
    .xml
  • REG-HKLM-Software-IE.xml
    .xml
  • REG-HKLM-Software-MS-Win-CVer-Auth.xml
    .xml
  • REG-HKLM-Software-MS-WinNT-CVer-AeDebug.xml
    .xml
  • REG-HKLM-Software-MS-WinNT-CVer-NetworkCards.xml
    .xml
  • REG-HKLM-Software-MS-WinNT-CVer-PerHwIdStorage.xml
    .xml
  • REG-HKLM-Software-MS-WinNT-CVer-ProductName.xml
    .xml
  • REG-HKLM-Software-MS-WinNT-CVer-Svchost.xml
    .xml
  • REG-HKLM-Software-MS-WinNT-CVer-SystemRestore.xml
    .xml
  • REG-HKLM-Software-MS-WinNT-CVer-Windows.xml
    .xml
  • REG-HKLM-Software-MS-WinNT-CVer.xml-Winlogon.xml
    .xml
  • REG-HKLM-Software-MSWin-CurrentVersion-DIFx.xml
    .xml
  • REG-HKLM-Software-MSWin-CurrentVersion-DIFxApp.xml
    .xml
  • REG-HKLM-Software-MSWin-CurrentVersion-Explorer.xml
    .xml
  • REG-HKLM-Software-MSWin-CurrentVersion-GroupPolicy.xml
    .xml
  • REG-HKLM-Software-MSWin-CurrentVersion-InternetSettings.xml
    .xml
  • REG-HKLM-Software-MSWin-CurrentVersion-Policies.xml
    .xml
  • REG-HKLM-Software-MSWin-CurrentVersion-Setup.xml
    .xml
  • REG-HKLM-Software-MSWin-CurrentVersion-WindowsUpdate.xml
    .xml
  • REG-HKLM-Software-Microsoft-DriverSigning.xml
    .xml
  • REG-HKLM-Software-Microsoft-NetworkAccessProtection.xml
    .xml
  • REG-HKLM-Software-Microsoft-RPC.xml
    .xml
  • REG-HKLM-Software-Microsoft-SecurityCenter.xml
    .xml
  • REG-HKLM-Software-Microsoft-Windows-CurrentVersion-ShellExt.xml
    .xml
  • REG-HKLM-Software-Policies.xml
    .xml
  • REG-HKLM-Software-Sophos.xml
    .xml
  • REG-HKLM-Software-Uninstall.xml
    .xml
  • REG-HKLM-System-Control-CrashControl.xml
    .xml
  • REG-HKLM-System-Control-FileSystem.xml
    .xml
  • REG-HKLM-System-Control-GroupOrderList.xml
    .xml
  • REG-HKLM-System-Control-LSA.xml
    .xml
  • REG-HKLM-System-Control-Network.xml
    .xml
  • REG-HKLM-System-Control-SecureBoot.xml
    .xml
  • REG-HKLM-System-Control-SessionManager.xml
    .xml
  • REG-HKLM-System-Control-Windows.xml
    .xml
  • REG-HKLM-System-Enum.xml
    .xml
  • REG-HKLM-System-Services.xml
    .xml
  • REG-Mal-Exeload.xml
    .xml
  • REG-Mal-HKLM-ImageFileExeOptions.xml
    .xml
  • REG-Mal-HKLM-Svchost.xml
    .xml
  • REG-Mal-HKLM-Windows.xml
    .xml
  • REG-Mal-IE.xml
    .xml
  • REG-Mal-Runkeys.xml
    .xml
  • SDU-DB-HELPLOGINS.txt
  • SDU-DB-SOPHOS-VER.txt
  • SDU-DB-SYSDBNAMES.txt
  • SDU-DB-VALIDATELOGINS.txt
  • SDU-ListFiles-CLEAN32-AllFiles.xml
    .xml
  • SDU-ListFiles-CLEAN64-AllFiles.xml
    .xml
  • SDU-ListFiles-DB-Backup-Files.xml
    .xml
  • SDU-ListFiles-Dumps.xml
    .xml
  • SDU-ListFiles-Envelopes.xml
    .xml
  • SDU-ListFiles-HMPA-AllFiles.xml
    .xml
  • SDU-ListFiles-MR-AllFiles.xml
    .xml
  • SDU-ListFiles-MSSQL32-DATA.xml
    .xml
  • SDU-ListFiles-MSSQL64-DATA.xml
    .xml
  • SDU-ListFiles-MTD-AllFiles.xml
    .xml
  • SDU-ListFiles-RMS-AdapterStorage.xml
    .xml
  • SDU-ListFiles-SAU-AllFiles-Native.xml
    .xml
  • SDU-ListFiles-SAU-AllFiles.xml
    .xml
  • SDU-ListFiles-SAV-AllFiles.xml
    .xml
  • SDU-ListFiles-SED-DataFiles.xml
    .xml
  • SDU-ListFiles-SED-PROGRAMFILES32.xml
    .xml
  • SDU-ListFiles-SED-PROGRAMFILES64.xml
    .xml
  • SDU-ListFiles-SGN-Import.xml
    .xml
  • SDU-ListFiles-SGN-MachCert.xml
    .xml
  • SDU-ListFiles-SLD-AllFiles.xml
    .xml
  • SDU-ListFiles-SophosCloudADSync.xml
    .xml
  • SDU-ListFiles-SophosPatchAgent-Assess.xml
    .xml
  • SDU-ListFiles-SophosPatchAgent-Results.xml
    .xml
  • SDU-ListFiles-SophosUI32-AllFiles.xml
    .xml
  • SDU-ListFiles-SophosUI64-AllFiles.xml
    .xml
  • SDU-ListFiles-System32-DRVSTORE.xml
    .xml
  • SDU-ListFiles-UC-AllFiles.xml
    .xml
  • SDU-ListFiles-WEBC-Keys.xml
    .xml
  • SDU-Mal-ListFiles-AppData.xml
    .xml
  • SDU-Mal-ListFiles-Local-AppData.xml
    .xml
  • SDU-Mal-ListFiles-systemdrive.xml
    .xml
  • SDU-Mal-ListFiles-usertemp.xml
    .xml
  • SDU-Mal-ListFiles-windir.xml
    .xml
  • SDU-Mal-ListFiles-windrivers.xml
    .xml
  • SDU-Mal-ListFiles-winsys32.xml
    .xml
  • SDU-Mal-ListFiles-wintemp.xml
    .xml
  • SDU-Mal-StartMenu-Startup.xml
    .xml
  • SDU-SophosReg-Native.reg
  • SDU-SophosReg-SysWOW.reg
  • SDU-SysInfo-AuditPol.txt
  • SDU-Sysinfo-ArpEntries.txt
  • SDU-Sysinfo-Bcdedit.txt
  • SDU-Sysinfo-Bootcfg.txt
  • SDU-Sysinfo-DrvQuery.csv
  • SDU-Sysinfo-EnvVariables.xml
    .xml
  • SDU-Sysinfo-FileAssoc.txt
  • SDU-Sysinfo-Ftype.txt
  • SDU-Sysinfo-Group-SophosAdministrator.txt
  • SDU-Sysinfo-Group-SophosConsoleAdministrators.txt
  • SDU-Sysinfo-Group-SophosConsolePowerUsers.txt
  • SDU-Sysinfo-Group-SophosDatabaseAdmins.txt
  • SDU-Sysinfo-Group-SophosDatabaseUsers.txt
  • SDU-Sysinfo-Group-SophosFullAdministrators.txt
  • SDU-Sysinfo-Group-SophosOnAccess.txt
  • SDU-Sysinfo-Group-SophosPowerUser.txt
  • SDU-Sysinfo-Group-SophosUser.txt
  • SDU-Sysinfo-Groups-Administrators.txt
  • SDU-Sysinfo-Groups-SophosConsoleServiceUsers.txt
  • SDU-Sysinfo-Groups.txt
  • SDU-Sysinfo-Http.txt
  • SDU-Sysinfo-IPConfig.txt
  • SDU-Sysinfo-LSPs.txt
  • SDU-Sysinfo-MSWin-Adv-Firewall.txt
  • SDU-Sysinfo-MSWin-Filters.xml
  • SDU-Sysinfo-MSWin-Firewall-Deprecated.txt
  • SDU-Sysinfo-NTFS-Permissions.txt
  • SDU-Sysinfo-NetOpenFiles.txt
  • SDU-Sysinfo-NetShares.txt
  • SDU-Sysinfo-NetStat.txt
  • SDU-Sysinfo-Netbios.txt
  • SDU-Sysinfo-RoutingTable.txt
  • SDU-Sysinfo-Systeminfo.txt
  • SDU-Sysinfo-Tasklist-Modules.csv
  • SDU-Sysinfo-Tasklist-services.csv
  • SDU-Sysinfo-Tasklist.csv
  • SDU-Sysinfo-User-All.txt
  • SDU-Sysinfo-fltmc-filters.txt
  • SDU-Sysinfo-fltmc-instances.txt
  • SDU-Sysinfo-fltmc-volumes.txt
  • SDU-Sysinfo-scqueryex.txt
  • SDU-Sysinfo-telemetry.json
  • SDU-WMIC-Drives.txt
  • SDU-WMIC-Env.txt
  • SDU-WMIC-LoadOrder.txt
  • SDU-WMIC-NICs.txt
  • SDU-WMIC-NetLogin.txt
  • SDU-WMIC-Partitions.txt
  • SDU-WMIC-Process.txt
  • SDU-WMIC-ProcessList.txt
  • SDU-WMIC-SecCenter-AV.txt
  • SDU-WMIC-SecCenter-FW.txt
  • SDU-WMIC-SecCenter2-AV.txt
  • SDU-WMIC-SecCenter2-FW.txt
  • SDU-WMIC-Startup.txt
  • SDU-WMIC-Win32_PnPSignedDriver.txt
  • SDU-WMIC-WindowsUpdates.txt
  • SDU-manage-bde.txt
  • Windows/Debug/NetSetup.LOG
  • Windows/Debug/mrt.log
  • Windows/Debug/netlogon.log
  • Windows/Inf/setupapi.dev.log
  • Windows/Inf/setupapi.setup.log
  • Windows/PFRO.log
  • Windows/System32/drivers/etc/networks
  • Windows/System32/drivers/etc/protocol
  • Windows/System32/drivers/etc/services
  • Windows/System32/winevt/Logs/Application.evtx
  • Windows/System32/winevt/Logs/Microsoft-Windows-PowerShell%4Operational.evtx
  • Windows/System32/winevt/Logs/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS%4Admin.evtx
  • Windows/System32/winevt/Logs/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS%4Operational.evtx
  • Windows/System32/winevt/Logs/Microsoft-Windows-TaskScheduler%4Operational.evtx
  • Windows/System32/winevt/Logs/Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx
  • Windows/System32/winevt/Logs/Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Operational.evtx
  • Windows/System32/winevt/Logs/Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
  • Windows/System32/winevt/Logs/Security.evtx
  • Windows/System32/winevt/Logs/System.evtx
  • Windows/System32/winevt/Logs/Windows PowerShell.evtx
  • Windows/WindowsUpdate.log
  • Windows/system.ini
  • Windows/system32/drivers/etc/hosts
  • Windows/win.ini
  • sduconfig.xml