Analysis Overview
SHA256
5fadbda0ea0c5131c649991dc0e4115d069d01d7d8bd75ae9ef531b533826c5b
Threat Level: Known bad
The file MidnightExploit.exe was found to be: Known bad.
Malicious Activity Summary
xmrig
XMRig Miner payload
Creates new service(s)
Stops running service(s)
UPX packed file
Executes dropped EXE
Suspicious use of SetThreadContext
Launches sc.exe
Unsigned PE
Enumerates physical storage devices
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-27 18:17
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-27 18:17
Reported
2024-05-27 18:19
Platform
win11-20240426-en
Max time kernel
18s
Max time network
103s
Command Line
Signatures
xmrig
XMRig Miner payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Creates new service(s)
Stops running service(s)
Executes dropped EXE
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 1632 set thread context of 1444 | N/A | C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe | C:\Windows\system32\conhost.exe |
| PID 1632 set thread context of 2952 | N/A | C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe | C:\Windows\system32\svchost.exe |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
Enumerates physical storage devices
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeLockMemoryPrivilege | N/A | C:\Windows\system32\svchost.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe delete "BIRRWQAG"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe create "BIRRWQAG" binpath= "C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe" start= "auto"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "BIRRWQAG"
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\svchost.exe
svchost.exe
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "BIRRWQAG"
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "BIRRWQAG"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "BIRRWQAG"
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "BIRRWQAG"
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "BIRRWQAG"
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "BIRRWQAG"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "BIRRWQAG"
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "BIRRWQAG"
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\ProgramData\ojfgpqbyfrxz\brjytxsqojcm.exe
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
"C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe"
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
"C:\Users\Admin\AppData\Local\Temp\Midknight.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | pool.hashvault.pro | udp |
| DE | 95.179.241.203:80 | pool.hashvault.pro | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Midknight.exe
| MD5 | ce742c0be41d7a48d9ba3f16e85b6979 |
| SHA1 | fe3ffbf9a8c39c754bcaeb8d97cebd7c9a86feab |
| SHA256 | 47e6294028ff4e224c3697e36aa6dd2b1e7b0a2632cd21a044020aaae2c61ffe |
| SHA512 | cdf51aa574b0bc069f8f5b8975b83b33ae3fb3767e5e4e8caabf5438a04f10d78c58ed2e1378692886cc2f3c7312ee8d09efe9f85f530b96ad65667a92cee521 |
C:\Users\Admin\AppData\Local\Temp\MidnightExploit.exe
| MD5 | 8f77f3354edbdb2b36c8664b42c9d996 |
| SHA1 | 862131825b0a392b96ac8e44d1aefb7da1332eef |
| SHA256 | 5fadbda0ea0c5131c649991dc0e4115d069d01d7d8bd75ae9ef531b533826c5b |
| SHA512 | aea25ff9a3795e940df86ad5b83ff367d6933bbe4db397f2d9febb0e7e7ecb8a96f667aadbeab5aeeb7f6d2bad26e590f509f512c733b25dc942b2605f0c0ed9 |
memory/2952-80-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-81-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-90-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-91-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-93-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-94-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-92-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-88-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-86-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-89-0x0000021C6B580000-0x0000021C6B5A0000-memory.dmp
memory/2952-87-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-85-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-82-0x0000000140000000-0x0000000140848000-memory.dmp
memory/1444-79-0x0000000140000000-0x000000014000D000-memory.dmp
memory/1444-76-0x0000000140000000-0x000000014000D000-memory.dmp
memory/1444-75-0x0000000140000000-0x000000014000D000-memory.dmp
memory/1444-74-0x0000000140000000-0x000000014000D000-memory.dmp
memory/1444-73-0x0000000140000000-0x000000014000D000-memory.dmp
memory/1444-72-0x0000000140000000-0x000000014000D000-memory.dmp
C:\Windows\Temp\vxmbqahwlaud.sys
| MD5 | 0c0195c48b6b8582fa6f6373032118da |
| SHA1 | d25340ae8e92a6d29f599fef426a2bc1b5217299 |
| SHA256 | 11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5 |
| SHA512 | ab28e99659f219fec553155a0810de90f0c5b07dc9b66bda86d7686499fb0ec5fddeb7cd7a3c5b77dccb5e865f2715c2d81f4d40df4431c92ac7860c7e01720d |
memory/2952-115-0x0000000140000000-0x0000000140848000-memory.dmp
memory/2952-116-0x0000000140000000-0x0000000140848000-memory.dmp