Malware Analysis Report

2024-11-13 18:41

Sample ID 240711-qm9tnszhla
Target 394c814fd0a051c1b314f71c54d429d7_JaffaCakes118
SHA256 2916d8917eb29957c0fe9e728c6eb772d0d71ca943b3b17ca7893bfcbf13aed1
Tags
xtremerat persistence rat spyware upx
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

2916d8917eb29957c0fe9e728c6eb772d0d71ca943b3b17ca7893bfcbf13aed1

Threat Level: Known bad

The file 394c814fd0a051c1b314f71c54d429d7_JaffaCakes118 was found to be: Known bad.

Malicious Activity Summary

xtremerat persistence rat spyware upx

XtremeRAT

Detect XtremeRAT payload

Checks computer location settings

UPX packed file

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

Drops file in Program Files directory

Enumerates physical storage devices

Unsigned PE

Suspicious use of WriteProcessMemory

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-07-11 13:23

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-11 13:23

Reported

2024-07-11 13:26

Platform

win7-20240705-en

Max time kernel

150s

Max time network

123s

Command Line

"C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe"

Signatures

Detect XtremeRAT payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

XtremeRAT

persistence spyware rat xtremerat

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious use of SetThreadContext

Description Indicator Process Target
PID 484 set thread context of 2504 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 2240 set thread context of 2720 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 732 set thread context of 1684 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1476 set thread context of 2036 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2632 set thread context of 1596 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2920 set thread context of 2888 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1836 set thread context of 2552 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1896 set thread context of 892 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1760 set thread context of 1272 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2988 set thread context of 2016 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1704 set thread context of 1600 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2676 set thread context of 2868 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2648 set thread context of 2636 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 108 set thread context of 1816 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1636 set thread context of 1124 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1332 set thread context of 2224 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1612 set thread context of 2000 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 732 set thread context of 2868 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 924 set thread context of 844 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1528 set thread context of 1644 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 912 set thread context of 2224 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2620 set thread context of 2336 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2364 set thread context of 1336 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2224 set thread context of 2076 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1644 set thread context of 1684 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1968 set thread context of 2560 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3144 set thread context of 3160 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3280 set thread context of 3296 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3416 set thread context of 3432 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3552 set thread context of 3568 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3692 set thread context of 3708 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3828 set thread context of 3844 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3964 set thread context of 3980 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files (x86)\InstallDir\Server.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe N/A
File created C:\Program Files (x86)\InstallDir\Server.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe N/A

Enumerates physical storage devices

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 484 wrote to memory of 2504 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 484 wrote to memory of 2504 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 484 wrote to memory of 2504 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 484 wrote to memory of 2504 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 484 wrote to memory of 2504 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 484 wrote to memory of 2504 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 484 wrote to memory of 2504 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 484 wrote to memory of 2504 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 484 wrote to memory of 2504 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 2504 wrote to memory of 1988 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 1988 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 1988 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 1988 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 1988 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2476 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2476 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2476 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2476 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2476 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2472 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2472 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2472 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2472 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2472 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2080 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2080 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2080 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2080 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2080 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2652 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2652 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2652 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2652 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2652 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2792 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2792 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2792 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2792 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2792 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2760 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2760 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2760 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2760 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2504 wrote to memory of 2240 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2504 wrote to memory of 2240 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2504 wrote to memory of 2240 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2504 wrote to memory of 2240 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2240 wrote to memory of 2720 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2240 wrote to memory of 2720 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2240 wrote to memory of 2720 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2240 wrote to memory of 2720 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2240 wrote to memory of 2720 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2240 wrote to memory of 2720 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2240 wrote to memory of 2720 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2240 wrote to memory of 2720 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2240 wrote to memory of 2720 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2720 wrote to memory of 2724 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2720 wrote to memory of 2724 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 2720 wrote to memory of 2724 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files\Internet Explorer\iexplore.exe

Processes

C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe

"C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe"

C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

Network

N/A

Files

memory/2504-2-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/2504-6-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/2504-5-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/2504-4-0x0000000000C80000-0x0000000000C96000-memory.dmp

\Program Files (x86)\InstallDir\Server.exe

MD5 394c814fd0a051c1b314f71c54d429d7
SHA1 acfee59919253cc2cb6d34509ca48b69637847c5
SHA256 2916d8917eb29957c0fe9e728c6eb772d0d71ca943b3b17ca7893bfcbf13aed1
SHA512 9805c8b879ca86ab8225e1d10b24442ef75feda8c1044eb87c7a736530d6a8d51b7ee3f9af7869c6868d85a613720628ef9cc4b4dd6354f5891aa6113a7475f8

memory/2504-17-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/2720-28-0x0000000000C80000-0x0000000000C96000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\fa3FM.cfg

MD5 ea2abee352e209d80bfaf6f4645021be
SHA1 16704423ad798e65573892cd74be848401a5716d
SHA256 c8380982d1b40c5dfd79fe28334666571de2ba3296a1de01fe062ab87e63509d
SHA512 9c3c18eb0efabc64b13076d41aaf3048b2ac6277f16a47dca6dd3e80d4d60d5b1b473bbe90b0f78fafc2707ee53086ab892a8845d5847f630bdfb8babf91387b

memory/2720-30-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1684-39-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1684-42-0x0000000000C80000-0x0000000000C96000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-07-11 13:23

Reported

2024-07-11 13:26

Platform

win10v2004-20240704-en

Max time kernel

149s

Max time network

152s

Command Line

"C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe"

Signatures

Detect XtremeRAT payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

XtremeRAT

persistence spyware rat xtremerat

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\InstallDir\Server.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious use of SetThreadContext

Description Indicator Process Target
PID 4292 set thread context of 4180 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 3244 set thread context of 1948 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3548 set thread context of 5096 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1004 set thread context of 1932 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2912 set thread context of 1748 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3772 set thread context of 3504 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3512 set thread context of 2796 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 4696 set thread context of 4384 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2592 set thread context of 116 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 760 set thread context of 1652 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2820 set thread context of 2052 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1708 set thread context of 1040 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3808 set thread context of 3352 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2804 set thread context of 1628 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3092 set thread context of 2592 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3592 set thread context of 1560 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 672 set thread context of 3188 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 4512 set thread context of 3656 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3200 set thread context of 452 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 4876 set thread context of 4080 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 2316 set thread context of 232 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3684 set thread context of 1476 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 4736 set thread context of 4332 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1628 set thread context of 4068 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 632 set thread context of 4812 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3084 set thread context of 4560 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 4048 set thread context of 4360 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1012 set thread context of 2028 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1704 set thread context of 5112 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 4808 set thread context of 2688 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3684 set thread context of 3188 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 5124 set thread context of 5148 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\InstallDir\Server.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe N/A
File opened for modification C:\Program Files (x86)\InstallDir\Server.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe N/A

Enumerates physical storage devices

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A
N/A N/A C:\Program Files (x86)\InstallDir\Server.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4292 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 4292 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 4292 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 4292 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 4292 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 4292 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 4292 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 4292 wrote to memory of 4180 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe
PID 4180 wrote to memory of 4888 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4888 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4888 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4164 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4164 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4164 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 5020 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 5020 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 5020 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4944 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4944 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4944 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 1260 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 1260 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 1260 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4968 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4968 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 4968 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 1496 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 1496 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 1496 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 3344 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 3344 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4180 wrote to memory of 3244 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 4180 wrote to memory of 3244 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 4180 wrote to memory of 3244 N/A C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3244 wrote to memory of 1948 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3244 wrote to memory of 1948 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3244 wrote to memory of 1948 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3244 wrote to memory of 1948 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3244 wrote to memory of 1948 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3244 wrote to memory of 1948 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3244 wrote to memory of 1948 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 3244 wrote to memory of 1948 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\InstallDir\Server.exe
PID 1948 wrote to memory of 1660 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 1660 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 1660 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 3428 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 3428 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 3428 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 2868 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 2868 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 2868 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 4848 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 4848 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 4848 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 2364 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 2364 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 2364 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 692 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 692 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 692 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 924 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 924 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 924 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1948 wrote to memory of 2896 N/A C:\Program Files (x86)\InstallDir\Server.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe

"C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe"

C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\394c814fd0a051c1b314f71c54d429d7_JaffaCakes118.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\InstallDir\Server.exe

"C:\Program Files (x86)\InstallDir\Server.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 13.107.21.237:443 g.bing.com tcp
US 8.8.8.8:53 72.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 147.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 25.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 210.143.182.52.in-addr.arpa udp

Files

memory/4180-2-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/4180-4-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/4180-5-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/4180-6-0x0000000000C80000-0x0000000000C96000-memory.dmp

C:\Program Files (x86)\InstallDir\Server.exe

MD5 394c814fd0a051c1b314f71c54d429d7
SHA1 acfee59919253cc2cb6d34509ca48b69637847c5
SHA256 2916d8917eb29957c0fe9e728c6eb772d0d71ca943b3b17ca7893bfcbf13aed1
SHA512 9805c8b879ca86ab8225e1d10b24442ef75feda8c1044eb87c7a736530d6a8d51b7ee3f9af7869c6868d85a613720628ef9cc4b4dd6354f5891aa6113a7475f8

memory/4180-20-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1948-26-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1948-27-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1948-28-0x0000000000C80000-0x0000000000C96000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\fa3FM.cfg

MD5 ea2abee352e209d80bfaf6f4645021be
SHA1 16704423ad798e65573892cd74be848401a5716d
SHA256 c8380982d1b40c5dfd79fe28334666571de2ba3296a1de01fe062ab87e63509d
SHA512 9c3c18eb0efabc64b13076d41aaf3048b2ac6277f16a47dca6dd3e80d4d60d5b1b473bbe90b0f78fafc2707ee53086ab892a8845d5847f630bdfb8babf91387b

memory/1948-33-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/5096-38-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/5096-39-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1932-48-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1932-49-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1748-58-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1748-59-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/4384-89-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/4384-88-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1040-128-0x0000000000C80000-0x0000000000C96000-memory.dmp

memory/1040-129-0x0000000000C80000-0x0000000000C96000-memory.dmp