ardamax | f5bd7c5997a98ad3559e3623cf99985388e0d54d970dee47228310f8aedc33a9

Analysis

max time kernel
116s
max time network
121s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
16-12-2024 09:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Ardamax Keylogger 4.0.2 + Serial/setup_akl.exe
Size

3.7MB
MD5

95a6c69fbfd7e0d1ac7690a0f30bc9a5
SHA1

1fa1f827c8d071c1acf4febdecc6bb69fc7b88a4
SHA256

a194ad107256b7783b2b82f512468c44743f708e57f1784b4e89b817b39ae019
SHA512

c79ced7b3f1a23e1bbdb4c05b9e319312b5d7e0044759a4b6f4bb16407920ed1329a865f08a1f98811c76a47937b6ba9d9209bd46a5c8466aedab0f5b7a5e922
SSDEEP

98304:2IMVXIWgIfWo92sB9W17iq99DOQxrBa9KSQh4xCd5wGBhIRkfYha:2L44fW+jB9UiC97Z4KSjx0wyO

Score

10^/10

ardamax discovery keylogger persistence stealer

Malware Config

Signatures

Ardamax
A keylogger first seen in 2013.
keylogger stealer ardamax
Ardamax family
ardamax

Executes dropped EXE 64 IoCs

pid	Process
2388	FJS.exe
2868	FJS.exe
2748	FJS.exe
2532	FJS.exe
1968	FJS.exe
1272	FJS.exe
848	FJS.exe
2760	FJS.exe
2992	FJS.exe
2476	FJS.exe
1292	FJS.exe
2972	FJS.exe
2816	FJS.exe
2924	FJS.exe
880	FJS.exe
1632	FJS.exe
2288	FJS.exe
3060	FJS.exe
2880	FJS.exe
2808	FJS.exe
2576	FJS.exe
2556	FJS.exe
2348	FJS.exe
2248	FJS.exe
1364	FJS.exe
1036	FJS.exe
2828	FJS.exe
2976	FJS.exe
2284	FJS.exe
692	FJS.exe
1640	FJS.exe
788	FJS.exe
1408	FJS.exe
1424	FJS.exe
1516	FJS.exe
2388	FJS.exe
2660	FJS.exe
2108	FJS.exe
2524	FJS.exe
3020	FJS.exe
2308	FJS.exe
1576	FJS.exe
1540	FJS.exe
1720	FJS.exe
3000	FJS.exe
2148	FJS.exe
3016	FJS.exe
1504	FJS.exe
884	FJS.exe
980	FJS.exe
2212	FJS.exe
3036	FJS.exe
1520	FJS.exe
1568	FJS.exe
2724	FJS.exe
1848	FJS.exe
2536	FJS.exe
2424	FJS.exe
2740	FJS.exe
1976	FJS.exe
316	FJS.exe
1864	FJS.exe
2860	FJS.exe
1980	FJS.exe

Loads dropped DLL 64 IoCs

pid	Process
2156	setup_akl.exe
2388	FJS.exe
2128	setup_akl.exe
2868	FJS.exe
2128	setup_akl.exe
2664	setup_akl.exe
2748	FJS.exe
2748	FJS.exe
2424	setup_akl.exe
2532	FJS.exe
2532	FJS.exe
2980	setup_akl.exe
1968	FJS.exe
1968	FJS.exe
1272	FJS.exe
1272	FJS.exe
1996	setup_akl.exe
848	FJS.exe
848	FJS.exe
2760	FJS.exe
2760	FJS.exe
1032	setup_akl.exe
2992	FJS.exe
2992	FJS.exe
2764	setup_akl.exe
2476	FJS.exe
2476	FJS.exe
2764	setup_akl.exe
2180	setup_akl.exe
1292	FJS.exe
1052	setup_akl.exe
2972	FJS.exe
1008	setup_akl.exe
2816	FJS.exe
588	setup_akl.exe
2924	FJS.exe
1964	setup_akl.exe
880	FJS.exe
1428	setup_akl.exe
1632	FJS.exe
1768	setup_akl.exe
2288	FJS.exe
2448	setup_akl.exe
3060	FJS.exe
2108	setup_akl.exe
2880	FJS.exe
2832	setup_akl.exe
2808	FJS.exe
2840	setup_akl.exe
2576	FJS.exe
2732	setup_akl.exe
2556	FJS.exe
1876	setup_akl.exe
2348	FJS.exe
896	setup_akl.exe
2248	FJS.exe
308	setup_akl.exe
1364	FJS.exe
1884	setup_akl.exe
1036	FJS.exe
1452	setup_akl.exe
2828	FJS.exe
1708	setup_akl.exe
2976	FJS.exe

Adds Run key to start application 2 TTPs 64 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FJS Start = "C:\\ProgramData\\HQLGHD\\FJS.exe"	FJS.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FJS.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup_akl.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2388	FJS.exe
2388	FJS.exe
2868	FJS.exe
2868	FJS.exe
2748	FJS.exe
2748	FJS.exe
2532	FJS.exe
2532	FJS.exe
1968	FJS.exe
1968	FJS.exe
1272	FJS.exe
1272	FJS.exe
848	FJS.exe
848	FJS.exe
2760	FJS.exe
2760	FJS.exe
2992	FJS.exe
2992	FJS.exe
2476	FJS.exe
2476	FJS.exe
1292	FJS.exe
1292	FJS.exe
2972	FJS.exe
2972	FJS.exe
2816	FJS.exe
2816	FJS.exe
2924	FJS.exe
2924	FJS.exe
880	FJS.exe
880	FJS.exe
1632	FJS.exe
1632	FJS.exe
2288	FJS.exe
2288	FJS.exe
3060	FJS.exe
3060	FJS.exe
2880	FJS.exe
2880	FJS.exe
2808	FJS.exe
2808	FJS.exe
2576	FJS.exe
2576	FJS.exe
2556	FJS.exe
2556	FJS.exe
2248	FJS.exe
2248	FJS.exe
1036	FJS.exe
1036	FJS.exe
2976	FJS.exe
2976	FJS.exe
692	FJS.exe
692	FJS.exe
1640	FJS.exe
1640	FJS.exe
788	FJS.exe
788	FJS.exe
1408	FJS.exe
1408	FJS.exe
1424	FJS.exe
1424	FJS.exe
1516	FJS.exe
1516	FJS.exe
2388	FJS.exe
2388	FJS.exe

Suspicious use of FindShellTrayWindow 16 IoCs

pid	Process
2748	FJS.exe
2748	FJS.exe
2532	FJS.exe
2532	FJS.exe
1968	FJS.exe
1968	FJS.exe
1272	FJS.exe
1272	FJS.exe
848	FJS.exe
848	FJS.exe
2760	FJS.exe
2760	FJS.exe
2992	FJS.exe
2992	FJS.exe
2476	FJS.exe
2476	FJS.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
2748	FJS.exe
2748	FJS.exe
2532	FJS.exe
2532	FJS.exe
1968	FJS.exe
1968	FJS.exe
1272	FJS.exe
1272	FJS.exe
848	FJS.exe
848	FJS.exe
2760	FJS.exe
2760	FJS.exe
2992	FJS.exe
2992	FJS.exe
2476	FJS.exe
2476	FJS.exe

Suspicious use of SetWindowsHookEx 64 IoCs

pid	Process
2388	FJS.exe
2388	FJS.exe
2388	FJS.exe
2388	FJS.exe
2868	FJS.exe
2868	FJS.exe
2868	FJS.exe
2868	FJS.exe
2748	FJS.exe
2748	FJS.exe
2748	FJS.exe
2748	FJS.exe
2532	FJS.exe
2532	FJS.exe
2532	FJS.exe
2532	FJS.exe
1968	FJS.exe
1968	FJS.exe
1968	FJS.exe
1968	FJS.exe
1272	FJS.exe
1272	FJS.exe
1272	FJS.exe
1272	FJS.exe
848	FJS.exe
848	FJS.exe
848	FJS.exe
848	FJS.exe
2760	FJS.exe
2760	FJS.exe
2760	FJS.exe
2760	FJS.exe
2992	FJS.exe
2992	FJS.exe
2992	FJS.exe
2992	FJS.exe
2476	FJS.exe
2476	FJS.exe
2476	FJS.exe
2476	FJS.exe
1292	FJS.exe
1292	FJS.exe
1292	FJS.exe
1292	FJS.exe
2972	FJS.exe
2972	FJS.exe
2972	FJS.exe
2972	FJS.exe
2816	FJS.exe
2816	FJS.exe
2816	FJS.exe
2816	FJS.exe
2924	FJS.exe
2924	FJS.exe
2924	FJS.exe
2924	FJS.exe
880	FJS.exe
880	FJS.exe
880	FJS.exe
880	FJS.exe
1632	FJS.exe
1632	FJS.exe
1632	FJS.exe
1632	FJS.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2156 wrote to memory of 2388	2156	setup_akl.exe	30
PID 2156 wrote to memory of 2388	2156	setup_akl.exe	30
PID 2156 wrote to memory of 2388	2156	setup_akl.exe	30
PID 2156 wrote to memory of 2388	2156	setup_akl.exe	30
PID 2156 wrote to memory of 2128	2156	setup_akl.exe	31
PID 2156 wrote to memory of 2128	2156	setup_akl.exe	31
PID 2156 wrote to memory of 2128	2156	setup_akl.exe	31
PID 2156 wrote to memory of 2128	2156	setup_akl.exe	31
PID 2156 wrote to memory of 2128	2156	setup_akl.exe	31
PID 2156 wrote to memory of 2128	2156	setup_akl.exe	31
PID 2156 wrote to memory of 2128	2156	setup_akl.exe	31
PID 2128 wrote to memory of 2868	2128	setup_akl.exe	32
PID 2128 wrote to memory of 2868	2128	setup_akl.exe	32
PID 2128 wrote to memory of 2868	2128	setup_akl.exe	32
PID 2128 wrote to memory of 2868	2128	setup_akl.exe	32
PID 2128 wrote to memory of 344	2128	setup_akl.exe	33
PID 2128 wrote to memory of 344	2128	setup_akl.exe	33
PID 2128 wrote to memory of 344	2128	setup_akl.exe	33
PID 2128 wrote to memory of 344	2128	setup_akl.exe	33
PID 2128 wrote to memory of 344	2128	setup_akl.exe	33
PID 2128 wrote to memory of 344	2128	setup_akl.exe	33
PID 2128 wrote to memory of 344	2128	setup_akl.exe	33
PID 344 wrote to memory of 2736	344	setup_akl.exe	34
PID 344 wrote to memory of 2736	344	setup_akl.exe	34
PID 344 wrote to memory of 2736	344	setup_akl.exe	34
PID 344 wrote to memory of 2736	344	setup_akl.exe	34
PID 344 wrote to memory of 2736	344	setup_akl.exe	34
PID 344 wrote to memory of 2736	344	setup_akl.exe	34
PID 344 wrote to memory of 2736	344	setup_akl.exe	34
PID 2736 wrote to memory of 2664	2736	setup_akl.exe	35
PID 2736 wrote to memory of 2664	2736	setup_akl.exe	35
PID 2736 wrote to memory of 2664	2736	setup_akl.exe	35
PID 2736 wrote to memory of 2664	2736	setup_akl.exe	35
PID 2736 wrote to memory of 2664	2736	setup_akl.exe	35
PID 2736 wrote to memory of 2664	2736	setup_akl.exe	35
PID 2736 wrote to memory of 2664	2736	setup_akl.exe	35
PID 2664 wrote to memory of 2748	2664	setup_akl.exe	36
PID 2664 wrote to memory of 2748	2664	setup_akl.exe	36
PID 2664 wrote to memory of 2748	2664	setup_akl.exe	36
PID 2664 wrote to memory of 2748	2664	setup_akl.exe	36
PID 2664 wrote to memory of 2424	2664	setup_akl.exe	37
PID 2664 wrote to memory of 2424	2664	setup_akl.exe	37
PID 2664 wrote to memory of 2424	2664	setup_akl.exe	37
PID 2664 wrote to memory of 2424	2664	setup_akl.exe	37
PID 2664 wrote to memory of 2424	2664	setup_akl.exe	37
PID 2664 wrote to memory of 2424	2664	setup_akl.exe	37
PID 2664 wrote to memory of 2424	2664	setup_akl.exe	37
PID 2424 wrote to memory of 2532	2424	setup_akl.exe	38
PID 2424 wrote to memory of 2532	2424	setup_akl.exe	38
PID 2424 wrote to memory of 2532	2424	setup_akl.exe	38
PID 2424 wrote to memory of 2532	2424	setup_akl.exe	38
PID 2424 wrote to memory of 2980	2424	setup_akl.exe	39
PID 2424 wrote to memory of 2980	2424	setup_akl.exe	39
PID 2424 wrote to memory of 2980	2424	setup_akl.exe	39
PID 2424 wrote to memory of 2980	2424	setup_akl.exe	39
PID 2424 wrote to memory of 2980	2424	setup_akl.exe	39
PID 2424 wrote to memory of 2980	2424	setup_akl.exe	39
PID 2424 wrote to memory of 2980	2424	setup_akl.exe	39
PID 2980 wrote to memory of 1968	2980	setup_akl.exe	40
PID 2980 wrote to memory of 1968	2980	setup_akl.exe	40
PID 2980 wrote to memory of 1968	2980	setup_akl.exe	40
PID 2980 wrote to memory of 1968	2980	setup_akl.exe	40
PID 2980 wrote to memory of 2420	2980	setup_akl.exe	41
PID 2980 wrote to memory of 2420	2980	setup_akl.exe	41

C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
"C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2156
- C:\ProgramData\HQLGHD\FJS.exe
  "C:\ProgramData\HQLGHD\FJS.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:2388
- C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
  "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious use of WriteProcessMemory
  PID:2128
- - C:\ProgramData\HQLGHD\FJS.exe
    "C:\ProgramData\HQLGHD\FJS.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of SetWindowsHookEx
    PID:2868
- - C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
    "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:344
  - - C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
      "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
      4⤵
      Suspicious use of WriteProcessMemory
      PID:2736
    - - C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        5⤵
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2664
      - C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of SetWindowsHookEx
        
        PID:2748
      - C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        6⤵
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2424
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        7⤵
        Executes dropped EXE
        Loads dropped DLL
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of SetWindowsHookEx
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        7⤵
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2980
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        8⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of SetWindowsHookEx
        
        PID:1968
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        8⤵
        
        PID:2420
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        9⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of SetWindowsHookEx
        
        PID:1272
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        9⤵
        Loads dropped DLL
        
        PID:1996
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        10⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of SetWindowsHookEx
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        10⤵
        
        PID:1860
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        11⤵
        Executes dropped EXE
        Loads dropped DLL
        Adds Run key to start application
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of SetWindowsHookEx
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        11⤵
        Loads dropped DLL
        
        PID:1032
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        12⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of SetWindowsHookEx
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        12⤵
        Loads dropped DLL
        
        PID:2764
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        13⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of SetWindowsHookEx
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        13⤵
        Loads dropped DLL
        
        PID:2180
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        14⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of SetWindowsHookEx
        
        PID:1292
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        14⤵
        Loads dropped DLL
        
        PID:1052
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        15⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of SetWindowsHookEx
        
        PID:2972
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        15⤵
        Loads dropped DLL
        
        PID:1008
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        16⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of SetWindowsHookEx
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        16⤵
        Loads dropped DLL
        
        PID:588
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        17⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of SetWindowsHookEx
        
        PID:2924
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        17⤵
        Loads dropped DLL
        
        PID:1964
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        18⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of SetWindowsHookEx
        
        PID:880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        18⤵
        Loads dropped DLL
        
        PID:1428
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        19⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of SetWindowsHookEx
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        19⤵
        Loads dropped DLL
        
        PID:1768
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        20⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:2288
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        20⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2448
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        21⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:3060
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        21⤵
        Loads dropped DLL
        
        PID:2108
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        22⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        22⤵
        Loads dropped DLL
        
        PID:2832
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        23⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:2808
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        23⤵
        Loads dropped DLL
        
        PID:2840
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        24⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:2576
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        24⤵
        Loads dropped DLL
        
        PID:2732
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        25⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        25⤵
        Loads dropped DLL
        
        PID:1876
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        26⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        26⤵
        Loads dropped DLL
        
        PID:896
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        27⤵
        Executes dropped EXE
        Loads dropped DLL
        Adds Run key to start application
        Suspicious behavior: EnumeratesProcesses
        
        PID:2248
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        27⤵
        Loads dropped DLL
        
        PID:308
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        28⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1364
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        28⤵
        Loads dropped DLL
        
        PID:1884
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        29⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:1036
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        29⤵
        Loads dropped DLL
        
        PID:1452
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        30⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2828
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        30⤵
        Loads dropped DLL
        
        PID:1708
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        31⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:2976
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        31⤵
        
        PID:2756
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        32⤵
        Executes dropped EXE
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        32⤵
        
        PID:2764
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        33⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:692
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        33⤵
        
        PID:1280
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        34⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:1640
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        34⤵
        
        PID:980
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        35⤵
        Executes dropped EXE
        Adds Run key to start application
        Suspicious behavior: EnumeratesProcesses
        
        PID:788
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        35⤵
        
        PID:1008
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        36⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:1408
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        36⤵
        System Location Discovery: System Language Discovery
        
        PID:2916
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        37⤵
        Executes dropped EXE
        Adds Run key to start application
        Suspicious behavior: EnumeratesProcesses
        
        PID:1424
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        37⤵
        
        PID:2232
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        38⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        38⤵
        
        PID:1568
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        39⤵
        Executes dropped EXE
        Adds Run key to start application
        Suspicious behavior: EnumeratesProcesses
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        39⤵
        
        PID:2440
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        40⤵
        Executes dropped EXE
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        40⤵
        
        PID:3060
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        41⤵
        Executes dropped EXE
        
        PID:2108
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        41⤵
        
        PID:2636
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        42⤵
        Executes dropped EXE
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        42⤵
        
        PID:2516
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        43⤵
        Executes dropped EXE
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        43⤵
        
        PID:1136
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        44⤵
        Executes dropped EXE
        Adds Run key to start application
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        44⤵
        
        PID:672
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        45⤵
        Executes dropped EXE
        
        PID:1576
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        45⤵
        
        PID:1972
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        46⤵
        Executes dropped EXE
        
        PID:1540
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        46⤵
        System Location Discovery: System Language Discovery
        
        PID:308
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        47⤵
        Executes dropped EXE
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        47⤵
        
        PID:1188
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        48⤵
        Executes dropped EXE
        
        PID:3000
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        48⤵
        
        PID:2012
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        49⤵
        Executes dropped EXE
        Adds Run key to start application
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        49⤵
        
        PID:2160
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        50⤵
        Executes dropped EXE
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        50⤵
        
        PID:2476
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        51⤵
        Executes dropped EXE
        
        PID:1504
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        51⤵
        
        PID:1536
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        52⤵
        Executes dropped EXE
        Adds Run key to start application
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        52⤵
        
        PID:1640
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        53⤵
        Executes dropped EXE
        
        PID:980
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        53⤵
        
        PID:788
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        54⤵
        Executes dropped EXE
        Adds Run key to start application
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        54⤵
        
        PID:3052
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        55⤵
        Executes dropped EXE
        
        PID:3036
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        55⤵
        
        PID:2276
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        56⤵
        Executes dropped EXE
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        56⤵
        
        PID:2232
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        57⤵
        Executes dropped EXE
        
        PID:1568
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        57⤵
        
        PID:2384
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        58⤵
        Executes dropped EXE
        Adds Run key to start application
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        58⤵
        
        PID:2728
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        59⤵
        Executes dropped EXE
        
        PID:1848
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        59⤵
        
        PID:2676
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        60⤵
        Executes dropped EXE
        
        PID:2536
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        60⤵
        
        PID:2512
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        61⤵
        Executes dropped EXE
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        61⤵
        
        PID:2848
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        62⤵
        Executes dropped EXE
        
        PID:2740
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        62⤵
        
        PID:2680
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        63⤵
        Executes dropped EXE
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        63⤵
        
        PID:1664
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        64⤵
        Executes dropped EXE
        Adds Run key to start application
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        64⤵
        
        PID:1996
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        65⤵
        Executes dropped EXE
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        65⤵
        
        PID:1728
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        66⤵
        Executes dropped EXE
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        66⤵
        
        PID:2036
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        67⤵
        Executes dropped EXE
        Adds Run key to start application
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        67⤵
        
        PID:2600
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        68⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        68⤵
        
        PID:1744
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        69⤵
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        69⤵
        
        PID:408
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        70⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        70⤵
        
        PID:1504
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        71⤵
        System Location Discovery: System Language Discovery
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        71⤵
        
        PID:884
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        72⤵
        
        PID:596
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        72⤵
        
        PID:2416
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        73⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        73⤵
        
        PID:1604
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        74⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        74⤵
        
        PID:2872
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        75⤵
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        75⤵
        
        PID:2592
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        76⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        76⤵
        System Location Discovery: System Language Discovery
        
        PID:2708
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        77⤵
        
        PID:2288
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        77⤵
        
        PID:2660
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        78⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        78⤵
        
        PID:2832
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        79⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        79⤵
        
        PID:2524
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        80⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        80⤵
        
        PID:2988
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        81⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        81⤵
        
        PID:1616
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        82⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        82⤵
        
        PID:1652
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        83⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        83⤵
        
        PID:1972
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        84⤵
        Adds Run key to start application
        
        PID:1868
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        84⤵
        
        PID:1732
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        85⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        85⤵
        
        PID:2964
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        86⤵
        Adds Run key to start application
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        86⤵
        
        PID:2284
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        87⤵
        Adds Run key to start application
        
        PID:836
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        87⤵
        
        PID:1980
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        88⤵
        
        PID:1172
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        88⤵
        
        PID:692
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        89⤵
        System Location Discovery: System Language Discovery
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        89⤵
        
        PID:1456
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        90⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        90⤵
        System Location Discovery: System Language Discovery
        
        PID:596
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        91⤵
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        91⤵
        
        PID:1008
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        92⤵
        
        PID:1556
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        92⤵
        System Location Discovery: System Language Discovery
        
        PID:3048
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        93⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        93⤵
        System Location Discovery: System Language Discovery
        
        PID:1520
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        94⤵
        
        PID:816
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        94⤵
        
        PID:1516
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        95⤵
        
        PID:2592
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        95⤵
        
        PID:2448
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        96⤵
        
        PID:2372
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        96⤵
        
        PID:2656
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        97⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        97⤵
        
        PID:2568
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        98⤵
        
        PID:284
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        98⤵
        
        PID:2632
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        99⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        99⤵
        
        PID:2840
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        100⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        100⤵
        
        PID:1944
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        101⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        101⤵
        
        PID:1616
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        102⤵
        
        PID:292
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        102⤵
        
        PID:1988
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        103⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        103⤵
        
        PID:1720
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        104⤵
        Adds Run key to start application
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        104⤵
        
        PID:2860
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        105⤵
        
        PID:1552
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        105⤵
        
        PID:2176
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        106⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        106⤵
        System Location Discovery: System Language Discovery
        
        PID:1400
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        107⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        107⤵
        
        PID:2180
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        108⤵
        
        PID:692
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        108⤵
        
        PID:912
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        109⤵
        
        PID:1456
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        109⤵
        
        PID:1692
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        110⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        110⤵
        
        PID:1688
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        111⤵
        System Location Discovery: System Language Discovery
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        111⤵
        
        PID:984
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        112⤵
        
        PID:1628
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        112⤵
        
        PID:1428
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        113⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        113⤵
        
        PID:2260
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        114⤵
        
        PID:2620
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        114⤵
        
        PID:2724
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        115⤵
        
        PID:2728
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        115⤵
        
        PID:376
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        116⤵
        Adds Run key to start application
        
        PID:2528
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        116⤵
        
        PID:3008
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        117⤵
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        117⤵
        
        PID:2584
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        118⤵
        Adds Run key to start application
        
        PID:2980
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        118⤵
        
        PID:2488
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        119⤵
        
        PID:1968
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        119⤵
        
        PID:844
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        120⤵
        
        PID:1716
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        120⤵
        
        PID:1724
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        121⤵
        Adds Run key to start application
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        121⤵
        
        PID:1728
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        122⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        122⤵
        
        PID:1864
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        123⤵
        Adds Run key to start application
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        123⤵
        
        PID:2828
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        124⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        124⤵
        
        PID:1176
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        125⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        125⤵
        
        PID:1400
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        126⤵
        
        PID:1288
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        126⤵
        
        PID:2180
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        127⤵
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        127⤵
        
        PID:2408
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        128⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        128⤵
        
        PID:2936
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        129⤵
        
        PID:1408
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        129⤵
        
        PID:2116
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        130⤵
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        130⤵
        
        PID:2872
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        131⤵
        
        PID:2932
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        131⤵
        
        PID:1516
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        132⤵
        
        PID:816
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        132⤵
        
        PID:1828
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        133⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        133⤵
        System Location Discovery: System Language Discovery
        
        PID:2720
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        134⤵
        System Location Discovery: System Language Discovery
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        134⤵
        
        PID:2728
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        135⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        135⤵
        
        PID:284
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        136⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        136⤵
        
        PID:3020
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        137⤵
        
        PID:2320
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        137⤵
        System Location Discovery: System Language Discovery
        
        PID:2636
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        138⤵
        
        PID:672
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        138⤵
        
        PID:1208
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        139⤵
        
        PID:1540
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        139⤵
        
        PID:1884
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        140⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        140⤵
        
        PID:1892
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        141⤵
        Adds Run key to start application
        
        PID:1356
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        141⤵
        
        PID:2960
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        142⤵
        
        PID:1868
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        142⤵
        
        PID:2968
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        143⤵
        System Location Discovery: System Language Discovery
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        143⤵
        
        PID:688
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        144⤵
        
        PID:1900
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        144⤵
        
        PID:2608
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        145⤵
        
        PID:904
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        145⤵
        
        PID:1984
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        146⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        146⤵
        
        PID:1052
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        147⤵
        
        PID:980
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        147⤵
        
        PID:1468
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        148⤵
        Adds Run key to start application
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        148⤵
        
        PID:3028
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        149⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        149⤵
        System Location Discovery: System Language Discovery
        
        PID:3048
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        150⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        150⤵
        
        PID:1016
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        151⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        151⤵
        
        PID:1516
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        152⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        152⤵
        
        PID:1828
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        153⤵
        System Location Discovery: System Language Discovery
        
        PID:1848
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        153⤵
        
        PID:2536
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        154⤵
        
        PID:2684
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        154⤵
        
        PID:2424
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        155⤵
        
        PID:2576
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        155⤵
        System Location Discovery: System Language Discovery
        
        PID:2840
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        156⤵
        
        PID:2980
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        156⤵
        
        PID:672
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        157⤵
        
        PID:1136
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        157⤵
        
        PID:2348
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        158⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        158⤵
        System Location Discovery: System Language Discovery
        
        PID:2852
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        159⤵
        
        PID:2248
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        159⤵
        
        PID:2844
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        160⤵
        
        PID:1356
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        160⤵
        
        PID:896
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        161⤵
        
        PID:2824
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        161⤵
        
        PID:2204
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        162⤵
        Adds Run key to start application
        
        PID:2176
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        162⤵
        
        PID:2688
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        163⤵
        System Location Discovery: System Language Discovery
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        163⤵
        
        PID:1280
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        164⤵
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        164⤵
        
        PID:1916
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        165⤵
        Adds Run key to start application
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        165⤵
        
        PID:1224
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        166⤵
        
        PID:980
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        166⤵
        
        PID:2856
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        167⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        167⤵
        
        PID:2456
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        168⤵
        
        PID:880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        168⤵
        
        PID:2156
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        169⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        169⤵
        
        PID:2088
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        170⤵
        System Location Discovery: System Language Discovery
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        170⤵
        
        PID:1532
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        171⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        171⤵
        
        PID:2864
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        172⤵
        
        PID:376
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        172⤵
        
        PID:1848
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        173⤵
        Adds Run key to start application
        
        PID:284
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        173⤵
        
        PID:2684
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        174⤵
        
        PID:1992
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        174⤵
        
        PID:2556
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        175⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        175⤵
        
        PID:2980
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        176⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        176⤵
        
        PID:2320
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        177⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        177⤵
        
        PID:1716
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        178⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        178⤵
        System Location Discovery: System Language Discovery
        
        PID:1452
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        179⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        179⤵
        
        PID:2964
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        180⤵
        Adds Run key to start application
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        180⤵
        
        PID:1552
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        181⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        181⤵
        
        PID:1572
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        182⤵
        
        PID:2688
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        182⤵
        
        PID:2608
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        183⤵
        
        PID:1640
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        183⤵
        
        PID:1984
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        184⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        184⤵
        
        PID:1476
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        185⤵
        
        PID:1584
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        185⤵
        
        PID:3044
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        186⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        186⤵
        
        PID:1964
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        187⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        187⤵
        
        PID:2116
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        188⤵
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        188⤵
        
        PID:1880
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        189⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        189⤵
        System Location Discovery: System Language Discovery
        
        PID:2388
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        190⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        190⤵
        
        PID:2776
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        191⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        191⤵
        System Location Discovery: System Language Discovery
        
        PID:376
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        192⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        192⤵
        
        PID:840
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        193⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        193⤵
        
        PID:3012
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        194⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        194⤵
        
        PID:2636
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        195⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        195⤵
        
        PID:2304
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        196⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        196⤵
        
        PID:2940
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        197⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        197⤵
        
        PID:2300
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        198⤵
        
        PID:1180
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        198⤵
        
        PID:2912
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        199⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        199⤵
        
        PID:2828
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        200⤵
        Adds Run key to start application
        
        PID:1460
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        200⤵
        
        PID:1700
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        201⤵
        Adds Run key to start application
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        201⤵
        
        PID:2340
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        202⤵
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        202⤵
        
        PID:1240
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        203⤵
        
        PID:2344
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        203⤵
        
        PID:1696
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        204⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        204⤵
        
        PID:1548
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        205⤵
        
        PID:1476
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        205⤵
        
        PID:2212
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        206⤵
        
        PID:3028
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        206⤵
        
        PID:3044
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        207⤵
        Adds Run key to start application
        
        PID:880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        207⤵
        
        PID:2252
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        208⤵
        
        PID:1840
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        208⤵
        
        PID:2116
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        209⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        209⤵
        
        PID:2708
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        210⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        210⤵
        
        PID:2124
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        211⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        211⤵
        
        PID:2508
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        212⤵
        System Location Discovery: System Language Discovery
        
        PID:376
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        212⤵
        
        PID:284
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        213⤵
        Adds Run key to start application
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        213⤵
        
        PID:2740
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        214⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        214⤵
        
        PID:1236
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        215⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        215⤵
        
        PID:1404
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        216⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        216⤵
        
        PID:1888
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        217⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        217⤵
        
        PID:2028
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        218⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        218⤵
        
        PID:1356
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        219⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        219⤵
        
        PID:836
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        220⤵
        Adds Run key to start application
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        220⤵
        
        PID:1292
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        221⤵
        
        PID:692
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        221⤵
        
        PID:3016
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        222⤵
        
        PID:348
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        222⤵
        
        PID:2344
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        223⤵
        
        PID:916
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        223⤵
        
        PID:2080
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        224⤵
        
        PID:704
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        224⤵
        
        PID:2484
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        225⤵
        
        PID:2096
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        225⤵
        System Location Discovery: System Language Discovery
        
        PID:984
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        226⤵
        Adds Run key to start application
        
        PID:2456
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        226⤵
        
        PID:764
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        227⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        227⤵
        
        PID:2772
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        228⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        228⤵
        
        PID:2588
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        229⤵
        Adds Run key to start application
        
        PID:3060
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        229⤵
        
        PID:2536
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        230⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        230⤵
        
        PID:3008
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        231⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        231⤵
        
        PID:1944
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        232⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        232⤵
        System Location Discovery: System Language Discovery
        
        PID:3012
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        233⤵
        
        PID:1968
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        233⤵
        
        PID:1672
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        234⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        234⤵
        
        PID:2320
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        235⤵
        Adds Run key to start application
        
        PID:664
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        235⤵
        
        PID:2760
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        236⤵
        Adds Run key to start application
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        236⤵
        
        PID:2228
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        237⤵
        
        PID:2756
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        237⤵
        
        PID:2036
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        238⤵
        Adds Run key to start application
        
        PID:2976
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        238⤵
        
        PID:1196
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        239⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        239⤵
        
        PID:1636
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        240⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        240⤵
        
        PID:2208
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        241⤵
        
        PID:1904
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        241⤵
        
        PID:2280
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        242⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        242⤵
        System Location Discovery: System Language Discovery
        
        PID:1468
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        243⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        243⤵
        
        PID:1476
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        244⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        244⤵
        
        PID:1560
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        245⤵
        System Location Discovery: System Language Discovery
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        245⤵
        
        PID:2592
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        246⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        246⤵
        
        PID:2724
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        247⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        247⤵
        
        PID:1828
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        248⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        248⤵
        System Location Discovery: System Language Discovery
        
        PID:2832
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        249⤵
        
        PID:2512
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        249⤵
        
        PID:1776
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        250⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        250⤵
        
        PID:848
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        251⤵
        Adds Run key to start application
        
        PID:2740
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        251⤵
        
        PID:1928
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        252⤵
        
        PID:2312
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        252⤵
        
        PID:1988
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        253⤵
        Adds Run key to start application
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        253⤵
        
        PID:1616
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        254⤵
        
        PID:1892
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        254⤵
        
        PID:2572
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        255⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        255⤵
        System Location Discovery: System Language Discovery
        
        PID:1480
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        256⤵
        Adds Run key to start application
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        256⤵
        
        PID:1576
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        257⤵
        Adds Run key to start application
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        257⤵
        
        PID:1300
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        258⤵
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        258⤵
        
        PID:2180
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        259⤵
        
        PID:1904
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        259⤵
        
        PID:2264
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        260⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        260⤵
        
        PID:2916
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        261⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        261⤵
        
        PID:2212
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        262⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        262⤵
        
        PID:1612
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        263⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        263⤵
        
        PID:1768
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        264⤵
        
        PID:1532
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        264⤵
        
        PID:2668
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        265⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        265⤵
        System Location Discovery: System Language Discovery
        
        PID:2784
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        266⤵
        Adds Run key to start application
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        266⤵
        System Location Discovery: System Language Discovery
        
        PID:2536
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        267⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        267⤵
        
        PID:2564
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        268⤵
        
        PID:2720
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        268⤵
        
        PID:2868
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        269⤵
        Adds Run key to start application
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        269⤵
        
        PID:848
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        270⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        270⤵
        System Location Discovery: System Language Discovery
        
        PID:1928
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        271⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        271⤵
        
        PID:292
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        272⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        272⤵
        
        PID:2756
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        273⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        273⤵
        
        PID:1552
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        274⤵
        
        PID:692
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        274⤵
        
        PID:1288
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        275⤵
        Adds Run key to start application
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        275⤵
        
        PID:1572
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        276⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        276⤵
        
        PID:2688
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        277⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        277⤵
        
        PID:1448
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        278⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        278⤵
        
        PID:1916
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        279⤵
        
        PID:1468
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        279⤵
        
        PID:704
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        280⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        280⤵
        
        PID:2156
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        281⤵
        
        PID:880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        281⤵
        
        PID:2084
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        282⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        282⤵
        
        PID:2468
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        283⤵
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        283⤵
        
        PID:2464
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        284⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        284⤵
        
        PID:1828
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        285⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        285⤵
        
        PID:1644
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        286⤵
        System Location Discovery: System Language Discovery
        
        PID:328
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        286⤵
        
        PID:2644
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        287⤵
        System Location Discovery: System Language Discovery
        
        PID:300
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        287⤵
        
        PID:672
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        288⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        288⤵
        
        PID:2436
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        289⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        289⤵
        
        PID:1736
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        290⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        290⤵
        
        PID:2320
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        291⤵
        
        PID:1888
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        291⤵
        
        PID:292
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        292⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        292⤵
        
        PID:688
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        293⤵
        Adds Run key to start application
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        293⤵
        
        PID:996
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        294⤵
        
        PID:904
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        294⤵
        
        PID:1932
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        295⤵
        
        PID:1240
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        295⤵
        
        PID:2976
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        296⤵
        
        PID:964
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        296⤵
        
        PID:1696
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        297⤵
        
        PID:2344
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        297⤵
        
        PID:1836
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        298⤵
        
        PID:1872
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        298⤵
        
        PID:2284
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        299⤵
        
        PID:1556
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        299⤵
        
        PID:1524
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        300⤵
        Adds Run key to start application
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        300⤵
        
        PID:1456
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        301⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        301⤵
        
        PID:1516
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        302⤵
        Adds Run key to start application
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        302⤵
        
        PID:924
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        303⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        303⤵
        
        PID:2100
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        304⤵
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        304⤵
        
        PID:2196
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        305⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        305⤵
        
        PID:2524
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        306⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        306⤵
        
        PID:1232
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        307⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        307⤵
        
        PID:2644
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        308⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        308⤵
        
        PID:1884
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        309⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        309⤵
        System Location Discovery: System Language Discovery
        
        PID:1316
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        310⤵
        
        PID:664
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        310⤵
        
        PID:1716
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        311⤵
        Adds Run key to start application
        
        PID:1540
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        311⤵
        
        PID:1452
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        312⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        312⤵
        
        PID:2160
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        313⤵
        Adds Run key to start application
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        313⤵
        
        PID:832
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        314⤵
        Adds Run key to start application
        
        PID:1460
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        314⤵
        
        PID:996
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        315⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        315⤵
        
        PID:1572
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        316⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        316⤵
        
        PID:2180
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        317⤵
        
        PID:588
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        317⤵
        
        PID:1904
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        318⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        318⤵
        
        PID:2368
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        319⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        319⤵
        
        PID:2168
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        320⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        320⤵
        
        PID:1660
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        321⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        321⤵
        System Location Discovery: System Language Discovery
        
        PID:2384
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        322⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        322⤵
        
        PID:2604
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        323⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        323⤵
        
        PID:2776
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        324⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        324⤵
        
        PID:2664
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        325⤵
        Adds Run key to start application
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        325⤵
        
        PID:1876
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        326⤵
        Adds Run key to start application
        
        PID:768
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        326⤵
        
        PID:2584
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        327⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        327⤵
        
        PID:2680
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        328⤵
        System Location Discovery: System Language Discovery
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        328⤵
        System Location Discovery: System Language Discovery
        
        PID:848
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        329⤵
        
        PID:2952
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        329⤵
        
        PID:2684
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        330⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        330⤵
        
        PID:1316
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        331⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        331⤵
        
        PID:1920
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        332⤵
        Adds Run key to start application
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        332⤵
        
        PID:1036
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        333⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        333⤵
        
        PID:792
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        334⤵
        System Location Discovery: System Language Discovery
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        334⤵
        System Location Discovery: System Language Discovery
        
        PID:1292
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        335⤵
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        335⤵
        
        PID:1636
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        336⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        336⤵
        System Location Discovery: System Language Discovery
        
        PID:912
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        337⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        337⤵
        
        PID:1052
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        338⤵
        
        PID:1904
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        338⤵
        
        PID:916
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        339⤵
        Adds Run key to start application
        
        PID:1628
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        339⤵
        
        PID:2120
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        340⤵
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        340⤵
        
        PID:2448
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        341⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        341⤵
        
        PID:344
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        342⤵
        
        PID:928
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        342⤵
        System Location Discovery: System Language Discovery
        
        PID:2468
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        343⤵
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        343⤵
        
        PID:2984
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        344⤵
        
        PID:2100
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        344⤵
        
        PID:2424
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        345⤵
        
        PID:612
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        345⤵
        
        PID:2524
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        346⤵
        
        PID:2528
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        346⤵
        
        PID:1944
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        347⤵
        
        PID:284
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        347⤵
        
        PID:2576
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        348⤵
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        348⤵
        
        PID:2740
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        349⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        349⤵
        
        PID:1884
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        350⤵
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        
        PID:2312
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        350⤵
        
        PID:2320
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        351⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        351⤵
        
        PID:1652
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        352⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        352⤵
        
        PID:1432
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        353⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        353⤵
        
        PID:836
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        354⤵
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        354⤵
        System Location Discovery: System Language Discovery
        
        PID:1300
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        355⤵
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        355⤵
        
        PID:2012
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        356⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        356⤵
        
        PID:1692
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        357⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        357⤵
        System Location Discovery: System Language Discovery
        
        PID:1408
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        358⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        358⤵
        
        PID:2928
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        359⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        359⤵
        
        PID:916
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        360⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        360⤵
        
        PID:2920
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        361⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        361⤵
        
        PID:1456
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        362⤵
        
        PID:2384
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        362⤵
        
        PID:868
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        363⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        363⤵
        
        PID:2468
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        364⤵
        
        PID:1444
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        364⤵
        System Location Discovery: System Language Discovery
        
        PID:2888
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        365⤵
        Adds Run key to start application
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        365⤵
        
        PID:2512
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        366⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        366⤵
        System Location Discovery: System Language Discovery
        
        PID:2324
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        367⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        367⤵
        
        PID:1676
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        368⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        368⤵
        
        PID:2256
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        369⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        369⤵
        
        PID:2860
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        370⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        370⤵
        
        PID:1960
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        371⤵
        
        PID:1860
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        371⤵
        
        PID:2964
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        372⤵
        
        PID:1552
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        372⤵
        
        PID:2160
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        373⤵
        System Location Discovery: System Language Discovery
        
        PID:692
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        373⤵
        
        PID:1364
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        374⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        374⤵
        
        PID:2976
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        375⤵
        
        PID:1140
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        375⤵
        
        PID:1636
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        376⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        376⤵
        
        PID:1572
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        377⤵
        Adds Run key to start application
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        377⤵
        System Location Discovery: System Language Discovery
        
        PID:1408
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        378⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        378⤵
        
        PID:984
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        379⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        379⤵
        
        PID:2480
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        380⤵
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        380⤵
        
        PID:1656
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        381⤵
        Adds Run key to start application
        
        PID:2656
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        381⤵
        
        PID:640
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        382⤵
        
        PID:1872
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        382⤵
        
        PID:1632
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        383⤵
        Adds Run key to start application
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        383⤵
        
        PID:2664
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        384⤵
        
        PID:376
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        384⤵
        
        PID:1120
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        385⤵
        
        PID:1244
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        385⤵
        
        PID:2832
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        386⤵
        
        PID:1236
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        386⤵
        
        PID:2868
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        387⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        387⤵
        
        PID:2988
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        388⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        388⤵
        
        PID:1956
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        389⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        389⤵
        
        PID:1728
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        390⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        390⤵
        
        PID:1988
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        391⤵
        System Location Discovery: System Language Discovery
        
        PID:1540
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        391⤵
        
        PID:1784
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        392⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        392⤵
        
        PID:1748
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        393⤵
        
        PID:2764
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        393⤵
        
        PID:1624
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        394⤵
        
        PID:964
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        394⤵
        
        PID:1212
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        395⤵
        System Location Discovery: System Language Discovery
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        395⤵
        
        PID:1528
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        396⤵
        
        PID:1504
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        396⤵
        
        PID:832
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        397⤵
        System Location Discovery: System Language Discovery
        
        PID:1476
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        397⤵
        
        PID:1840
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        398⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        398⤵
        
        PID:2372
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        399⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        399⤵
        
        PID:572
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        400⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        400⤵
        
        PID:2124
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        401⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        401⤵
        
        PID:640
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        402⤵
        System Location Discovery: System Language Discovery
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        402⤵
        
        PID:2540
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        403⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        403⤵
        
        PID:2884
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        404⤵
        System Location Discovery: System Language Discovery
        
        PID:2720
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        404⤵
        
        PID:768
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        405⤵
        
        PID:300
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        405⤵
        
        PID:2788
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        406⤵
        Adds Run key to start application
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        406⤵
        
        PID:1976
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        407⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        407⤵
        
        PID:1968
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        408⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        408⤵
        
        PID:2612
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        409⤵
        
        PID:2500
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        409⤵
        
        PID:896
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        410⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        410⤵
        System Location Discovery: System Language Discovery
        
        PID:1480
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        411⤵
        Adds Run key to start application
        
        PID:1540
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        411⤵
        
        PID:1912
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        412⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        412⤵
        
        PID:692
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        413⤵
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        413⤵
        
        PID:2012
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        414⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        414⤵
        
        PID:2552
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        415⤵
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        415⤵
        
        PID:2204
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        416⤵
        System Location Discovery: System Language Discovery
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        416⤵
        
        PID:1052
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        417⤵
        Adds Run key to start application
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        417⤵
        System Location Discovery: System Language Discovery
        
        PID:1524
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        418⤵
        System Location Discovery: System Language Discovery
        
        PID:880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        418⤵
        
        PID:2452
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        419⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        419⤵
        System Location Discovery: System Language Discovery
        
        PID:2456
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        420⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        420⤵
        
        PID:2772
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        421⤵
        Adds Run key to start application
        
        PID:2384
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        421⤵
        
        PID:2156
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        422⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        422⤵
        
        PID:2468
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        423⤵
        
        PID:3008
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        423⤵
        
        PID:316
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        424⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        424⤵
        
        PID:1876
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        425⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        425⤵
        
        PID:2528
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        426⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        426⤵
        
        PID:2924
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        427⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        427⤵
        
        PID:1884
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        428⤵
        
        PID:2312
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        428⤵
        
        PID:1900
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        429⤵
        
        PID:292
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        429⤵
        
        PID:1960
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        430⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        430⤵
        
        PID:308
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        431⤵
        
        PID:1288
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        431⤵
        
        PID:836
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        432⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        432⤵
        
        PID:1396
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        433⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        433⤵
        
        PID:1640
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        434⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        434⤵
        
        PID:3068
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        435⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        435⤵
        
        PID:2096
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        436⤵
        
        PID:832
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        436⤵
        
        PID:704
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        437⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        437⤵
        
        PID:940
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        438⤵
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        438⤵
        
        PID:2460
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        439⤵
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        439⤵
        
        PID:2668
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        440⤵
        
        PID:2736
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        440⤵
        
        PID:1456
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        441⤵
        
        PID:1848
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        441⤵
        
        PID:2424
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        442⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        442⤵
        
        PID:1828
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        443⤵
        
        PID:612
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        443⤵
        
        PID:2720
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        444⤵
        
        PID:2584
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        444⤵
        
        PID:2832
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        445⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        445⤵
        
        PID:2532
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        446⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        446⤵
        
        PID:2924
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        447⤵
        
        PID:2684
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        447⤵
        
        PID:1496
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        448⤵
        
        PID:1900
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        448⤵
        
        PID:1172
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        449⤵
        
        PID:1960
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        449⤵
        
        PID:1180
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        450⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        450⤵
        
        PID:664
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        451⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        451⤵
        
        PID:2704
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        452⤵
        
        PID:408
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        452⤵
        
        PID:2608
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        453⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        453⤵
        
        PID:2264
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        454⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        454⤵
        
        PID:2052
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        455⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        455⤵
        
        PID:1964
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        456⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        456⤵
        
        PID:1840
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        457⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        457⤵
        
        PID:2480
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        458⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        458⤵
        
        PID:1560
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        459⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        459⤵
        
        PID:2668
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        460⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        460⤵
        
        PID:928
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        461⤵
        
        PID:1500
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        461⤵
        
        PID:1260
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        462⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        462⤵
        
        PID:2196
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        463⤵
        
        PID:328
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        463⤵
        
        PID:1236
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        464⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        464⤵
        
        PID:2304
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        465⤵
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        465⤵
        
        PID:2940
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        466⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        466⤵
        
        PID:1348
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        467⤵
        
        PID:1272
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        467⤵
        
        PID:2312
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        468⤵
        
        PID:1900
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        468⤵
        
        PID:1868
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        469⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        469⤵
        
        PID:688
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        470⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        470⤵
        
        PID:1292
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        471⤵
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        471⤵
        
        PID:2704
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        472⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        472⤵
        
        PID:1640
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        473⤵
        
        PID:348
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        473⤵
        
        PID:1688
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        474⤵
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        474⤵
        
        PID:3048
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        475⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        475⤵
        
        PID:892
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        476⤵
        
        PID:880
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        476⤵
        
        PID:2236
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        477⤵
        
        PID:2480
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        477⤵
        
        PID:2116
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        478⤵
        
        PID:344
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        478⤵
        
        PID:2260
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        479⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        479⤵
        
        PID:2524
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        480⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        480⤵
        
        PID:2140
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        481⤵
        
        PID:284
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        481⤵
        
        PID:2468
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        482⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        482⤵
        
        PID:2584
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        483⤵
        
        PID:2980
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        483⤵
        
        PID:1236
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        484⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        484⤵
        
        PID:2304
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        485⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        485⤵
        
        PID:1720
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        486⤵
        
        PID:1744
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        486⤵
        
        PID:2580
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        487⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        487⤵
        
        PID:1616
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        488⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        488⤵
        
        PID:2036
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        489⤵
        
        PID:1176
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        489⤵
        
        PID:1984
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        490⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        490⤵
        
        PID:1892
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        491⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        491⤵
        
        PID:2012
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        492⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        492⤵
        
        PID:2572
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        493⤵
        
        PID:348
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        493⤵
        
        PID:1904
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        494⤵
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        494⤵
        
        PID:1556
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        495⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        495⤵
        
        PID:2936
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        496⤵
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        496⤵
        
        PID:3040
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        497⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        497⤵
        
        PID:2480
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        498⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        498⤵
        
        PID:2620
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        499⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        499⤵
        
        PID:2416
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        500⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        500⤵
        
        PID:2100
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        501⤵
        
        PID:612
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        501⤵
        
        PID:284
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        502⤵
        
        PID:1120
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        502⤵
        
        PID:2468
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        503⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        503⤵
        
        PID:844
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        504⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        504⤵
        
        PID:1740
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        505⤵
        
        PID:2028
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        505⤵
        
        PID:2436
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        506⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        506⤵
        
        PID:1348
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        507⤵
        
        PID:1700
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        507⤵
        
        PID:3020
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        508⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        508⤵
        
        PID:1988
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        509⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        509⤵
        
        PID:2968
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        510⤵
        
        PID:1176
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        510⤵
        
        PID:1984
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        511⤵
        
        PID:408
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        511⤵
        
        PID:2224
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        512⤵
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        512⤵
        
        PID:1640
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        513⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Ardamax Keylogger 4.0.2 + Serial\setup_akl.exe"
        513⤵
        
        PID:348
        
        C:\ProgramData\HQLGHD\FJS.exe
        
        "C:\ProgramData\HQLGHD\FJS.exe"
        514⤵
        
        PID:1572

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\HQLGHD\FJS.00

Filesize
1KB

MD5
5de21a5247376a863b3e5699657a0198

SHA1
513549083af3eb5d635684701b3031a905bdd3b1

SHA256
dff8cfb02f3319e606fd12a249647683e459f616cecc253533b1b3de846e112c

SHA512
f363059155c03fa17a7d36b7139856a796bd84ab14c99e696e61911392de3d5898a7cb78badf6f0359cbf428780bb09be5d42633cc69473132d82bb3ae7b25e8

Download Submit
C:\ProgramData\HQLGHD\FJS.00

Filesize
1KB

MD5
25539f7306bb74bb2e364c00a066d6f4

SHA1
6e0d99e9428e80036aaa80c403d53efbe588e524

SHA256
bd4e0503a728abe89866209ae6fc72eeab335b378963781911136dc3a9bdc7e2

SHA512
bbde2aede848f6d5eb3c83af91d8849bbe7413f96b27da28512feff320dfb044aefc0945d69de8b0de9dfb9cec1ce0122f3b8652a95201d3d8cd651b2ffa7448

Download Submit
C:\ProgramData\HQLGHD\FJS.00

Filesize
1KB

MD5
20bbda6dd8ac4e3ad68d3aa88279edc5

SHA1
4d1d11c04f76ad5f46424cb8285f10c782e5c11d

SHA256
ff7d3c3990d39360a9df0f9de5f6ad0ed62b40886ab3e1731bc1843b887edaf2

SHA512
31f90bd1755c605b6498fedf842012d78d1badcfc8f49843b8ad116ea683f95cd8a35411ff6fcc77cf4afd288958c3a147adb40e712d4267f6d1315b860bae2a

Download Submit
C:\ProgramData\HQLGHD\FJS.00

Filesize
1KB

MD5
d294cd7114ed44015ab7c9273fc93a7b

SHA1
af2ef17eecbfd35b29cb41dab782bbf75e345f68

SHA256
90855f8de88156d59b66795d3322d10157166ce0490a20cba5d537cc5efe081b

SHA512
45442bc9339804c19c94cdcb6a338bdaf5035c170315f9db9da998fd3a5442e4cf48e4b4c4c491bd5570b0def23182758b78d35d15252a28028a2df68e375966

Download Submit
C:\ProgramData\HQLGHD\FJS.00

Filesize
1KB

MD5
16c9d6376de2ec6cf6329e3d2278c5fc

SHA1
5fa51b07e37f47d99ab2402bf0c25e99d5956a70

SHA256
53fc9c03d59d63fd6552235d26f9419cb3ed187a390ad7f5654b099e85a3d393

SHA512
4dbb75747bb6d8e33f536c92da80281d77b8e6038771ec4e54dd449b630bbc231ac3aa4a4bf96f7e1b4456a929078a6b2e3c34495825f5163d71bc5d534a34f3

Download Submit
C:\ProgramData\HQLGHD\FJS.00

Filesize
1KB

MD5
d8cc04add662e069c5cbcfd8b3439038

SHA1
64a2d6dfaf520b783a06467c41ba295a85b5f97c

SHA256
b27246551fbb687f55b156e8fd50e105b8b162f0237ce8b2a2662a81d9bcd57c

SHA512
e6dab583d2756d613158d39408c1c0a088d4aefcfb87cdbfd6772b0d38a14cb7445c25d3c3fa05639d55ec2d5b7b009d97747a05cee9a37c1ef623d27822424c

Download Submit
C:\ProgramData\HQLGHD\FJS.00

Filesize
1KB

MD5
245d56b5c4f6fc7d11bcc582ec522533

SHA1
819ac0ded3c28622a03fe59061fbaacc8b99fe99

SHA256
3cc61d2ad1398a8d00f0e3fce09aa4511db7e7cccf5263d73620ed266645c215

SHA512
832957000b4e2e12594731b610684f4a59df82e06fc7e272a20550843431daeb61f240aa2c3b4475ef6341a8cb44709e0fdc53a0fe2700b858ed8f5b89b87c60

Download Submit
C:\ProgramData\HQLGHD\FJS.00

Filesize
1KB

MD5
8d3f955d7437d498906098f54a2173d7

SHA1
8f003e53bd4ecb2e9cbe0e9edcd11919f720b00f

SHA256
47e3a1f8a2057949be7d0c0e5fec6b6bbd52888d1753395f05f70d005a15d3b5

SHA512
299dbc4e06044f9efffe081ca2de5268cdedffd8301e31200011294cd0c1a8be7d2a7b71d81da6138e8028d85eb4eb5cf49a38edc946e402939b328b26eeb6e4

Download Submit
C:\ProgramData\HQLGHD\FJS.00

Filesize
1KB

MD5
85f84d96e8a0b4154c8de7e590ae3422

SHA1
c5de7bb99ec1c742231e65eafb05da72cc60cec9

SHA256
63f75a200d35d61c8e4782f2f0b4562813db7b7d772bdf05ae7e8c1c766f8ef2

SHA512
1a63828692f8f7ede44ebc11034f11e2b13537d1492d02a6ccdd27351c9c2a7443687f26608924906e23931a6aa66871eb75e1f0df0c92b8d0e69b6fcbf80470

Download Submit
C:\ProgramData\HQLGHD\FJS.01

Filesize
80KB

MD5
e9fdebeeff810d9d2598a09183ce2c28

SHA1
802ee29723a0e5ee2c315e6749c5695c1bc0e95c

SHA256
251bd8e81fa83e9f7e07bf5e17d802ac7fc063ccc297d5d74c930d8be6551adf

SHA512
48cec319ceb906bd7891eef94f20ffb8e483406308c03c14a23116792a2c180e5e830192df05872ea96124eee250457bc6fafa25d9402bca1e6a74e2459caa51

Download Submit
C:\ProgramData\HQLGHD\FJS.02

Filesize
56KB

MD5
6d28ab2abbd991514a6f67a65875ba8b

SHA1
b8af9292fe86de6dd52cb56c9d208f0015248486

SHA256
bdf26bbd0aa925e1f6ab8d33101bc4d7c8201c2fab0fd3deabe6fb1623730e86

SHA512
ada940f827a5b36f7f34fd9e8ce25132ff2f056e8e1aed5999ea7f938b70f21cfe0624ce04e5186a60071468316da9c21ec8f43514d98c5455180945ea03de61

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
5KB

MD5
53ec9ec8dc86329c464a138a95a5c8f7

SHA1
a78895e411dd8beb1567134f676230d466766ada

SHA256
bd41d713831ce5f617c71d5704fce015be3ffe60c9d1fbaf3102de8529bc81ce

SHA512
55d6910121d5c3a00b090905307b002bc156c2164ffc72cc2dec63f5635bdcc113d945ae1d27d395a3e078bf6c07fcb688bfca703a954eb4ea31307d9f51554b

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
6KB

MD5
1c24532c86d189304bebd110ee7cb276

SHA1
e3f30fffb3a20be5c2e01c57ff95f4216c9bf592

SHA256
03d5d0523b825e8623dba7924cdbe2a1a95709b02e2a460e2b6078e0ddf3af9a

SHA512
478b2af7165472590fa4f4662320d63e456379f1aef5c08f55437e5e0dd326ee1abc416f0ca1bedecfa9262046c32c0e5685c9389e24bf8c6c335942f22a1746

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
6KB

MD5
d90e01f1bf1575e663509ea009f8d72e

SHA1
cd6fbcafcb24be3ad834b80909b7ce799c750946

SHA256
68c9e90ff94f219026bbd06820406ddeaf7a63210d44ff18c98ee7998af3f4f4

SHA512
0a715bb68ff7465684d03d5aef98efc3d4667cc94b927372e34b43444b3202c047fe6633855a2a27c2351ee985b490c0749ef277f3c286b2690488f83bc3bb1d

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
6KB

MD5
7de69f68f0fb91fae96116a7e702068a

SHA1
a0a586ef3dfa7d09150dc25507603cfe416b556f

SHA256
a2e4b622403fda6851d1cc423754e6b46654cd96a4f4b987cf3abc693fb8e9c9

SHA512
dd7ee9219872e3692f169b58ed46b164f839679f8a1a8e645706a2e021021f866da98100eb8912712fd7b11df95777b1b8c4a27f123ef41ec76f24b4d775743d

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
7KB

MD5
47fd864f149759166bb5f0db4b36e12a

SHA1
77e58fdf7de8ab2ea9ad6ffb3cf71064f8eab91f

SHA256
a5a61fd413bdb260ce5b7866cbcdc98edf3723d075f10220adbac3faa7f35708

SHA512
2fd5c8532ca5b8db4a9817a250d7a1199a1474936c6328922324e3a0e00b13d588cd1113bc3a724654d4137f5062c4a217301e952d0223e34a277dfd9e019b16

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
360B

MD5
20c466f3155d04105606a0067c042b71

SHA1
c1f71c282cc7c1a5eab3bedfe6d94ee057cb2678

SHA256
e349e9e4376fdc3cdffb3eb555f6637822688f6a9a685151d89fcf55f7c36e79

SHA512
faf453d44316a1af3c0745a85a0ff28a30f9207328e391a6b4f0ad89f425bff58728ab4901ac6907a2640f5db2a8315e2e56d80ea50232c738312cd08fd84603

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
7KB

MD5
b99d03e8690a6e9913e5241c2822a76d

SHA1
ee404121419da6e031a8708495fbcd68b119510e

SHA256
6bbb6acef40410f16200dcd32f49ea8c9eb11f071875e732f74c34bd3e47e5e1

SHA512
28a1b252488bece5a00e48eb54a30ec4091621dbd2529c6869cfcab3c139864dbab99ae5cbadcde7a77ed808ba9f71155061693e54f0e8e157dd08d2c4d4008a

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
7KB

MD5
b6fc91613d1cde5136f1bd33aa80b6f8

SHA1
a3dc6bfd1f39307d179d17235d8110cba023f25e

SHA256
03c86b824922dfd6b19e41009781c6a8e18a42082515af9c3a785da225e67e68

SHA512
913a5674523710757a00e83286578c6da66b5220a25884167aa728d9bd8b9deab2b66b95570009851b7dd526176701acb06dc4b3c9cb52e0f3222eebb8af43d4

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
7KB

MD5
1ec915cdfc8aaa0cb0bd171bff520b6d

SHA1
0258422e5945c65b8f78e9c7e062f3b50a2ab96f

SHA256
22b22322e71bbb64fe09d9298b3ea06389d64f0297813f855493f68ccd31d223

SHA512
3aa6ff95b974cf5192e7ba20ec0c825a789bc8afb4a73ae2ec7c60464c6aae8acdfd8d9c42a71b283a9a7d4387915e9790c6cbcc0db40c7de097a6e004a46396

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
8KB

MD5
af50e065d8af26dfd4071da6d4dd681a

SHA1
6fab19c0abb74ac57d7eb0cb6fa047c3b69d99c7

SHA256
d6e2ca20d43a7932d075ae882afddf1b249ebbbe1730783cd0c7fa09e96d75c0

SHA512
82cf28344e0ce9151dc9c625675757d3fb38a049576607ad582c233b03cb25abadd491e542abeaf63c9246aa26e0b7b2e20912ac053faa1c1e6ab962fdca1764

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
8KB

MD5
bc37507b97f267a28c71b472ac2634ac

SHA1
c1494b8af3e3197e23246a87f196b06a3eb66d26

SHA256
b4b4901e6f626a0c554083fd16d122dee1df9cbb5fd03b68975a88cfdddbca42

SHA512
64150bfa55c06b0483c5df036311361dbb72be64e45cd21c550cc25839f99e5c38fb6a4574bbc2fcbcd09999b4a22850830c14a4cfcffdb1b489cfcc4137abb2

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
9KB

MD5
727e2482ca6303363d30dac37dd07a4a

SHA1
36af643facdde34f201eb383a75c1a312f732ee1

SHA256
b713edab80ddfdeee7b939bf851de50b16b941c41eddb3acf742b7b6f5113a61

SHA512
d6fc7dfa9a2d5f371d2c9b86074ff3d99b8c034cf1717a51ee5fdecb5473eea151261553d3bf444b390da66cf5d951b6b9208562de92910eae8505034d7b946d

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
9KB

MD5
242bf4b72e81ca13dbf7e6e5e953dde3

SHA1
233466bcb4016985b6ee5d1cfc2b6ffea334b159

SHA256
1cb158b1c55003f39863f1d0f46763137ebdaee9d86b964500d805492e06070a

SHA512
27f8cef26b975ec562112d5ec946da914d351541cfdeee8d14ac7ee75a907a5e541a5600a60c2281c7964c2d0eaddcc72220ff05a42f76c9661cb28edfa8f756

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
9KB

MD5
bd79ed3dce1ce9eda8a6e8d741f7fcec

SHA1
772aabcadd22e4a1c05fea37fc8770dfae515619

SHA256
a522998e0af9f1201ee16f75488d61c32e1029c67bd9790b63a520e792085b78

SHA512
330b65cea83133c61bea367bb9fc77c9fc0774807e0495934cddfb4ca41ea4a3291c93b320da047b5909442c900c68035a1409f9d1a0622c56bceaf3468e16bd

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
9KB

MD5
7df8f341fc1bc516397420b2c64700b4

SHA1
75a2d03c0a4dba21c019f1bdbbec940c14a20ad5

SHA256
8b9374b44d236b18adf977c04a975d7029b81a0a4b698f9fca12fee2aa88b5a9

SHA512
bbc61a3c7164efc71bbc2ac3378b265f49574d37d1212ab5462ef07d5a7f3bc71460ad4141be0f7280403a15be9ab8f281ca215226941be1744e2e3b0c28c3b0

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
10KB

MD5
f1f027c358edd9b88ee33219aac60260

SHA1
92b3352040ec4dd5ada2f615499a647e1540e740

SHA256
8dc242063c2e8c84826aec2fb5423de9f37e5ba58b0afc2db19aac4a198a5704

SHA512
3a2dc0f9cacc863613efc11ab2da4431e1257dfd511ed233c990ac1e8210ff5f1d0333b49a1798f839b16e6ed3a445bb496e3c5370a3a19139a8623806e9bd83

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
11KB

MD5
b748b7141474291a15ec4f9242f0b95f

SHA1
5684482df7c8c0569fe682744e9c47045d784869

SHA256
03fed9ab913e6f2f629c132f4d4b3d3716b41b44e346d52a6fc3377192bfe2cb

SHA512
b1b6d97f122381d5aaef625461ff998427f36ac6458d4ca490dcc9b401ce70aac3ef1e05e1d0099ca1e40e3aafac530e9cc46689744527e77c242a63c8af9475

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
11KB

MD5
dcac6a053d5d9f2b5c20c7726b4a90cd

SHA1
ac2e68b513109d55e46c0fc69601433deebc2399

SHA256
2f1b33a3bb653a92ffe38e585fef28f48f9c4fbb7e775698da85712f8ea17ff7

SHA512
f3026aa41e7d4280e11b94e9f09e9504e3f68aef35ed5ff885e9f058604fe85b9d1b1b29a5e7bdacb91f0c4dfbf2f83e0b6926e5866a36c1ead990a59f9c671c

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
12KB

MD5
20a9667241726bd47f89afc2fe89a6d9

SHA1
7f6e4be4200897fcf8c80845787a868f47d44778

SHA256
5bcb3a20279d936435815afde95389004100bfa6b92699082e705f2b4edbe2df

SHA512
3b85d9ea5a3d9c7245081a95faaf9703d07b98fc5ca7645185853d3c258ac3a507d9473442c65534434fa96b492bb653f431fcd737791ffe40f351cd21c1d475

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
12KB

MD5
9e376bffba8235ac599567fe9887dff8

SHA1
25fbc5d227df69bb6fcc758cee65d5ee39015411

SHA256
96b9305fee78afa6584b5b0927bde183b13031748d5bb1843db639a8eb93a77f

SHA512
84d6a158c99724372bd0190881a72753664dc422b6dfc610fd03746156b3e074e7598f288caefc802aae89b3e7b7c3bfc9c22ad800f54f04c9033f3a20be5471

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
12KB

MD5
ee74f3b4281c3252fbaaff22b5981fe1

SHA1
e2eb780a9439e96cefc90ac442d74065dbb576ae

SHA256
cfd27b96bbc32cd0fe5eeae59bb371b2b158e18ad552ef6cf48c964621a1e086

SHA512
5549231d1c54529b26a8a29da441d2064cea7931ad39e125d22770bebca3a899c44e66ad6b8530bc227f8a458e8b3c07d55da674a1db1f3b0e13063553ab85a4

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
13KB

MD5
257e7148940a96a0f5361c657c22b80d

SHA1
e2bddec1ae1ea71cfef4646c60b748873a8c0462

SHA256
9284a9fc41b0ab81b16dfda5f9b38ae8d65cdfe0cdd2dc4d148b6d3ca35545be

SHA512
fde4e43badb7d88b3adc1e4c288f415fbef73c348da0e7b6e55e3ff31f0413e439b84f111a1051b6b88087c79c95060a3a716d8107555ab8e85a07fb359bcaea

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
13KB

MD5
9c21ec57dbd1c5619992dc91d26a275d

SHA1
f6ddee174a1fe9f17e78b480972b50d4509634c2

SHA256
c6a87ef3fca8fb4260faadccc38153ee0c0e20255cd79ec43441174417430254

SHA512
06587f1fded82e308c49774a013479c92efd49307fe94346b706040fec7ca4adfd4d8ca8e0d3b0330f7f79a3804f99223991c6e17240fa69e6552bd6b6d9a721

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
13KB

MD5
c95acf7fbbaf85485e287722d3b259ce

SHA1
ee2ac4f74e05b6b7b116a1abca7996999acf8506

SHA256
b16b7c39c48b54581fc454ad85ed185639481fb98b07ae460980ae730afcee9c

SHA512
3a0e0038a9ce94414ef34746d08a0cff136393a937a5f3b2797b6432c602de4434034b22eb52699554ca7a9b64c3ea1e53370b10393205fd6006324cfcd3eec9

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
14KB

MD5
2f6bb3d76b0529e7c50954bd972f0823

SHA1
8affdf49699372c5cc67126e7b9044a924f73da4

SHA256
b9dadddc7148b714d6186042628f7b1a774fe3346a0bc380e4d465f635e289ce

SHA512
4c18c69a86880a23641375f8955e745556600c99772b4e61f13480b056b0b003a6aa4cef2f4fd4466b33996cbdbb78c3bb6301284ded449bd7bc487206fb254a

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
14KB

MD5
34f871cc04db9bdaf96375715425415d

SHA1
9fd20a79b9d4bd3b331a6713d413e90935f09724

SHA256
29c410118f3339ee1aa79633a5b7fed58165bef9e40ae924b272af64a578a732

SHA512
7c4d84d7714b1312b8afe6b674e7c182301304a0b1959a9dc9d834194075f1e87f0c00ddb0da9b352ec9df6dfe2be8e059c03d113c6484be2e5c83e741828faf

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
1KB

MD5
2767b9a9ec48e1ae5f0ee0c7a84d7624

SHA1
dd62e0fe156e31cacc7435b6f1ed2265355e1afc

SHA256
af85ee917c23b39f0d878eb666fb4d59dbe22c4febadf22c9a28fbedb81b17fa

SHA512
432e3e55b1dad3b4aa2bf234e64b9da3ede40309d171a9ccb81915a8a6729a9b2f7dc3cb952f440efdc5f1f2a3b3eed709025ecbc4c5dd0c68e9acf96fc263eb

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
14KB

MD5
2b2de92185a7f082b267ded782b63f76

SHA1
012c1239246280427e7fbe4aa777bba4c974fdd8

SHA256
6ad2ea69d143a43ab32ba9532ad4550228b23aaddb9afa73cb983e9ecba27438

SHA512
3aa5cf3fc8b0a282de08286fb219ebb74b90a5e8346778d82d4c15d8c991aea87a42e92c3084dcd7095b21a1f3040abd0835a4c257bcd9522f0c980417e21b94

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
15KB

MD5
20600f4e0bc3461a971b1334b319d088

SHA1
196c48c79835fb94d7f1ea435d9ac6433417f8ce

SHA256
2a0e3c11e1d7656d8ea7eb7f2eddff6e319a9e37ab93a6c9042ea0853b1db83b

SHA512
c62be2417b72f4b564ed55cdeed452a40efdf8823a878d711bc012302cc37e0e694751d910243bf6e44abade061b16d5db195b7fbfd3db47ef57ee8eec1742f9

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
15KB

MD5
4d446bb84665e2f0202aa321150ac643

SHA1
e46945496091afd15e3d6b0267d98f5e4cf6eb7c

SHA256
6594db39a172a9cf05961e4ef0cc6d2cea4ed59653f4c8fce51287ba275cea4d

SHA512
dfed44638446e2bc11104f3ec542e0e626d29a89249a1bd3fdf824e4be940479b07fbace070290fc24ce36955e92f561aa55c50b33db85be29ad8b9eb88884a6

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
15KB

MD5
f69ebc2987194b229f71d33c6345ce6b

SHA1
9b001f5c577cdc2c48cc152d88a2960ababf21d3

SHA256
79c055d78532f0f66f61a6ded4a3c4c1867b20436c89f7c5147d3635069d1058

SHA512
347441658517ecdb544d81171c3d09ac5eeac852001c984e3f79024198cdfd5ab6a0f959c3e707187dc3929f41464bc415b9c7ba392b1b39f4a40d9f3a0afdde

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
16KB

MD5
a918d652ce6f866134183e793818fdad

SHA1
ab7f3faaded30711956fa44a55d0acd3e9b431fb

SHA256
a272239c6976a6f3a63f9bcdccb20893b5009d00eff1732eb2cf432a1ccd485e

SHA512
a6e9655c5f97131af217f5889e63c0bc2da2f16f08ebb5e0968e2f7e598d7baa3765a70aa0345bbaad4d2c36648ed1dde082098d3903dc4470527c4ddd1186c3

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
16KB

MD5
d975a7812da39531ca7bf967b2882cc7

SHA1
468a86b8ed889c46cc91ca3f73a5095906ffd121

SHA256
cc8441ede5cb79ed0d1ff69d4e9236f9ce6aa5cbd46bf126d97bd7ba2ff33824

SHA512
29915008d25cfcd64762924789f1ffce4a165e4bb849cfa9658702f4c878fda97eefb285d35f02cb0e787a0361b4f0f86d6ad0fd09495d44e8e414204e29272b

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
16KB

MD5
cdce3848bd98dbd1c5ac2651b140a3d7

SHA1
e4d0342f114ca98738336c74fc8e5107e8e41e19

SHA256
e66dd19d52fc58ab3b0a99bd0663c19dfc20520b99bddf234bfa22370d7d6a49

SHA512
974b06f1301c93a4d23da94764108af2d6353bc1b2f92f181212cc116bf14e616e4fc27a5fd891a2fbb5328c34061dc282de93e5a864334bc01248365ddfaf92

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
1KB

MD5
0f0683166a5c5c8b15b6e7e538505b90

SHA1
295f3eaee875529eef3692510d3590d78b98d90e

SHA256
1cea094f8088ef0cb27b4bca580f23fcb543852a0d47e99f730e8d463b0db68d

SHA512
d9d0adf3fa861c0df302ecfc4541d4356e8661840553763ea290b2b2fbac3adab440c61c37576f51a3e5b0d15dc847b8f093097f55cab35267107b1eff76bb8a

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
17KB

MD5
815fa3fd24cb4da57186ef45aea61d3a

SHA1
8521b3814ab6a24ca65d8552ecb72d2c6e86d421

SHA256
cdbd797034e273dc962a7ce6a43f3535f6ee713759843d56a6ab3923547b21e3

SHA512
3e7da4ea69f7ccfde4a141ffe42bbeffd99ef48e42a07b2fce25e25dc7c215ddc71059223308516e3d7604d81ccab64e9d5f6c4cf20a3ece4bb44112ba426521

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
17KB

MD5
b1309e95c1d5c1035cad0c421f71e2c3

SHA1
1821d132242672e129e60998c167f20dab56ac20

SHA256
8adbfe5134df719e4905f5e03537a39afcfbca51a6233a2a4a3645db303916c7

SHA512
6f8cc32f674799feeca7026dc02403f238231244d690bcc99a8de4f9debeae036df42e09349ea99dc313dd33a0a491db613917fae76966d210a86c4353a96daf

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
17KB

MD5
62bf3bd8cc68ac884ddac29194dec33d

SHA1
4b04c33741502ced816fed7075b6c1997ea4e5dd

SHA256
fe99e4c8d2d496424306d36deccf6934575fdccedfebab8769921afaf39bf7fe

SHA512
2bac18a600af3c641f25fa37b217fb98913b867413291fca0d1b9a8d3c4869514baf2c47b39fac10cfb0cf6683827d9717c51ec707c6690be5454a6a10fc4b30

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
18KB

MD5
2e5fa77229257ce0b0eed96997a77cd0

SHA1
8d45d0a303676f0bacf6ebfd49e9b17cd1af7e43

SHA256
89e7363e768484ea7d78765ba0f62a07bb544846a9afa179c69a086f06069e3b

SHA512
cc93617bde4331716bf53dbf892cb68f1f7a2660ebcf4ad17379315bb0252df8069336b8ea2e3ae6fbe4058066a85ee4386f0911f674e9587a7daeea311f8430

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
18KB

MD5
c6af0e83947cdbeceffe627bbe65b789

SHA1
108a618881aae426bfbd94098247253771231989

SHA256
0e0c965b385ab05e92ba4470e1aa222202e73faf5e697f9cebf13e8b21871be0

SHA512
d811c68fb3e11f0ae09ef3fd2dfd9a9b3d6f37a9159e5f67cc4ee46aec2686490ec109f899852d402e502d340b0f16c1b0656644a37f297400255c43bc5f8831

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
1KB

MD5
b23a5dd03e143ddf2ee6f8b6d8ded4e0

SHA1
5d22acbdc5903c7d2e6bddde442fad2e134a1c0f

SHA256
58a98b2d192b161e2118ff08a55f1cab01c04847a9d1b89506388f7bcbbfe281

SHA512
eff221cacf8a2ba2e1ecde85d8262caf75a871796921d53f38d0f73e99fc49bb39ab20afb409541225e26b70df0a2fd41dc724b43353d9d00a72d7660ae58cba

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
19KB

MD5
5ad1a813316f8c1e1509fc848e42395b

SHA1
87365f2d22e5b99943f0207983feb9931d83bc74

SHA256
a947bba580741bf310cec5c97599512de1fdcd58839fdd7aabf2f89f777dddaf

SHA512
8756109b79b1b4804dd6f81f65c080014aeb5fd60f36f5c71b1b9e05a6b74aadbb99a435a2707dd4b5697655ff8e231c330c37915c0de367ce9ed1c82a0cf6da

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
19KB

MD5
74de987ebf27498535855b385c273351

SHA1
d3b81f9982b316540a9b1c458a61302f82a90c44

SHA256
0c8c5c9d5292f63321370672bb3f9449225009dc6f728e1d4ce5675cd70cf246

SHA512
fa5e0a04422e299ba44c10c8ee334054cb3d6bd34d99f4758f2998a20f9e19236ef8321f7ef18b8d89310c246609382d69cf108f78c7464f6f9685c677b1ab61

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
20KB

MD5
9594234fec6f64794873a391a72c1618

SHA1
abfe5f77b38f8d8c837c7bb3c3596bc4fc1e999a

SHA256
57c9a4cabfe30e23beeb6ce6f46c34a8f092fed97c444fba30c9032c8e9012ed

SHA512
ced81275735f12d0c19baa1578990250ce7d87f5b3beb003cd85b879026fb774d12d31dfe4edd7571add8817b9524267251b9ce033c70bb345d503350996d7d9

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
20KB

MD5
11bd5e3156d72425c0d14a1e8af66458

SHA1
8f12645f5ced35446fd723dbfca49c2ea1378e3b

SHA256
5b5a67c189435ac7e5dce4ff16ae35ac96e75c20e971dde45fa373c1bd536cea

SHA512
c2900d9bf1625f95ba6704a677fb1c553fa1b91b31d4ab6a752f4ea958b0aadca5718b07d2f26503b471bf87e3d6fb0e13c588b852846181dc05dc750a8b8e2a

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
20KB

MD5
4bc37de0513a2a8c4c95490fcec986f5

SHA1
e097de8479f19ab8fd1b715c12546a5d836243e5

SHA256
241f9145055ca6201fef580f3e78eb52aa33f8c5dbf5b67f95e4345e8f86c513

SHA512
84edff00e8ce7facc8d79209c4fed3a73818667a168c3fb1322724c4dd73c852a584bff1eaf0efe5a40bfd67228ddf9d323ca9061297e1187766a7457ef1cf72

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
21KB

MD5
3b21b42fa2273bacb8bd44ffff412203

SHA1
7c51a37c2c6f67b6263f2bffb7d00c4103758344

SHA256
27f4e599e38451dc289b663253f275129a392ab188a2100db0f06d96eb0abb33

SHA512
c8c1224ea6367a17b95ce9c051462025f893c487af45304843458b300c071998f27cb5e2af41b3d243ec8f7105929f0d441b2eb331f26a32dd5ee36d71f11fdf

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
21KB

MD5
ac6ba373235064bf5301982c1ebfff60

SHA1
a72a5c1c01e0f78c111c9de6f4a1ec6ebf83cb50

SHA256
e84fa64b45be82416ca19e2d4a996a155253b95ceca2f41234072efb16d144db

SHA512
58318c068d02b9ec4943bdedd592c1d09d51e088d53bdcfd1a4d777cf40df7079a954951f059dfcc2b2e689eb09741a3df113a7420f31404edf98bff62cdb4c2

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
21KB

MD5
6fa153d2d96310cec1420e29fec4eb59

SHA1
85e53fa49b488307a7cc772dc9d506db683b95c4

SHA256
93512fd9ab87b384ae005cc41b266e213f0f9ea0659e4319160a42ebfcaa9a9d

SHA512
066a62c0ae45caf19a1d10155dc5191549ca988865ed39eb11ad363c97455a9018c1be4a78c05b1a6bba916f1e453b62949b87d3c48b2956e90808217cdbae00

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
22KB

MD5
5965fe29572f1692d920eadb0e9f662d

SHA1
ab14e28d9c0ccedac92c6d5582f4c8c82128c3d9

SHA256
049d341686a244cdc846c088f3342ba0afb86e26e87f099bb95a3539501518b7

SHA512
e9f157c640012f23a30bffcbe23445560a64d941615a1a574fcd365ba052c8b56c20f0be48fcda54d2c7170c0cb0b5bc6b67bd1cfcac5cb33c7630cd1a9cfb29

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
22KB

MD5
f7cdba9d84fbdcc2688b83ae7b84512b

SHA1
ac919361b1d7536eea8654a6a2b332dad740d8b8

SHA256
a847354f8980f589bc68284fcaf65ba59b2c5b4b4d46473a86624e954445e37f

SHA512
6cbc50b30725c47a8701946d1dce4c51f19822a678df7a8b373331502c68e46651e5f49b06a704f546b34fb0d109782ac067e9a8c43e611215ec685162a48601

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
2KB

MD5
69c09d9e92c83293b3284e61c4b27fc4

SHA1
d53435eae9f51787199492942ae84ebfaa27f378

SHA256
608e048a1440c92f57b271e1c61cb1e13c0f9f9dddb72957d52723057b157e48

SHA512
541697fdbfd2dd0dd74b386fa03ea1e59d190019a4625dd3d4bd88cc7006bbb4c307a2506dc008ae0626165acd3788f1274b9b3111e42a046a9986dc0b07476a

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
22KB

MD5
128f59d660900b5194c1ec55017548f2

SHA1
57a7634bd4cb31689ce4263e1a5b5032f5d29665

SHA256
cbbd69e46e3f758485fbd513bfc8ea74bf4769bdba9e53212554f44ec346e212

SHA512
08b3ad0694649353cd94d7e5761992f39bc531d11cfebb24c905f6695083966dc18e23999f5035617ad0a71772c93b47c7e2fa9f48e3ad50df3f74da9eff11f6

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
23KB

MD5
6b269da3faef7ad73c2e96ff82f2d165

SHA1
faca4eedee70665ebdbd9f730f2e731cfa94fed7

SHA256
2c05d967bf959e8601e085746969e6fbb133adaa5badbbc57c7f4e6eedbc4bfe

SHA512
b2582d48aa40c9a6451765e19bb7f3fa4e2f4b953b8c8352625714b415df27d1a5680ebc84c7a10394d281299430cba8a3ef532f7d61549a13257293d8634f2c

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
23KB

MD5
212624724273488bb0bc0b14beec357c

SHA1
2d0e3f8d1eb69ca92e156ebedba2d5e7fc2b6143

SHA256
2dafc591151321c03f92d8c813fe057b853361964912a9d55519497a806130bc

SHA512
a43089c3a05d1af9185d9e48b09303c2a970ee98562b26188d884ee64ffc036ad3b16cc34195886b5f2e2023a54559c5794caff02ba8cd3add87b86ea4edb506

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
23KB

MD5
dba82b270ea371e02e949169ae1cfba3

SHA1
1e2db666ec59c45454f7fcb0390df9856a551716

SHA256
ef4d03270223993bd61a4d98b95f60a68647304fe7924f11e387788e18309dd1

SHA512
5a243b099250a46581632084fde55699025821e3a746b9a7c2915c158ff9f26b0d3e236ce8d9b2bbe2286f852e8a4e7a3664bbcd7502871ae65449325d114937

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
24KB

MD5
e7d69ad7c4c727624f666445b1196dd0

SHA1
3b11596abc6b567934330534e693f054f8b31eaa

SHA256
beeca69dc0bbdfd31448b49375f75c83b4c081073235925052602da686f281d7

SHA512
7b171e62feae96f5d008e4d4e8428bdd374e7f2b0e7fa99e2f3a5c4bd96708d60887e411bb115981499fa924813697f9dca1e55a479bd51d4c691522200fe5ce

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
24KB

MD5
db1465e7eb8daf78b8ce9b6d226aa7a0

SHA1
d27b4c4863d320552d0d7b6c96855dd83195c39e

SHA256
8a0483f2e85c96f01924c3a63b811f6ad5d73777ddfa5fd8231ac9862dc1069d

SHA512
6f9927077236dbcd98a39d8b718d583c9b59a899607c3dee7b49d9a37ca4e105fb77424f13c7a0a8b0594012bc685e16b5af42d2a8626d0a2fc17f65311d7d6d

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
24KB

MD5
a1627e3f1711e7cf4c35a7f89f2df5f7

SHA1
4201884c10b476a49a2ed07280fd5c2ce42507f8

SHA256
80462bce5b03f03cc034ab23f625cd5cf0c7130abf03fb5243cb55ef9531c294

SHA512
9ddb094a876c3ae8e16809ab63ae770a403f947b688b445d7c2d2b494c00feef859e5e26a3706cabc7daa17c06c28ab45ab9bd5666c3daf97eac9ffa5894f5cb

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
25KB

MD5
ef4026c7fa055db3dc852000af4d6e10

SHA1
1e9f0d432a943f4e678e271fe83d382d11e69dfb

SHA256
582b14194ac36bbb38626998640569eef0174e7e4d28623d14c4b07758ca62c9

SHA512
f774f38efaccf25adbadd30a209206773d9db67cb27bea9c57e39254debf6951c15c027285a5c82e1da5a2745533b9e43b8f71623c9b7c409be84f130d1e1d8a

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
25KB

MD5
cba0aa6651d6109b02c58b6a2932b8d9

SHA1
dba7605a508cee45794595b2e6c0a9b72300fa15

SHA256
2796d625ccc8bc76fe430795349f5773e28ee44d7f5d1b7729f5b0157a3db357

SHA512
203f968edc4821058fd3c257b7a880a17b2cc0531566fa18c7792ce36c8dd66887b5fe5b582b7914e146d8d8d26501eb5cdbb38707ba694ced19fa3f347956f3

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
25KB

MD5
7ee95dba0f8dbbbf0fd5fd15ddb678f6

SHA1
17a719b0b3a219863f8a0136dafe6ddb77e2da95

SHA256
486bcfaed70a6a9150086bb25d76df131943cfa3cbae7c476e46e8dc583b8983

SHA512
cee30d8141050bf2413b8b606eff2933e8bd09af47b9d0a53d0db40b4a61c94bf17e98dd44a51a67e104b55bf7b01029f531527ce3509c9d4f04a5befe81f71b

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
25KB

MD5
8f014506ab89f52e287275670a7e812e

SHA1
18b93329857ac6859f878ffb0122979352664419

SHA256
e74e5ed7b7dd493a05cec92bcbfe913be8135e7ed3af58f08ea74f1fa477cd31

SHA512
a4a04fd6d182103a94bfa583437b33d4b6a5f2b24b7485a159e075ccd314abe9bc172536c7716e21df4bbd40f98dd37ccaeefd20d6c4a863035e8e3a21022e38

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
26KB

MD5
bd721dff594317e992c9c48093598c76

SHA1
e0b13c36e328ed187802b5cb46a67555ae88bf96

SHA256
c96c9083aa4af5d724c365cb7a61f0fb51fb91bf165dd2501715889c9db80d91

SHA512
e15697808ce70d99d30c3a0176b78f77598b5758db6759596fa1dd7268eb64e46eaadeea759fa049ef9989998067e16c9f71f6e2f237e06e3f04b19c461cd9c4

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
26KB

MD5
fd8816594e19bcd4a755a79f60dacaa6

SHA1
3e027acd95b98b7a9cb16cdaf83d9b16ec69db5c

SHA256
c5ef4247a60f12277d897a4402e6fd44a19785b96155f98b5ccd7f9f57a9e4fe

SHA512
8b7baeeb2a7b518561e646e4ee88adf00051b61b58a9e5558aeebb9e0583f6c04da29fdf341661ee03b2a78a9d524a1864ab7f85f6930890810141e69cda8a02

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
26KB

MD5
a54cf0c0c875a1b0ab8d2a156831fc9b

SHA1
95c624612e2e826b458dae02e4b598ff540b5fcc

SHA256
24fb6e4d405edf5a11b8d1acbdfe9b992aabc90ee262d05b8bb3497d63aed02d

SHA512
fd80350a7db3e4d0f135c09ce3a5549ee7e93fadc4c42e15321511b7d20d7316250e7925edccfed12c0afa46bcc014dd0e1f2343b2b9cf1ecb040c5a0a03beef

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
26KB

MD5
4ef06a01d85e9c1c99c56c07f5fb4aa4

SHA1
5b5e9e44634f3a27ee061155acd53624ed28963a

SHA256
4d456fcaca9b90aa179b786e2e5f48b82c518b443bb074c3ec7dbcc6ce1a9c66

SHA512
64f362c8f34be41658f0cc45e37bbfc270400965cfd909adf681932d54e9fe319c9f717247a45daae08b9ae682f195aaea65d2efa72c5fdde36061dc935a5df8

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
27KB

MD5
15ce1410cf01af2cab96b585d2175346

SHA1
ac2c80f3622e3879c326176e5cddd90aa844dc7f

SHA256
05d0b2de8c0213c580faa25e28c84faa96e998898b5d89b3c3b5996c1a42f5ee

SHA512
03c36666d4e9312fe4f9a69e60f09d26050bd19778d298ccfe35c38855d16897e93feefff9914d12afe095d8a490f944383958a4ef7f6954958fb5d199a60e80

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
27KB

MD5
6830ce879801c3ded95d5e82d7e2cd5b

SHA1
79c6bab3481fc6cae06d7953624a73ecf7479fc7

SHA256
3cc1b9f0fd64374027c049b72b927864147e3f0e51e04379285d56248656458f

SHA512
3b5057c88bc55a549dca1f867291eed7304fbacf8d9763687c4dcd1df439bdc0df0978c21c6e006a69e145f7e1a90f178a8063326434f1e114b63e4c5f3b9cea

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
28KB

MD5
63c2eb22b9a1d308f90ab482071bdaf1

SHA1
a8628123546efe8035de31f40facce5a57f82ed1

SHA256
1ca4178042728c815b1d6f18bea7d2bb64f8700788d68cbc3b3d0279420624c6

SHA512
142f84ddc8d6e5db43c6de59e2e366eabf872575a1805c28d3ac496c323314ede8678dad3fa3f58efb77cd5cb325ddb279cb4f5e78f84f6521e52e3ec0d038c5

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
28KB

MD5
992d36eccc054644e5c451a365e6f51c

SHA1
a2e596cf363bf18197eeeec8bdb49aee015470cf

SHA256
3f2a47ac9d71864a9d4092c1904226811bb40ff40389596e57f3b7584510b2b4

SHA512
4bda6baa9782d062a5753b918875a13dae970b91b9cc1945781cf178bd91581e5a2ccac83cfa82abab95352efd60d2dd8e03b54c266e5bc23f47bd5027692895

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
2KB

MD5
4f6ab42d2a859d83c1152a9e92b26dbd

SHA1
0f9ecdeb3d0065833fc8ec5912a5641ef063ae36

SHA256
e5ad3721637c3641269158bd45a0600a4feff575bb2e397c753f5071f3f6d287

SHA512
4e6fb8708fbf47327d8ace01c921f26c925ce5f03a6554d5b451f408216f4c8aa547b780782b46aea7171987f8660fff23c858b6f982080cc86f6519ea762ca4

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
2KB

MD5
e3b217b4eefe7cf88bfea3876f1ab064

SHA1
4ae0745fd51af14808ff6622f63837845fefa163

SHA256
753aa4725fe264dc67c346789dcb2775833ccbd0cb9c18f8aedd5b7d2fceafff

SHA512
9b18d69eaaadd5f8ae3f96440c1547db883e1625f85e076e37e91dc16aacfb6744f5da60d8ea48011af5cb356cc45370fafaee8edaca61b2b92c8945d364df8b

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
2KB

MD5
44721a8b7b8aae652d49dcdc0a920826

SHA1
c1409247356c864633d746b5571380c3c5a3a025

SHA256
ccc346db05e9fcaf87cbdb3db04df0055de3dda6ce11d20eb43fdd047e210533

SHA512
e1bbb189b562b733b1bbac00f4facd69020fda9d9667ffb3b84a1b37ad82f8ec558d02fef9bc854de175b243fe4d98e9f03190d19cc43945dba15e7ec990a4f6

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
3KB

MD5
616826b78998103e71822194834a57dc

SHA1
d392095fc57b13ad4c3f86e2fcc7d5390f843cc6

SHA256
5a98dfc11b1eecfd5972cbf248fd9d163f33eec488ecbb71df41024e7308e5ec

SHA512
ddc7613fbcfda864dc27510b96033f245c64b85ef53d946d949be631b5e5e5913565e5b1c631c0332aa7875c85d12887cf1d6869f49028736b866a577231cc9f

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
3KB

MD5
9274de14a7f179db3c8d22e89aff0301

SHA1
989632ecf2337d7b760cbab4db3ed98274a82d64

SHA256
82ada31ae2908e574e42a1f0c23c09f626dc67226fb0a20c8f71c5385c8686c3

SHA512
f7d5168729a50e2042065d6975aeadddf89225d6927c47ab371f843cb7af6f4ad6d598acc294972dccfb231e24437720daf2d36f0869f9e80e13bc6214ae6f9e

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
3KB

MD5
6fffeaad744ecf15cd004c70382fa4bf

SHA1
3b679647ff9eef892c1f03b0255c1b885eb42425

SHA256
30caad20b9ec066d0fa6e01002568dfff2f2284f95bc41726d3d11c498f8cef8

SHA512
7b7403d7c5b5091a26b207e08b601a7b6bb08d43a889aae95cde0192f7dc7f47ffc21091211612a05003d1785d31956b692b5462710f643272f29a86d2f9d81f

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
4KB

MD5
bb710b447b3c6333f3eaf552833ab87d

SHA1
f0d2921c3443a2987de2b3a11840ae09edbb59bf

SHA256
a518dd5d153be83632b5193c38f688dcedf1a1f5b42d3dfc76fb1a4476486eac

SHA512
fa3ba4520d8441029c103189f7651991a71ee32a28df937c50f15dd46fafcd537847ff98432df4ffdf57297690bd26ad2158f7e02ca17469c0f988148ae88db0

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
4KB

MD5
c8b9ac3982f7c4112b91e06ebe40f9df

SHA1
6117aad2fbfdc576a2e19ef8691a692d61ab68bd

SHA256
56b7f30e61983797e67a3af75b95da6b5cdad585438a7b0d46aee257256e29e2

SHA512
dc63f612c33ec9ea4daa1cdac52f75052e8e3de794a45682730d8c63ae1f473db478efd408df92185f0d9136efc4264c7982d16d559ba9a8f665bd68dcbdb133

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
4KB

MD5
6251b144a99b95a4fa301bf0871dccd7

SHA1
43723f936a501cf6955d9530d071cc2cad8311f9

SHA256
853ae5b90ffa9f459916ecd7f00af9c29fda0d01db350af416f2676c13c635a3

SHA512
c3b3f2e26796a8bd817e77f01504fe882ac88d456c89b0e7a7b666201c811ffec274728cda86fa5b84c2db27fef72b706952ddd848e1f66e30d7193af0c2eef9

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
4KB

MD5
ef0ab2b17c79e01d36bfa6a571aff3bf

SHA1
7682d9371bbe37d2ae6bb8f04c25fd43023c0456

SHA256
88d37dafa8c82bfe137f4ae91f460c847c2b7a2b810160b760a5f13dbcee820e

SHA512
53099e93259460393914db739f76a404e23510ebd9d33484d6a08d9047e754d13f59ea2912f4b5bee94b78eabf70ac798af4486d13dfa59b31c3850849e14ed8

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
5KB

MD5
30816376c534e6dd658c6a03e19a12b3

SHA1
61efe5d8475e01e20e45e7316f6b6e0322a42a44

SHA256
93209a75034a91e77e6cc876126e11c6a46a834835ace26c6f1baf88a8832df4

SHA512
64374df121075dd914cc425d55d4aeb8314b0fa0474f7d4ef81c20657eac101865f8a1b7b5cee3307bd372e5ba691a829c175ecef69bebcd631e242c2b43e008

Download Submit
C:\ProgramData\Microsoft\WindowsFJS.004

Filesize
5KB

MD5
2c89e466d9967108a2303928a6b6fee2

SHA1
28374b9cac9824d9c897134f8c86797e44bad766

SHA256
f4fc6bbd710d3acf1a43732abfddfca68db4c430a5803a91a33a8b1c57235b40

SHA512
46bcf138a5adbefead1b1c366c5854a21f6ba3e71ce87891904a7ddae7baa31d423bc20667fc9dae07e7f6e00e2899e2a96e212eb05ce0f9859156f35664ef75

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger 4.0.2\Ardamax Keylogger 4.0.2.lnk

Filesize
710B

MD5
f4e4d7e1f1116964ef28370f96b6b241

SHA1
54b5b93f3ae1b187822162a68a57cf80057157a9

SHA256
6e03435eb926c6301e9bd83b579fd04ed6160581fc7160fbd5a0d537134a588a

SHA512
a53368cd8b7058312e85cc5f64b46618347bc5b377f064ec1b634778952d130cc4b839fb20ee920fc5405d9b4413ef3dbbb771ecf28a8022fc50843f3dc0dc29

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger 4.0.2\Ardamax Keylogger 4.0.2.lnk

Filesize
710B

MD5
f15ce8c2a9125ac83e57af675b902eb4

SHA1
0b97be6826b602bb528bcc5ac46cc696fd8e55ce

SHA256
32a5080c7e6fd61c88008abc65224ac55b5c8c07e47349a1c22a172fa8db4779

SHA512
a3e0b2279b532abcea1c35d44e5fccf4dd0153b57721328ef5c0c56cc92e8d72a43179f110b666d54cca7b29d60d6505e042722a4a1e994b7e13bc209d68481c

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger 4.0.2\Ardamax Keylogger 4.0.2.lnk

Filesize
710B

MD5
b5312ec7d04bfcfa920ae1cf9574a6f0

SHA1
2fd0c59bcd8eee1bb4e1a1aa45c13148ef817179

SHA256
8cf8380ab9802a62a3d2470ac87c564a8d3165097dbef717ea74208dcaea464f

SHA512
ac85b54221e52a64d2f587a3b8195b5cbf22670fce36e5c31ea6517ff5a91433d9e565c550263b1bd0fb70512a76a6f9b2942f15f2e2ce30531683083e002b09

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger 4.0.2\Ardamax Keylogger 4.0.2.lnk

Filesize
710B

MD5
9d0a99180808899e20f1f55e69a851fa

SHA1
f9c70405fa3d42726453fb38bc02bf3838e359d9

SHA256
c4a3da51f67af083da74f3147eb2c327035c2cb3f90a10b42c01de5af619fb3b

SHA512
21d795cf3d5f46bfd839b7a445c7279e49bef84e83a9a75cc81c223e972393bf574b244998563f6c88a1db647267f26f88c60559d3278b45eb732dc65103f025

Download Submit
\ProgramData\HQLGHD\FJS.exe

Filesize
2.3MB

MD5
c8b249cca65b74585eab63bb17375efd

SHA1
6f53a15a9a81ccb3bc8531f188416e522dab6b5d

SHA256
16866d884072c41b60e0c6f0edbeea832b0475d97bb0f5dfa62ab5dd2df1237b

SHA512
2fd4abbf422b64fbbad63b2bfcee9bacbeb04a6b1385e389195bad1e30724744150f62f94572c28dc14480b00d2b54413076f9ede78e2b1323097b610374d427

Download Submit
memory/308-268-0x00000000001B0000-0x00000000001C9000-memory.dmp

Filesize
100KB

Download
memory/692-327-0x00000000007B0000-0x00000000007C9000-memory.dmp

Filesize
100KB

Download
memory/788-347-0x00000000009F0000-0x0000000000A09000-memory.dmp

Filesize
100KB

Download
memory/848-94-0x0000000000A60000-0x0000000000A79000-memory.dmp

Filesize
100KB

Download
memory/880-182-0x0000000001EB0000-0x0000000001EC9000-memory.dmp

Filesize
100KB

Download
memory/1036-288-0x0000000000780000-0x0000000000799000-memory.dmp

Filesize
100KB

Download
memory/1272-80-0x00000000003E0000-0x00000000003F9000-memory.dmp

Filesize
100KB

Download
memory/1292-142-0x0000000002020000-0x0000000002039000-memory.dmp

Filesize
100KB

Download
memory/1364-269-0x0000000000250000-0x0000000000269000-memory.dmp

Filesize
100KB

Download
memory/1408-357-0x0000000001FF0000-0x0000000002009000-memory.dmp

Filesize
100KB

Download
memory/1424-367-0x0000000000720000-0x0000000000739000-memory.dmp

Filesize
100KB

Download
memory/1452-289-0x0000000000110000-0x0000000000129000-memory.dmp

Filesize
100KB

Download
memory/1504-511-0x0000000000360000-0x0000000000379000-memory.dmp

Filesize
100KB

Download
memory/1520-553-0x00000000002C0000-0x00000000002D9000-memory.dmp

Filesize
100KB

Download
memory/1632-192-0x0000000000700000-0x0000000000719000-memory.dmp

Filesize
100KB

Download
memory/1876-250-0x0000000000150000-0x0000000000169000-memory.dmp

Filesize
100KB

Download
memory/1968-72-0x0000000000390000-0x00000000003A9000-memory.dmp

Filesize
100KB

Download
memory/2128-27-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/2148-491-0x00000000006D0000-0x00000000006E9000-memory.dmp

Filesize
100KB

Download
memory/2156-1-0x0000000000810000-0x0000000000BCE000-memory.dmp

Filesize
3.7MB

Download
memory/2156-0-0x0000000000811000-0x0000000000812000-memory.dmp

Filesize
4KB

Download
memory/2156-12-0x0000000000810000-0x0000000000BCE000-memory.dmp

Filesize
3.7MB

Download
memory/2212-541-0x0000000001E90000-0x0000000001EA9000-memory.dmp

Filesize
100KB

Download
memory/2276-552-0x00000000000A0000-0x00000000000B9000-memory.dmp

Filesize
100KB

Download
memory/2284-308-0x00000000002D0000-0x00000000002E9000-memory.dmp

Filesize
100KB

Download
memory/2288-202-0x0000000001E30000-0x0000000001E49000-memory.dmp

Filesize
100KB

Download
memory/2308-441-0x00000000023C0000-0x00000000023D9000-memory.dmp

Filesize
100KB

Download
memory/2348-254-0x0000000000250000-0x0000000000269000-memory.dmp

Filesize
100KB

Download
memory/2388-387-0x0000000000380000-0x0000000000399000-memory.dmp

Filesize
100KB

Download
memory/2388-14-0x0000000000400000-0x0000000000684000-memory.dmp

Filesize
2.5MB

Download
memory/2388-13-0x0000000000402000-0x0000000000403000-memory.dmp

Filesize
4KB

Download
memory/2388-19-0x0000000000400000-0x0000000000684000-memory.dmp

Filesize
2.5MB

Download
memory/2388-17-0x00000000003C0000-0x00000000003D9000-memory.dmp

Filesize
100KB

Download
memory/2440-398-0x0000000000460000-0x0000000000479000-memory.dmp

Filesize
100KB

Download
memory/2524-421-0x0000000000830000-0x0000000000849000-memory.dmp

Filesize
100KB

Download
memory/2532-58-0x0000000003540000-0x0000000003559000-memory.dmp

Filesize
100KB

Download
memory/2556-249-0x0000000001E40000-0x0000000001E59000-memory.dmp

Filesize
100KB

Download
memory/2732-243-0x00000000001D0000-0x00000000001E9000-memory.dmp

Filesize
100KB

Download
memory/2748-44-0x0000000000320000-0x0000000000339000-memory.dmp

Filesize
100KB

Download
memory/2756-307-0x00000000000C0000-0x00000000000D9000-memory.dmp

Filesize
100KB

Download
memory/2760-102-0x00000000003D0000-0x00000000003E9000-memory.dmp

Filesize
100KB

Download
memory/2764-128-0x0000000002050000-0x0000000002069000-memory.dmp

Filesize
100KB

Download
memory/2808-232-0x0000000003400000-0x0000000003419000-memory.dmp

Filesize
100KB

Download
memory/2816-162-0x00000000003B0000-0x00000000003C9000-memory.dmp

Filesize
100KB

Download
memory/2828-290-0x0000000000250000-0x0000000000269000-memory.dmp

Filesize
100KB

Download
memory/2868-25-0x00000000007A0000-0x00000000007B9000-memory.dmp

Filesize
100KB

Download
memory/2924-172-0x0000000000300000-0x0000000000319000-memory.dmp

Filesize
100KB

Download
memory/2972-152-0x0000000000350000-0x0000000000369000-memory.dmp

Filesize
100KB

Download
memory/2992-116-0x00000000008A0000-0x00000000008B9000-memory.dmp

Filesize
100KB

Download
memory/3000-481-0x0000000002510000-0x0000000002529000-memory.dmp

Filesize
100KB

Download
memory/3020-431-0x0000000000770000-0x0000000000789000-memory.dmp

Filesize
100KB

Download
memory/3060-212-0x0000000001FB0000-0x0000000001FC9000-memory.dmp

Filesize
100KB

Download