Cuckoo Sandbox

File c3cc5401e9df1a4c_dw20.exe.exe

Summary
Download Resubmit sample

Size	13.6MB
Type	PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
MD5	`884d786bdfc5523b051ef427c361313e`
SHA1	`8588dd30b06c13f19d6277e28541b1178082f42f`
SHA256	`c3cc5401e9df1a4c68b44b0f54a48c43243ed6191332e085f71ac140a025f7d9`
SHA512	`7493a70329fa0bd6d398ea42096743537e0819f1e8705dcdd61645e2b682fb7c0ed77b830b90bdc2564c19a79c6e33ea95ecb47715b2a38442405ab6c5eea7e8`
CRC32	`11D2674B`
ssdeep	`None`
Yara	vmdetect - Possibly employs anti-virtualization techniques Base64_encoded_Executable - Detects an base64 encoded executable (often embedded) DebuggerException__ConsoleCtrl - (no description) DebuggerException__SetConsoleCtrl - (no description) SEH__vectored - (no description) create_service - Create a windows service network_udp_sock - Communications over UDP network network_tcp_listen - Listen for incoming communication network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS

Score

This file is very suspicious, with a score of 10 out of 10!

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Autosubmit

Parent_Task_ID:5977916

Feedback

Expecting different results? Send us this analysis and we will inspect it. Click here

Information on Execution

Analysis

Category	Started	Completed	Duration	Routing	Logs
FILE	Feb. 25, 2025, 2:18 a.m.	Feb. 25, 2025, 2:29 a.m.	693 seconds	internet	Show Analyzer Log Show Cuckoo Log

Analyzer Log

2025-02-21 21:47:49,000 [analyzer] DEBUG: Starting analyzer from: C:\tmpdyrg_l
2025-02-21 21:47:49,015 [analyzer] DEBUG: Pipe server name: \??\PIPE\YszuFWmmtnUFDUNQEeBUTr
2025-02-21 21:47:49,015 [analyzer] DEBUG: Log pipe server name: \??\PIPE\PWhiLceFjbDgtjKFVxWbiyYPMtDmA
2025-02-21 21:47:49,015 [analyzer] DEBUG: No analysis package specified, trying to detect it automagically.
2025-02-21 21:47:49,062 [analyzer] INFO: Automatically selected analysis package "exe"
2025-02-21 21:47:49,312 [analyzer] DEBUG: Started auxiliary module Curtain
2025-02-21 21:47:49,312 [analyzer] DEBUG: Started auxiliary module DbgView
2025-02-21 21:47:49,812 [analyzer] DEBUG: Started auxiliary module Disguise
2025-02-21 21:47:50,015 [analyzer] DEBUG: Loaded monitor into process with pid 500
2025-02-21 21:47:50,015 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2025-02-21 21:47:50,015 [analyzer] DEBUG: Started auxiliary module Human
2025-02-21 21:47:50,015 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2025-02-21 21:47:50,015 [analyzer] DEBUG: Started auxiliary module Reboot
2025-02-21 21:47:50,062 [analyzer] DEBUG: Started auxiliary module RecentFiles
2025-02-21 21:47:50,078 [analyzer] DEBUG: Started auxiliary module Screenshots
2025-02-21 21:47:50,078 [analyzer] DEBUG: Started auxiliary module Sysmon
2025-02-21 21:47:50,078 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2025-02-21 21:47:50,342 [lib.api.process] INFO: Successfully executed process from path u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\c3cc5401e9df1a4c_dw20.exe.exe' with arguments '' and pid 2384
2025-02-21 21:47:50,592 [analyzer] DEBUG: Loaded monitor into process with pid 2384
2025-02-21 21:48:12,542 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Windows\System32\bnXOfYOaF.exe
2025-02-21 21:48:12,687 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\DESIGNER\MSADDNDR.DLL
2025-02-21 21:48:12,714 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\DESIGNER\MSADDNDR.DLL.exe
2025-02-21 21:48:12,861 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\DW\DBGHELP.DLL
2025-02-21 21:48:12,907 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\DW\DBGHELP.DLL.exe
2025-02-21 21:48:12,961 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE
2025-02-21 21:48:12,994 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE.exe
2025-02-21 21:48:13,042 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE
2025-02-21 21:48:13,085 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE.exe
2025-02-21 21:48:13,163 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\EEINTL.DLL
2025-02-21 21:48:13,243 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\EEINTL.DLL.exe
2025-02-21 21:48:13,316 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.CNT
2025-02-21 21:48:13,351 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.CNT.exe
2025-02-21 21:48:13,414 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
2025-02-21 21:48:13,447 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE.exe
2025-02-21 21:48:13,493 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.HLP
2025-02-21 21:48:13,538 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.HLP.exe
2025-02-21 21:48:13,585 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\MTEXTRA.TTF
2025-02-21 21:48:13,624 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\MTEXTRA.TTF.exe
2025-02-21 21:48:13,698 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\eqnedt32.exe.manifest
2025-02-21 21:48:13,757 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EQUATION\eqnedt32.exe.manifest.exe
2025-02-21 21:48:14,015 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EURO\MSOEURO.DLL
2025-02-21 21:48:14,069 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\EURO\MSOEURO.DLL.exe
2025-02-21 21:48:14,240 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll
2025-02-21 21:48:14,289 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll.exe
2025-02-21 21:48:14,411 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll
2025-02-21 21:48:14,457 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll.exe
2025-02-21 21:48:14,528 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll.exe
2025-02-21 21:48:14,578 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.CFG
2025-02-21 21:48:14,634 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.CFG.exe
2025-02-21 21:48:14,710 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FLT
2025-02-21 21:48:14,753 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FLT.exe
2025-02-21 21:48:14,846 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FNT
2025-02-21 21:48:14,891 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FNT.exe
2025-02-21 21:48:14,979 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\EPSIMP32.FLT
2025-02-21 21:48:15,006 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\EPSIMP32.FLT.exe
2025-02-21 21:48:15,088 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT
2025-02-21 21:48:15,118 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT.exe
2025-02-21 21:48:15,191 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\JPEGIM32.FLT
2025-02-21 21:48:15,236 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\JPEGIM32.FLT.exe
2025-02-21 21:48:15,296 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.CGM
2025-02-21 21:48:15,328 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.CGM.exe
2025-02-21 21:48:15,375 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.EPS
2025-02-21 21:48:15,404 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.EPS.exe
2025-02-21 21:48:15,463 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF
2025-02-21 21:48:15,506 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF.exe
2025-02-21 21:48:15,569 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.JPG
2025-02-21 21:48:15,614 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.JPG.exe
2025-02-21 21:48:15,707 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.PNG
2025-02-21 21:48:15,753 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.PNG.exe
2025-02-21 21:48:15,851 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.WPG
2025-02-21 21:48:15,930 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.WPG.exe
2025-02-21 21:48:16,188 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PICTIM32.FLT
2025-02-21 21:48:16,217 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PICTIM32.FLT.exe
2025-02-21 21:48:16,407 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PNG32.FLT
2025-02-21 21:48:16,454 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PNG32.FLT.exe
2025-02-21 21:48:16,729 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\WPGIMP32.FLT
2025-02-21 21:48:16,782 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\WPGIMP32.FLT.exe
2025-02-21 21:48:17,002 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Help\ITIRCL55.DLL
2025-02-21 21:48:17,059 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Help\ITIRCL55.DLL.exe
2025-02-21 21:48:17,247 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
2025-02-21 21:48:17,447 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll.exe
2025-02-21 21:48:17,812 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Help\msitss55.dll
2025-02-21 21:48:17,855 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Help\msitss55.dll.exe
2025-02-21 21:48:18,664 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui.exe
2025-02-21 21:48:18,849 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.exe
2025-02-21 21:48:19,183 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEINTL.DLL
2025-02-21 21:48:19,230 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEINTL.DLL.exe
2025-02-21 21:48:19,553 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEODBCI.DLL
2025-02-21 21:48:19,605 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEODBCI.DLL.exe
2025-02-21 21:48:19,986 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACERECR.DLL
2025-02-21 21:48:20,039 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACERECR.DLL.exe
2025-02-21 21:48:20,246 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEWSTR.DLL
2025-02-21 21:48:20,286 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEWSTR.DLL.exe
2025-02-21 21:48:20,540 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM
2025-02-21 21:48:20,594 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM.exe
2025-02-21 21:48:20,913 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ALRTINTL.DLL
2025-02-21 21:48:20,960 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ALRTINTL.DLL.exe
2025-02-21 21:48:21,328 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL
2025-02-21 21:48:21,375 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL.exe
2025-02-21 21:48:21,490 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL
2025-02-21 21:48:21,515 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL.exe
2025-02-21 21:48:21,868 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL
2025-02-21 21:48:21,903 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL.exe
2025-02-21 21:48:22,134 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSSOAPR3.DLL
2025-02-21 21:48:22,227 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSSOAPR3.DLL.exe
2025-02-21 21:48:22,321 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\OARPMANR.DLL
2025-02-21 21:48:22,861 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\OARPMANR.DLL.exe
2025-02-21 21:48:23,596 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\README.HTM
2025-02-21 21:48:24,401 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\README.HTM.exe
2025-02-21 21:48:25,124 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\xlsrvintl.dll
2025-02-21 21:48:25,805 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\xlsrvintl.dll.exe
2025-02-21 21:48:26,516 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACECORE.DLL
2025-02-21 21:48:27,043 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACECORE.DLL.exe
2025-02-21 21:48:27,585 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEDAO.DLL
2025-02-21 21:48:28,095 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEDAO.DLL.exe
2025-02-21 21:48:28,658 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEERR.DLL
2025-02-21 21:48:29,263 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEERR.DLL.exe
2025-02-21 21:48:29,631 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEES.DLL
2025-02-21 21:48:30,066 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEES.DLL.exe
2025-02-21 21:48:30,532 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCH.DLL
2025-02-21 21:48:30,953 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCH.DLL.exe
2025-02-21 21:48:31,299 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCL.DLL
2025-02-21 21:48:31,733 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCL.DLL.exe
2025-02-21 21:48:32,194 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODBC.DLL
2025-02-21 21:48:32,582 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODBC.DLL.exe
2025-02-21 21:48:32,967 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODDBS.DLL
2025-02-21 21:48:33,283 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODDBS.DLL.exe
2025-02-21 21:48:33,605 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODEXL.DLL
2025-02-21 21:48:33,880 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODEXL.DLL.exe
2025-02-21 21:48:34,365 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODTXT.DLL
2025-02-21 21:48:34,509 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODTXT.DLL.exe
2025-02-21 21:48:34,865 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEOLEDB.DLL
2025-02-21 21:48:35,190 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEOLEDB.DLL.exe
2025-02-21 21:48:35,549 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACER3X.DLL
2025-02-21 21:48:35,861 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACER3X.DLL.exe
2025-02-21 21:48:36,186 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACERCLR.DLL
2025-02-21 21:48:36,496 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACERCLR.DLL.exe
2025-02-21 21:48:36,793 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEREP.DLL
2025-02-21 21:48:37,151 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEREP.DLL.exe
2025-02-21 21:48:37,640 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACETXT.DLL
2025-02-21 21:48:37,917 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACETXT.DLL.exe
2025-02-21 21:48:38,302 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWDAT.DLL
2025-02-21 21:48:38,706 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWDAT.DLL.exe
2025-02-21 21:48:39,069 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEXBE.DLL
2025-02-21 21:48:39,378 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEXBE.DLL.exe
2025-02-21 21:48:39,687 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2025-02-21 21:48:39,980 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll.exe
2025-02-21 21:48:40,355 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll
2025-02-21 21:48:40,733 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll.exe
2025-02-21 21:48:41,154 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2025-02-21 21:48:41,562 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF.exe
2025-02-21 21:48:41,953 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXPSRV.DLL
2025-02-21 21:48:42,311 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXPSRV.DLL.exe
2025-02-21 21:48:42,789 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_PDF.DLL
2025-02-21 21:48:43,193 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_PDF.DLL.exe
2025-02-21 21:48:43,555 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_XPS.DLL
2025-02-21 21:48:43,904 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_XPS.DLL.exe
2025-02-21 21:48:44,349 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\FLTLDR.EXE
2025-02-21 21:48:44,690 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\FLTLDR.EXE.exe
2025-02-21 21:48:45,069 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\IACOM2.DLL
2025-02-21 21:48:45,441 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\IACOM2.DLL.exe
2025-02-21 21:48:45,734 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE
2025-02-21 21:48:46,091 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE.exe
2025-02-21 21:48:46,684 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2025-02-21 21:48:46,793 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL.exe
2025-02-21 21:48:47,121 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOICONS.EXE
2025-02-21 21:48:47,540 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOICONS.EXE.exe
2025-02-21 21:48:48,174 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL
2025-02-21 21:48:48,250 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL.exe
2025-02-21 21:48:48,625 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL
2025-02-21 21:48:49,013 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL.exe
2025-02-21 21:48:49,394 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
2025-02-21 21:48:49,782 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE.exe
2025-02-21 21:48:50,161 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
2025-02-21 21:48:50,581 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL.exe
2025-02-21 21:48:50,963 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL
2025-02-21 21:48:51,382 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL.exe
2025-02-21 21:48:51,775 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSSOAP30.DLL
2025-02-21 21:48:52,059 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSSOAP30.DLL.exe
2025-02-21 21:48:52,509 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUAUTH.CAB
2025-02-21 21:48:52,802 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUAUTH.CAB.exe
2025-02-21 21:48:53,131 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUOPTIN.DLL
2025-02-21 21:48:53,512 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUOPTIN.DLL.exe
2025-02-21 21:48:53,845 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFREL.DLL
2025-02-21 21:48:54,187 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFREL.DLL.exe
2025-02-21 21:48:54,540 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPHPROXY.DLL
2025-02-21 21:48:54,841 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPHPROXY.DLL.exe
2025-02-21 21:48:55,243 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPTINPS.DLL
2025-02-21 21:48:55,431 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPTINPS.DLL.exe
2025-02-21 21:48:55,657 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
2025-02-21 21:48:56,108 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe.exe
2025-02-21 21:48:56,421 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML
2025-02-21 21:48:56,509 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML.exe
2025-02-21 21:48:56,724 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML
2025-02-21 21:48:56,938 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML.exe
2025-02-21 21:48:57,273 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\ODeploy.exe
2025-02-21 21:48:57,457 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\ODeploy.exe.exe
2025-02-21 21:48:57,785 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSETUP.DLL
2025-02-21 21:48:57,903 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSETUP.DLL.exe
2025-02-21 21:48:58,154 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSetupPS.dll
2025-02-21 21:48:58,398 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSetupPS.dll.exe
2025-02-21 21:48:58,595 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL
2025-02-21 21:48:58,834 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL.exe
2025-02-21 21:48:59,071 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML
2025-02-21 21:48:59,246 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML.exe
2025-02-21 21:48:59,572 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM
2025-02-21 21:48:59,711 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM.exe
2025-02-21 21:48:59,915 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL
2025-02-21 21:49:00,075 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL.exe
2025-02-21 21:49:00,293 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML
2025-02-21 21:49:00,533 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML.exe
2025-02-21 21:49:00,730 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML
2025-02-21 21:49:00,960 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML.exe
2025-02-21 21:49:01,174 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM
2025-02-21 21:49:01,407 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM.exe
2025-02-21 21:49:01,664 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM
2025-02-21 21:49:01,913 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM.exe
2025-02-21 21:49:02,114 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM
2025-02-21 21:49:02,698 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM.exe
2025-02-21 21:49:02,898 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM
2025-02-21 21:49:03,068 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM.exe
2025-02-21 21:49:03,216 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML
2025-02-21 21:49:03,444 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML.exe
2025-02-21 21:49:03,704 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll
2025-02-21 21:49:03,957 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll.exe
2025-02-21 21:49:04,233 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Office32WW.XML
2025-02-21 21:49:04,528 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Office32WW.XML.exe
2025-02-21 21:49:04,806 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Office32MUI.XML
2025-02-21 21:49:05,151 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Office32MUI.XML.exe
2025-02-21 21:49:05,408 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\SETUP.XML
2025-02-21 21:49:05,671 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\SETUP.XML.exe
2025-02-21 21:49:05,963 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML
2025-02-21 21:49:06,436 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML.exe
2025-02-21 21:49:06,572 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML
2025-02-21 21:49:06,788 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML.exe
2025-02-21 21:49:07,082 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML
2025-02-21 21:49:07,414 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML.exe
2025-02-21 21:49:07,726 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML
2025-02-21 21:49:07,848 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML.exe
2025-02-21 21:49:08,253 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML
2025-02-21 21:49:08,410 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML.exe
2025-02-21 21:49:08,671 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML
2025-02-21 21:49:08,874 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML.exe
2025-02-21 21:49:09,141 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML
2025-02-21 21:49:09,388 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML.exe
2025-02-21 21:49:09,664 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML
2025-02-21 21:49:10,059 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML.exe
2025-02-21 21:49:10,240 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML
2025-02-21 21:49:10,602 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML.exe
2025-02-21 21:49:10,786 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML
2025-02-21 21:49:11,035 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML.exe
2025-02-21 21:49:11,289 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML
2025-02-21 21:49:11,585 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML.exe
2025-02-21 21:49:11,871 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\PublisherMUI.XML
2025-02-21 21:49:12,167 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\PublisherMUI.XML.exe
2025-02-21 21:49:12,520 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\SETUP.XML
2025-02-21 21:49:12,815 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\SETUP.XML.exe
2025-02-21 21:49:13,102 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\STANDARD\SETUP.XML
2025-02-21 21:49:13,430 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\STANDARD\SETUP.XML.exe
2025-02-21 21:49:13,740 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\STANDARD\StandardWW.XML
2025-02-21 21:49:14,176 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\STANDARD\StandardWW.XML.exe
2025-02-21 21:49:14,358 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe
2025-02-21 21:49:14,638 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe.exe
2025-02-21 21:49:14,993 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML
2025-02-21 21:49:15,289 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML.exe
2025-02-21 21:49:15,635 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML
2025-02-21 21:49:15,979 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML.exe
2025-02-21 21:49:16,315 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pidgenx.dll
2025-02-21 21:49:16,609 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pidgenx.dll.exe
2025-02-21 21:49:16,911 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig-office.xrm-ms
2025-02-21 21:49:17,213 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig-office.xrm-ms.exe
2025-02-21 21:49:17,430 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll
2025-02-21 21:49:17,938 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll.exe
2025-02-21 21:49:18,128 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL
2025-02-21 21:49:18,316 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL.exe
2025-02-21 21:49:18,638 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\USP10.DLL
2025-02-21 21:49:18,979 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\USP10.DLL.exe
2025-02-21 21:49:19,362 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\VBAJET32.DLL
2025-02-21 21:49:19,737 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\VBAJET32.DLL.exe
2025-02-21 21:49:20,125 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\WISC30.DLL
2025-02-21 21:49:20,605 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\WISC30.DLL.exe
2025-02-21 21:49:21,164 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
2025-02-21 21:49:21,443 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll.exe
2025-02-21 21:49:21,744 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
2025-02-21 21:49:22,053 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL.exe
2025-02-21 21:49:22,365 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL
2025-02-21 21:49:22,644 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL.exe
2025-02-21 21:49:22,961 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL.exe
2025-02-21 21:49:23,233 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE
2025-02-21 21:49:23,542 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE.exe
2025-02-21 21:49:23,832 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE.exe
2025-02-21 21:49:24,174 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL
2025-02-21 21:49:24,483 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL.exe
2025-02-21 21:49:24,841 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF
2025-02-21 21:49:25,213 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF.exe
2025-02-21 21:49:25,549 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms
2025-02-21 21:49:25,875 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms.exe
2025-02-21 21:49:26,247 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\PROOF\MSLID.DLL
2025-02-21 21:49:26,526 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\PROOF\MSLID.DLL.exe
2025-02-21 21:49:26,869 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_EN.LEX
2025-02-21 21:49:27,105 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_EN.LEX.exe
2025-02-21 21:49:27,410 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_ES.LEX
2025-02-21 21:49:27,766 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_ES.LEX.exe
2025-02-21 21:49:28,073 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_FR.LEX
2025-02-21 21:49:28,332 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_FR.LEX.exe
2025-02-21 21:49:28,894 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\MCABOUT.HTM
2025-02-21 21:49:28,976 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\MCABOUT.HTM.exe
2025-02-21 21:49:29,292 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL
2025-02-21 21:49:29,582 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL.exe
2025-02-21 21:49:29,871 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL.IDX_DLL
2025-02-21 21:49:30,167 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL.IDX_DLL.exe
2025-02-21 21:49:30,456 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FBIBLIO.DLL
2025-02-21 21:49:30,719 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FBIBLIO.DLL.exe
2025-02-21 21:49:31,000 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FDATE.DLL
2025-02-21 21:49:31,278 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FDATE.DLL.exe
2025-02-21 21:49:31,555 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPERSON.DLL
2025-02-21 21:49:31,821 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPERSON.DLL.exe
2025-02-21 21:49:32,082 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPLACE.DLL
2025-02-21 21:49:32,332 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPLACE.DLL.exe
2025-02-21 21:49:32,565 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FSTOCK.DLL
2025-02-21 21:49:32,821 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FSTOCK.DLL.exe
2025-02-21 21:49:33,082 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL
2025-02-21 21:49:33,276 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL.exe
2025-02-21 21:49:33,607 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IMCONTACT.DLL
2025-02-21 21:49:33,806 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IMCONTACT.DLL.exe
2025-02-21 21:49:33,989 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\DATES.XML
2025-02-21 21:49:34,240 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\DATES.XML.exe
2025-02-21 21:49:34,473 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\PHONE.XML
2025-02-21 21:49:34,721 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\PHONE.XML.exe
2025-02-21 21:49:34,926 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.DAT
2025-02-21 21:49:35,142 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.DAT.exe
2025-02-21 21:49:35,480 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.XML
2025-02-21 21:49:35,681 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.XML.exe
2025-02-21 21:49:35,898 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\TIME.XML
2025-02-21 21:49:36,068 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\TIME.XML.exe
2025-02-21 21:49:36,305 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\BASMLA.XSL
2025-02-21 21:49:36,473 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\BASMLA.XSL.exe
2025-02-21 21:49:36,680 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.DLL
2025-02-21 21:49:37,069 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.DLL.exe
2025-02-21 21:49:37,257 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.TXT
2025-02-21 21:49:37,395 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.TXT.exe
2025-02-21 21:49:37,549 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MOFL.DLL
2025-02-21 21:49:37,733 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MOFL.DLL.exe
2025-02-21 21:49:37,983 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MSTAG.TLB
2025-02-21 21:49:38,165 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MSTAG.TLB.exe
2025-02-21 21:49:38,621 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\SmartTagInstall.exe
2025-02-21 21:49:38,901 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Smart Tag\SmartTagInstall.exe.exe
2025-02-21 21:49:39,285 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2025-02-21 21:49:39,321 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE.exe
2025-02-21 21:49:39,845 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm.exe
2025-02-21 21:49:40,072 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg.exe
2025-02-21 21:49:40,211 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg.exe
2025-02-21 21:49:40,377 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif.exe
2025-02-21 21:49:40,565 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif.exe
2025-02-21 21:49:40,796 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini.exe
2025-02-21 21:49:41,016 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf.exe
2025-02-21 21:49:41,296 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm.exe
2025-02-21 21:49:41,464 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg.exe
2025-02-21 21:49:41,686 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf.exe
2025-02-21 21:49:41,921 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf.exe
2025-02-21 21:49:42,130 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf.exe
2025-02-21 21:49:42,279 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm.exe
2025-02-21 21:49:42,434 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg.exe
2025-02-21 21:49:42,571 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm.exe
2025-02-21 21:49:42,746 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg.exe
2025-02-21 21:49:42,885 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf.exe
2025-02-21 21:49:43,062 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg.exe
2025-02-21 21:49:43,292 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf.exe
2025-02-21 21:49:43,454 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf.exe
2025-02-21 21:49:43,660 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg.exe
2025-02-21 21:49:43,796 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm.exe
2025-02-21 21:49:44,005 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg.exe
2025-02-21 21:49:44,154 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm.exe
2025-02-21 21:49:44,401 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg.exe
2025-02-21 21:49:44,632 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg.exe
2025-02-21 21:49:44,825 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg.exe
2025-02-21 21:49:45,191 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg.exe
2025-02-21 21:49:45,322 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm.exe
2025-02-21 21:49:45,575 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg.exe
2025-02-21 21:49:45,674 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg.exe
2025-02-21 21:49:45,832 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf.exe
2025-02-21 21:49:46,069 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm.exe
2025-02-21 21:49:46,447 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg.exe
2025-02-21 21:49:46,785 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf.exe
2025-02-21 21:49:47,092 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg.exe
2025-02-21 21:49:47,187 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm.exe
2025-02-21 21:49:47,523 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg.exe
2025-02-21 21:49:47,845 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm.exe
2025-02-21 21:49:48,141 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.jpg.exe
2025-02-21 21:49:48,464 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif.exe
2025-02-21 21:49:48,928 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg.exe
2025-02-21 21:49:49,232 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Tiki.gif.exe
2025-02-21 21:49:49,426 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf.exe
2025-02-21 21:49:49,674 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg.exe
2025-02-21 21:49:49,845 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif.exe
2025-02-21 21:49:50,134 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf.exe
2025-02-21 21:49:50,437 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf.exe
2025-02-21 21:49:50,959 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.ELM
2025-02-21 21:49:51,012 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.ELM.exe
2025-02-21 21:49:51,197 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.INF
2025-02-21 21:49:51,588 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.INF.exe
2025-02-21 21:49:51,832 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\PREVIEW.GIF
2025-02-21 21:49:52,019 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\PREVIEW.GIF.exe
2025-02-21 21:49:52,289 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\THMBNAIL.PNG
2025-02-21 21:49:52,538 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\THMBNAIL.PNG.exe
2025-02-21 21:49:52,806 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.ELM
2025-02-21 21:49:53,094 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.ELM.exe
2025-02-21 21:49:53,316 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.INF
2025-02-21 21:49:53,614 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.INF.exe
2025-02-21 21:49:53,878 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\PREVIEW.GIF
2025-02-21 21:49:54,144 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\PREVIEW.GIF.exe
2025-02-21 21:49:54,457 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\THMBNAIL.PNG
2025-02-21 21:49:54,772 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\THMBNAIL.PNG.exe
2025-02-21 21:49:55,140 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.ELM
2025-02-21 21:49:55,403 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.ELM.exe
2025-02-21 21:49:55,655 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.INF
2025-02-21 21:49:56,029 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.INF.exe
2025-02-21 21:49:56,431 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\PREVIEW.GIF
2025-02-21 21:49:56,591 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\PREVIEW.GIF.exe
2025-02-21 21:49:56,846 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\THMBNAIL.PNG
2025-02-21 21:49:57,194 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\THMBNAIL.PNG.exe
2025-02-21 21:49:57,438 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.ELM
2025-02-21 21:49:57,658 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.ELM.exe
2025-02-21 21:49:57,930 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.INF
2025-02-21 21:49:58,176 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.INF.exe
2025-02-21 21:49:58,513 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\PREVIEW.GIF
2025-02-21 21:49:58,792 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\PREVIEW.GIF.exe
2025-02-21 21:49:59,065 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\THMBNAIL.PNG
2025-02-21 21:49:59,453 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\THMBNAIL.PNG.exe
2025-02-21 21:49:59,907 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.ELM
2025-02-21 21:49:59,944 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.ELM.exe
2025-02-21 21:50:00,181 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.INF
2025-02-21 21:50:00,483 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.INF.exe
2025-02-21 21:50:00,740 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\PREVIEW.GIF
2025-02-21 21:50:01,071 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\PREVIEW.GIF.exe
2025-02-21 21:50:01,345 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\THMBNAIL.PNG
2025-02-21 21:50:01,657 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\THMBNAIL.PNG.exe
2025-02-21 21:50:01,891 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.ELM
2025-02-21 21:50:02,263 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.ELM.exe
2025-02-21 21:50:02,540 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.INF
2025-02-21 21:50:02,904 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.INF.exe
2025-02-21 21:50:03,165 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\PREVIEW.GIF
2025-02-21 21:50:03,515 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\PREVIEW.GIF.exe
2025-02-21 21:50:03,834 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\THMBNAIL.PNG
2025-02-21 21:50:04,165 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\THMBNAIL.PNG.exe
2025-02-21 21:50:04,470 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.ELM
2025-02-21 21:50:04,765 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.ELM.exe
2025-02-21 21:50:05,160 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.INF
2025-02-21 21:50:05,453 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.INF.exe
2025-02-21 21:50:05,703 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\PREVIEW.GIF
2025-02-21 21:50:05,980 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\PREVIEW.GIF.exe
2025-02-21 21:50:06,269 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\THMBNAIL.PNG
2025-02-21 21:50:06,588 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\THMBNAIL.PNG.exe
2025-02-21 21:50:06,967 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.ELM
2025-02-21 21:50:07,128 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.ELM.exe
2025-02-21 21:50:07,428 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.INF
2025-02-21 21:50:07,736 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.INF.exe
2025-02-21 21:50:08,134 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\PREVIEW.GIF
2025-02-21 21:50:08,276 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\PREVIEW.GIF.exe
2025-02-21 21:50:08,612 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\THMBNAIL.PNG
2025-02-21 21:50:08,970 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\THMBNAIL.PNG.exe
2025-02-21 21:50:09,289 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.ELM
2025-02-21 21:50:09,473 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.ELM.exe
2025-02-21 21:50:09,681 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.INF
2025-02-21 21:50:09,933 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.INF.exe
2025-02-21 21:50:10,220 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\PREVIEW.GIF
2025-02-21 21:50:10,436 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\PREVIEW.GIF.exe
2025-02-21 21:50:10,693 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\THMBNAIL.PNG
2025-02-21 21:50:10,948 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\THMBNAIL.PNG.exe
2025-02-21 21:50:11,424 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.ELM
2025-02-21 21:50:11,851 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.ELM.exe
2025-02-21 21:50:12,076 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.INF
2025-02-21 21:50:12,250 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.INF.exe
2025-02-21 21:50:12,378 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\PREVIEW.GIF
2025-02-21 21:50:12,492 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\PREVIEW.GIF.exe
2025-02-21 21:50:12,831 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\THMBNAIL.PNG
2025-02-21 21:50:13,194 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\THMBNAIL.PNG.exe
2025-02-21 21:50:13,391 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.ELM
2025-02-21 21:50:13,561 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.ELM.exe
2025-02-21 21:50:13,808 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.INF
2025-02-21 21:50:14,088 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.INF.exe
2025-02-21 21:50:14,437 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\PREVIEW.GIF
2025-02-21 21:50:14,625 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\PREVIEW.GIF.exe
2025-02-21 21:50:14,881 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\THMBNAIL.PNG
2025-02-21 21:50:15,250 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\THMBNAIL.PNG.exe
2025-02-21 21:50:15,648 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.ELM
2025-02-21 21:50:15,700 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.ELM.exe
2025-02-21 21:50:16,017 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.INF
2025-02-21 21:50:16,309 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.INF.exe
2025-02-21 21:50:16,625 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\PREVIEW.GIF
2025-02-21 21:50:16,907 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\PREVIEW.GIF.exe
2025-02-21 21:50:17,171 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\THMBNAIL.PNG
2025-02-21 21:50:17,513 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\THMBNAIL.PNG.exe
2025-02-21 21:50:17,806 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.ELM
2025-02-21 21:50:18,115 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.ELM.exe
2025-02-21 21:50:18,424 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.INF
2025-02-21 21:50:18,779 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.INF.exe
2025-02-21 21:50:19,032 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\PREVIEW.GIF
2025-02-21 21:50:19,375 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\PREVIEW.GIF.exe
2025-02-21 21:50:19,762 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\THMBNAIL.PNG
2025-02-21 21:50:19,963 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\THMBNAIL.PNG.exe
2025-02-21 21:50:20,288 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.ELM
2025-02-21 21:50:20,582 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.ELM.exe
2025-02-21 21:50:20,923 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.INF
2025-02-21 21:50:21,250 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.INF.exe
2025-02-21 21:50:21,562 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\PREVIEW.GIF
2025-02-21 21:50:21,923 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\PREVIEW.GIF.exe
2025-02-21 21:50:22,351 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\THMBNAIL.PNG
2025-02-21 21:50:22,707 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\THMBNAIL.PNG.exe
2025-02-21 21:50:23,137 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.ELM
2025-02-21 21:50:23,572 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.ELM.exe
2025-02-21 21:50:23,763 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.INF
2025-02-21 21:50:24,115 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.INF.exe
2025-02-21 21:50:24,450 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\PREVIEW.GIF
2025-02-21 21:50:24,815 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\PREVIEW.GIF.exe
2025-02-21 21:50:25,174 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\THMBNAIL.PNG
2025-02-21 21:50:25,476 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\THMBNAIL.PNG.exe
2025-02-21 21:50:25,757 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.ELM
2025-02-21 21:50:26,130 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.ELM.exe
2025-02-21 21:50:26,358 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.INF
2025-02-21 21:50:26,790 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.INF.exe
2025-02-21 21:50:27,048 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\PREVIEW.GIF
2025-02-21 21:50:27,342 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\PREVIEW.GIF.exe
2025-02-21 21:50:27,667 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\THMBNAIL.PNG
2025-02-21 21:50:27,947 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\THMBNAIL.PNG.exe
2025-02-21 21:50:28,269 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.ELM
2025-02-21 21:50:28,641 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.ELM.exe
2025-02-21 21:50:28,845 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.INF
2025-02-21 21:50:29,177 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.INF.exe
2025-02-21 21:50:29,474 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\PREVIEW.GIF
2025-02-21 21:50:29,721 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\PREVIEW.GIF.exe
2025-02-21 21:50:30,051 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\THMBNAIL.PNG
2025-02-21 21:50:30,345 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\THMBNAIL.PNG.exe
2025-02-21 21:50:30,596 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.ELM
2025-02-21 21:50:30,828 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.ELM.exe
2025-02-21 21:50:31,104 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.INF
2025-02-21 21:50:31,358 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.INF.exe
2025-02-21 21:50:31,632 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\PREVIEW.GIF
2025-02-21 21:50:31,848 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\PREVIEW.GIF.exe
2025-02-21 21:50:32,190 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\THMBNAIL.PNG
2025-02-21 21:50:32,331 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\THMBNAIL.PNG.exe
2025-02-21 21:50:32,647 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.ELM
2025-02-21 21:50:32,862 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.ELM.exe
2025-02-21 21:50:33,082 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.INF
2025-02-21 21:50:33,410 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.INF.exe
2025-02-21 21:50:33,625 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\PREVIEW.GIF
2025-02-21 21:50:33,826 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\PREVIEW.GIF.exe
2025-02-21 21:50:34,092 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\THMBNAIL.PNG
2025-02-21 21:50:34,292 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\THMBNAIL.PNG.exe
2025-02-21 21:50:34,604 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.ELM
2025-02-21 21:50:34,819 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.ELM.exe
2025-02-21 21:50:35,052 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.INF
2025-02-21 21:50:35,275 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.INF.exe
2025-02-21 21:50:35,484 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\PREVIEW.GIF
2025-02-21 21:50:35,732 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\PREVIEW.GIF.exe
2025-02-21 21:50:35,937 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\THMBNAIL.PNG
2025-02-21 21:50:36,214 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\THMBNAIL.PNG.exe
2025-02-21 21:50:36,450 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.ELM
2025-02-21 21:50:36,680 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.ELM.exe
2025-02-21 21:50:36,877 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.INF
2025-02-21 21:50:37,111 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.INF.exe
2025-02-21 21:50:37,385 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\PREVIEW.GIF
2025-02-21 21:50:37,601 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\PREVIEW.GIF.exe
2025-02-21 21:50:37,835 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\THMBNAIL.PNG
2025-02-21 21:50:38,098 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\THMBNAIL.PNG.exe
2025-02-21 21:50:38,361 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.ELM
2025-02-21 21:50:38,638 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.ELM.exe
2025-02-21 21:50:38,854 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.INF
2025-02-21 21:50:39,089 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.INF.exe
2025-02-21 21:50:39,335 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\PREVIEW.GIF
2025-02-21 21:50:39,582 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\PREVIEW.GIF.exe
2025-02-21 21:50:39,823 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\THMBNAIL.PNG
2025-02-21 21:50:40,101 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\THMBNAIL.PNG.exe
2025-02-21 21:50:40,311 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.ELM
2025-02-21 21:50:40,528 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.ELM.exe
2025-02-21 21:50:40,767 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.INF
2025-02-21 21:50:40,944 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.INF.exe
2025-02-21 21:50:41,226 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\PREVIEW.GIF
2025-02-21 21:50:41,411 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\PREVIEW.GIF.exe
2025-02-21 21:50:41,671 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\THMBNAIL.PNG
2025-02-21 21:50:41,934 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\THMBNAIL.PNG.exe
2025-02-21 21:50:42,138 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.ELM
2025-02-21 21:50:42,385 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.ELM.exe
2025-02-21 21:50:42,648 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.INF
2025-02-21 21:50:43,032 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.INF.exe
2025-02-21 21:50:43,131 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\PREVIEW.GIF
2025-02-21 21:50:43,364 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\PREVIEW.GIF.exe
2025-02-21 21:50:43,582 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\THMBNAIL.PNG
2025-02-21 21:50:43,798 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\THMBNAIL.PNG.exe
2025-02-21 21:50:44,082 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.ELM
2025-02-21 21:50:44,322 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.ELM.exe
2025-02-21 21:50:44,631 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.INF
2025-02-21 21:50:44,818 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.INF.exe
2025-02-21 21:50:45,164 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\PREVIEW.GIF
2025-02-21 21:50:45,275 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\PREVIEW.GIF.exe
2025-02-21 21:50:45,480 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\THMBNAIL.PNG
2025-02-21 21:50:45,763 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\THMBNAIL.PNG.exe
2025-02-21 21:50:46,039 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.ELM
2025-02-21 21:50:46,323 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.ELM.exe
2025-02-21 21:50:46,450 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.INF
2025-02-21 21:50:46,709 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.INF.exe
2025-02-21 21:50:46,983 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\PREVIEW.GIF
2025-02-21 21:50:47,151 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\PREVIEW.GIF.exe
2025-02-21 21:50:47,367 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\THMBNAIL.PNG
2025-02-21 21:50:47,598 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\THMBNAIL.PNG.exe
2025-02-21 21:50:47,819 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.ELM
2025-02-21 21:50:48,040 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.ELM.exe
2025-02-21 21:50:48,250 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.INF
2025-02-21 21:50:48,496 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.INF.exe
2025-02-21 21:50:48,749 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PREVIEW.GIF
2025-02-21 21:50:48,936 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PREVIEW.GIF.exe
2025-02-21 21:50:49,137 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\THMBNAIL.PNG
2025-02-21 21:50:49,378 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\THMBNAIL.PNG.exe
2025-02-21 21:50:49,571 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.ELM
2025-02-21 21:50:49,802 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.ELM.exe
2025-02-21 21:50:50,046 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.INF
2025-02-21 21:50:50,306 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.INF.exe
2025-02-21 21:50:50,519 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PREVIEW.GIF
2025-02-21 21:50:50,750 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PREVIEW.GIF.exe
2025-02-21 21:50:50,999 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\THMBNAIL.PNG
2025-02-21 21:50:51,230 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\THMBNAIL.PNG.exe
2025-02-21 21:50:51,479 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PREVIEW.GIF
2025-02-21 21:50:51,717 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PREVIEW.GIF.exe
2025-02-21 21:50:51,977 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.ELM
2025-02-21 21:50:52,232 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.ELM.exe
2025-02-21 21:50:52,459 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.INF
2025-02-21 21:50:52,723 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.INF.exe
2025-02-21 21:50:53,006 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\THMBNAIL.PNG
2025-02-21 21:50:53,285 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\THMBNAIL.PNG.exe
2025-02-21 21:50:53,509 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\PREVIEW.GIF
2025-02-21 21:50:53,742 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\PREVIEW.GIF.exe
2025-02-21 21:50:54,081 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.ELM
2025-02-21 21:50:54,273 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.ELM.exe
2025-02-21 21:50:54,522 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.INF
2025-02-21 21:50:54,769 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.INF.exe
2025-02-21 21:50:55,006 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\THMBNAIL.PNG
2025-02-21 21:50:55,286 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\THMBNAIL.PNG.exe
2025-02-21 21:50:55,513 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\PREVIEW.GIF
2025-02-21 21:50:55,730 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\PREVIEW.GIF.exe
2025-02-21 21:50:55,982 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.ELM
2025-02-21 21:50:56,230 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.ELM.exe
2025-02-21 21:50:56,549 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.INF
2025-02-21 21:50:56,719 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.INF.exe
2025-02-21 21:50:56,967 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\THMBNAIL.PNG
2025-02-21 21:50:57,184 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\THMBNAIL.PNG.exe
2025-02-21 21:50:57,460 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\PREVIEW.GIF
2025-02-21 21:50:57,723 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\PREVIEW.GIF.exe
2025-02-21 21:50:57,956 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.ELM
2025-02-21 21:50:58,177 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.ELM.exe
2025-02-21 21:50:58,415 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.INF
2025-02-21 21:50:58,617 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.INF.exe
2025-02-21 21:50:58,871 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\THMBNAIL.PNG
2025-02-21 21:50:59,118 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\THMBNAIL.PNG.exe
2025-02-21 21:50:59,381 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\PREVIEW.GIF
2025-02-21 21:50:59,614 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\PREVIEW.GIF.exe
2025-02-21 21:50:59,904 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.ELM
2025-02-21 21:51:00,095 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.ELM.exe
2025-02-21 21:51:00,349 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.INF
2025-02-21 21:51:00,582 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.INF.exe
2025-02-21 21:51:00,848 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\THMBNAIL.PNG
2025-02-21 21:51:01,220 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\THMBNAIL.PNG.exe
2025-02-21 21:51:01,503 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\PREVIEW.GIF
2025-02-21 21:51:01,556 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\PREVIEW.GIF.exe
2025-02-21 21:51:01,825 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.ELM
2025-02-21 21:51:02,095 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.ELM.exe
2025-02-21 21:51:02,305 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.INF
2025-02-21 21:51:02,584 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.INF.exe
2025-02-21 21:51:02,852 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\THMBNAIL.PNG
2025-02-21 21:51:03,115 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\THMBNAIL.PNG.exe
2025-02-21 21:51:03,421 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\PREVIEW.GIF
2025-02-21 21:51:03,668 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\PREVIEW.GIF.exe
2025-02-21 21:51:03,858 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.ELM
2025-02-21 21:51:04,157 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.ELM.exe
2025-02-21 21:51:04,368 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.INF
2025-02-21 21:51:04,645 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.INF.exe
2025-02-21 21:51:04,815 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\THMBNAIL.PNG
2025-02-21 21:51:05,078 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\THMBNAIL.PNG.exe
2025-02-21 21:51:05,322 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\PREVIEW.GIF
2025-02-21 21:51:05,539 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\PREVIEW.GIF.exe
2025-02-21 21:51:05,756 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.ELM
2025-02-21 21:51:06,026 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.ELM.exe
2025-02-21 21:51:06,266 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.INF
2025-02-21 21:51:06,499 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.INF.exe
2025-02-21 21:51:06,921 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\THMBNAIL.PNG
2025-02-21 21:51:07,062 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\THMBNAIL.PNG.exe
2025-02-21 21:51:07,242 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\PREVIEW.GIF
2025-02-21 21:51:07,512 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\PREVIEW.GIF.exe
2025-02-21 21:51:07,933 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.ELM
2025-02-21 21:51:08,073 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.ELM.exe
2025-02-21 21:51:08,312 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.INF
2025-02-21 21:51:08,591 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.INF.exe
2025-02-21 21:51:08,818 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\THMBNAIL.PNG
2025-02-21 21:51:09,104 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\THMBNAIL.PNG.exe
2025-02-21 21:51:09,380 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\PREVIEW.GIF
2025-02-21 21:51:09,651 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\PREVIEW.GIF.exe
2025-02-21 21:51:09,900 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.ELM
2025-02-21 21:51:10,207 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.ELM.exe
2025-02-21 21:51:10,490 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.INF
2025-02-21 21:51:10,769 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.INF.exe
2025-02-21 21:51:11,025 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\THMBNAIL.PNG
2025-02-21 21:51:11,040 [analyzer] INFO: Analysis timeout hit, terminating analysis.
2025-02-21 21:51:11,276 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\THMBNAIL.PNG.exe
2025-02-21 21:51:11,540 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\PREVIEW.GIF
2025-02-21 21:51:11,851 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\PREVIEW.GIF.exe
2025-02-21 21:51:12,176 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.ELM
2025-02-21 21:51:12,454 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.ELM.exe
2025-02-21 21:51:12,723 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.INF
2025-02-21 21:51:13,002 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.INF.exe
2025-02-21 21:51:13,301 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\THMBNAIL.PNG
2025-02-21 21:51:13,549 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\THMBNAIL.PNG.exe
2025-02-21 21:51:13,844 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\PREVIEW.GIF
2025-02-21 21:51:14,154 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\PREVIEW.GIF.exe
2025-02-21 21:51:14,437 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.ELM
2025-02-21 21:51:14,691 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.ELM.exe
2025-02-21 21:51:14,930 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.INF
2025-02-21 21:51:15,240 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.INF.exe
2025-02-21 21:51:15,532 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\THMBNAIL.PNG
2025-02-21 21:51:15,796 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\THMBNAIL.PNG.exe
2025-02-21 21:51:16,157 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\PREVIEW.GIF
2025-02-21 21:51:16,377 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\PREVIEW.GIF.exe
2025-02-21 21:51:16,645 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.ELM
2025-02-21 21:51:16,913 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.ELM.exe
2025-02-21 21:51:17,151 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.INF
2025-02-21 21:51:17,387 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.INF.exe
2025-02-21 21:51:17,703 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\THMBNAIL.PNG
2025-02-21 21:51:17,950 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\THMBNAIL.PNG.exe
2025-02-21 21:51:18,273 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\PREVIEW.GIF
2025-02-21 21:51:18,457 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\PREVIEW.GIF.exe
2025-02-21 21:51:18,726 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.ELM
2025-02-21 21:51:18,964 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.ELM.exe
2025-02-21 21:51:19,213 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.INF
2025-02-21 21:51:19,460 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.INF.exe
2025-02-21 21:51:19,753 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\THMBNAIL.PNG
2025-02-21 21:51:20,000 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\THMBNAIL.PNG.exe
2025-02-21 21:51:20,255 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\PREVIEW.GIF
2025-02-21 21:51:20,408 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\PREVIEW.GIF.exe
2025-02-21 21:51:20,733 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.ELM
2025-02-21 21:51:21,003 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.ELM.exe
2025-02-21 21:51:21,226 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.INF
2025-02-21 21:51:21,490 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.INF.exe
2025-02-21 21:51:21,765 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\THMBNAIL.PNG
2025-02-21 21:51:22,028 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\THMBNAIL.PNG.exe
2025-02-21 21:51:22,384 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\THEMES.INF
2025-02-21 21:51:22,522 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\THEMES.INF.exe
2025-02-21 21:51:22,746 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\PREVIEW.GIF
2025-02-21 21:51:22,970 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\PREVIEW.GIF.exe
2025-02-21 21:51:23,206 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\THMBNAIL.PNG
2025-02-21 21:51:23,437 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\THMBNAIL.PNG.exe
2025-02-21 21:51:23,661 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.ELM
2025-02-21 21:51:23,923 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.ELM.exe
2025-02-21 21:51:24,257 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.INF
2025-02-21 21:51:24,427 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.INF.exe
2025-02-21 21:51:24,651 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\PREVIEW.GIF
2025-02-21 21:51:24,914 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\PREVIEW.GIF.exe
2025-02-21 21:51:25,283 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\THMBNAIL.PNG
2025-02-21 21:51:25,421 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\THMBNAIL.PNG.exe
2025-02-21 21:51:25,655 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.ELM
2025-02-21 21:51:25,858 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.ELM.exe
2025-02-21 21:51:26,076 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.INF
2025-02-21 21:51:26,401 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.INF.exe
2025-02-21 21:51:26,857 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ARFR\MSB1ARFR.ITS
2025-02-21 21:51:26,915 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ARFR\MSB1ARFR.ITS.exe
2025-02-21 21:51:27,150 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENES\MSB1ENES.ITS
2025-02-21 21:51:27,403 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENES\MSB1ENES.ITS.exe
2025-02-21 21:51:27,655 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENFR\MSB1ENFR.ITS
2025-02-21 21:51:27,903 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENFR\MSB1ENFR.ITS.exe
2025-02-21 21:51:28,153 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.DLL
2025-02-21 21:51:28,440 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.DLL.exe
2025-02-21 21:51:28,655 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.ITS
2025-02-21 21:51:28,933 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.ITS.exe
2025-02-21 21:51:29,131 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\WT61ES.LEX
2025-02-21 21:51:29,332 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\WT61ES.LEX.exe
2025-02-21 21:51:29,618 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FRAR\MSB1FRAR.ITS
2025-02-21 21:51:29,832 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FRAR\MSB1FRAR.ITS.exe
2025-02-21 21:51:30,095 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL
2025-02-21 21:51:30,342 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL.exe
2025-02-21 21:51:30,575 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.ITS
2025-02-21 21:51:30,825 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.ITS.exe
2025-02-21 21:51:31,062 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\WT61FR.LEX
2025-02-21 21:51:31,262 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\WT61FR.LEX.exe
2025-02-21 21:51:31,533 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1AR.LEX
2025-02-21 21:51:31,733 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1AR.LEX.exe
2025-02-21 21:51:31,983 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CACH.LEX
2025-02-21 21:51:32,213 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CACH.LEX.exe
2025-02-21 21:51:32,461 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CORE.DLL
2025-02-21 21:51:32,709 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CORE.DLL.exe
2025-02-21 21:51:32,930 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1STAR.DLL
2025-02-21 21:51:33,161 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1STAR.DLL.exe
2025-02-21 21:51:33,407 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1XTOR.DLL
2025-02-21 21:51:33,624 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1XTOR.DLL.exe
2025-02-21 21:51:33,835 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\WTSP61MS.DLL
2025-02-21 21:51:34,082 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\WTSP61MS.DLL.exe
2025-02-21 21:51:34,342 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TextConv\MSCONV97.DLL
2025-02-21 21:51:34,561 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TextConv\MSCONV97.DLL.exe
2025-02-21 21:51:34,783 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TextConv\RECOVR32.CNV
2025-02-21 21:51:35,030 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TextConv\RECOVR32.CNV.exe
2025-02-21 21:51:35,288 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT532.CNV
2025-02-21 21:51:35,535 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT532.CNV.exe
2025-02-21 21:51:35,786 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT632.CNV
2025-02-21 21:51:36,016 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT632.CNV.exe
2025-02-21 21:51:36,227 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TextConv\Wks9Pxy.cnv
2025-02-21 21:51:36,490 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\TextConv\Wks9Pxy.cnv.exe
2025-02-21 21:51:37,118 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\FM20.CHM
2025-02-21 21:51:37,151 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\FM20.CHM.exe
2025-02-21 21:51:37,397 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBCN6.CHM
2025-02-21 21:51:37,440 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBCN6.CHM.exe
2025-02-21 21:51:37,737 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBE7INTL.DLL
2025-02-21 21:51:37,884 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBE7INTL.DLL.exe
2025-02-21 21:51:38,085 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBENDF98.CHM
2025-02-21 21:51:38,319 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBENDF98.CHM.exe
2025-02-21 21:51:38,565 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBHW6.CHM
2025-02-21 21:51:38,798 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBHW6.CHM.exe
2025-02-21 21:51:39,036 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBLR6.CHM
2025-02-21 21:51:39,298 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBLR6.CHM.exe
2025-02-21 21:51:39,497 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBOB6.CHM
2025-02-21 21:51:39,773 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBOB6.CHM.exe
2025-02-21 21:51:39,964 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBUI6.CHM
2025-02-21 21:51:40,167 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBUI6.CHM.exe
2025-02-21 21:51:40,431 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL
2025-02-21 21:51:40,650 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL.exe
2025-02-21 21:51:40,911 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll.exe
2025-02-21 21:51:41,354 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll
2025-02-21 21:51:41,469 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll.exe
2025-02-21 21:51:41,726 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
2025-02-21 21:51:41,858 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll.exe
2025-02-21 21:51:42,186 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe
2025-02-21 21:51:42,371 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe.exe
2025-02-21 21:51:42,551 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
2025-02-21 21:51:42,737 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll.exe
2025-02-21 21:51:42,976 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll
2025-02-21 21:51:43,230 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll.exe
2025-02-21 21:51:43,470 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll
2025-02-21 21:51:43,670 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll.exe
2025-02-21 21:51:43,936 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb
2025-02-21 21:51:44,151 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb.exe
2025-02-21 21:51:44,390 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb
2025-02-21 21:51:44,624 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb.exe
2025-02-21 21:51:44,857 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\MSOSVINT.DLL
2025-02-21 21:51:45,089 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\MSOSVINT.DLL.exe
2025-02-21 21:51:45,339 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.DLL
2025-02-21 21:51:45,555 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.DLL.exe
2025-02-21 21:51:45,845 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1033\FPEXT.MSG
2025-02-21 21:51:45,997 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1033\FPEXT.MSG.exe
2025-02-21 21:51:46,299 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL
2025-02-21 21:51:46,467 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL.exe
2025-02-21 21:51:46,730 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPWEC.DLL
2025-02-21 21:51:46,913 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPWEC.DLL.exe
2025-02-21 21:51:47,158 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml.exe
2025-02-21 21:51:47,338 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml.exe
2025-02-21 21:51:47,548 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe.exe
2025-02-21 21:51:47,812 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi.exe
2025-02-21 21:51:48,017 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe.exe
2025-02-21 21:51:48,335 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll.exe
2025-02-21 21:51:48,538 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll.exe
2025-02-21 21:51:48,687 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll.exe
2025-02-21 21:51:48,921 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\InkWatson.exe.exe
2025-02-21 21:51:49,121 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe.exe
2025-02-21 21:51:49,322 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll.exe
2025-02-21 21:51:49,552 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll.exe
2025-02-21 21:51:49,756 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll.exe
2025-02-21 21:51:49,982 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe.exe
2025-02-21 21:51:50,173 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll.exe
2025-02-21 21:51:50,426 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe.exe
2025-02-21 21:51:50,697 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll.exe
2025-02-21 21:51:50,881 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll.exe
2025-02-21 21:51:51,039 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui.exe
2025-02-21 21:51:51,273 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui.exe
2025-02-21 21:51:51,473 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui.exe
2025-02-21 21:51:51,687 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui.exe
2025-02-21 21:51:51,891 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui.exe
2025-02-21 21:51:52,134 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui.exe
2025-02-21 21:51:52,391 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui.exe
2025-02-21 21:51:52,618 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui.exe
2025-02-21 21:51:52,765 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui.exe
2025-02-21 21:51:52,967 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui.exe
2025-02-21 21:51:53,214 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui.exe
2025-02-21 21:51:53,415 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui.exe
2025-02-21 21:51:53,576 [analyzer] INFO: Added new file to list with pid 2384 and path C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui.exe

Cuckoo Log

2025-02-25 02:18:24,582 [cuckoo.core.scheduler] INFO: Task #6011811: acquired machine win7x6430 (label=win7x6430)
2025-02-25 02:18:24,593 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.230 for task #6011811
2025-02-25 02:18:25,368 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 3290421 (interface=vboxnet0, host=192.168.168.230)
2025-02-25 02:23:07,369 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x6430
2025-02-25 02:23:08,289 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x6430 to vmcloak
2025-02-25 02:24:17,294 [cuckoo.core.guest] INFO: Starting analysis #6011811 on guest (id=win7x6430, ip=192.168.168.230)
2025-02-25 02:24:18,325 [cuckoo.core.guest] DEBUG: win7x6430: not ready yet
2025-02-25 02:24:23,802 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x6430, ip=192.168.168.230)
2025-02-25 02:24:26,379 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x6430, ip=192.168.168.230, monitor=latest, size=6660546)
2025-02-25 02:24:30,201 [cuckoo.core.resultserver] DEBUG: Task #6011811: live log analysis.log initialized.
2025-02-25 02:24:30,662 [cuckoo.core.resultserver] DEBUG: Task #6011811 is sending a BSON stream
2025-02-25 02:24:31,186 [cuckoo.core.resultserver] DEBUG: Task #6011811 is sending a BSON stream
2025-02-25 02:24:31,886 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0001.jpg'
2025-02-25 02:24:31,934 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 116240
2025-02-25 02:24:33,042 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0002.jpg'
2025-02-25 02:24:33,100 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 129283
2025-02-25 02:24:44,781 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:24:57,214 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0003.jpg'
2025-02-25 02:24:57,273 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 143471
2025-02-25 02:25:00,257 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0004.jpg'
2025-02-25 02:25:00,283 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:25:05,006 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 191837
2025-02-25 02:25:05,295 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0005.jpg'
2025-02-25 02:25:05,392 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 191787
2025-02-25 02:25:10,741 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0006.jpg'
2025-02-25 02:25:10,835 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193729
2025-02-25 02:25:16,151 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:25:16,666 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0007.jpg'
2025-02-25 02:25:16,734 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 194501
2025-02-25 02:25:22,142 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0008.jpg'
2025-02-25 02:25:22,203 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 191546
2025-02-25 02:25:23,414 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0009.jpg'
2025-02-25 02:25:23,678 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 194068
2025-02-25 02:25:24,806 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0010.jpg'
2025-02-25 02:25:26,093 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193996
2025-02-25 02:25:26,395 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0011.jpg'
2025-02-25 02:25:26,825 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 194021
2025-02-25 02:25:27,642 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0012.jpg'
2025-02-25 02:25:27,761 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193883
2025-02-25 02:25:28,904 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0013.jpg'
2025-02-25 02:25:29,071 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193938
2025-02-25 02:25:30,310 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0014.jpg'
2025-02-25 02:25:30,536 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193845
2025-02-25 02:25:31,533 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0015.jpg'
2025-02-25 02:25:31,624 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193719
2025-02-25 02:25:32,199 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:25:33,084 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0016.jpg'
2025-02-25 02:25:33,163 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193606
2025-02-25 02:25:34,287 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0017.jpg'
2025-02-25 02:25:34,764 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193829
2025-02-25 02:25:35,731 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0018.jpg'
2025-02-25 02:25:36,167 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 190328
2025-02-25 02:25:37,228 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0019.jpg'
2025-02-25 02:25:37,401 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 187050
2025-02-25 02:25:38,684 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0020.jpg'
2025-02-25 02:25:38,779 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 184352
2025-02-25 02:25:39,869 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0021.jpg'
2025-02-25 02:25:40,168 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 182102
2025-02-25 02:25:41,307 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0022.jpg'
2025-02-25 02:25:41,470 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 182512
2025-02-25 02:25:42,481 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0023.jpg'
2025-02-25 02:25:42,734 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 183573
2025-02-25 02:25:43,814 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0024.jpg'
2025-02-25 02:25:44,013 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 183874
2025-02-25 02:25:45,037 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0025.jpg'
2025-02-25 02:25:47,733 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:25:49,781 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 183755
2025-02-25 02:25:50,046 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0026.jpg'
2025-02-25 02:25:50,117 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 184010
2025-02-25 02:25:53,890 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0027.jpg'
2025-02-25 02:25:53,959 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 183166
2025-02-25 02:25:57,124 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0028.jpg'
2025-02-25 02:25:57,185 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 182040
2025-02-25 02:26:00,540 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0029.jpg'
2025-02-25 02:26:03,377 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:26:03,646 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 184672
2025-02-25 02:26:03,911 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0030.jpg'
2025-02-25 02:26:07,004 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 182261
2025-02-25 02:26:07,522 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0031.jpg'
2025-02-25 02:26:10,629 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 184769
2025-02-25 02:26:10,994 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0032.jpg'
2025-02-25 02:26:11,092 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 184896
2025-02-25 02:26:12,722 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0033.jpg'
2025-02-25 02:26:12,886 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 190869
2025-02-25 02:26:13,988 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0034.jpg'
2025-02-25 02:26:14,356 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193661
2025-02-25 02:26:15,456 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0035.jpg'
2025-02-25 02:26:15,700 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 194956
2025-02-25 02:26:16,984 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0036.jpg'
2025-02-25 02:26:17,284 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 194774
2025-02-25 02:26:18,468 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0037.jpg'
2025-02-25 02:26:18,620 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 198310
2025-02-25 02:26:18,894 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:26:19,888 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0038.jpg'
2025-02-25 02:26:20,175 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 196397
2025-02-25 02:26:21,442 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0039.jpg'
2025-02-25 02:26:21,677 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 198190
2025-02-25 02:26:22,832 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0040.jpg'
2025-02-25 02:26:23,141 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 198057
2025-02-25 02:26:24,140 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0041.jpg'
2025-02-25 02:26:24,261 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 197982
2025-02-25 02:26:25,364 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0042.jpg'
2025-02-25 02:26:25,636 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 197965
2025-02-25 02:26:26,625 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0043.jpg'
2025-02-25 02:26:26,786 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 197853
2025-02-25 02:26:27,883 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0044.jpg'
2025-02-25 02:26:28,049 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 198586
2025-02-25 02:26:29,136 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0045.jpg'
2025-02-25 02:26:29,286 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 199463
2025-02-25 02:26:30,499 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0046.jpg'
2025-02-25 02:26:30,644 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 199923
2025-02-25 02:26:31,729 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0047.jpg'
2025-02-25 02:26:31,932 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 199557
2025-02-25 02:26:33,047 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0048.jpg'
2025-02-25 02:26:33,154 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 199712
2025-02-25 02:26:34,257 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0049.jpg'
2025-02-25 02:26:34,361 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 200059
2025-02-25 02:26:34,699 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:26:35,616 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0050.jpg'
2025-02-25 02:26:35,814 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 200882
2025-02-25 02:26:37,116 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0051.jpg'
2025-02-25 02:26:37,464 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202471
2025-02-25 02:26:38,358 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0052.jpg'
2025-02-25 02:26:38,465 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202530
2025-02-25 02:26:39,633 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0053.jpg'
2025-02-25 02:26:39,825 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203102
2025-02-25 02:26:41,144 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0054.jpg'
2025-02-25 02:26:41,325 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203017
2025-02-25 02:26:42,679 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0055.jpg'
2025-02-25 02:26:43,191 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203007
2025-02-25 02:26:43,869 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0056.jpg'
2025-02-25 02:26:44,101 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203277
2025-02-25 02:26:45,199 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0057.jpg'
2025-02-25 02:26:45,348 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203542
2025-02-25 02:26:46,433 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0058.jpg'
2025-02-25 02:26:46,584 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203809
2025-02-25 02:26:47,724 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0059.jpg'
2025-02-25 02:26:47,880 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 204153
2025-02-25 02:26:49,122 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0060.jpg'
2025-02-25 02:26:49,387 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 204366
2025-02-25 02:26:50,328 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:26:50,600 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0061.jpg'
2025-02-25 02:26:51,005 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 204159
2025-02-25 02:26:52,081 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0062.jpg'
2025-02-25 02:26:52,119 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 204091
2025-02-25 02:26:53,228 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0063.jpg'
2025-02-25 02:26:53,318 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 204111
2025-02-25 02:26:54,406 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0064.jpg'
2025-02-25 02:26:54,650 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 204157
2025-02-25 02:26:55,744 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0065.jpg'
2025-02-25 02:26:55,807 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 204340
2025-02-25 02:26:56,909 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0066.jpg'
2025-02-25 02:26:56,984 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 204564
2025-02-25 02:26:58,444 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0067.jpg'
2025-02-25 02:26:58,583 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 204503
2025-02-25 02:26:59,766 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0068.jpg'
2025-02-25 02:26:59,915 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 204171
2025-02-25 02:27:01,054 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0069.jpg'
2025-02-25 02:27:01,117 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203992
2025-02-25 02:27:02,205 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0070.jpg'
2025-02-25 02:27:02,349 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203851
2025-02-25 02:27:03,987 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0071.jpg'
2025-02-25 02:27:04,206 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203585
2025-02-25 02:27:05,328 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0072.jpg'
2025-02-25 02:27:05,663 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202758
2025-02-25 02:27:06,035 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:27:06,707 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0073.jpg'
2025-02-25 02:27:06,867 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203079
2025-02-25 02:27:07,967 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0074.jpg'
2025-02-25 02:27:08,036 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203006
2025-02-25 02:27:09,331 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0075.jpg'
2025-02-25 02:27:09,406 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202841
2025-02-25 02:27:10,501 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0076.jpg'
2025-02-25 02:27:10,613 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201472
2025-02-25 02:27:11,768 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0077.jpg'
2025-02-25 02:27:11,895 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202205
2025-02-25 02:27:13,015 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0078.jpg'
2025-02-25 02:27:13,160 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201949
2025-02-25 02:27:14,222 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0079.jpg'
2025-02-25 02:27:14,315 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201004
2025-02-25 02:27:15,424 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0080.jpg'
2025-02-25 02:27:15,509 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201954
2025-02-25 02:27:16,941 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0081.jpg'
2025-02-25 02:27:17,022 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201301
2025-02-25 02:27:18,361 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0082.jpg'
2025-02-25 02:27:18,796 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201069
2025-02-25 02:27:20,002 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0083.jpg'
2025-02-25 02:27:20,143 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 200144
2025-02-25 02:27:21,169 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0084.jpg'
2025-02-25 02:27:21,250 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201414
2025-02-25 02:27:22,001 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:27:22,317 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0085.jpg'
2025-02-25 02:27:22,374 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201880
2025-02-25 02:27:23,478 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0086.jpg'
2025-02-25 02:27:23,619 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202027
2025-02-25 02:27:24,828 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0087.jpg'
2025-02-25 02:27:24,940 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202092
2025-02-25 02:27:26,130 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0088.jpg'
2025-02-25 02:27:26,218 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202356
2025-02-25 02:27:27,343 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0089.jpg'
2025-02-25 02:27:27,588 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201979
2025-02-25 02:27:28,509 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0090.jpg'
2025-02-25 02:27:28,579 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201560
2025-02-25 02:27:29,720 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0091.jpg'
2025-02-25 02:27:29,924 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201844
2025-02-25 02:27:31,119 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0092.jpg'
2025-02-25 02:27:31,297 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201960
2025-02-25 02:27:32,434 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0093.jpg'
2025-02-25 02:27:32,610 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201985
2025-02-25 02:27:33,678 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0094.jpg'
2025-02-25 02:27:33,984 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202403
2025-02-25 02:27:35,283 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0095.jpg'
2025-02-25 02:27:35,408 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202688
2025-02-25 02:27:36,869 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0096.jpg'
2025-02-25 02:27:36,985 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202630
2025-02-25 02:27:37,567 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:27:38,066 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0097.jpg'
2025-02-25 02:27:38,384 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202579
2025-02-25 02:27:39,470 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0098.jpg'
2025-02-25 02:27:39,667 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202995
2025-02-25 02:27:40,798 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0099.jpg'
2025-02-25 02:27:41,083 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202076
2025-02-25 02:27:41,974 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0100.jpg'
2025-02-25 02:27:42,094 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201887
2025-02-25 02:27:43,229 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0101.jpg'
2025-02-25 02:27:43,318 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201402
2025-02-25 02:27:45,088 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0102.jpg'
2025-02-25 02:27:45,328 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201187
2025-02-25 02:27:46,696 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0103.jpg'
2025-02-25 02:27:47,054 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 200607
2025-02-25 02:27:47,852 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0104.jpg'
2025-02-25 02:27:48,119 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 200864
2025-02-25 02:27:49,202 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0105.jpg'
2025-02-25 02:27:49,326 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 200953
2025-02-25 02:27:50,463 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0106.jpg'
2025-02-25 02:27:50,976 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201095
2025-02-25 02:27:51,797 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0107.jpg'
2025-02-25 02:27:51,879 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201587
2025-02-25 02:27:52,973 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0108.jpg'
2025-02-25 02:27:53,084 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202324
2025-02-25 02:27:53,698 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:27:54,478 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0109.jpg'
2025-02-25 02:27:54,798 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202493
2025-02-25 02:27:55,799 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0110.jpg'
2025-02-25 02:27:56,094 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202467
2025-02-25 02:27:57,361 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0111.jpg'
2025-02-25 02:27:57,699 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202839
2025-02-25 02:27:58,688 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0112.jpg'
2025-02-25 02:27:58,986 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 203294
2025-02-25 02:28:00,214 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0113.jpg'
2025-02-25 02:28:00,268 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202824
2025-02-25 02:28:01,446 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0114.jpg'
2025-02-25 02:28:01,544 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 202221
2025-02-25 02:28:02,628 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0115.jpg'
2025-02-25 02:28:02,819 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 201735
2025-02-25 02:28:03,820 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0116.jpg'
2025-02-25 02:28:03,927 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 200892
2025-02-25 02:28:05,010 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0117.jpg'
2025-02-25 02:28:05,046 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 199926
2025-02-25 02:28:06,254 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0118.jpg'
2025-02-25 02:28:06,329 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 199361
2025-02-25 02:28:07,359 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0119.jpg'
2025-02-25 02:28:07,490 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 198340
2025-02-25 02:28:08,505 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0120.jpg'
2025-02-25 02:28:08,595 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 197463
2025-02-25 02:28:09,782 [cuckoo.core.guest] DEBUG: win7x6430: analysis #6011811 still processing
2025-02-25 02:28:09,914 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0121.jpg'
2025-02-25 02:28:10,453 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 197338
2025-02-25 02:28:11,533 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0122.jpg'
2025-02-25 02:28:11,620 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 195471
2025-02-25 02:28:12,717 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0123.jpg'
2025-02-25 02:28:13,029 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193732
2025-02-25 02:28:14,255 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0124.jpg'
2025-02-25 02:28:14,292 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 191748
2025-02-25 02:28:15,329 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0125.jpg'
2025-02-25 02:28:15,467 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 192554
2025-02-25 02:28:16,747 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0126.jpg'
2025-02-25 02:28:16,855 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 188714
2025-02-25 02:28:18,031 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0127.jpg'
2025-02-25 02:28:18,217 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 185489
2025-02-25 02:28:19,230 [cuckoo.core.guest] INFO: win7x6430: end of analysis reached!
2025-02-25 02:28:19,339 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2025-02-25 02:28:19,349 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0128.jpg'
2025-02-25 02:28:19,424 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2025-02-25 02:28:19,598 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 187766
2025-02-25 02:28:20,541 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0129.jpg'
2025-02-25 02:28:20,635 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x6430 to path /srv/cuckoo/cwd/storage/analyses/6011811/memory.dmp
2025-02-25 02:28:20,672 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6430
2025-02-25 02:28:20,944 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 188617
2025-02-25 02:28:22,354 [cuckoo.core.resultserver] DEBUG: Task #6011811: File upload for 'shots/0130.jpg'
2025-02-25 02:28:22,455 [cuckoo.core.resultserver] DEBUG: Task #6011811 uploaded file length: 193387
2025-02-25 02:29:23,241 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6430 timeouted. Killing
2025-02-25 02:29:23,252 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6430 timeouted. Killing
2025-02-25 02:29:24,068 [cuckoo.common.abstracts] DEBUG: Waiting 0 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:26,264 [cuckoo.common.abstracts] DEBUG: Waiting 1 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:28,348 [cuckoo.common.abstracts] DEBUG: Waiting 2 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:30,176 [cuckoo.common.abstracts] DEBUG: Waiting 3 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:32,052 [cuckoo.common.abstracts] DEBUG: Waiting 4 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:33,942 [cuckoo.common.abstracts] DEBUG: Waiting 5 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:35,858 [cuckoo.common.abstracts] DEBUG: Waiting 6 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:37,766 [cuckoo.common.abstracts] DEBUG: Waiting 7 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:39,792 [cuckoo.common.abstracts] DEBUG: Waiting 8 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:41,662 [cuckoo.common.abstracts] DEBUG: Waiting 9 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:43,533 [cuckoo.common.abstracts] DEBUG: Waiting 10 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:45,482 [cuckoo.common.abstracts] DEBUG: Waiting 11 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:47,279 [cuckoo.common.abstracts] DEBUG: Waiting 12 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:49,110 [cuckoo.common.abstracts] DEBUG: Waiting 13 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:50,924 [cuckoo.common.abstracts] DEBUG: Waiting 14 cuckooseconds for machine win7x6430 to switch to status ('poweroff', 'aborted', 'saved')
2025-02-25 02:29:53,001 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.230 for task #6011811
2025-02-25 02:29:53,007 [cuckoo.core.resultserver] DEBUG: Cancel <Context for BSON> for task 6011811
2025-02-25 02:29:53,015 [cuckoo.core.resultserver] DEBUG: Cancel <Context for LOG> for task 6011811
2025-02-25 02:29:53,019 [cuckoo.core.resultserver] DEBUG: Cancel <Context for BSON> for task 6011811
2025-02-25 02:29:53,702 [cuckoo.core.scheduler] DEBUG: Released database task #6011811
2025-02-25 02:29:53,823 [cuckoo.core.scheduler] INFO: Task #6011811: analysis procedure completed

Signatures

Yara rules detected for file (10 events)

description	Possibly employs anti-virtualization techniques	rule	vmdetect
description	Detects an base64 encoded executable (often embedded)	rule	Base64_encoded_Executable
description	(no description)	rule	DebuggerException__ConsoleCtrl
description	(no description)	rule	DebuggerException__SetConsoleCtrl
description	(no description)	rule	SEH__vectored
description	Create a windows service	rule	create_service
description	Communications over UDP network	rule	network_udp_sock
description	Listen for incoming communication	rule	network_tcp_listen
description	Communications over RAW socket	rule	network_tcp_socket
description	Communications use DNS	rule	network_dns

Command line console output was observed (50 out of 473 events)

Time & API	Arguments	Status	Return
WriteConsoleW Feb. 21, 2025, 10:40 p.m.	buffer: https://ent34ndx3cz8k.x.pipedream.net//a?son=0&brother=4&selfhash=c3cc5401e9df1a4c68b44b0f54a48c43243ed6191332e085f71ac140a025f7d9&seed=1740170871009765600&runnigfrom=C:\Users\Administrator\AppData\Local\Temp\c3cc5401e9df1a4c_dw20.exe.exe console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\DESIGNER\MSADDNDR.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\DW\DBGHELP.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\EEINTL.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.CNT console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.HLP console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\EQUATION\MTEXTRA.TTF console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\EQUATION\eqnedt32.exe.manifest console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\EURO\MSOEURO.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.CFG console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FLT console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FNT console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\EPSIMP32.FLT console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\JPEGIM32.FLT console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.CGM console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.EPS console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.JPG console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.PNG console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.WPG console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PICTIM32.FLT console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PNG32.FLT console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\WPGIMP32.FLT console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\Help\ITIRCL55.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\Help\msitss55.dll console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEINTL.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEODBCI.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACERECR.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEWSTR.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ALRTINTL.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSSOAPR3.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\OARPMANR.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\README.HTM console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\xlsrvintl.dll console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACECORE.DLL console_handle: 0x0000000000000007	1	1
WriteConsoleW Feb. 21, 2025, 10:41 p.m.	buffer: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEDAO.DLL console_handle: 0x0000000000000007	1	1

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.symtab

Creates executable files on the filesystem (50 out of 581 events)

file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\THMBNAIL.PNG.exe
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\THMBNAIL.PNG.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUAUTH.CAB.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF.exe
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.INF.exe
file	C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPLACE.DLL
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEERR.DLL
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.ELM.exe
file	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui.exe
file	C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSetupPS.dll
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\THMBNAIL.PNG.exe
file	C:\Program Files\Common Files\Microsoft Shared\DW\DBGHELP.DLL.exe
file	C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\TIME.XML.exe
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.INF.exe
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.INF.exe
file	C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf.exe
file	C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.DLL
file	C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1STAR.DLL
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.INF.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM.exe
file	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE
file	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF.exe
file	C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFREL.DLL.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSSOAP30.DLL.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACERCLR.DLL.exe
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.INF.exe
file	C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm.exe
file	C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll.exe
file	C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg.exe
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\THMBNAIL.PNG.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEDAO.DLL.exe
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\PREVIEW.GIF.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\STANDARD\StandardWW.XML.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACER3X.DLL.exe
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\THMBNAIL.PNG.exe
file	C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.DLL.exe
file	C:\Program Files\Common Files\Microsoft Shared\EQUATION\eqnedt32.exe.manifest.exe
file	C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_ES.LEX.exe
file	C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPERSON.DLL
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\PREVIEW.GIF.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODEXL.DLL
file	C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\PREVIEW.GIF.exe
file	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML.exe
file	C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MSTAG.TLB.exe
file	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll

Raised Snort alerts (1 event)

snort

ET INFO DNS Query for Webhook/HTTP Request Inspection Service (x .pipedream .net)

Raised Suricata alerts (3 events)

suricata	ET INFO DNS Query for Webhook/HTTP Request Inspection Service (x .pipedream .net)
suricata	TGI HUNT VulnTesting Domain (requestbin.net in DNS Lookup)
suricata	ET INFO DNSBin Demo (requestbin .net) - Data Exfil

Installs itself for autorun at Windows startup (1 event)

reg_key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bnXOfYOaF

reg_value

c:\Windows\System32\bnXOfYOaF.exe

Detects the presence of Wine emulator (1 event)

Time & API	Arguments	Status	Return	Repeated
LdrGetProcedureAddress Feb. 21, 2025, 10:40 p.m.	ordinal: 0 function_address: 0x000007fefd6d7a50 function_name: wine_get_version module: ntdll module_address: 0x0000000077450000		-1073741511	0

File has been identified by 11 AntiVirus engine on IRMA as malicious (11 events)

G Data Antivirus (Windows)	Virus: Trojan.GenericKD.75760281 (Engine A)
Avast Core Security (Linux)	Win64:Trojan-gen
C4S ClamAV (Linux)	Win.Trojan.GravityRAT-6511862-0
F-Secure Antivirus (Linux)	Heuristic.HEUR/AGEN.1318158 [Aquarius]
eScan Antivirus (Linux)	Trojan.GenericKD.75760281(DB)
ESET Security (Windows)	a variant of Win64/Agent.PR trojan
DrWeb Antivirus (Linux)	BackDoor.GravityRAT.3
WithSecure (Linux)	Trojan.TR/Spy.Gen
ClamAV (Linux)	Win.Trojan.GravityRAT-6511862-0
Bitdefender Antivirus (Linux)	Trojan.GenericKD.75760281
Emsisoft Commandline Scanner (Windows)	Trojan.GenericKD.75760281 (B)