Summary
URL Details
| URL |
|---|
| https://mij-zencowi.de/tshinshi.html#krasi_yaneva@runo-kazanlak.com |
Score
This url shows some signs of potential malicious behavior.
The score of this url is 1.9 out of 10.
Please notice: The scoring system is currently still in development and should be considered an alpha feature.
Feedback
Expecting different results? Send us this analysis and we will inspect it. Click here
Information on Execution
Analysis
| Category | Started | Completed | Duration | Routing | Logs |
|---|---|---|---|---|---|
| URL | April 22, 2025, 10:52 a.m. | April 22, 2025, 10:56 a.m. | 241 seconds | internet |
Show Analyzer Log Show Cuckoo Log |
Analyzer Log
2025-04-22 10:52:20,030 [analyzer] DEBUG: Starting analyzer from: C:\tmp4w2pkt
2025-04-22 10:52:20,046 [analyzer] DEBUG: Pipe server name: \??\PIPE\GTvofCAOFjDJHjhBnKMmqMEQogaJV
2025-04-22 10:52:20,046 [analyzer] DEBUG: Log pipe server name: \??\PIPE\yqpooAchsWWdVZgWxkw
2025-04-22 10:52:20,453 [analyzer] DEBUG: Started auxiliary module Curtain
2025-04-22 10:52:20,467 [analyzer] DEBUG: Started auxiliary module DbgView
2025-04-22 10:52:20,983 [analyzer] DEBUG: Started auxiliary module Disguise
2025-04-22 10:52:21,233 [analyzer] DEBUG: Loaded monitor into process with pid 508
2025-04-22 10:52:21,233 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2025-04-22 10:52:21,233 [analyzer] DEBUG: Started auxiliary module Human
2025-04-22 10:52:21,233 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2025-04-22 10:52:21,233 [analyzer] DEBUG: Started auxiliary module Reboot
2025-04-22 10:52:21,358 [analyzer] DEBUG: Started auxiliary module RecentFiles
2025-04-22 10:52:21,358 [analyzer] DEBUG: Started auxiliary module Screenshots
2025-04-22 10:52:21,358 [analyzer] DEBUG: Started auxiliary module Sysmon
2025-04-22 10:52:21,358 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2025-04-22 10:52:21,530 [lib.api.process] INFO: Successfully executed process from path 'C:\\Program Files\\Internet Explorer\\iexplore.exe' with arguments ['https://mij-zencowi.de/tshinshi.html#krasi_yaneva@runo-kazanlak.com'] and pid 1944
2025-04-22 10:52:21,703 [analyzer] DEBUG: Loaded monitor into process with pid 1944
2025-04-22 10:52:23,405 [analyzer] DEBUG: Following legitimate IE11 process: "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1944 CREDAT:275457 /prefetch:2!
2025-04-22 10:52:23,483 [analyzer] INFO: Injected into process with pid 1868 and name u'iexplore.exe'
2025-04-22 10:52:23,578 [lib.api.process] ERROR: Failed to dump memory of 32-bit process with pid 1868.
2025-04-22 10:52:23,750 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1A2B72DB-1F57-11F0-99EB-0CEAD772813F}.dat
2025-04-22 10:52:23,780 [analyzer] DEBUG: Loaded monitor into process with pid 1868
2025-04-22 10:52:23,812 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\~DFA993B223697161C9.TMP
2025-04-22 10:52:24,046 [analyzer] DEBUG: Error resolving function mshtml!CDocument_write through our custom callback.
2025-04-22 10:52:24,046 [analyzer] DEBUG: Error resolving function mshtml!CElement_put_innerHTML through our custom callback.
2025-04-22 10:52:24,046 [analyzer] DEBUG: Error resolving function mshtml!CHyperlink_SetUrlComponent through our custom callback.
2025-04-22 10:52:24,046 [analyzer] DEBUG: Error resolving function mshtml!CIFrameElement_CreateElement through our custom callback.
2025-04-22 10:52:24,046 [analyzer] DEBUG: Error resolving function mshtml!CImgElement_put_src through our custom callback.
2025-04-22 10:52:24,046 [analyzer] DEBUG: Error resolving function mshtml!CScriptElement_put_src through our custom callback.
2025-04-22 10:52:24,046 [analyzer] DEBUG: Error resolving function mshtml!CWindow_AddTimeoutCode through our custom callback.
2025-04-22 10:52:24,046 [analyzer] DEBUG: Error resolving function mshtml!CDocument_write through our custom callback.
2025-04-22 10:52:24,062 [analyzer] DEBUG: Error resolving function mshtml!CElement_put_innerHTML through our custom callback.
2025-04-22 10:52:24,062 [analyzer] DEBUG: Error resolving function mshtml!CHyperlink_SetUrlComponent through our custom callback.
2025-04-22 10:52:24,062 [analyzer] DEBUG: Error resolving function mshtml!CIFrameElement_CreateElement through our custom callback.
2025-04-22 10:52:24,062 [analyzer] DEBUG: Error resolving function mshtml!CImgElement_put_src through our custom callback.
2025-04-22 10:52:24,062 [analyzer] DEBUG: Error resolving function mshtml!CScriptElement_put_src through our custom callback.
2025-04-22 10:52:24,062 [analyzer] DEBUG: Error resolving function mshtml!CWindow_AddTimeoutCode through our custom callback.
2025-04-22 10:52:24,421 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1A2B72DD-1F57-11F0-99EB-0CEAD772813F}.dat
2025-04-22 10:52:24,437 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\~DFD4837BDB70147812.TMP
2025-04-22 10:52:27,578 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\14232B434CF29D4C4FB335A86D7FFFE3
2025-04-22 10:52:27,578 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\14232B434CF29D4C4FB335A86D7FFFE3
2025-04-22 10:52:27,592 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabAB22.tmp
2025-04-22 10:52:27,608 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarAB23.tmp
2025-04-22 10:52:27,625 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabAB34.tmp
2025-04-22 10:52:27,625 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarAB35.tmp
2025-04-22 10:52:27,750 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
2025-04-22 10:52:27,765 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
2025-04-22 10:52:27,780 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabABD2.tmp
2025-04-22 10:52:27,796 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarABE3.tmp
2025-04-22 10:52:27,796 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabABF3.tmp
2025-04-22 10:52:27,812 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarABF4.tmp
2025-04-22 10:52:27,937 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12
2025-04-22 10:52:27,937 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12
2025-04-22 10:52:28,000 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8
2025-04-22 10:52:28,015 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8
2025-04-22 10:52:28,046 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabACEF.tmp
2025-04-22 10:52:28,046 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarACF0.tmp
2025-04-22 10:52:28,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\TO30FS82.txt
2025-04-22 10:52:28,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\Z3RCWIF6.txt
2025-04-22 10:52:28,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\LL63LA5G.txt
2025-04-22 10:52:28,155 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\TJAYBYRJ.txt
2025-04-22 10:52:28,155 [analyzer] DEBUG: Error resolving function mshtml!CDocument_write through our custom callback.
2025-04-22 10:52:28,155 [analyzer] DEBUG: Error resolving function mshtml!CElement_put_innerHTML through our custom callback.
2025-04-22 10:52:28,155 [analyzer] DEBUG: Error resolving function mshtml!CHyperlink_SetUrlComponent through our custom callback.
2025-04-22 10:52:28,171 [analyzer] DEBUG: Error resolving function mshtml!CIFrameElement_CreateElement through our custom callback.
2025-04-22 10:52:28,171 [analyzer] DEBUG: Error resolving function mshtml!CImgElement_put_src through our custom callback.
2025-04-22 10:52:28,171 [analyzer] DEBUG: Error resolving function mshtml!CScriptElement_put_src through our custom callback.
2025-04-22 10:52:28,171 [analyzer] DEBUG: Error resolving function mshtml!CWindow_AddTimeoutCode through our custom callback.
2025-04-22 10:52:28,250 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\NFI7J2R6.txt
2025-04-22 10:52:28,405 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\A6RGM50L.txt
2025-04-22 10:52:28,421 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\F3QZCC6I.txt
2025-04-22 10:52:28,421 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\WTCY0O3B.txt
2025-04-22 10:52:28,437 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\Z8KZ3ESA.txt
2025-04-22 10:52:28,921 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22O2ZOOB\tshinshi[1].htm
2025-04-22 10:52:29,030 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB0CA.tmp
2025-04-22 10:52:29,046 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB0CB.tmp
2025-04-22 10:52:29,046 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB0DB.tmp
2025-04-22 10:52:29,062 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB0DC.tmp
2025-04-22 10:52:29,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB12B.tmp
2025-04-22 10:52:29,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB12C.tmp
2025-04-22 10:52:29,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DABA17F5E36CBE65640DD2FE24F104E7
2025-04-22 10:52:29,155 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DABA17F5E36CBE65640DD2FE24F104E7
2025-04-22 10:52:29,155 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB14D.tmp
2025-04-22 10:52:29,155 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB14E.tmp
2025-04-22 10:52:29,187 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB16E.tmp
2025-04-22 10:52:29,203 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB16F.tmp
2025-04-22 10:52:29,217 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB17F.tmp
2025-04-22 10:52:29,217 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB180.tmp
2025-04-22 10:52:29,280 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB1D0.tmp
2025-04-22 10:52:29,280 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
2025-04-22 10:52:29,280 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB1D1.tmp
2025-04-22 10:52:29,280 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
2025-04-22 10:52:29,280 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB1D2.tmp
2025-04-22 10:52:29,296 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB1D3.tmp
2025-04-22 10:52:29,296 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB1E3.tmp
2025-04-22 10:52:29,312 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB1E4.tmp
2025-04-22 10:52:29,358 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB214.tmp
2025-04-22 10:52:29,358 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB215.tmp
2025-04-22 10:52:29,421 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB264.tmp
2025-04-22 10:52:29,421 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB265.tmp
2025-04-22 10:52:29,437 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB276.tmp
2025-04-22 10:52:29,437 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB277.tmp
2025-04-22 10:52:29,467 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25
2025-04-22 10:52:29,467 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25
2025-04-22 10:52:29,483 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB2A7.tmp
2025-04-22 10:52:29,483 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB2A8.tmp
2025-04-22 10:52:29,500 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB2B8.tmp
2025-04-22 10:52:29,500 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB2B9.tmp
2025-04-22 10:52:29,546 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB2DA.tmp
2025-04-22 10:52:29,546 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB2EA.tmp
2025-04-22 10:52:29,546 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB2EB.tmp
2025-04-22 10:52:29,562 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB2EC.tmp
2025-04-22 10:52:29,592 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90
2025-04-22 10:52:29,592 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90
2025-04-22 10:52:29,608 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB32C.tmp
2025-04-22 10:52:29,608 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB32D.tmp
2025-04-22 10:52:29,625 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB33D.tmp
2025-04-22 10:52:29,625 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB33E.tmp
2025-04-22 10:52:29,640 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7U479NC5\jquery-2.2.4.min[1].js
2025-04-22 10:52:29,655 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB35F.tmp
2025-04-22 10:52:29,655 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB360.tmp
2025-04-22 10:52:29,687 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB380.tmp
2025-04-22 10:52:29,703 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB381.tmp
2025-04-22 10:52:29,717 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB3A1.tmp
2025-04-22 10:52:29,717 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB3A2.tmp
2025-04-22 10:52:29,796 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB3F1.tmp
2025-04-22 10:52:29,812 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB3F2.tmp
2025-04-22 10:52:29,875 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB441.tmp
2025-04-22 10:52:29,890 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB442.tmp
2025-04-22 10:52:29,905 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB463.tmp
2025-04-22 10:52:29,921 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB464.tmp
2025-04-22 10:52:29,937 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C60C0C29522E01E6A22BD2717F20782E_891CA9AA028995B36234B797075B2660
2025-04-22 10:52:29,937 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C60C0C29522E01E6A22BD2717F20782E_891CA9AA028995B36234B797075B2660
2025-04-22 10:52:29,953 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB493.tmp
2025-04-22 10:52:29,953 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB495.tmp
2025-04-22 10:52:29,953 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB494.tmp
2025-04-22 10:52:29,967 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB496.tmp
2025-04-22 10:52:30,000 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB4C6.tmp
2025-04-22 10:52:30,000 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB4C7.tmp
2025-04-22 10:52:30,030 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB4E8.tmp
2025-04-22 10:52:30,046 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB4E9.tmp
2025-04-22 10:52:30,108 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB509.tmp
2025-04-22 10:52:30,125 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB50A.tmp
2025-04-22 10:52:30,155 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB569.tmp
2025-04-22 10:52:30,171 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB56A.tmp
2025-04-22 10:52:30,171 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB57A.tmp
2025-04-22 10:52:30,187 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB57B.tmp
2025-04-22 10:52:30,233 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB5AB.tmp
2025-04-22 10:52:30,233 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB5AC.tmp
2025-04-22 10:52:30,250 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabB5CC.tmp
2025-04-22 10:52:30,265 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarB5CD.tmp
2025-04-22 10:52:30,342 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
2025-04-22 10:52:30,342 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
2025-04-22 10:52:30,483 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
2025-04-22 10:52:30,483 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
2025-04-22 10:52:30,608 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_056B48C93C4964C2E64C0A8958238656
2025-04-22 10:52:30,608 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_056B48C93C4964C2E64C0A8958238656
2025-04-22 10:52:30,655 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQHTGTL3\Rolling-1s-200px__1__trHCWXy9jD[1].gif
2025-04-22 10:52:31,155 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWNKCB35\favicons[1].png
2025-04-22 10:52:31,342 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B5FC60CCA5D8CF767A7572C65728CD6_CE6D43ECE1D9EFA78A0A9BB326AE3DB5
2025-04-22 10:52:31,358 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B5FC60CCA5D8CF767A7572C65728CD6_CE6D43ECE1D9EFA78A0A9BB326AE3DB5
2025-04-22 10:52:31,375 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22O2ZOOB\favicons[1].htm
2025-04-22 10:52:31,390 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7U479NC5\favicons[1].htm
2025-04-22 10:52:31,546 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C60C0C29522E01E6A22BD2717F20782E_4B3A7C89EA6212AA306D4A76E68D6593
2025-04-22 10:52:31,546 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C60C0C29522E01E6A22BD2717F20782E_4B3A7C89EA6212AA306D4A76E68D6593
2025-04-22 10:52:31,796 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
2025-04-22 10:52:31,796 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
2025-04-22 10:52:31,796 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBBD9.tmp
2025-04-22 10:52:31,812 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBBDA.tmp
2025-04-22 10:52:31,875 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBC29.tmp
2025-04-22 10:52:31,890 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBC2A.tmp
2025-04-22 10:52:31,905 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBC3B.tmp
2025-04-22 10:52:31,905 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBC3C.tmp
2025-04-22 10:52:31,967 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBC7B.tmp
2025-04-22 10:52:31,967 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBC7C.tmp
2025-04-22 10:52:31,983 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBC8D.tmp
2025-04-22 10:52:31,983 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBC9E.tmp
2025-04-22 10:52:32,030 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBCBE.tmp
2025-04-22 10:52:32,030 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBCBF.tmp
2025-04-22 10:52:32,046 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBCDF.tmp
2025-04-22 10:52:32,046 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBCE0.tmp
2025-04-22 10:52:32,078 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBD00.tmp
2025-04-22 10:52:32,092 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBD01.tmp
2025-04-22 10:52:32,092 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBD02.tmp
2025-04-22 10:52:32,092 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBD03.tmp
2025-04-22 10:52:32,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBD43.tmp
2025-04-22 10:52:32,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBD44.tmp
2025-04-22 10:52:32,171 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBD55.tmp
2025-04-22 10:52:32,171 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBD56.tmp
2025-04-22 10:52:32,217 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBD85.tmp
2025-04-22 10:52:32,217 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBD97.tmp
2025-04-22 10:52:32,217 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBD86.tmp
2025-04-22 10:52:32,217 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBD98.tmp
2025-04-22 10:52:32,265 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBDC8.tmp
2025-04-22 10:52:32,312 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBDC9.tmp
2025-04-22 10:52:32,328 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBE08.tmp
2025-04-22 10:52:32,342 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBE09.tmp
2025-04-22 10:52:32,375 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBE39.tmp
2025-04-22 10:52:32,375 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBE3A.tmp
2025-04-22 10:52:32,390 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBE4B.tmp
2025-04-22 10:52:32,390 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBE4C.tmp
2025-04-22 10:52:32,421 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBE6C.tmp
2025-04-22 10:52:32,437 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBE6D.tmp
2025-04-22 10:52:32,437 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBE7E.tmp
2025-04-22 10:52:32,437 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBE7F.tmp
2025-04-22 10:52:32,483 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBE9F.tmp
2025-04-22 10:52:32,483 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBEA0.tmp
2025-04-22 10:52:32,500 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBEC0.tmp
2025-04-22 10:52:32,515 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBEC1.tmp
2025-04-22 10:52:32,546 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBEF1.tmp
2025-04-22 10:52:32,546 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBEF2.tmp
2025-04-22 10:52:32,546 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBEF3.tmp
2025-04-22 10:52:32,562 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBEF4.tmp
2025-04-22 10:52:32,578 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBF14.tmp
2025-04-22 10:52:32,592 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBF15.tmp
2025-04-22 10:52:32,625 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBF45.tmp
2025-04-22 10:52:32,640 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBF46.tmp
2025-04-22 10:52:32,640 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBF57.tmp
2025-04-22 10:52:32,640 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBF58.tmp
2025-04-22 10:52:32,671 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBF78.tmp
2025-04-22 10:52:32,671 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBF79.tmp
2025-04-22 10:52:32,671 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBF7A.tmp
2025-04-22 10:52:32,687 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBF7B.tmp
2025-04-22 10:52:32,750 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBFBB.tmp
2025-04-22 10:52:32,750 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBFCC.tmp
2025-04-22 10:52:32,750 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBFBC.tmp
2025-04-22 10:52:32,750 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBFCD.tmp
2025-04-22 10:52:32,812 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBFFD.tmp
2025-04-22 10:52:32,812 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabBFFE.tmp
2025-04-22 10:52:32,812 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarBFFF.tmp
2025-04-22 10:52:32,812 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC010.tmp
2025-04-22 10:52:32,875 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC04F.tmp
2025-04-22 10:52:32,875 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC050.tmp
2025-04-22 10:52:32,875 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC051.tmp
2025-04-22 10:52:32,890 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC052.tmp
2025-04-22 10:52:32,921 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC073.tmp
2025-04-22 10:52:32,921 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC074.tmp
2025-04-22 10:52:32,967 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC0B3.tmp
2025-04-22 10:52:32,983 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC0B4.tmp
2025-04-22 10:52:33,015 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC0E4.tmp
2025-04-22 10:52:33,015 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC0E5.tmp
2025-04-22 10:52:33,092 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC134.tmp
2025-04-22 10:52:33,092 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC135.tmp
2025-04-22 10:52:33,125 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC155.tmp
2025-04-22 10:52:33,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC156.tmp
2025-04-22 10:52:33,187 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC196.tmp
2025-04-22 10:52:33,203 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC197.tmp
2025-04-22 10:52:33,233 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC1C7.tmp
2025-04-22 10:52:33,233 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC1C8.tmp
2025-04-22 10:52:33,296 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC207.tmp
2025-04-22 10:52:33,296 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC208.tmp
2025-04-22 10:52:33,342 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC228.tmp
2025-04-22 10:52:33,358 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC229.tmp
2025-04-22 10:52:33,421 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC288.tmp
2025-04-22 10:52:33,421 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC289.tmp
2025-04-22 10:52:33,453 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC2A9.tmp
2025-04-22 10:52:33,467 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC2AA.tmp
2025-04-22 10:52:33,515 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC2EA.tmp
2025-04-22 10:52:33,530 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC2EB.tmp
2025-04-22 10:52:33,562 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC31B.tmp
2025-04-22 10:52:33,562 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC31C.tmp
2025-04-22 10:52:33,625 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC35B.tmp
2025-04-22 10:52:33,625 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC35C.tmp
2025-04-22 10:52:33,780 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC3FA.tmp
2025-04-22 10:52:33,796 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC3FB.tmp
2025-04-22 10:52:33,796 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC3FC.tmp
2025-04-22 10:52:33,796 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC3FD.tmp
2025-04-22 10:52:33,875 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC44C.tmp
2025-04-22 10:52:33,875 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC45D.tmp
2025-04-22 10:52:33,875 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC44D.tmp
2025-04-22 10:52:33,875 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC45E.tmp
2025-04-22 10:52:33,905 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC47F.tmp
2025-04-22 10:52:33,905 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC480.tmp
2025-04-22 10:52:33,921 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC490.tmp
2025-04-22 10:52:33,921 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC491.tmp
2025-04-22 10:52:33,983 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC4C1.tmp
2025-04-22 10:52:33,983 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC4D2.tmp
2025-04-22 10:52:34,000 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC4D3.tmp
2025-04-22 10:52:34,000 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC4D4.tmp
2025-04-22 10:52:34,015 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC4F4.tmp
2025-04-22 10:52:34,030 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC4F5.tmp
2025-04-22 10:52:34,030 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC506.tmp
2025-04-22 10:52:34,030 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC507.tmp
2025-04-22 10:52:34,092 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC546.tmp
2025-04-22 10:52:34,108 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC547.tmp
2025-04-22 10:52:34,108 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC558.tmp
2025-04-22 10:52:34,108 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC559.tmp
2025-04-22 10:52:34,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC579.tmp
2025-04-22 10:52:34,155 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC57B.tmp
2025-04-22 10:52:34,155 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC57A.tmp
2025-04-22 10:52:34,155 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC57C.tmp
2025-04-22 10:52:34,217 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC5BB.tmp
2025-04-22 10:52:34,217 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC5CD.tmp
2025-04-22 10:52:34,217 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC5CC.tmp
2025-04-22 10:52:34,217 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC5CE.tmp
2025-04-22 10:52:34,250 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC5EE.tmp
2025-04-22 10:52:34,250 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC5F0.tmp
2025-04-22 10:52:34,265 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC5EF.tmp
2025-04-22 10:52:34,265 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC5F1.tmp
2025-04-22 10:52:34,312 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC631.tmp
2025-04-22 10:52:34,312 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC632.tmp
2025-04-22 10:52:34,328 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC642.tmp
2025-04-22 10:52:34,328 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC643.tmp
2025-04-22 10:52:34,358 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC664.tmp
2025-04-22 10:52:34,358 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC665.tmp
2025-04-22 10:52:34,375 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC666.tmp
2025-04-22 10:52:34,390 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC676.tmp
2025-04-22 10:52:34,453 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC6B6.tmp
2025-04-22 10:52:34,453 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC6B7.tmp
2025-04-22 10:52:34,500 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC6F6.tmp
2025-04-22 10:52:34,500 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC6F7.tmp
2025-04-22 10:52:34,530 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC718.tmp
2025-04-22 10:52:34,530 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC71A.tmp
2025-04-22 10:52:34,546 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC719.tmp
2025-04-22 10:52:34,546 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC71B.tmp
2025-04-22 10:52:34,608 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC76A.tmp
2025-04-22 10:52:34,608 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC76B.tmp
2025-04-22 10:52:34,608 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC76C.tmp
2025-04-22 10:52:34,625 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC76D.tmp
2025-04-22 10:52:34,655 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC79D.tmp
2025-04-22 10:52:34,655 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC79E.tmp
2025-04-22 10:52:34,655 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC79F.tmp
2025-04-22 10:52:34,655 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC7A0.tmp
2025-04-22 10:52:34,717 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC7DF.tmp
2025-04-22 10:52:34,717 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC7E0.tmp
2025-04-22 10:52:34,733 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC7E1.tmp
2025-04-22 10:52:34,733 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC7E2.tmp
2025-04-22 10:52:34,750 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC802.tmp
2025-04-22 10:52:34,750 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC803.tmp
2025-04-22 10:52:34,765 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC804.tmp
2025-04-22 10:52:34,765 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC805.tmp
2025-04-22 10:52:34,812 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC835.tmp
2025-04-22 10:52:34,812 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC846.tmp
2025-04-22 10:52:34,812 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC847.tmp
2025-04-22 10:52:34,828 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC848.tmp
2025-04-22 10:52:34,967 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC8E5.tmp
2025-04-22 10:52:34,983 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC8E6.tmp
2025-04-22 10:52:35,078 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC954.tmp
2025-04-22 10:52:35,092 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC955.tmp
2025-04-22 10:52:35,140 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC985.tmp
2025-04-22 10:52:35,155 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC986.tmp
2025-04-22 10:52:35,233 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabC9F5.tmp
2025-04-22 10:52:35,250 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarC9F6.tmp
2025-04-22 10:52:35,296 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabCA35.tmp
2025-04-22 10:52:35,312 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarCA36.tmp
2025-04-22 10:52:35,390 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabCA95.tmp
2025-04-22 10:52:35,405 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarCA96.tmp
2025-04-22 10:52:35,467 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabCAD5.tmp
2025-04-22 10:52:35,483 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarCAD6.tmp
2025-04-22 10:52:35,562 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabCB45.tmp
2025-04-22 10:52:35,562 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarCB46.tmp
2025-04-22 10:52:35,625 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabCB76.tmp
2025-04-22 10:52:35,625 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarCB86.tmp
2025-04-22 10:52:35,717 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabCBE5.tmp
2025-04-22 10:52:35,717 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarCBE6.tmp
2025-04-22 10:52:35,780 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabCC16.tmp
2025-04-22 10:52:35,780 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarCC17.tmp
2025-04-22 10:52:35,858 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\CabCC76.tmp
2025-04-22 10:52:35,875 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Temp\TarCC77.tmp
2025-04-22 10:52:35,921 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22O2ZOOB\sslnavcancel[1]
2025-04-22 10:52:36,015 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQHTGTL3\navcancl[1]
2025-04-22 10:52:36,015 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWNKCB35\ErrorPageTemplate[1]
2025-04-22 10:52:36,046 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22O2ZOOB\errorPageStrings[1]
2025-04-22 10:52:36,046 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7U479NC5\httpErrorPagesScripts[1]
2025-04-22 10:52:36,062 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQHTGTL3\info_48[1]
2025-04-22 10:52:36,062 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWNKCB35\bullet[1]
2025-04-22 10:52:36,078 [analyzer] INFO: Added new file to list with pid 1868 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22O2ZOOB\background_gradient[1]
2025-04-22 09:54:36,223 [analyzer] INFO: Analysis timeout hit, terminating analysis.
2025-04-22 09:54:36,535 [lib.api.process] ERROR: Failed to dump memory of 64-bit process with pid 1944.
2025-04-22 09:54:36,614 [lib.api.process] ERROR: Failed to dump memory of 32-bit process with pid 1868.
2025-04-22 09:54:36,941 [analyzer] INFO: Terminating remaining processes before shutdown.
2025-04-22 09:54:36,941 [lib.api.process] INFO: Successfully terminated process with pid 1944.
2025-04-22 09:54:36,941 [lib.api.process] INFO: Successfully terminated process with pid 1868.
2025-04-22 09:54:36,941 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbd01.tmp' does not exist, skip.
2025-04-22 09:54:36,941 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb441.tmp' does not exist, skip.
2025-04-22 09:54:36,941 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb32c.tmp' does not exist, skip.
2025-04-22 09:54:36,941 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc2ea.tmp' does not exist, skip.
2025-04-22 09:54:36,941 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb3a1.tmp' does not exist, skip.
2025-04-22 09:54:36,957 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarca96.tmp' does not exist, skip.
2025-04-22 09:54:36,957 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc5ce.tmp' does not exist, skip.
2025-04-22 09:54:36,957 [analyzer] INFO: Error dumping file from path "c:\users\administrator\appdata\local\temp\~dfd4837bdb70147812.tmp": [Errno 13] Permission denied: u'c:\\users\\administrator\\appdata\\local\\temp\\~dfd4837bdb70147812.tmp'
2025-04-22 09:54:36,957 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc196.tmp' does not exist, skip.
2025-04-22 09:54:36,957 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc954.tmp' does not exist, skip.
2025-04-22 09:54:36,957 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc45e.tmp' does not exist, skip.
2025-04-22 09:54:36,957 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbe39.tmp' does not exist, skip.
2025-04-22 09:54:36,957 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc985.tmp' does not exist, skip.
2025-04-22 09:54:36,957 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbc7b.tmp' does not exist, skip.
2025-04-22 09:54:36,957 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\roaming\\microsoft\\windows\\cookies\\a6rgm50l.txt' does not exist, skip.
2025-04-22 09:54:36,973 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbef2.tmp' does not exist, skip.
2025-04-22 09:54:36,973 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbdc9.tmp' does not exist, skip.
2025-04-22 09:54:37,003 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc664.tmp' does not exist, skip.
2025-04-22 09:54:37,003 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbd03.tmp' does not exist, skip.
2025-04-22 09:54:37,003 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc666.tmp' does not exist, skip.
2025-04-22 09:54:37,003 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarcad6.tmp' does not exist, skip.
2025-04-22 09:54:37,003 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarab35.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb381.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc156.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbc2a.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc050.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbec1.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb5cd.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc155.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb1d0.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc4f4.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb2eb.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc632.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbc7c.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc010.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbea0.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\roaming\\microsoft\\windows\\cookies\\z3rcwif6.txt' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbd85.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc5cc.tmp' does not exist, skip.
2025-04-22 09:54:37,019 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbf58.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbe09.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbe6c.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc074.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabcb45.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarcb86.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb214.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabcad5.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc9f5.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc31c.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc4d3.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc7e2.tmp' does not exist, skip.
2025-04-22 09:54:37,035 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc6f6.tmp' does not exist, skip.
2025-04-22 09:54:37,051 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc718.tmp' does not exist, skip.
2025-04-22 09:54:37,051 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc79f.tmp' does not exist, skip.
2025-04-22 09:54:37,051 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbf7a.tmp' does not exist, skip.
2025-04-22 09:54:37,066 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb0dc.tmp' does not exist, skip.
2025-04-22 09:54:37,066 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc57b.tmp' does not exist, skip.
2025-04-22 09:54:37,066 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb1d1.tmp' does not exist, skip.
2025-04-22 09:54:37,066 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbd98.tmp' does not exist, skip.
2025-04-22 09:54:37,066 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb380.tmp' does not exist, skip.
2025-04-22 09:54:37,066 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb33d.tmp' does not exist, skip.
2025-04-22 09:54:37,066 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\taracf0.tmp' does not exist, skip.
2025-04-22 09:54:37,066 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbcdf.tmp' does not exist, skip.
2025-04-22 09:54:37,066 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb360.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabca95.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc0b3.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabcb76.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbd56.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbef3.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc3fd.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc3fa.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbc3b.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc57a.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb2b9.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbf78.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc051.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb35f.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb493.tmp' does not exist, skip.
2025-04-22 09:54:37,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb4c6.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbd43.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc45d.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb4e9.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb277.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc5f0.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc207.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc79d.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc1c8.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc804.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbd02.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb496.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc44d.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc197.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarcc17.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb57a.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabab22.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc31b.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb14e.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbcbe.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarab23.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb16f.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb495.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbf14.tmp' does not exist, skip.
2025-04-22 09:54:37,098 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc579.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarabf4.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb215.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb464.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbe4b.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb17f.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc846.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbfcc.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc506.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb2ec.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc805.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabcc16.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc5ee.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb509.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc665.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\roaming\\microsoft\\windows\\cookies\\f3qzcc6i.txt' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb2ea.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc7e0.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc7a0.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb5cc.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb5ac.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbec0.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc986.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc558.tmp' does not exist, skip.
2025-04-22 09:54:37,114 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc507.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbe9f.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbdc8.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc2a9.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb33e.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb57b.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\microsoft\\windows\\temporary internet files\\content.ie5\\22o2zoob\\favicons[1].htm' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc2eb.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb2b8.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb463.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbe3a.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb2da.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb3f2.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb1e4.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb265.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbd97.tmp' does not exist, skip.
2025-04-22 09:54:37,128 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbc8d.tmp' does not exist, skip.
2025-04-22 09:54:37,144 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabca35.tmp' does not exist, skip.
2025-04-22 09:54:37,144 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc8e6.tmp' does not exist, skip.
2025-04-22 09:54:37,144 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbc9e.tmp' does not exist, skip.
2025-04-22 09:54:37,144 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\roaming\\microsoft\\windows\\cookies\\tjaybyrj.txt' does not exist, skip.
2025-04-22 09:54:37,144 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc0b4.tmp' does not exist, skip.
2025-04-22 09:54:37,144 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc480.tmp' does not exist, skip.
2025-04-22 09:54:37,160 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc57c.tmp' does not exist, skip.
2025-04-22 09:54:37,160 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb3f1.tmp' does not exist, skip.
2025-04-22 09:54:37,160 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc9f6.tmp' does not exist, skip.
2025-04-22 09:54:37,160 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc803.tmp' does not exist, skip.
2025-04-22 09:54:37,160 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc0e4.tmp' does not exist, skip.
2025-04-22 09:54:37,160 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc547.tmp' does not exist, skip.
2025-04-22 09:54:37,160 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbfff.tmp' does not exist, skip.
2025-04-22 09:54:37,160 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb12b.tmp' does not exist, skip.
2025-04-22 09:54:37,160 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc0e5.tmp' does not exist, skip.
2025-04-22 09:54:37,176 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc228.tmp' does not exist, skip.
2025-04-22 09:54:37,176 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbef4.tmp' does not exist, skip.
2025-04-22 09:54:37,176 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc35b.tmp' does not exist, skip.
2025-04-22 09:54:37,176 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc835.tmp' does not exist, skip.
2025-04-22 09:54:37,176 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc052.tmp' does not exist, skip.
2025-04-22 09:54:37,176 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbffd.tmp' does not exist, skip.
2025-04-22 09:54:37,176 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb14d.tmp' does not exist, skip.
2025-04-22 09:54:37,176 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc2aa.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc490.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbe7f.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb2a8.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc76c.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarca36.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc289.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc71a.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbc3c.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb12c.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbe6d.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbf46.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb16e.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc76b.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb3a2.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc7df.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarabe3.tmp' does not exist, skip.
2025-04-22 09:54:37,191 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\roaming\\microsoft\\windows\\cookies\\to30fs82.txt' does not exist, skip.
2025-04-22 09:54:37,207 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc3fb.tmp' does not exist, skip.
2025-04-22 09:54:37,207 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc35c.tmp' does not exist, skip.
2025-04-22 09:54:37,207 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbcbf.tmp' does not exist, skip.
2025-04-22 09:54:37,207 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc76a.tmp' does not exist, skip.
2025-04-22 09:54:37,207 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbffe.tmp' does not exist, skip.
2025-04-22 09:54:37,207 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc8e5.tmp' does not exist, skip.
2025-04-22 09:54:37,223 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbfbc.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc5ef.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb442.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbef1.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarcb46.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb1d3.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\roaming\\microsoft\\windows\\cookies\\nfi7j2r6.txt' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\~dfa993b223697161c9.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc642.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc559.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb0cb.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbf15.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb1e3.tmp' does not exist, skip.
2025-04-22 09:54:37,239 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\roaming\\microsoft\\windows\\cookies\\wtcy0o3b.txt' does not exist, skip.
2025-04-22 09:54:37,253 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc4c1.tmp' does not exist, skip.
2025-04-22 09:54:37,253 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb5ab.tmp' does not exist, skip.
2025-04-22 09:54:37,253 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb1d2.tmp' does not exist, skip.
2025-04-22 09:54:37,253 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabcbe5.tmp' does not exist, skip.
2025-04-22 09:54:37,253 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc79e.tmp' does not exist, skip.
2025-04-22 09:54:37,253 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb0db.tmp' does not exist, skip.
2025-04-22 09:54:37,253 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc546.tmp' does not exist, skip.
2025-04-22 09:54:37,253 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbd86.tmp' does not exist, skip.
2025-04-22 09:54:37,253 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbfbb.tmp' does not exist, skip.
2025-04-22 09:54:37,253 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbbda.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb4e8.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc676.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbd55.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc847.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc135.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc5bb.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc6f7.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc76d.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb0ca.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc1c7.tmp' does not exist, skip.
2025-04-22 09:54:37,269 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb56a.tmp' does not exist, skip.
2025-04-22 09:54:37,285 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc3fc.tmp' does not exist, skip.
2025-04-22 09:54:37,285 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb32d.tmp' does not exist, skip.
2025-04-22 09:54:37,285 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc288.tmp' does not exist, skip.
2025-04-22 09:54:37,285 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbfcd.tmp' does not exist, skip.
2025-04-22 09:54:37,285 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc229.tmp' does not exist, skip.
2025-04-22 09:54:37,285 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbf57.tmp' does not exist, skip.
2025-04-22 09:54:37,285 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbce0.tmp' does not exist, skip.
2025-04-22 09:54:37,285 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc848.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabacef.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc6b7.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc5cd.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc719.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbe08.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbf7b.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb50a.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc073.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc4f5.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb180.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbc29.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarcc77.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbd00.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc631.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbd44.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc208.tmp' does not exist, skip.
2025-04-22 09:54:37,301 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc44c.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbe7e.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc134.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc7e1.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb2a7.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbf45.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbe4c.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb569.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb494.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc04f.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc955.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc643.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc802.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc71b.tmp' does not exist, skip.
2025-04-22 09:54:37,316 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\roaming\\microsoft\\windows\\cookies\\ll63la5g.txt' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb276.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabab34.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarcbe6.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabbbd9.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc491.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc6b6.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabcc76.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc5f1.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabc47f.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cababd2.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cabb264.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarbf79.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc4d2.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarc4d4.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\tarb4c7.tmp' does not exist, skip.
2025-04-22 09:54:37,332 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\local\\temp\\cababf3.tmp' does not exist, skip.
2025-04-22 09:54:37,348 [analyzer] INFO: Analysis completed.
Cuckoo Log
2025-04-22 10:52:27,711 [cuckoo.core.scheduler] INFO: Task #6329595: acquired machine win7x6423 (label=win7x6423)
2025-04-22 10:52:27,712 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.223 for task #6329595
2025-04-22 10:52:28,057 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 2019271 (interface=vboxnet0, host=192.168.168.223)
2025-04-22 10:52:28,078 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x6423
2025-04-22 10:52:28,619 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x6423 to vmcloak
2025-04-22 10:53:57,936 [cuckoo.core.guest] INFO: Starting analysis #6329595 on guest (id=win7x6423, ip=192.168.168.223)
2025-04-22 10:53:58,948 [cuckoo.core.guest] DEBUG: win7x6423: not ready yet
2025-04-22 10:54:03,995 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x6423, ip=192.168.168.223)
2025-04-22 10:54:04,133 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x6423, ip=192.168.168.223, monitor=latest, size=6660546)
2025-04-22 10:54:05,630 [cuckoo.core.resultserver] DEBUG: Task #6329595: live log analysis.log initialized.
2025-04-22 10:54:06,811 [cuckoo.core.resultserver] DEBUG: Task #6329595 is sending a BSON stream
2025-04-22 10:54:07,280 [cuckoo.core.resultserver] DEBUG: Task #6329595 is sending a BSON stream
2025-04-22 10:54:08,167 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0001.jpg'
2025-04-22 10:54:08,187 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 133510
2025-04-22 10:54:09,612 [cuckoo.core.resultserver] DEBUG: Task #6329595 is sending a BSON stream
2025-04-22 10:54:10,319 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0002.jpg'
2025-04-22 10:54:10,322 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 24563
2025-04-22 10:54:11,429 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0003.jpg'
2025-04-22 10:54:11,433 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 30795
2025-04-22 10:54:12,515 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0004.jpg'
2025-04-22 10:54:12,519 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 31338
2025-04-22 10:54:14,681 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0005.jpg'
2025-04-22 10:54:14,689 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 30840
2025-04-22 10:54:15,766 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0006.jpg'
2025-04-22 10:54:15,780 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 41034
2025-04-22 10:54:16,897 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0007.jpg'
2025-04-22 10:54:16,900 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 41678
2025-04-22 10:54:17,971 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0008.jpg'
2025-04-22 10:54:17,983 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 46020
2025-04-22 10:54:20,089 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0009.jpg'
2025-04-22 10:54:20,097 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 32738
2025-04-22 10:54:20,212 [cuckoo.core.guest] DEBUG: win7x6423: analysis #6329595 still processing
2025-04-22 10:54:22,221 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0010.jpg'
2025-04-22 10:54:22,226 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 39440
2025-04-22 10:54:35,391 [cuckoo.core.guest] DEBUG: win7x6423: analysis #6329595 still processing
2025-04-22 10:54:36,762 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'curtain/1745308476.72.curtain.log'
2025-04-22 10:54:36,766 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 36
2025-04-22 10:54:36,915 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'sysmon/1745308476.91.sysmon.xml'
2025-04-22 10:54:36,940 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 1447640
2025-04-22 10:54:36,952 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/7994e0086ae2c821_7b5fc60cca5d8cf767a7572c65728cd6_ce6d43ece1d9efa78a0a9bb326ae3db5'
2025-04-22 10:54:36,954 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 398
2025-04-22 10:54:36,995 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/f9ee84289f307860_14232b434cf29d4c4fb335a86d7fffe3'
2025-04-22 10:54:36,998 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 170
2025-04-22 10:54:37,005 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/96bcec06264976f3_2d85f72862b55c4eadd9e66e06947f3d'
2025-04-22 10:54:37,007 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 1391
2025-04-22 10:54:37,018 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/3ffb54504599640a_c60c0c29522e01e6a22bd2717f20782e_4b3a7c89ea6212aa306d4a76e68d6593'
2025-04-22 10:54:37,020 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 398
2025-04-22 10:54:37,030 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/0c096309094805b0_c60c0c29522e01e6a22bd2717f20782e_891ca9aa028995b36234b797075b2660'
2025-04-22 10:54:37,032 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 281
2025-04-22 10:54:37,040 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/3730ac8bea406613_daba17f5e36cbe65640dd2fe24f104e7'
2025-04-22 10:54:37,041 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 276
2025-04-22 10:54:37,047 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/b2d6326397fceb83_75ca58072b9926f763a91f0cc2798706_056b48c93c4964c2e64c0a8958238656'
2025-04-22 10:54:37,049 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 434
2025-04-22 10:54:37,052 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/dc730695a9470463_070e0202839d9d67350cd2613e78e416'
2025-04-22 10:54:37,054 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 230
2025-04-22 10:54:37,058 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/d72761e1a334a754_94308059b57b3142e455b38a6eb92015'
2025-04-22 10:54:37,060 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 73305
2025-04-22 10:54:37,065 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/6fb1b8e593cb0388_b46811c17859ffb409cf0e904a4aa8f8'
2025-04-22 10:54:37,066 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 530
2025-04-22 10:54:37,070 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/8b641242556100d4_rolling-1s-200px__1__trhcwxy9jd[1].gif'
2025-04-22 10:54:37,072 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 55202
2025-04-22 10:54:37,078 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/2e30ff33270fd868_favicons[1].png'
2025-04-22 10:54:37,081 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 492
2025-04-22 10:54:37,090 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/a689960318f0c436_z8kz3esa.txt'
2025-04-22 10:54:37,092 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 884
2025-04-22 10:54:37,103 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/8d018639281b33da_errorpagetemplate[1]'
2025-04-22 10:54:37,106 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 2168
2025-04-22 10:54:37,125 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/ada1f10b8f244560_8b2b9a00839eed1dfdccc3bfc2f5df12'
2025-04-22 10:54:37,128 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 174
2025-04-22 10:54:37,140 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/bee0439fcf31de76_navcancl[1]'
2025-04-22 10:54:37,142 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 2713
2025-04-22 10:54:37,147 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/28689b30e4c306aa_daba17f5e36cbe65640dd2fe24f104e7'
2025-04-22 10:54:37,149 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 1145
2025-04-22 10:54:37,152 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/9466d620dc57835a_errorpagestrings[1]'
2025-04-22 10:54:37,154 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 2949
2025-04-22 10:54:37,160 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/ebd41040e4bb3ec7_14232b434cf29d4c4fb335a86d7fffe3'
2025-04-22 10:54:37,162 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 889
2025-04-22 10:54:37,165 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/3dc2e2aaa7fa8761_2d85f72862b55c4eadd9e66e06947f3d'
2025-04-22 10:54:37,167 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 192
2025-04-22 10:54:37,170 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/e4cdd09dd6fbda1e_c60c0c29522e01e6a22bd2717f20782e_891ca9aa028995b36234b797075b2660'
2025-04-22 10:54:37,173 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 394
2025-04-22 10:54:37,174 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/fb513c9ad8542420_c60c0c29522e01e6a22bd2717f20782e_4b3a7c89ea6212aa306d4a76e68d6593'
2025-04-22 10:54:37,177 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 279
2025-04-22 10:54:37,181 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/b69db0f04f9e0d5f_b46811c17859ffb409cf0e904a4aa8f8'
2025-04-22 10:54:37,183 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 170
2025-04-22 10:54:37,188 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/8d27534108c7a01c_d0e1c4b6144e7ecab3f020e4a19efc29_b5f77004c894173a10e3a199871d2d90'
2025-04-22 10:54:37,191 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 480
2025-04-22 10:54:37,195 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/fb6a7c3edcd7b97f_8b2b9a00839eed1dfdccc3bfc2f5df12'
2025-04-22 10:54:37,197 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 1739
2025-04-22 10:54:37,205 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/6d3854a4eb25d468_b66240b0f6c84bd4857aba60cf5ce4a0_5043e0f5df723415c9eecc201c838a62'
2025-04-22 10:54:37,207 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 2064
2025-04-22 10:54:37,210 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/c2a55d9120ea24fb_b2faf7692fd9ffbd64ede317e42334ba_89854ca6a0f0936a4d2eca78845cea25'
2025-04-22 10:54:37,227 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 1453
2025-04-22 10:54:37,229 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/5ab28f441d5939c5_tshinshi[1].htm'
2025-04-22 10:54:37,231 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 18673
2025-04-22 10:54:37,232 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/d41c3fa3ea1ce21d_75ca58072b9926f763a91f0cc2798706_056b48c93c4964c2e64c0a8958238656'
2025-04-22 10:54:37,233 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 1438
2025-04-22 10:54:37,234 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/357638e421100406_7b5fc60cca5d8cf767a7572c65728cd6_ce6d43ece1d9efa78a0a9bb326ae3db5'
2025-04-22 10:54:37,236 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 278
2025-04-22 10:54:37,237 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/8d2b10fcb80d9321_{1a2b72dd-1f57-11f0-99eb-0cead772813f}.dat'
2025-04-22 10:54:37,238 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 7680
2025-04-22 10:54:37,240 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/7791b6b3a3fdd539_sslnavcancel[1]'
2025-04-22 10:54:37,242 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 1341
2025-04-22 10:54:37,249 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/a1186e9adc862e43_94308059b57b3142e455b38a6eb92015'
2025-04-22 10:54:37,251 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 344
2025-04-22 10:54:37,253 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/d73494e3446b0216_070e0202839d9d67350cd2613e78e416'
2025-04-22 10:54:37,255 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 1302
2025-04-22 10:54:37,263 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/1543809beeae2295_favicons[1].htm'
2025-04-22 10:54:37,265 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 337
2025-04-22 10:54:37,270 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/51129c6c98a82ea4_info_48[1]'
2025-04-22 10:54:37,272 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 4113
2025-04-22 10:54:37,277 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/1d8e5fd3c1fd384c_bullet[1]'
2025-04-22 10:54:37,279 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 447
2025-04-22 10:54:37,284 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/0b0bb63901166ce0_b66240b0f6c84bd4857aba60cf5ce4a0_5043e0f5df723415c9eecc201c838a62'
2025-04-22 10:54:37,285 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 458
2025-04-22 10:54:37,288 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/2af55c53c59e45ec_recoverystore.{1a2b72db-1f57-11f0-99eb-0cead772813f}.dat'
2025-04-22 10:54:37,290 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 5632
2025-04-22 10:54:37,303 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/46e019fa34465f4e_httperrorpagesscripts[1]'
2025-04-22 10:54:37,305 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 8714
2025-04-22 10:54:37,310 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/05b85d96f41fff14_jquery-2.2.4.min[1].js'
2025-04-22 10:54:37,313 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 85578
2025-04-22 10:54:37,319 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/e69b4e362207cf4a_d0e1c4b6144e7ecab3f020e4a19efc29_b5f77004c894173a10e3a199871d2d90'
2025-04-22 10:54:37,321 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 979
2025-04-22 10:54:37,325 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/1471693be91e53c2_background_gradient[1]'
2025-04-22 10:54:37,327 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 453
2025-04-22 10:54:37,332 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/eff12ca5ab6dcc5b_bad725c80f9e10846f35d039a996e4a8_88b6ae015495c1ecc395d19c1dd02894'
2025-04-22 10:54:37,334 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 1560
2025-04-22 10:54:37,350 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/50936185f42be0bc_bad725c80f9e10846f35d039a996e4a8_88b6ae015495c1ecc395d19c1dd02894'
2025-04-22 10:54:37,358 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 432
2025-04-22 10:54:37,360 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'files/14c71d0480fd5519_b2faf7692fd9ffbd64ede317e42334ba_89854ca6a0f0936a4d2eca78845cea25'
2025-04-22 10:54:37,369 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 482
2025-04-22 10:54:37,876 [cuckoo.core.resultserver] DEBUG: Task #6329595: File upload for 'shots/0011.jpg'
2025-04-22 10:54:37,893 [cuckoo.core.resultserver] DEBUG: Task #6329595 uploaded file length: 133462
2025-04-22 10:54:37,908 [cuckoo.core.resultserver] DEBUG: Task #6329595 had connection reset for <Context for LOG>
2025-04-22 10:54:38,462 [cuckoo.core.guest] INFO: win7x6423: analysis completed successfully
2025-04-22 10:54:38,499 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2025-04-22 10:54:38,552 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2025-04-22 10:54:39,600 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x6423 to path /srv/cuckoo/cwd/storage/analyses/6329595/memory.dmp
2025-04-22 10:54:39,601 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6423
2025-04-22 10:56:28,488 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.223 for task #6329595
2025-04-22 10:56:29,077 [cuckoo.core.scheduler] DEBUG: Released database task #6329595
2025-04-22 10:56:29,126 [cuckoo.core.scheduler] INFO: Task #6329595: analysis procedure completed
Signatures
| file | C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7U479NC5\jquery-2.2.4.min[1].js |
| cmdline | "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1944 CREDAT:275457 /prefetch:2 |
| suricata | ET INFO TLS Handshake Failure |
| suricata | SURICATA TLS invalid record type |
Screenshots
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action | VT | Location |
|---|---|---|---|---|
| No hosts contacted. | ||||
