General Info

File name

MongoDBJDBCDriver.zip

Full analysis
https://app.any.run/tasks/0666d9c0-aab5-4210-b2f9-110cc8dbbdd5
Verdict
Malicious activity
Analysis date
1/10/2019, 17:57:24
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

MIME:
application/zip
File info:
Zip archive data, at least v2.0 to extract
MD5

df4953c07e570ee39fe011a17421a39c

SHA1

0d08e814b67dd5c16265077160b46758a611e893

SHA256

464080a08dda380b9c083189b3c6e73be1a3960af85df5c02dd7336d3dfd6e3a

SSDEEP

196608:QvjCizXV5VoEK++b3rb2COFnaN2bUkwjQJGv6GM2w3KbECJ:OjPlDzKNb32o5kwbvhMiPJ

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
300 seconds
Additional time used
240 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
off

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (68.0.3440.106)
  • Google Update Helper (1.3.33.17)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 61.0.2 (x86 en-US) (61.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Loads dropped or rewritten executable
  • javaw.exe (PID: 2236)
Executes JAVA applets
  • javaw.exe (PID: 2236)
  • wscript.exe (PID: 2532)
Uses RUNDLL32.EXE to load library
  • javaw.exe (PID: 2236)
Starts Internet Explorer
  • rundll32.exe (PID: 1840)
Executable content was dropped or overwritten
  • javaw.exe (PID: 2236)
Creates files in the user directory
  • javaw.exe (PID: 2236)
Starts CMD.EXE for commands execution
  • javaw.exe (PID: 2236)
Application launched itself
  • WinRAR.exe (PID: 3592)
Executes scripts
  • javaw.exe (PID: 2768)
Creates files in the program directory
  • javaw.exe (PID: 2236)
Reads Internet Cache Settings
  • iexplore.exe (PID: 4036)
  • iexplore.exe (PID: 3052)
Application launched itself
  • iexplore.exe (PID: 3052)
Reads internet explorer settings
  • iexplore.exe (PID: 4036)
Changes internet zones settings
  • iexplore.exe (PID: 3052)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

TRiD
.zip
|   ZIP compressed archive (100%)
EXIF
ZIP
ZipRequiredVersion:
20
ZipBitFlag:
null
ZipCompression:
Deflated
ZipModifyDate:
2018:11:16 14:51:23
ZipCRC:
0x6448254e
ZipCompressedSize:
8688727
ZipUncompressedSize:
8806318
ZipFileName:
setup.jar

Screenshots

Processes

Total processes
51
Monitored processes
12
Malicious processes
3
Suspicious processes
0

Behavior graph

+
start winrar.exe no specs winrar.exe no specs javaw.exe no specs wscript.exe no specs javaw.exe cmd.exe no specs cmd.exe no specs rundll32.exe no specs iexplore.exe iexplore.exe no specs java.exe no specs java.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
3592
CMD
"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\MongoDBJDBCDriver.zip"
Path
C:\Program Files\WinRAR\WinRAR.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Alexander Roshal
Description
WinRAR archiver
Version
5.60.0
Modules
Image
c:\program files\winrar\winrar.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\uxtheme.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\riched20.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\mpr.dll
c:\windows\system32\drprov.dll
c:\windows\system32\winsta.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\davhlpr.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\netutils.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\winmm.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\audiodev.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\wmasf.dll
c:\windows\system32\ehstorapi.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\profapi.dll
c:\program files\java\jre1.8.0_92\bin\javaw.exe
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll

PID
3248
CMD
"C:\Program Files\WinRAR\WinRAR.exe" C:\Users\admin\AppData\Local\Temp\Rar$DIa3592.46781\setup.jar
Path
C:\Program Files\WinRAR\WinRAR.exe
Indicators
No indicators
Parent process
WinRAR.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Alexander Roshal
Description
WinRAR archiver
Version
5.60.0
Modules
Image
c:\program files\winrar\winrar.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\uxtheme.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\riched20.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\mpr.dll
c:\windows\system32\drprov.dll
c:\windows\system32\winsta.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\davhlpr.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\netutils.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\winmm.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\audiodev.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\wmasf.dll
c:\windows\system32\ehstorapi.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\profapi.dll
c:\program files\java\jre1.8.0_92\bin\javaw.exe

PID
2768
CMD
"C:\Program Files\Java\jre1.8.0_92\bin\javaw.exe" -jar "C:\Users\admin\Desktop\setup.jar"
Path
C:\Program Files\Java\jre1.8.0_92\bin\javaw.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Oracle Corporation
Description
Java(TM) Platform SE binary
Version
8.0.920.14
Modules
Image
c:\program files\java\jre1.8.0_92\bin\javaw.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\java\jre1.8.0_92\bin\msvcr100.dll
c:\program files\java\jre1.8.0_92\bin\client\jvm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winmm.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\program files\java\jre1.8.0_92\bin\verify.dll
c:\program files\java\jre1.8.0_92\bin\java.dll
c:\program files\java\jre1.8.0_92\bin\zip.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\profapi.dll
c:\program files\java\jre1.8.0_92\bin\awt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wscript.exe
c:\windows\system32\apphelp.dll

PID
2532
CMD
wscript C:\Users\admin\AppData\Local\Temp\Installer.js "C:\Program Files\Java\jre1.8.0_92\bin\javaw.exe" -Dizpack.mode=privileged -jar C:\Users\admin\Desktop\setup.jar
Path
C:\Windows\system32\wscript.exe
Indicators
No indicators
Parent process
javaw.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft ® Windows Based Script Host
Version
5.8.7600.16385
Modules
Image
c:\windows\system32\wscript.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\sxs.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\jscript.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\msisip.dll
c:\windows\system32\wshext.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\scrobj.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\scrrun.dll
c:\windows\system32\propsys.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mpr.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\devrtl.dll

PID
2236
CMD
"C:\Program Files\Java\jre1.8.0_92\bin\javaw.exe" "-Dizpack.mode=privileged" "-jar" "C:\Users\admin\Desktop\setup.jar"
Path
C:\Program Files\Java\jre1.8.0_92\bin\javaw.exe
Indicators
Parent process
wscript.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Oracle Corporation
Description
Java(TM) Platform SE binary
Version
8.0.920.14
Modules
Image
c:\program files\java\jre1.8.0_92\bin\javaw.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\java\jre1.8.0_92\bin\msvcr100.dll
c:\program files\java\jre1.8.0_92\bin\client\jvm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winmm.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\program files\java\jre1.8.0_92\bin\verify.dll
c:\program files\java\jre1.8.0_92\bin\java.dll
c:\program files\java\jre1.8.0_92\bin\zip.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\profapi.dll
c:\program files\java\jre1.8.0_92\bin\awt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\apphelp.dll
c:\program files\java\jre1.8.0_92\bin\net.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dwmapi.dll
c:\program files\java\jre1.8.0_92\bin\fontmanager.dll
c:\program files\java\jre1.8.0_92\bin\nio.dll
c:\windows\system32\d3d9.dll
c:\windows\system32\d3d8thk.dll
c:\windows\system32\vga.dll
c:\program files\java\jre1.8.0_92\bin\t2k.dll
c:\program files\java\jre1.8.0_92\bin\jpeg.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\propsys.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\program files\java\jre1.8.0_92\bin\dcpr.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\userenv.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\users\admin\appdata\local\temp\shelllink.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rundll32.exe
c:\program files\java\jre1.8.0_92\bin\java.exe
c:\windows\system32\netutils.dll

PID
772
CMD
cmd.exe /C set
Path
C:\Windows\system32\cmd.exe
Indicators
No indicators
Parent process
javaw.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image
c:\windows\system32\cmd.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
2388
CMD
cmd.exe /C "dir /D /-C "C:\Program Files\CData\CData JDBC Driver for MongoDB 2018""
Path
C:\Windows\system32\cmd.exe
Indicators
No indicators
Parent process
javaw.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image
c:\windows\system32\cmd.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
1840
CMD
rundll32 url.dll,FileProtocolHandler file:///C:\Program Files\CData\CData JDBC Driver for MongoDB 2018/help/help.htm
Path
C:\Windows\system32\rundll32.exe
Indicators
No indicators
Parent process
javaw.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Microsoft Corporation
Description
Windows host process (Rundll32)
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\rundll32.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\aclayers.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\url.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\propsys.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\devobj.dll

PID
3052
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\help.htm
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
Parent process
rundll32.exe
User
admin
Integrity Level
HIGH
Exit code
1
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\profapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\cryptbase.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\ieui.dll
c:\windows\system32\msimg32.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\url.dll
c:\windows\system32\version.dll
c:\windows\system32\xmllite.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\msfeeds.dll
c:\windows\system32\sxs.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\userenv.dll
c:\windows\system32\linkinfo.dll

PID
4036
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:3052 CREDAT:79873
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
No indicators
Parent process
iexplore.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\program files\internet explorer\ieshims.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\rpcrtremote.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rsaenh.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\mlang.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\program files\java\jre1.8.0_92\bin\ssv.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
c:\windows\system32\version.dll
c:\progra~1\micros~1\office14\urlredir.dll
c:\windows\system32\secur32.dll
c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
c:\progra~1\micros~1\office14\msohev.dll
c:\program files\java\jre1.8.0_92\bin\jp2ssv.dll
c:\program files\java\jre1.8.0_92\bin\msvcr100.dll
c:\program files\java\jre1.8.0_92\bin\deploy.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\sxs.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\t2embed.dll
c:\windows\system32\winmm.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\ksuser.dll
c:\windows\system32\avrt.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\audioses.dll
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\imgutil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wintrust.dll

PID
2776
CMD
"C:\Program Files\Java\jre1.8.0_92\bin\java.exe"
Path
C:\Program Files\Java\jre1.8.0_92\bin\java.exe
Indicators
No indicators
Parent process
javaw.exe
User
admin
Integrity Level
HIGH
Exit code
1
Version:
Company
Oracle Corporation
Description
Java(TM) Platform SE binary
Version
8.0.920.14
Modules
Image
c:\program files\java\jre1.8.0_92\bin\java.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\java\jre1.8.0_92\bin\msvcr100.dll
c:\program files\java\jre1.8.0_92\bin\client\jvm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winmm.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\program files\java\jre1.8.0_92\bin\verify.dll
c:\program files\java\jre1.8.0_92\bin\java.dll
c:\program files\java\jre1.8.0_92\bin\zip.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\profapi.dll

PID
2952
CMD
"C:\Program Files\Java\jre1.8.0_92\bin\java.exe" -classpath C:\Users\admin\AppData\Local\Temp\InstallRemover8424775427491735667.d -Dlib.rem.base=C:\Users\admin\AppData\Local\Temp\InstallRemover8424775427491735667 -Dself.mod.phase=2 com.izforge.izpack.util.LibraryRemover
Path
C:\Program Files\Java\jre1.8.0_92\bin\java.exe
Indicators
No indicators
Parent process
javaw.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Oracle Corporation
Description
Java(TM) Platform SE binary
Version
8.0.920.14
Modules
Image
c:\program files\java\jre1.8.0_92\bin\java.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\java\jre1.8.0_92\bin\msvcr100.dll
c:\program files\java\jre1.8.0_92\bin\client\jvm.dll
c:\windows\system32\nsi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\program files\java\jre1.8.0_92\bin\verify.dll
c:\program files\java\jre1.8.0_92\bin\java.dll
c:\program files\java\jre1.8.0_92\bin\zip.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\profapi.dll

Registry activity

Total events
1486
Read events
1385
Write events
99
Delete events
2

Modification events

PID
Process
Operation
Key
Name
Value
3592
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
ShellExtBMP
3592
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
ShellExtIcon
3592
WinRAR.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US
3592
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
0
C:\Users\admin\AppData\Local\Temp\MongoDBJDBCDriver.zip
3592
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
name
120
3592
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
size
80
3592
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
type
120
3592
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
mtime
100
3592
WinRAR.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
3592
WinRAR.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
ShellExtBMP
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
ShellExtIcon
3248
WinRAR.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
1
C:\Users\admin\AppData\Local\Temp\MongoDBJDBCDriver.zip
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
0
C:\Users\admin\AppData\Local\Temp\Rar$DIa3592.46781\setup.jar
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
name
120
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
size
80
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
type
120
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
mtime
100
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\MainWin
Placement
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF42000000420000000204000037020000
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General
LastFolder
C:\Users\admin\AppData\Local\Temp\Rar$DIa3592.46781
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
name
120
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
size
80
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
psize
80
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
type
120
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
mtime
100
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
crc
70
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General\Toolbar\Layout
Band56_0
38000000730100000402000000000000D4D0C8000000000000000000000000006C0103000000000039000000B40200000000000001000000
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General\Toolbar\Layout
Band56_1
38000000730100000500000000000000D4D0C8000000000000000000000000006E01030000000000160000002A0000000000000002000000
3248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General\Toolbar\Layout
Band56_2
38000000730100000400000000000000D4D0C800000000000000000000000000580103000000000016000000640000000000000003000000
2532
wscript.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
2532
wscript.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
2236
javaw.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Direct3D\MostRecentApplication
Name
javaw.exe
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
CompatibilityFlags
0
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
SecuritySafe
1
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000069000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\AdminActive
{FD005816-14F8-11E9-91D7-5254004A04AF}
0
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Type
4
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Count
3
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Time
E307010004000A0010003A002D00B401
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Type
4
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Count
3
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Time
E307010004000A0010003A002D00B401
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
FullScreen
no
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Window_Placement
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF20000000200000004003000078020000
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Links
Order
08000000020000000C01000001000000020000007E0000000000000070003200EC000000464B245120005355474745537E312E55524C0000540008000400EFBE454B974D464B24512A000000F94300000000020000000000000000000000000000005300750067006700650073007400650064002000530069007400650073002E00750072006C0000001C00000000000000820000000100000074003200E2000000464B24512000574542534C497E312E55524C0000580008000400EFBE454B864A464B24512A000000743E0000000003000000000000000000000000000000570065006200200053006C006900630065002000470061006C006C006500720079002E00750072006C0000001C00000000000000
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch
UpgradeTime
AA011EC005A9D401
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
Path
C:\Users\admin\Favorites\Links\Suggested Sites.url
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
Handler
{B0FA7D7C-7195-4F03-B03E-9DC1C9EBC394}
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
FeedUrl
https://ieonline.microsoft.com/#ieslice
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
DisplayName
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
ErrorState
0
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
DisplayMask
0
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
Path
C:\Users\admin\Favorites\Links\Web Slice Gallery.url
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
Handler
{B0FA7D7C-7195-4F03-B03E-9DC1C9EBC394}
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
FeedUrl
http://go.microsoft.com/fwlink/?LinkId=121315
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
DisplayName
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
ErrorState
0
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
DisplayMask
0
3052
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Window_Placement
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF20000000200000003F0400008D020000
4036
iexplore.exe
delete key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018082720180903
4036
iexplore.exe
delete key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018090920180910
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Type
3
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Count
3
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Time
E307010004000A0010003A002D003102
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
LoadTime
11
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Type
3
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Count
3
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Time
E307010004000A0010003A002D006002
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
LoadTime
24
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Type
3
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Count
3
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Time
E307010004000A0010003A002D00AE02
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
LoadTime
17
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019011020190111
CachePath
%USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012019011020190111
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019011020190111
CachePrefix
:2019011020190111:
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019011020190111
CacheLimit
8192
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019011020190111
CacheOptions
11
4036
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019011020190111
CacheRepair
0

Files activity

Executable files
1
Suspicious files
6
Text files
103
Unknown types
11

Dropped files

PID
Process
Filename
Type
2236
javaw.exe
C:\Users\admin\AppData\Local\Temp\ShellLink.dll
executable
MD5: ed5f3a30e2c0c4cb57d17bccc4555f5e
SHA256: 6878de309016ba80f294accc15052d67f19508275487fe2cb2f90994cd0e94bb
3592
WinRAR.exe
C:\Users\admin\AppData\Local\Temp\Rar$DIa3592.46781\setup.jar
compressed
MD5: 6794572927e781dffb7132b76b2e5819
SHA256: e2ff72459a3c2503fc8c51fef7c0435cdb02d2a2963087cc6e40ed532a8e59d2
2236
javaw.exe
C:\Users\admin\AppData\Local\Temp\InstallRemover8424775427491735667.log
text
MD5: 92b7b740f8a13792f8a3674d3066bbcf
SHA256: a6c32190632f2b3aef2d45a4f8b3824e4c1dac713e7d0d2ca992a45d5c4e4b49
2236
javaw.exe
C:\Users\admin\AppData\Local\Temp\InstallRemover8424775427491735667.spec
text
MD5: 64ca8fb352055a094a3e03514dd1e549
SHA256: 0c80558ad30e901bde656c30dec76e6ab2b37168a1c064e2cf5dfbff7043feba
2236
javaw.exe
C:\Users\admin\AppData\Local\Temp\InstallRemover8424775427491735667.d\com\izforge\izpack\util\LibraryRemover.class
class
MD5: 3c623cb123d46ed2c4b9c086517c572a
SHA256: 27d795d91628107d0e4064cb9c9be3da942103fbe31b562928fd09ece4fb9a12
2776
java.exe
C:\Users\admin\.oracle_jre_usage\90737d32e3abaa4.timestamp
text
MD5: ee0f74b5cfdd7a8a72e0c9387256b6ed
SHA256: de692168750ff8ae002a30322990e93e51255719e465bc46ecea9c32aecc89f9
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\Uninstaller\uninstaller.jar
compressed
MD5: 63a1c6091efd5b49f44e51fe514031e2
SHA256: 4b582436a6c2a3b8abaa50d4e785ad7f910a33a370813ba5a5a112125a2a5252
3052
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{FD005816-14F8-11E9-91D7-5254004A04AF}.dat
––
MD5:  ––
SHA256:  ––
3052
iexplore.exe
C:\Users\admin\AppData\Local\Temp\~DF97E447B2F322C9C3.TMP
––
MD5:  ––
SHA256:  ––
4036
iexplore.exe
C:\Users\admin\AppData\Local\Temp\JavaDeployReg.log
text
MD5: d036fd48a2cdb3460cea3aba7e0bfb67
SHA256: d81e64cb5d57a8786f983b21cad7f6ce8176d3a201003bc42489a4c81b3b38f9
3052
iexplore.exe
C:\Users\admin\AppData\Local\Temp\~DF4A773EF8A8558768.TMP
––
MD5:  ––
SHA256:  ––
3052
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FD005817-14F8-11E9-91D7-5254004A04AF}.dat
––
MD5:  ––
SHA256:  ––
3052
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{03742345-14F9-11E9-91D7-5254004A04AF}.dat
binary
MD5: c61245d23080ae7b69cb7eb11285e6d2
SHA256: a43bcc68d70225c4d02efbe0d3755295812a9bccff625e1cc33e5e8b26f264a9
3052
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{03742344-14F9-11E9-91D7-5254004A04AF}.dat
binary
MD5: b66835bdc578e380c70b90c6a69a4b72
SHA256: 1226fdf6e32947613e04eca40f89281058f7a6b5bbd456ab491fe4dfefd37ec7
3052
iexplore.exe
C:\Users\admin\AppData\Local\Temp\~DFFD1E39789FAF3B68.TMP
––
MD5:  ––
SHA256:  ––
3052
iexplore.exe
C:\Users\admin\AppData\Local\Temp\~DFEB9029B12B846F3F.TMP
––
MD5:  ––
SHA256:  ––
3052
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9ZEWH8D\favicon[2].png
image
MD5: 9fb559a691078558e77d6848202f6541
SHA256: 6d8a01dc7647bc218d003b58fe04049e24a9359900b7e0cebae76edf85b8b914
3052
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
––
MD5:  ––
SHA256:  ––
3052
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9ZEWH8D\favicon[1].ico
––
MD5:  ––
SHA256:  ––
4036
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012019011020190111\index.dat
dat
MD5: d3c4212b8094d2af8a2cb396aa308f0d
SHA256: d30a87637cd503eb7e9a7c1d4b7185542517b3d5fc19e6d482ed1580be148da8
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\.installationinformation
binary
MD5: 1a6052dc02b87a5d1ba82a3a90e06925
SHA256: 40ccd7ede95e6e87ed0116c067c4e28671fb5cda62035c58e1520400e6f258e5
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\swing\databrowser\Helper.java
text
MD5: 393ed8eb1fa98fb2a4f6678a14ad5c6f
SHA256: d0805d679e2f16c9b55896bb360d1fdf1779615145b4cc8eac914df21e004b8a
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\swing\databrowser\.project
text
MD5: def1861277dd11b62f99ab01a2e287d0
SHA256: d9538094cbc8328d06fd199ac840f8daf8a35a93aaf76a9e838eb380829dcd57
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\swing\databrowser\.classpath
text
MD5: 11a902a73fb08260c3d9463c8abea50f
SHA256: f0ab2fdeb3e4cb02c217879a94eb69291ad20f0693c39677c7e8a7cc0997391b
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\swing\databrowser\DataBrowser.java
text
MD5: b034eac5b5d31c8bfa990855f26b2135
SHA256: a90312bafdf658f32adc4902f551477e953e5e099e69be7f92c1e1fd2afefc00
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\swing\databrowser\FillTable.java
text
MD5: 71759c8029e0b3340b1f6670615b42f6
SHA256: 718ec207ded85e3af2ae798378364f8f72f7e56fccea7df14dbc60a12cc10ea1
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\swing\databrowser\databrowser.properties
html
MD5: 510ca9574ae02e349367aa039448c52c
SHA256: 45af31db39b838770913ccc99b30941691e6f265befb5463b5ae4e98c7725f9b
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\jsp\stylesheet.css
text
MD5: 5809241fff9ae803b9b8e6a00eaf1004
SHA256: f78c3974b2b8682dad21276a410cbcd03b3cb8a5f5ef55e3cad1dba5469a1e36
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\jsp\index.jsp
html
MD5: d5cdc8c6e0aa0f367ba93a5b89db7fe0
SHA256: 7d0621e598e5ec0e2dec210811847b9945d1a1e4cfc9523cc7a33a6e1fe68b8b
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\jsp\seecode.jsp
html
MD5: d2c31eb4c5524535444a0a418a8f9ce5
SHA256: 4627145d174b5899c63500ca60f0acdee302d55fc834fec0c25a7d1db7dcfb6c
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\console\databrowser\DataBrowser.java
text
MD5: 6d64338dd96e12419ab008ebc6efa802
SHA256: f3f35eac27fb9d6d8b7d1360618fe0c23d6b99f40c4f71ee5c319134e5b43d17
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\console\databrowser\.classpath
text
MD5: 11a902a73fb08260c3d9463c8abea50f
SHA256: f0ab2fdeb3e4cb02c217879a94eb69291ad20f0693c39677c7e8a7cc0997391b
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\console\databrowser\.project
text
MD5: def1861277dd11b62f99ab01a2e287d0
SHA256: d9538094cbc8328d06fd199ac840f8daf8a35a93aaf76a9e838eb380829dcd57
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\jsp\databrowser.properties
html
MD5: 510ca9574ae02e349367aa039448c52c
SHA256: 45af31db39b838770913ccc99b30941691e6f265befb5463b5ae4e98c7725f9b
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\jsp\DataBrowser.jsp
html
MD5: 38e83860dcf8c6b04f7a8a38201238b1
SHA256: d1e8ec28e6e058cf30d093cb82eacefded72351a275914ae2a12f67f13904f1a
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\demos\console\databrowser\databrowser.properties
html
MD5: 510ca9574ae02e349367aa039448c52c
SHA256: 45af31db39b838770913ccc99b30941691e6f265befb5463b5ae4e98c7725f9b
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\favicon.ico
image
MD5: 0e4d3dc4020897625df438a048364116
SHA256: aa433c07503b94907fad8392aebbea6e0fc625b75fc984862152c91616f1f442
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\help.htm
html
MD5: 7360e30a172609838835f85d79b92f2e
SHA256: f80ee6ab7bfd8fb85c356ca1178395e6be9e222a417a365a25a47f23346ca9e5
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shThemeMidnight.css
text
MD5: 0f5800161c0d42a49d995bfe86f93614
SHA256: ec163f191b4516bcb6fd68daa704ec75f8a9441f9b10156cde97c1a8f68f11d3
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shThemeEmacs.css
text
MD5: ea71d0c34bf9bbfa5c9fcb0aef1d150a
SHA256: 19597d96e5e66ceed7d2b2e0c12278aa0ae34a812b9f01c295ed69906e975609
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shThemeMDUltra.css
text
MD5: cc5f7410f7b6da0c3e073bea9d99b805
SHA256: 4f6e010876e4f66469404ab1c2b6bf90fba1459325161f2756d1bd7b99d10a1a
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\tree2.css
text
MD5: 0a7016c8da74c1e1f43724a8edbf3303
SHA256: d362d2578ec4728d5feca8be439bf73840981a5bcdaf559861b5f2bf28310484
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shThemeFadeToGrey.css
text
MD5: 5977459664333850bf7c9160233c2c43
SHA256: 7dc0c66579850e8270244e03b163a2b2c57dca1ebe5f5d437e2fc9aca5eb0282
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shThemeEclipse.css
text
MD5: 3bf477b3b162ab0831dfd48b162b18c1
SHA256: d5d05694ecd9a30384224d17193b9aaa83dda2b3b91f1a1b9805b616aabf8425
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shThemeRDark.css
text
MD5: 5f404d7d78233571f05c2f08a21ee7e0
SHA256: ae77f357816d7446bc8f296d1a730807ebbd37ea3766d3a723fff8c6b2f3b3df
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\tree.css
text
MD5: 5c99c3a3217ca1203fa9a3458290d77a
SHA256: b96c4089160ce7cd567e60b5221c1341a4945c45a2348e3ac09e8f847438d497
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shThemeDjango.css
text
MD5: 708c7fe70ef88950048b9a0171eeb9e6
SHA256: 6e256ed3a557a5970c03df206fd2b8a1817ae9bbafbc735b9a2a170e9e2b2c39
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shThemeDefault.css
text
MD5: f63cfffeacf8ee9134d103bb816f9132
SHA256: 75da48a1701ac88250bb7ea9a6959a04cb470c48fbc7899b0714010ca5ab11bb
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shCoreMidnight.css
text
MD5: d9a173afc5e34b7c0ab4e6fdb7decd21
SHA256: cdb8fe9c68e7d5e41945bf67da30d542bf4a647869864ff4e579654c46e27a61
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shCoreMDUltra.css
text
MD5: 8ac262c3bd310285db9ff58ad18bf3c6
SHA256: 01d97c94619b2297fd1e6d7a79ba893e29ac013ebcd0a3498056cc9f35a89d91
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shCoreRDark.css
text
MD5: 0205345ad1b0a76cd392003ed960854d
SHA256: 8c567d1ad5ae96291af8ee5d854aa534887bff7a997c165705cf7b6ca4bb3176
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shCoreDjango.css
text
MD5: 5b234882a7fa1732205efd9a0a5237c0
SHA256: 6ce6b54ee44ad85b0d0598f5742c55387b6a30b2209806ca00f0125536266e5c
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shCoreEclipse.css
text
MD5: c93e0afc2af13c709ce9aeab46f359fe
SHA256: 9295af405a52ff60e6c7ac76160ebc8013b5e759de552c968456e583e0e6919e
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shCoreEmacs.css
text
MD5: 36f65dc7b7105841098afdb153b66763
SHA256: 9a8ad2f4ce1bde6507f1c3840a99ee3338bf5c1a3365f5e89a4c042a412a955f
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shCoreFadeToGrey.css
text
MD5: 334f8a196afd790b7453b07c80a3bd50
SHA256: ab54af36bdc5f030cd8fdec029be32b72677b92cf0caa2ed05c7f534fab13a80
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\XRegExp.js
text
MD5: c6b4f10d58b007c6a28b3166304e07ef
SHA256: f6f03bda69404ee1a06594ab0955dc9f45d26ff899f3c4e42783ce859b8ec1c9
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shCoreDefault.css
text
MD5: 9e5c963f81df082ce6bed4a7342285e9
SHA256: c75fbff4e46b293e427fab79d9f9f8640e23f3ccb18ec065530ea7c244c1bf26
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushVb.js
text
MD5: 56b3051e22e266f1df4dc710c5c51f15
SHA256: 361818a32febd76ae0a35dfb17ecd2beb83e441d15a56b5ba58c14b23c362eb3
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\styles\shCore.css
text
MD5: cd4eb9db4eaa6bb7c11aca0786251ad4
SHA256: bbbf3a9bab8ced999a20ffe21b9d356c30ceb0ca1dff8aeaed77b75f3d700cf5
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shCore.js
html
MD5: eb0136a21e57fe692e9e6040e34ad5fe
SHA256: 62f1a251353a34caac028a589e050d46b10d705a2495228ecd9ceabd1e85cdeb
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushXml.js
text
MD5: b6334837ee409c9d9ebb53d79894c215
SHA256: ee5832de9c78c44257cf29b813ddf9596aa1f29a772499035bfbfc21905b1f66
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shLegacy.js
text
MD5: 0ff5ee4cd516bb489ccc65bb4ab652c5
SHA256: e8092cf8585888c0f99f63de3fb6b22418274b4ef7a32c2c9d06a782b0622969
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushSql.js
text
MD5: 51b3cd40524f376ba8d1852e74382cc9
SHA256: 17fd5f37c583129b99d8ed3f292ad958f6c22002efa6c5637563977326d9531b
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushPython.js
text
MD5: 08c6f8edd91dc462429d62ebb2a8d656
SHA256: 1e61f44c4e96f9048d364033ecfe087f39e0b95b53f9ad5ccb575358ee570f38
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushScala.js
text
MD5: 3f5ca4f85ea6fbe8143ae2632ed5b6ac
SHA256: 810255aed7f1de8fc4af55aa4abd011ed69fcb1fcdb49efd161a12d2bb0ce5c7
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushRuby.js
text
MD5: b63fe5e7557b3fff9ea8bcb71b925af9
SHA256: 68e6bd325f0973ec5e54896cb4f8de5917515cf4804877bc4043ad504798ddeb
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushSass.js
text
MD5: 0485a46e8d1905bbc84e85a86b09622a
SHA256: 7f1b7a9766eaec6b0ff8dcbd3f16074a8beeb4a17d4c3ff976c012bf97390935
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushJScript.js
text
MD5: 971d7c0ad270389076f4fd90f62a5961
SHA256: 6ae8b7cfc8e3405f35ffc017337633cd7b22856e831074c021c3ddbcc2510982
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushPerl.js
text
MD5: e8ad20366c6a3ec9572a6da423e7f761
SHA256: 1bd9f5c56c7bd5b455699db4277e8907bfdcc9985510b71afc17c3dd6e1a5411
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushPlain.js
text
MD5: ee6ae429f0ca5873413bcb8490f5c74d
SHA256: 742ab13149695b846d752b30d487e2c8c70fd44b06fbb65347ab75a4075f2b28
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushPowerShell.js
text
MD5: 6b8528865142f6fa8ad5aac492602f5e
SHA256: dcb964dd5daf2f5528a426ed3c9bd8ae9770f5c23c9a818aab07a3c440bc7d24
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushPhp.js
text
MD5: c0dea6686fa24fe2cb4e21f80b4b3811
SHA256: 09d34d628e0ebe8857bc7a7cc116cda73fed084138c11c9d5b6722e5c1d12cfb
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushJavaFX.js
text
MD5: b8ab7e9ec5f781f4acd6e5cbea25ccec
SHA256: ae21a0345857f0f1e1afabc1fe997f380bda9529a5590df9f9c2b671871cffab
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushGroovy.js
text
MD5: 32e623649dc3d99f0c13d22837a3c491
SHA256: 109eb95708a7f42619d3f473437610199461a6a2c90275d9c9482984e5bfc4c7
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushJava.js
text
MD5: 15eb6ee9d0a30d886306254721aede3b
SHA256: 4313b63889720615b9c1d389e1bb07c666e1f1cbf776592f89d098f32ee56c05
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushErlang.js
text
MD5: 6b728bd4ae8c511151cf811613f12f1d
SHA256: b4408ea8bf8cd57b97678f665439dcd685bd9c5a25b313369c21710e5bbf3e1b
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushDiff.js
text
MD5: 95df07728e24526685adccec30b3ec56
SHA256: eb4c21e5e54bc056a31de3ac642fe15a625a3ba288ae28036d9ac274153f5c16
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushAppleScript.js
text
MD5: 1acd5446f36e2f45791df3061a3ecc81
SHA256: 8f534ae5421538b2d9e1ae7e6085d3a2b1c2fb456e7a9a66dd7ddc16cee23c74
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushColdFusion.js
text
MD5: 6bc2b3a2cfa2693cc7d85f9a11402fca
SHA256: 896b3f0b5f4a6883192f9be7fa47e49aa28e120654e60b801068d4cc94c8cbe9
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushCpp.js
text
MD5: 1a911ac48f5dab1b6f7373b3c00050e6
SHA256: 3ed7ee77738efd1c1230cbd2406bacc4327f09dbd9b45eb9a7467e6888190594
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushDelphi.js
text
MD5: a47eb9e3ce2a32c2dd991852bf12bead
SHA256: 53893642486fd5118c4e4601995dfa54835ed03713e61649bd593af93abeef10
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushAS3.js
text
MD5: 6b3f944f224615cbb60cc3f74eec94b2
SHA256: 9d66c9fb7c84339462bc18155b1df3f4ed7eaa5aaf974de7dea642521c7d99e7
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushBash.js
text
MD5: 72328b3a4368a348ac231e7b03e12883
SHA256: 91a3a1f00aa22cb8feef1dc8cbc39fa7282964df0fcf8ec60d5fbef0b441de31
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushCss.js
text
MD5: a3f58390e41fe208c4a5c96297dd2b14
SHA256: 07535c175bb59fd7905853560766ec8917c2c22773b0b2583afb8e720a9876d5
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shBrushCSharp.js
text
MD5: 76ca461236a4c6ea182105c258e037d5
SHA256: 62add157b4c70ae5dd8cb3fe1eadad39defe3f9b878a155609f7410fdf0f56d0
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\syntaxhighlighter-3.0.83\scripts\shAutoloader.js
html
MD5: 8790f58f719181445b70f6372bc002f8
SHA256: b2516b7e2d0ea702df3f8ebb8106b330feab03edf1f8eac26bcbf0b3859d3f2f
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\help2.js
html
MD5: 879f6c300650d1f233b28ee6ddb4bf43
SHA256: 96be2a120f77a029006a0cad51a23b67fa8b239dec7501264f05d708923c50cd
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\help.js
html
MD5: 64b554de275db4d830a9272a8bcb13c1
SHA256: af9f7a87d561827277bfb0021a15932d5173c6d05b0c55dff2d174dfa031a0b4
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\help.png
image
MD5: b283afaf6a86dd2c30327c1ab4977bbb
SHA256: b57e633fdbfe3928cc42598feb8b8e64e6e5f80583d65d176ee919ca9effa269
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\jquery-3.3.1.min.js
text
MD5: a09e13ee94d51c524b7e2a728c7d4039
SHA256: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\help.css
text
MD5: 6a91c1d67e23f7d568939488581ea563
SHA256: edc36087f362111a26354b8f3ba1e9072488adf4a4b3ce2b519826ae6807d64c
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\fontawesome\fonts\FontAwesome.otf
otf
MD5: 0b462f5cc07779cab3bef252c0271f2b
SHA256: bdc5d0b9f397be83e886c74b0141d1954aa4384b359dce49829994c4a2e1f7bf
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\fontawesome\fonts\fontawesome-webfont.ttf
ttf
MD5: 706450d7bba6374ca02fe167d86685cb
SHA256: 9e540a087924a6e64790149d735cac022640e4fa6bff6bd65f5e9f41529bf0b3
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\fontawesome\fonts\fontawesome-webfont.woff
woff
MD5: d9ee23d59d0e0e727b51368b458a0bff
SHA256: e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\fontawesome\fonts\fontawesome-webfont.woff2
woff2
MD5: 97493d3f11c0a3bd5cbd959f5d19b699
SHA256: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\fontawesome\fonts\fontawesome-webfont.svg
image
MD5: 2980083682e94d33a66eef2e7d612519
SHA256: bfdef833219a6edffd9c3cbc28db72739d22bb4d20cc2e2f8d56a7a4d408a206
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\fontawesome\fonts\fontawesome-webfont.eot
eot
MD5: f7c2b4b747b1a225eb8dee034134a1b0
SHA256: cbb644d0ee730ea57dd5fbae35ef5ba4a41d57a254a6b1215de5c9ff8a321c2d
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\fontawesome\css\font-awesome.min.css
text
MD5: 04425bbdc6243fc6e54bf8984fe50330
SHA256: 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\bootstrap\bootstrap.min.css
text
MD5: 02acd28281bfebdfe68cb55a50e1825c
SHA256: e5a8d09aa3f6cd33cf5dc4f2395415b548a2974cea3485a364f066fde20f1c8a
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\help\lib\bootstrap\bootstrap.min.js
text
MD5: 17ba758ddcc5ae83271eb002ec14f645
SHA256: ff4ca75687665f2bbc05bb7161257a08516b814999ac8b0c2367480b42f47cc2
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\uninstall.ico
image
MD5: 89b6a8ae5792d478a7f5dcb976d08252
SHA256: 721cf8cc294c226f9c7761e57218fd929f00395e871abaad60057772081fa3b2
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\sys_sps.rsd
text
MD5: fbd54e7f61db7cbfb61862e5ed800c09
SHA256: 229c25609a4823808503beedb97ecbe50fc2ae967b62eb69a8adb960b6d11c7f
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\sys_tablecolumns.rsd
text
MD5: f092f5724473457112abd55da36fe083
SHA256: f088b044e754fbf303a499ba120346e4dea358dbe8e9a8bd69aa8722b445aac9
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\sys_tables.rsd
text
MD5: 3b6816edec65ba7851c0f332e8491edd
SHA256: 2bf2e6de1dee1bce1b2e5bdc069825f3e574b17125e251af66095acec3170c5c
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\sys_schemas.rsd
text
MD5: c63b054794858d8740d4d4fbfb88f409
SHA256: b763db8a3296b8b4a49397bd74465384bb68c8db46688ba625c0966603e0bafe
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\licensing.htm
html
MD5: 09a3e7413bb0822295d5d1411222df1f
SHA256: b94d62ebc6f28ac25593f9eefc16492bad28e25f0b6558681fb9e63e5e199370
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\license.txt
text
MD5: 5306c84c3846d83e0d885f02ad2a9aa3
SHA256: ce67652a0b9bec20927bd49c20ec048a9afc64e9fdc62b612f0f9b61fc6e6420
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\sys_data.rsd
text
MD5: 1bb66526743049f3118da307a45a4777
SHA256: f1917ce3bfe335e3a7247047b2fe5a7c49c92143de66e7f1d20ddaefbca69268
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\sys_disconnect.rsd
text
MD5: 1e369a8606d372c477176769caefb1ab
SHA256: c220a5ad7d0d91b7882f3cb52af0b7121ba60f64e8ddda767e9e69f260d23b4a
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\sys_call.rsd
text
MD5: abdf5059a035c0c4dda5715321c5f1ff
SHA256: 1a6b8e0e5e8cc12a4275a2735488bcfe7e9fd384a74f626a3782c45cd39c9cc0
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\SearchDocument.rsb
text
MD5: e4a0768e233dd1bee7f08d39eb1033dd
SHA256: 443a00d8e91fb5f340b0f19a4f32c05828d6f8c3476495f189a1b5ee17830942
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\CreateSchema.rsb
text
MD5: 2af1eaac1ec289d7ac83bde73651140f
SHA256: d8b9e798a26f5a5054a8b1ef28e0ab6ec831b2397c310796345cff80787654bf
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\Eval.rsb
text
MD5: 8771ffbb19316a840c8d92f24db7b6a9
SHA256: 574b427a81c72b6a5c46dc82dbfe1138ebf83a6d53bdfcc9e5ae5bfb48345bd5
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\sys_connect.rsd
text
MD5: 27ab5893ac169bd7885e8788e8b5d165
SHA256: 6d81d2aa0967ff293b4a9026df0e84ed95193c4fcfa74622e21990a35d13d077
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\GetDocument.rsb
text
MD5: ca30639ee32310a20817c82e79a92cbe
SHA256: 5b45f8eebb8d47125fd074001ef7c02fd1140c441b8fb4b0138dd44f8efccb67
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\db\AddDocument.rsb
text
MD5: 2ba933aab8ff8e55bba57434f1b32043
SHA256: 7107b1b96a0a4566f5ffdba964fbffa69cef4f2ac8730669fd1465e135fb0ddb
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\lib\cdata.jdbc.mongodb.remoting.ini
text
MD5: eb4b5685ea574691f55adbc3c6a259b5
SHA256: c3d9e08ae1c4b25658f542d7efd67cfa0a57bfd04c99461e11a4eb7d2b9cfbf3
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\lib\cdata.jdbc.mongodb.jar
compressed
MD5: 8e250c39883ee98959a41fe510fa6c71
SHA256: 5c7e1c78c7cdb41cac548964ccd9326b7365785afe17df85e9c3e757c9743035
2236
javaw.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CData MongoDB JDBC Driver 2018\Uninstall.lnk
lnk
MD5: fad9ef6937b447ff42b16221abc48682
SHA256: 538015045b309bf9ed1c1b4176426a4ad872770cdd881f241f184c4e072f0a92
2236
javaw.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CData MongoDB JDBC Driver 2018\Demos.lnk
lnk
MD5: cf16efa94614d41dabb70c7912fc7b1f
SHA256: c77ebf196f3ecab19ef1a510cf6d3aabbf575fb3b95fc516f105bb441a02a0fb
2236
javaw.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CData MongoDB JDBC Driver 2018\Help.lnk
lnk
MD5: 4015801006fcd5067c62930b56cb7af4
SHA256: 59704d7c4cea73b0517a56062d63efbda2a24715c911bf8e83fa54e42ccf4df2
2952
java.exe
C:\Users\admin\AppData\Local\Temp\InstallRemover8424775427491735667.log
text
MD5: 333d588a5d8ceec2e6750fa3cdf2e71c
SHA256: 0e6210de234463bcc19b1ffd65768f3e15d3090b63b76c6c7fb071a362241a35
2236
javaw.exe
C:\Program Files\CData\CData JDBC Driver for MongoDB 2018\lib\cdata.jdbc.mongodb.lic
text
MD5: 281168fca70c7c5b5749a8f1b9e2d9f6
SHA256: f5098ee99539591d24b41c36914d7d194da622749f26b263bdab45440c895c9a
2236
javaw.exe
C:\Users\admin\.CData\cdata.jdbc.mongodb.lic
text
MD5: 281168fca70c7c5b5749a8f1b9e2d9f6
SHA256: f5098ee99539591d24b41c36914d7d194da622749f26b263bdab45440c895c9a
2236
javaw.exe
C:\Users\admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302019708-1500728564-335382590-1000\83aa4cc77f591dfc2374580bbd95f6ba_90059c37-1320-41a4-b58d-2b75a9850d2f
dbf
MD5: c8366ae350e7019aefc9d1e6e6a498c6
SHA256: 11e6aca8e682c046c83b721eeb5c72c5ef03cb5936c60df6f4993511ddc61238
2236
javaw.exe
C:\Users\admin\.oracle_jre_usage\90737d32e3abaa4.timestamp
text
MD5: 990383cbd09bdafc6c6dc454a10e380a
SHA256: 69ebefecc5421a37ac365d4c0e0ba0564b90c23711123c1483ff24150f006eac
2768
javaw.exe
C:\Users\admin\AppData\Local\Temp\Installer.js
text
MD5: f1b5de3a8eb3ee2c25eba8519f6de528
SHA256: 3d21e9a16c21df72b81d1eb0307c9e0145c9d6ff5bec7a8fa57e9ed91a074737
2768
javaw.exe
C:\Users\admin\.oracle_jre_usage\90737d32e3abaa4.timestamp
text
MD5: 575c222aac620aad6ba6753c7c01c1c5
SHA256: 63dae6824d3ab92746abf757471973f7cc956f3d2c0a92702d26e7ad78ad5085
3592
WinRAR.exe
C:\Users\admin\AppData\Local\Temp\Rar$DRa3592.48048\setup.jar
––
MD5:  ––
SHA256:  ––
2952
java.exe
C:\Users\admin\.oracle_jre_usage\90737d32e3abaa4.timestamp
text
MD5: 90b819046b21552338ca6420f1d54a05
SHA256: c3dc49694fecc37a61a8acda1ab3b772129967bf06ce51ca2be8cebf4b4fc84a

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
2
TCP/UDP connections
2
DNS requests
2
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2236 javaw.exe GET 200 206.72.114.195:80 http://lic.cdata.com/lic/?prod=DGRDV&nodeid=0ACB3BGN&bld=6894&uid=admin&name=test&email=test%40test.com&canemail=0&c=4&setup=true&a=itrial&exp=0 US
text
unknown
3052 iexplore.exe GET 200 204.79.197.200:80 http://www.bing.com/favicon.ico US
image
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
2236 javaw.exe 206.72.114.195:80 Peak 10 US unknown
3052 iexplore.exe 204.79.197.200:80 Microsoft Corporation US whitelisted

DNS requests

Domain IP Reputation
lic.cdata.com 206.72.114.195
unknown
www.bing.com 204.79.197.200
13.107.21.200
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.