General Info

URL

https://www.fenrir-inc.com/jp/sleipnir/

Full analysis
https://app.any.run/tasks/3efe6aa4-8261-400e-91d9-c390805e59b0
Verdict
Malicious activity
Analysis date
4/14/2019, 22:39:59
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:

loader

Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
180 seconds
Additional time used
120 seconds
Fakenet option
off
Heavy Evaision option
on
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Application was dropped or rewritten from another process
  • chrome.exe (PID: 3228)
  • chrome.exe (PID: 3124)
  • chrome.exe (PID: 2492)
  • chrome.exe (PID: 2844)
  • chrome.exe (PID: 2820)
  • FenrirSettingHelper.exe (PID: 2984)
  • FenrirSettingHelper.exe (PID: 3092)
  • chrome.exe (PID: 1880)
  • chrome.exe (PID: 1904)
  • chrome.exe (PID: 3860)
  • chrome.exe (PID: 3096)
  • chrome.exe (PID: 2364)
  • chrome.exe (PID: 3592)
  • chrome.exe (PID: 2780)
  • chrome.exe (PID: 3432)
  • chrome.exe (PID: 752)
  • chrome.exe (PID: 3160)
  • chrome.exe (PID: 2944)
  • chrome.exe (PID: 776)
  • chrome.exe (PID: 1420)
  • chrome.exe (PID: 2508)
  • chrome.exe (PID: 3340)
  • chrome.exe (PID: 2388)
  • chrome.exe (PID: 3316)
  • chrome.exe (PID: 3832)
  • chrome.exe (PID: 3036)
  • Sleipnir.exe (PID: 3468)
  • sleipnir_tp.exe (PID: 932)
  • FenrirSettingHelper.exe (PID: 1700)
  • FenrirSettingHelper.exe (PID: 3200)
  • Sleipnir.exe (PID: 292)
  • FenrirSettingHelper.exe (PID: 3428)
  • sleipnir636.exe (PID: 1672)
  • FenrirFS_API_Server.exe (PID: 880)
  • Sleipnir.exe (PID: 760)
  • Sleipnir.exe (PID: 1924)
  • FenrirSettingHelper.exe (PID: 3228)
  • Sleipnir.exe (PID: 2424)
  • sleipnir636.exe (PID: 2712)
Actions looks like stealing of personal data
  • chrome.exe (PID: 3096)
  • Sleipnir.exe (PID: 3468)
Loads dropped or rewritten executable
  • chrome.exe (PID: 2388)
  • chrome.exe (PID: 3096)
  • Sleipnir.exe (PID: 3468)
  • chrome.exe (PID: 3444)
  • regsvr32.exe (PID: 2892)
  • regsvr32.exe (PID: 2084)
  • FenrirFS_API_Server.exe (PID: 880)
  • Sleipnir.exe (PID: 760)
Registers / Runs the DLL via REGSVR32.EXE
  • sleipnir636.tmp (PID: 3512)
Downloads executable files from the Internet
  • chrome.exe (PID: 2196)
Reads internet explorer settings
  • Sleipnir.exe (PID: 3468)
Modifies the open verb of a shell class
  • FenrirSettingHelper.exe (PID: 3092)
Creates files in the user directory
  • chrome.exe (PID: 3096)
  • FenrirSettingHelper.exe (PID: 1700)
  • Sleipnir.exe (PID: 3468)
  • Sleipnir.exe (PID: 760)
Application launched itself
  • chrome.exe (PID: 3096)
  • FenrirSettingHelper.exe (PID: 3200)
  • Sleipnir.exe (PID: 3468)
Creates files in the program directory
  • Sleipnir.exe (PID: 3468)
  • Sleipnir.exe (PID: 760)
Changes IE settings (feature browser emulation)
  • Sleipnir.exe (PID: 3468)
Executable content was dropped or overwritten
  • sleipnir636.exe (PID: 2712)
  • sleipnir636.tmp (PID: 3512)
  • sleipnir636.exe (PID: 1672)
  • chrome.exe (PID: 2760)
  • Sleipnir.exe (PID: 760)
Reads Windows owner or organization settings
  • sleipnir636.tmp (PID: 3512)
Creates COM task schedule object
  • regsvr32.exe (PID: 2892)
Reads the Windows organization settings
  • sleipnir636.tmp (PID: 3512)
Modifies files in Chrome extension folder
  • chrome.exe (PID: 2760)
Reads settings of System Certificates
  • Sleipnir.exe (PID: 3468)
Dropped object may contain Bitcoin addresses
  • Sleipnir.exe (PID: 760)
Application was dropped or rewritten from another process
  • sleipnir636.tmp (PID: 2172)
  • sleipnir636.tmp (PID: 3512)
Loads dropped or rewritten executable
  • sleipnir636.tmp (PID: 3512)
Creates a software uninstall entry
  • sleipnir636.tmp (PID: 3512)
Creates files in the user directory
  • chrome.exe (PID: 2760)
Creates files in the program directory
  • sleipnir636.tmp (PID: 3512)
Application launched itself
  • chrome.exe (PID: 2760)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
99
Monitored processes
62
Malicious processes
11
Suspicious processes
2

Behavior graph

+
start drop and start drop and start drop and start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs sleipnir636.exe sleipnir636.tmp no specs sleipnir636.exe sleipnir636.tmp regsvr32.exe no specs fenrirfs_api_server.exe no specs regsvr32.exe no specs sleipnir.exe no specs fenrirsettinghelper.exe no specs sleipnir.exe fenrirsettinghelper.exe no specs sleipnir.exe sleipnir_tp.exe no specs fenrirsettinghelper.exe no specs sleipnir.exe no specs sleipnir.exe no specs fenrirsettinghelper.exe no specs fenrirsettinghelper.exe no specs fenrirsettinghelper.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2760
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.fenrir-inc.com/jp/sleipnir/
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
3221225547
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wpc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\samlib.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\wship6.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\imagehlp.dll
c:\program files\winrar\rarext.dll
c:\program files\microsoft office\office14\olkfstub.dll
c:\progra~1\micros~1\office14\mlshext.dll
c:\program files\microsoft office\office14\onfilter.dll
c:\program files\microsoft office\office14\visshe.dll
c:\program files\common files\microsoft shared\office14\msoshext.dll
c:\program files\microsoft office\office14\msohevi.dll
c:\windows\system32\mf.dll
c:\windows\system32\shdocvw.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\syncui.dll
c:\program files\notepad++\nppshell_06.dll
c:\program files\windows sidebar\sbdrop.dll
c:\windows\system32\stobject.dll
c:\windows\system32\cryptext.dll
c:\windows\system32\colorui.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winspool.drv
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\wininet.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\users\admin\downloads\sleipnir636.exe
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\mpr.dll

PID
1140
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=73.0.3683.75 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6fa60f18,0x6fa60f28,0x6fa60f34
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
1888
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3044 --on-initialized-event-handle=308 --parent-handle=312 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_watcher.dll

PID
3444
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=3343603842752758998 --mojo-platform-channel-handle=984 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\73.0.3683.75\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\73.0.3683.75\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\73.0.3683.75\swiftshader\libegl.dll

PID
2196
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --service-request-channel-token=17883279227519665500 --mojo-platform-channel-handle=1504 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\nsi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll

PID
2624
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --service-pipe-token=1312190968519948808 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1312190968519948808 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2008 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2936
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --service-pipe-token=1160641400729006486 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1160641400729006486 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2020 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3244
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --service-pipe-token=748739806248117204 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=748739806248117204 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2244 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
296
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=17093127852310388608 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17093127852310388608 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2920 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3856
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=15507695124730148408 --mojo-platform-channel-handle=2172 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3652
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=9540944733552568460 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9540944733552568460 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2728 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3388
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --disable-gpu-sandbox --use-gl=disabled --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=2482378675680369529 --mojo-platform-channel-handle=3444 /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll

PID
2200
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=7591414779668927256 --mojo-platform-channel-handle=3472 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3588
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=6648522071508444291 --mojo-platform-channel-handle=3500 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3216
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=11326402740969245246 --mojo-platform-channel-handle=3556 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3724
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=13015198559852521137 --mojo-platform-channel-handle=3444 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3240
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=11703992145184439947 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11703992145184439947 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3700 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2520
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=10918725458149503284 --mojo-platform-channel-handle=2628 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\sendmail.dll
c:\windows\system32\zipfldr.dll
c:\windows\system32\fxsresm.dll
c:\program files\winrar\rarext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\syncui.dll
c:\windows\system32\synceng.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netutils.dll

PID
1916
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=968,11803774206547213923,26424685011001398,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=11287987858205600363 --mojo-platform-channel-handle=4032 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2712
CMD
"C:\Users\admin\Downloads\sleipnir636.exe"
Path
C:\Users\admin\Downloads\sleipnir636.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Fenrir Inc.
Description
Sleipnir 6 Setup
Version
6.3.6
Modules
Image
c:\users\admin\downloads\sleipnir636.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\is-46u4g.tmp\sleipnir636.tmp

PID
2172
CMD
"C:\Users\admin\AppData\Local\Temp\is-46U4G.tmp\sleipnir636.tmp" /SL5="$80140,81867993,202752,C:\Users\admin\Downloads\sleipnir636.exe"
Path
C:\Users\admin\AppData\Local\Temp\is-46U4G.tmp\sleipnir636.tmp
Indicators
No indicators
Parent process
sleipnir636.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Description
Setup/Uninstall
Version
51.1052.0.0
Modules
Image
c:\users\admin\appdata\local\temp\is-46u4g.tmp\sleipnir636.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\version.dll
c:\windows\system32\mpr.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\propsys.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll

PID
1672
CMD
"C:\Users\admin\Downloads\sleipnir636.exe" /SPAWNWND=$2015A /NOTIFYWND=$80140
Path
C:\Users\admin\Downloads\sleipnir636.exe
Indicators
Parent process
sleipnir636.tmp
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Fenrir Inc.
Description
Sleipnir 6 Setup
Version
6.3.6
Modules
Image
c:\users\admin\downloads\sleipnir636.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\is-46u4h.tmp\sleipnir636.tmp

PID
3512
CMD
"C:\Users\admin\AppData\Local\Temp\is-46U4H.tmp\sleipnir636.tmp" /SL5="$30128,81867993,202752,C:\Users\admin\Downloads\sleipnir636.exe" /SPAWNWND=$2015A /NOTIFYWND=$80140
Path
C:\Users\admin\AppData\Local\Temp\is-46U4H.tmp\sleipnir636.tmp
Indicators
Parent process
sleipnir636.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Description
Setup/Uninstall
Version
51.1052.0.0
Modules
Image
c:\users\admin\appdata\local\temp\is-46u4h.tmp\sleipnir636.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\version.dll
c:\windows\system32\mpr.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\uxtheme.dll
c:\users\admin\appdata\local\temp\is-46u4i.tmp\_isetup\_shfoldr.dll
c:\windows\system32\shfolder.dll
c:\users\admin\appdata\local\temp\is-46u4i.tmp\s5instpanel.dll
c:\windows\system32\winspool.drv
c:\windows\system32\winmm.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\imageres.dll
c:\windows\system32\clbcatq.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\windows\system32\riched20.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\psapi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\program files\fenrir inc\sleipnir5\bin\sleipnir.exe
c:\program files\fenrir inc\sleipnir5\unins000.exe
c:\windows\system32\apphelp.dll
c:\windows\system32\regsvr32.exe
c:\windows\system32\netutils.dll

PID
2892
CMD
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files\Fenrir Inc\Common Files\FenrirFS API\FenrirFS_API.dll"
Path
C:\Windows\system32\regsvr32.exe
Indicators
No indicators
Parent process
sleipnir636.tmp
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft(C) Register Server
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\regsvr32.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\samcli.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\mpr.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\program files\fenrir inc\common files\fenrirfs api\fenrirfs_api.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\sxs.dll
c:\program files\fenrir inc\common files\fenrirfs api\fenrirfs_api_server.exe

PID
880
CMD
"C:\Program Files\Fenrir Inc\Common Files\FenrirFS API\FenrirFS_API_Server.exe" /REGSERVER
Path
C:\Program Files\Fenrir Inc\Common Files\FenrirFS API\FenrirFS_API_Server.exe
Indicators
No indicators
Parent process
regsvr32.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Fenrir Inc.
Description
FenrirFS API Server
Version
2.4.9.0
Modules
Image
c:\program files\fenrir inc\common files\fenrirfs api\fenrirfs_api_server.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\version.dll
c:\windows\system32\mpr.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\winspool.drv
c:\program files\fenrir inc\common files\fenrirfs api\sqlite3.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\propsys.dll
c:\windows\system32\sxs.dll

PID
2084
CMD
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files\Fenrir Inc\Common Files\FenrirFS Extensions\SleipnirExtensionHandler.fx"
Path
C:\Windows\system32\regsvr32.exe
Indicators
No indicators
Parent process
sleipnir636.tmp
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft(C) Register Server
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\regsvr32.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\samcli.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\mpr.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\program files\fenrir inc\common files\fenrirfs extensions\sleipnirextensionhandler.fx
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll

PID
1924
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe" /ShowIcons
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe
Indicators
No indicators
Parent process
sleipnir636.tmp
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Fenrir Inc.
Description
Sleipnir 6 for Windows
Version
6.3.6.4000
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\sleipnir.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\apphelp.dll
c:\program files\fenrir inc\sleipnir5\bin\fenrirsettinghelper.exe

PID
3228
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe" /ShowIcons /ATOM=ProgID=49230,AppPath=49228,Company=49234,App=49229,Description=49235,OpenWith=49236,Open=49236,OpenNewSession=49237,OpenSafeMode=49238,AppUserModelID=49239,AppLocalizedString=49240,AppLocalizedStringNoVersion=49241,AppLocalizedString2=49240,AppLocalizedStringNoVersion2=49241,AssocAppName=49242,
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe
Indicators
No indicators
Parent process
Sleipnir.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Fenrir Inc.
Description
FenrirSettingHelper
Version
1.0.3.1
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\fenrirsettinghelper.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\program files\fenrir inc\sleipnir5\bin\sleipnir.exe
c:\windows\system32\clbcatq.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\propsys.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\windows\system32\netutils.dll

PID
760
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe" /ExpandBaseFiles
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe
Indicators
Parent process
sleipnir636.tmp
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Fenrir Inc.
Description
Sleipnir 6 for Windows
Version
6.3.6.4000
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\sleipnir.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\program files\fenrir inc\sleipnir5\bin\supplement.fx
c:\program files\fenrir inc\sleipnir5\bin\freetype250.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\program files\fenrir inc\sleipnir5\bin\core.fx
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\program files\fenrir inc\sleipnir5\bin\fenrirlib.fx
c:\windows\system32\winmm.dll
c:\program files\fenrir inc\sleipnir5\bin\ipc.fx
c:\windows\system32\profapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\apphelp.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\windows\system32\netutils.dll

PID
3200
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe" /Background
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe
Indicators
No indicators
Parent process
sleipnir636.tmp
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Fenrir Inc.
Description
FenrirSettingHelper
Version
1.0.3.1
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\fenrirsettinghelper.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\propsys.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll

PID
3468
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe"
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe
Indicators
Parent process
sleipnir636.tmp
User
admin
Integrity Level
MEDIUM
Version:
Company
Fenrir Inc.
Description
Sleipnir 6 for Windows
Version
6.3.6.4000
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\sleipnir.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\program files\fenrir inc\sleipnir5\bin\supplement.fx
c:\program files\fenrir inc\sleipnir5\bin\freetype250.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\program files\fenrir inc\sleipnir5\bin\core.fx
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\program files\fenrir inc\sleipnir5\bin\fenrirlib.fx
c:\windows\system32\winmm.dll
c:\program files\fenrir inc\sleipnir5\bin\ipc.fx
c:\windows\system32\profapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\d3d10_1.dll
c:\windows\system32\d3d10_1core.dll
c:\windows\system32\d3d10warp.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\bin\rtl210.bpl
c:\windows\system32\mpr.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\opengl32.dll
c:\windows\system32\glu32.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\oleacc.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\bin\vcl210.bpl
c:\windows\system32\winspool.drv
c:\windows\system32\oledlg.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\bin\vclimg210.bpl
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\bin\vclx210.bpl
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\bin\passconnectextension.fx
c:\windows\system32\olepro32.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\bin\recoverymanagerextension.fx
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\bin\siteupdateshelper.fx
c:\windows\system32\shdocvw.dll
c:\windows\system32\ieframe.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\bin\thumbnailtab.fx
c:\windows\system32\d3d9.dll
c:\windows\system32\d3d8thk.dll
c:\program files\fenrir inc\sleipnir5\bin\sleipnir_tp.exe
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\panel\headlinefeedpanel.fx
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\extension\superdragextension.fx
c:\windows\system32\mscms.dll
c:\windows\system32\userenv.dll
c:\windows\system32\icm32.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\dock\headlinearticledock.fx
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\dock\headlinetooldock.fx
c:\windows\system32\linkinfo.dll
c:\windows\system32\mlang.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\windows\system32\msxml3.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\iconcodecservice.dll
c:\windows\system32\schannel.dll
c:\windows\system32\credssp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\t2embed.dll
c:\windows\system32\dxtrans.dll
c:\windows\system32\atl.dll
c:\windows\system32\ddrawex.dll
c:\windows\system32\dxtmsft.dll
c:\windows\system32\sxs.dll

PID
932
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\sleipnir_tp.exe" 3468 SleipnirTP_MainProc3468
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\sleipnir_tp.exe
Indicators
No indicators
Parent process
Sleipnir.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Description
Version
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\sleipnir_tp.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll

PID
3428
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe" /IsDefaultBrowser /ATOM=ProgID=49231,AppPath=49233,ResultEventID=49223,NotifyEventID=49211,AssocAppName=49224,
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe
Indicators
No indicators
Parent process
Sleipnir.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Fenrir Inc.
Description
FenrirSettingHelper
Version
1.0.3.1
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\fenrirsettinghelper.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\oleaut32.dll

PID
2424
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe" /SetAsDefaultBrowser
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe
Indicators
No indicators
Parent process
Sleipnir.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Fenrir Inc.
Description
Sleipnir 6 for Windows
Version
6.3.6.4000
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\sleipnir.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll

PID
292
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe" /PinToTaskbar
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\Sleipnir.exe
Indicators
No indicators
Parent process
Sleipnir.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Fenrir Inc.
Description
Sleipnir 6 for Windows
Version
6.3.6.4000
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\sleipnir.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\apphelp.dll

PID
1700
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe" /PinToTaskbar /ATOM=ProgID=49224,AppPath=49211,Company=49223,App=49229,Description=49233,OpenWith=49231,Open=49231,OpenNewSession=49227,OpenSafeMode=49225,AppUserModelID=49226,AppLocalizedString=49241,AppLocalizedStringNoVersion=49242,AppLocalizedString2=49241,AppLocalizedStringNoVersion2=49242,AssocAppName=49235,
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe
Indicators
No indicators
Parent process
Sleipnir.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Fenrir Inc.
Description
FenrirSettingHelper
Version
1.0.3.1
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\fenrirsettinghelper.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\program files\fenrir inc\sleipnir5\bin\sleipnir.exe
c:\windows\system32\clbcatq.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\propsys.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\userenv.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\netutils.dll

PID
2984
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe" /ElevateOnce /SetAsDefaultBrowser /ATOM=ProgID=49224,AppPath=49211,Company=49223,App=49229,Description=49233,OpenWith=49231,Open=49231,OpenNewSession=49227,OpenSafeMode=49225,AppUserModelID=49226,AppLocalizedString=49241,AppLocalizedStringNoVersion=49242,AppLocalizedString2=49241,AppLocalizedStringNoVersion2=49242,AssocAppName=49235,
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe
Indicators
No indicators
Parent process
FenrirSettingHelper.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Fenrir Inc.
Description
FenrirSettingHelper
Version
1.0.3.1
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\fenrirsettinghelper.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll

PID
3092
CMD
"C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe" /ElevateOnce /RegisterProgID /ATOM=ProgID=49224,AppPath=49211,Company=49223,App=49229,Description=49233,OpenWith=49231,Open=49231,OpenNewSession=49227,OpenSafeMode=49225,AppUserModelID=49226,AppLocalizedString=49241,AppLocalizedStringNoVersion=49242,AppLocalizedString2=49241,AppLocalizedStringNoVersion2=49242,AssocAppName=49235,
Path
C:\Program Files\Fenrir Inc\Sleipnir5\bin\FenrirSettingHelper.exe
Indicators
No indicators
Parent process
FenrirSettingHelper.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Fenrir Inc.
Description
FenrirSettingHelper
Version
1.0.3.1
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\fenrirsettinghelper.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\oleaut32.dll

PID
3096
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --no-first-run --no-default-browser-check --disable-sync --disable-background-mode --noerrdialogs --disable-popup-blocking --homepage="about:blank" --sleipnir-font-customize --init-from-sleipnir --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --high-dpi-support=1 --force-device-scale-factor=1 --force-fieldtrials=AutomaticTabDiscarding/Disabled --sleipnir-app-status-firstboot --ssl-version-min=tls1 --sleipnir-flash-enable-allsites --sleipnir-hide-toolbars --additional-user-agent="Sleipnir/6.3.6" --chromium-bridge-pid="3468" --ipc-token="MutexNameV5_StartupExists_Sleipnir-1-general" --process-per-site-instance --lang=en-US --owner-hwnd=131526 about:blank
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
Parent process
Sleipnir.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sechost.dll
c:\windows\system32\winmm.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\ffmpeg.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winusb.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winsta.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\wpc.dll
c:\windows\system32\samlib.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\program files\fenrir inc\sleipnir5\bin\supplement.fx
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\freetype250.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\program files\fenrir inc\sleipnir5\bin\ipc.fx
c:\windows\system32\kbdus.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\mpr.dll

PID
2388
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --type=gpu-process --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=3150880121277919846 --mojo-platform-channel-handle=936 --ignored=" --type=renderer " /prefetch:2
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
7
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll

PID
1904
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --type=gpu-process --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=11757319605893528900 --mojo-platform-channel-handle=932 --ignored=" --type=renderer " /prefetch:2
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
1880
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --type=gpu-process --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=16130438447336026932 --mojo-platform-channel-handle=1172 --ignored=" --type=renderer " /prefetch:2
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
3160
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --type=gpu-process --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=6803066954267536584 --mojo-platform-channel-handle=1376 --ignored=" --type=renderer " /prefetch:2
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
3860
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --type=gpu-process --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=7285388077232027705 --mojo-platform-channel-handle=1084 --ignored=" --type=renderer " /prefetch:2
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
2944
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --type=gpu-process --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=7980450930696951055 --mojo-platform-channel-handle=1140 --ignored=" --type=renderer " /prefetch:2
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
752
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=false --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --service-pipe-token=13572743029984729323 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13572743029984729323 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1944 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
3316
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=false --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --service-pipe-token=3474688552103157557 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3474688552103157557 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1940 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
2364
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=false --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --service-pipe-token=857518103614041442 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=857518103614041442 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=956 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
2820
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=false --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=17638893692609918276 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17638893692609918276 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2236 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
3592
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=false --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=6166764406372726469 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6166764406372726469 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2740 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
3432
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=false --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=7164044693033302176 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7164044693033302176 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2756 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
776
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=true --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=13220323038510314688 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13220323038510314688 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2756 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
3036
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=true --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=16120174934036960201 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16120174934036960201 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2740 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
2780
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=true --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=5571815160164669689 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5571815160164669689 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2816 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
3832
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=true --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=6862880133374663773 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6862880133374663773 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2824 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
3340
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=true --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=8086646261985023155 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8086646261985023155 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2832 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
1420
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=true --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=11323059498573981226 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11323059498573981226 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2796 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
2508
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=true --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=7289396534468933662 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7289396534468933662 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
2492
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=true --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=4569909805542551623 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4569909805542551623 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=896 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
3124
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --additional-user-agent=Sleipnir/6.3.6 --hlr-secure-mode=true --chromium-bridge-pid=3468 --sleipnir-exec-folder-path="C:\Program Files\Fenrir Inc\Sleipnir5\bin" --sleipnir-flash-enable-allsites --disable-direct-write --type=renderer --force-device-scale-factor=1 --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --disable-gpu-compositing --service-pipe-token=7503254089360621961 --lang=en-US --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7503254089360621961 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1780 /prefetch:1
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

PID
3228
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --type=utility --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --lang=en-US --no-sandbox --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --service-request-channel-token=5841111490639886126 --mojo-platform-channel-handle=584 /prefetch:8
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\program files\fenrir inc\sleipnir5\bin\sleipnir.exe
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\profapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\propsys.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\msctf.dll
c:\windows\system32\psapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\kernelbase.dll
c:\systemroot\system32\ntdll.dll
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe

PID
2844
CMD
"C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe" --type=utility --field-trial-handle=928,1910092012035183063,1247039904952558255,131072 --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer" --service-request-channel-token=8857271371486080909 --mojo-platform-channel-handle=2820 --ignored=" --type=renderer " /prefetch:8
Path
C:\Users\admin\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
3221225758
Version:
Company
Fenrir Inc.
Description
Sleipnir
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\roaming\fenrir inc\sleipnir5\~temp\plugins\chromiumengine\chrome.exe
c:\systemroot\system32\ntdll.dll

Registry activity

Total events
5500
Read events
4582
Write events
915
Delete events
3

Modification events

PID
Process
Operation
Key
Name
Value
2760
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2760
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
01000000
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
2760
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
2760
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
aggregate
sum()
2760
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
S-1-5-21-1302019708-1500728564-335382590-1000
1
2760
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
aggregate
sum()
2760
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
S-1-5-21-1302019708-1500728564-335382590-1000
0
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13199748015410750
2760
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aapocclcgogkmnckokdopfmhonfmgoek
D5199D8467FB516102D713CB8C65A10366B9AC8F1D203CE5C4DA8832EDC8F6EB
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
15B1C3FE35F29528448F36A72A4DFBC58A8083C7190559D25865779166D220A2
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aohghmighlieiainnegkcijnfilokake
E7266A3CF6839292433DC7EDFB8E386AA9DF00CE384FF0B5B584864D47B71EB0
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
apdfllckaahabafndbhieahigkjlhalf
23E1728FC672D01186F4AD602E5D97DAA59E98AC0B77BDDA97C85AFE29D015E7
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
blpcfgokakmgnkcojhhkbfbldkacnbeo
359879DBB0EA4C08C023C9AF2B32FC9BC84D05F0B2CC329D271FF1D320AD0002
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
felcaaldnbdncclmgdcncolpebgiejap
431EB21655C765BAF593F3BDFFD4AE5D6DB7586541B95E5B70C060AB060C90C2
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
D6B079666F209503A09486C70AC09307652A0F7F783166A999B27C99D0DA79E2
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
7EFF560DA0DBDBC4B7A739A09ED33059615C72F731845275F3147FF30058875F
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
00175B8120231631976CA8B862A3416996C9373BA3D289F0619DDA992973DDFA
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
63355C14E8C7DF9A075F2EDDEA6F2807DC8166B83F96F4C975B9B6554C6324D7
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
0E265BFED6F1C7D5F0A9BD790C50BB30E78E959631D51EEBB8BB0DE73E65763C
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
04A45240BDA55E8777FA04357712CA6DD942253A21323E4C7D3CCF769B34BFED
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
EFA63CBF982B82CF44E63E567FF3BB95FE3F51570D9A0CED8846E77B13199169
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
527D1A0946F4871AB116D50D165DB6393B218CA3D04545DCB9ED4216D8C14C35
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pjkljhegncpnkpknbcohdijeoejaedia
6606721D680046692B3B9405ED6DE60C967680090D6EEE835C71E9297FDA6D00
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
69554B5A5515F813F7B61DE25BC4845A370FA9F3A90EFFD33E455C72E0A0BCEE
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
05AAF014DC053344684F0EE1703799A37890EDB73DDDB4EF17E9DCBE1D516DC3
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000071000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
1C00000001000000E307040000000E00140029001000900100000000
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
1C00000001000000E307040000000E00140029001000960100000000
2760
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
1
1888
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2760-13199748014176375
259
1888
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2760-13199748014176375
0
2196
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
2520
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
2520
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@sendmail.dll,-21
Desktop (create shortcut)
2520
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@zipfldr.dll,-10148
Compressed (zipped) folder
2520
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@sendmail.dll,-4
Mail recipient
2520
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@C:\Windows\system32\FXSRESM.dll,-120
Fax recipient
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
C:\Program Files\Fenrir Inc\Common Files\FenrirFS API\sqlite3.dll
1
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
C:\Program Files\Fenrir Inc\Common Files\FenrirFS API\FenrirFS_API_Server.exe
1
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
C:\Program Files\Fenrir Inc\Common Files\FenrirFS API\FenrirFS_API.dll
1
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
C:\Program Files\Fenrir Inc\Common Files\FenrirFS Extensions\SleipnirExtensionHandler.fx
1
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
Inno Setup: Setup Version
5.4.2 (u)
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
Inno Setup: App Path
C:\Program Files\Fenrir Inc\Sleipnir5
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
InstallLocation
C:\Program Files\Fenrir Inc\Sleipnir5\
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
Inno Setup: Icon Group
Fenrir Inc\Sleipnir 6
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
Inno Setup: User
admin
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
Inno Setup: Language
en
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
DisplayName
Sleipnir Version 6.3.6
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
UninstallString
"C:\Program Files\Fenrir Inc\Sleipnir5\unins000.exe"
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
QuietUninstallString
"C:\Program Files\Fenrir Inc\Sleipnir5\unins000.exe" /SILENT
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
DisplayVersion
6.3.6
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
Publisher
Fenrir Inc.
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
URLInfoAbout
http://www.fenrir-inc.com/
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
HelpLink
http://www.fenrir-inc.com/
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
URLUpdateInfo
http://www.fenrir-inc.com/
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
NoModify
1
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
NoRepair
1
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
InstallDate
20190414
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
MajorVersion
6
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
MinorVersion
3
3512
sleipnir636.tmp
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FenrirSleipnirV5_is1
EstimatedSize
329809
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4BBEE872-B656-4B25-B4D5-D3467937B9C9}\1.2
FenrirFS API
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4BBEE872-B656-4B25-B4D5-D3467937B9C9}\1.2\FLAGS
0
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4BBEE872-B656-4B25-B4D5-D3467937B9C9}\1.2\0\win32
C:\Program Files\Fenrir Inc\Common Files\FenrirFS API\FenrirFS_API.dll
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4BBEE872-B656-4B25-B4D5-D3467937B9C9}\1.2\HELPDIR
C:\Program Files\Fenrir Inc\Common Files\FenrirFS API\
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C162085D-73F7-4EBC-B508-A1BF36E1C4E7}
IFIFenrirFSAPI
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C162085D-73F7-4EBC-B508-A1BF36E1C4E7}\ProxyStubClsid
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C162085D-73F7-4EBC-B508-A1BF36E1C4E7}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C162085D-73F7-4EBC-B508-A1BF36E1C4E7}\TypeLib
{4BBEE872-B656-4B25-B4D5-D3467937B9C9}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C162085D-73F7-4EBC-B508-A1BF36E1C4E7}\TypeLib
Version
1.2
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{53259A6D-B19D-450F-B891-E147186B679F}
IFIFenrirFSProfile
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{53259A6D-B19D-450F-B891-E147186B679F}\ProxyStubClsid
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{53259A6D-B19D-450F-B891-E147186B679F}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{53259A6D-B19D-450F-B891-E147186B679F}\TypeLib
{4BBEE872-B656-4B25-B4D5-D3467937B9C9}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{53259A6D-B19D-450F-B891-E147186B679F}\TypeLib
Version
1.2
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B8225F0F-617E-4917-BBB5-0CB645A48B70}
IFIFenrirFSStorageSettings
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B8225F0F-617E-4917-BBB5-0CB645A48B70}\ProxyStubClsid
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B8225F0F-617E-4917-BBB5-0CB645A48B70}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B8225F0F-617E-4917-BBB5-0CB645A48B70}\TypeLib
{4BBEE872-B656-4B25-B4D5-D3467937B9C9}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B8225F0F-617E-4917-BBB5-0CB645A48B70}\TypeLib
Version
1.2
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{22F50E51-A701-4FF8-AFD1-C46995D03287}
IFIFenrirFSStorageSettingConfig
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{22F50E51-A701-4FF8-AFD1-C46995D03287}\ProxyStubClsid
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{22F50E51-A701-4FF8-AFD1-C46995D03287}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{22F50E51-A701-4FF8-AFD1-C46995D03287}\TypeLib
{4BBEE872-B656-4B25-B4D5-D3467937B9C9}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{22F50E51-A701-4FF8-AFD1-C46995D03287}\TypeLib
Version
1.2
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC82C01B-8540-443D-A6D3-8264D19E5E34}
IFIFenrirFSStorageSettingFileOperation
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC82C01B-8540-443D-A6D3-8264D19E5E34}\ProxyStubClsid
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC82C01B-8540-443D-A6D3-8264D19E5E34}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC82C01B-8540-443D-A6D3-8264D19E5E34}\TypeLib
{4BBEE872-B656-4B25-B4D5-D3467937B9C9}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC82C01B-8540-443D-A6D3-8264D19E5E34}\TypeLib
Version
1.2
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7FF3B6D6-4E51-4F8A-9992-ABCE629399EF}
IFIFenrirFSProfileSettings
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7FF3B6D6-4E51-4F8A-9992-ABCE629399EF}\ProxyStubClsid
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7FF3B6D6-4E51-4F8A-9992-ABCE629399EF}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7FF3B6D6-4E51-4F8A-9992-ABCE629399EF}\TypeLib
{4BBEE872-B656-4B25-B4D5-D3467937B9C9}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7FF3B6D6-4E51-4F8A-9992-ABCE629399EF}\TypeLib
Version
1.2
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D28C2D-218B-4A23-8BE7-17E6A3F5AFD3}
IFIFenrirFSProfileSettingConfig
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D28C2D-218B-4A23-8BE7-17E6A3F5AFD3}\ProxyStubClsid
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D28C2D-218B-4A23-8BE7-17E6A3F5AFD3}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D28C2D-218B-4A23-8BE7-17E6A3F5AFD3}\TypeLib
{4BBEE872-B656-4B25-B4D5-D3467937B9C9}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D28C2D-218B-4A23-8BE7-17E6A3F5AFD3}\TypeLib
Version
1.2
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EA1EB359-8E82-452E-B88D-500F0C76D712}
IFIFenrirFSFolderList
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EA1EB359-8E82-452E-B88D-500F0C76D712}\ProxyStubClsid
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EA1EB359-8E82-452E-B88D-500F0C76D712}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EA1EB359-8E82-452E-B88D-500F0C76D712}\TypeLib
{4BBEE872-B656-4B25-B4D5-D3467937B9C9}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EA1EB359-8E82-452E-B88D-500F0C76D712}\TypeLib
Version
1.2
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53BE7E-8247-4937-B485-F80421506F18}
IFIFenrirFSFolder
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53BE7E-8247-4937-B485-F80421506F18}\ProxyStubClsid
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53BE7E-8247-4937-B485-F80421506F18}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53BE7E-8247-4937-B485-F80421506F18}\TypeLib
{4BBEE872-B656-4B25-B4D5-D3467937B9C9}
2892
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53BE7E-8247-4937-B485-F80421506F18}\TypeLib
Version