What is sipnotify.exe?
sipnotify.exe is part of Microsoft® Windows® Operating System and developed by Microsoft Corporation according to the sipnotify.exe version information.
sipnotify.exe's description is "sipnotify"
sipnotify.exe is usually located in the 'C:\WINDOWS\system32\' folder.
None of the anti-virus scanners at VirusTotal reports anything malicious about sipnotify.exe.
If you have additional information about the file, please share it with the FreeFixer users by posting a comment at the bottom of this page.
Vendor and version information [?]
The following is the available information on sipnotify.exe:
| Property | Value |
|---|---|
| Product name | Microsoft® Windows® Operating System |
| Company name | Microsoft Corporation |
| File description | sipnotify |
| Internal name | sipnotify |
| Original filename | sipnotify.exe |
| Legal copyright | © Microsoft Corporation. All rights reserved. |
| Product version | 6.1.7601.24426 |
| File version | 6.1.7601.24426 (win7sp1_ldr.190401-0600) |
Here's a screenshot of the file properties when displayed by Windows Explorer:
| Product name | Microsoft® Windows® Operating System |
| Company name | Microsoft Corporation |
| File description | sipnotify |
| Internal name | sipnotify |
| Original filename | sipnotify.exe |
| Legal copyright | © Microsoft Corporation. All rights.. |
| Product version | 6.1.7601.24426 |
| File version | 6.1.7601.24426 (win7sp1_ldr.190401-0.. |
Digital signatures [?]
sipnotify.exe is not signed.
VirusTotal report
None of the 68 anti-virus programs at VirusTotal detected the sipnotify.exe file.
Sandbox Report
The following information was gathered by executing the file inside Cuckoo Sandbox.
Summary
Successfully executed process in sandbox.
Summary
{
"file_created": [
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ru-ru.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\gu-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sq-al.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-hk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ms-my.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ha-Latn-NG.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-at.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sv-se.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\as-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ca-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\cy-gb.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ro-ro.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-au.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-ca.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\si-lk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\InsertBOM.exe",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sk-sk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\te-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bn-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-be.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nn-no.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mi-nz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\th-th.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\da-dk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\he-il.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\el-gr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\am-et.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\gl-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pa-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mn-mn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\af-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ig-ng.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ph.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pl-pl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hr-hr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-de.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-cyrl-ba.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lt-lt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\or-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ar-SA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-xf.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\quz-pe.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\xh-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-mx.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hy-am.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ko-kr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-cyrl-rs.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mr-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bn-bd.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\id-id.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\km-kh.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bg-bg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-nz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-ar.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nso-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\az-Latn-AZ.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\prs-af.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tr-tr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sl-si.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hi-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ne-np.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\is-is.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ta-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pt-pt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\cs-cz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pt-br.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fi-fi.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-sg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tk-tm.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-gb.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nb-no.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ml-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-xl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zu-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nl-be.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-ch.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kk-kz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ur-pk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-hk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bs-Latn-BA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ca.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\vi-vn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-cn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ga-ie.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\it-it.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ie.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\et-ee.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hu-hu.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tn-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-is.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-tw.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ka-ge.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mk-mk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nl-nl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\eu-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fa-ir.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lv-lv.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lb-lu.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\yo-ng.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mt-mt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ky-kg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\metadata.json",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kok-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-id.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-co.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-fr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ja-jp.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\uz-Latn-UZ.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tt-ru.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pa-arab-pk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fil-ph.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bs-Cyrl-BA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-latn-rs.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-ch.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\default.cab",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-cl.html",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019111620191117\\index.dat",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\uk-ua.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sw-ke.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kn-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-my.html"
],
"directory_created": [
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019111620191117\\",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\Caches"
],
"dll_loaded": [
"IEFRAME.dll",
"gdiplus.dll",
"urlmon.dll",
"mshtml.dll",
"apphelp.dll",
"DNSAPI.dll",
"kernel32.dll",
"UxTheme.dll",
"CRYPTBASE.dll",
"oleaut32.dll",
"dwmapi.dll",
"ntdll.dll",
"C:\\Windows\\system32\\msimg32.dll",
"cryptsp.dll",
"winhttp.dll",
"ImgUtil.dll",
"API-MS-WIN-Service-Management-L2-1-0.dll",
"API-MS-WIN-Service-Management-L1-1-0.dll",
"WININET.dll",
"API-MS-WIN-Service-winsvc-L1-1-0.dll",
"C:\\Windows\\WinSxS\\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\\gdiplus.dll",
"ole32.dll",
"SHLWAPI.dll",
"CRYPTSP.dll",
"Comctl32.dll",
"credssp.dll",
"SspiCli.dll",
"C:\\Windows\\system32\\DUser.dll",
"IPHLPAPI.DLL",
"C:\\Windows\\system32\\xmllite.dll",
"OLEAUT32.dll",
"SHELL32.dll",
"RPCRT4.dll",
"C:\\Windows\\System32\\wship6.dll",
"DUser.dll",
"comctl32.dll",
"NSI.dll",
"SXS.DLL",
"RpcRtRemote.dll",
"CFGMGR32.dll",
"MLANG.dll",
"DEVRTL.dll",
"C:\\Windows\\system32\\mswsock.dll",
"VERSION.dll",
"ADVAPI32.dll",
"C:\\Windows\\System32\\wshtcpip.dll",
"SETUPAPI.dll",
"WS2_32.dll",
"Cabinet.dll",
"user32.dll",
"C:\\Windows\\system32\\rsaenh.dll"
],
"file_failed": [
"C:\\cuckoo_1788.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\"
],
"regkey_opened": [
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Zoom",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_MIME_SNIFFING",
"HKEY_CLASSES_ROOT\\PROTOCOLS\\Name-Space Handler\\about\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/tiff\\Bits",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/pjpeg\\Bits",
"HKEY_CURRENT_USER\\Software\\Microsoft\\windows\\CurrentVersion\\Internet Settings\\Zones",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\TravelLog",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Security\\Adv AddrBar Spoof Detection",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_IPERSISTMONIKER_LOAD_REDIRECTED_URL_KB976425",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_SSLUX",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\MenuExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_Cross_Domain_Redirect_Mitigation",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\ActiveDesktop",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Security\\Adv AddrBar Spoof Detection",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-wmf\\Bits",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MANAGE_SCRIPT_CIRCULAR_REFS",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_UNC_SAVEDFILECHECK",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SAFE_BINDTOOBJECT",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-png\\Bits",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Services",
"HKEY_LOCAL_MACHINE\\Software",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows Search",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Url History",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\LanguagePack\\SurrogateFallback",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Suggested Sites",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SUBDOWNLOAD_LOCKDOWN",
"HKEY_CLASSES_ROOT\\.js",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Url History",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\DxTrans",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4",
"HKEY_CLASSES_ROOT\\.html",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\ActiveX Compatibility",
"HKEY_CLASSES_ROOT\\PROTOCOLS\\Name-Space Handler\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\MenuExt\\%s",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-icon\\Bits",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\ProtocolDefaults\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Activities",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_SSLUX",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_WEBOC_DOCUMENT_ZOOM",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Activities",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_IGNORE_LEADING_FILE_SEPARATOR_IN_URI_KB933105",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\3",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\Infodelivery\\Restrictions",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Url History",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_IEDDE_REGISTER_URLECHO",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Security",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Feeds",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_UNC_SAVEDFILECHECK",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\about",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\Main",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\ActiveX Compatibility\\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}",
"HKEY_CURRENT_USER\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\text\/html",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\Zoom",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_CUSTOM_IMAGE_MIME_TYPES_KB910561",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/png\\Bits",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\IETld",
"HKEY_LOCAL_MACHINE\\System\\Setup",
"HKEY_CLASSES_ROOT\\MIME\\Database\\Content Type\\text\/html",
"HKEY_CURRENT_USER\\Software\\Policies",
"HKEY_CLASSES_ROOT\\PROTOCOLS\\Name-Space Handler\\res\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Security\\Floppy Access",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\Feature_Enable_Compat_Logging",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_XSSFILTER",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\4",
"HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Class\\{4d36e972-e325-11ce-bfc1-08002be10318}",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\2",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\1",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\0",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\4",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\0",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\1",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\2",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Main\\FeatureControl",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\0",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\BrowserEmulation",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Services",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_DISABLE_NAVIGATION_SOUNDS",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\PageSetup",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Feeds",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_READ_ZONE_STRINGS_FROM_REGISTRY",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings",
"HKEY_CURRENT_USER\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\res",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Low Rights",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Styles",
"HKEY_CLASSES_ROOT\\MIME\\Database\\Content Type",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\WindowsSearch",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Zoom",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_ZONE_ELEVATION",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/bmp\\Bits",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_IEDDE_REGISTER_PROTOCOL",
"HKEY_CLASSES_ROOT\\PROTOCOLS\\Name-Space Handler\\*\\",
"HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Nls\\CodePage",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\res",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_Isolate_Named_Windows",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Url History",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/gif\\Bits",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Main",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SCRIPTURL_MITIGATION",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_SNIFFING",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Main",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\3",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_SAFE_BINDTOOBJECT",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-jg\\Bits",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_FILEDOWNLOAD",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Accepted Documents",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BROWSER_EMULATION",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Ranges\\",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Services",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\LanguagePack\\SurrogateFallback\\MS Shell Dlg",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings",
"HKEY_CLASSES_ROOT\\.css",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\Main\\FeatureControl",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache",
"HKEY_CURRENT_USER\\AppEvents\\Schemes\\Apps\\Explorer\\ActivatingDocument\\.current",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Ftp",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\",
"HKEY_CURRENT_USER\\Software",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MSHTML_AUTOLOAD_IEFRAME",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Activities",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Restrictions",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\TravelLog",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_PROTOCOL_LOCKDOWN",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Suggested Sites",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Suggested Sites",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Ftp",
"HKEY_LOCAL_MACHINE\\Software\\Policies",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Control Panel",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\COM3",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Ranges\\",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\3",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\text\/html",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_RESTRICT_FILEDOWNLOAD",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_LOCALMACHINE_LOCKDOWN",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\International\\Scripts",
"HKEY_CLASSES_ROOT\\.png",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Version Vector",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_HANDLING",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-png",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_ZONE_ELEVATION",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_PROTOCOL_LOCKDOWN",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_DISABLE_NAVIGATION_SOUNDS",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Infodelivery\\Restrictions",
"HKEY_CLASSES_ROOT\\.jpg",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_IMG",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Feed Discovery",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\DxTrans",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Ranges\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\3",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\2",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\1",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_LOCALMACHINE_LOCKDOWN",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\Restrictions",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\4",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\MediaTypeClass",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ADDITIONAL_IE8_MEMORY_CLEANUP",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_SCRIPT",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_FEEDS",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Settings",
"HKEY_CLASSES_ROOT\\PROTOCOLS\\Name-Space Handler\\file\\",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\BrowserEmulation",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_FEEDS",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Zoom",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/jpeg\\Bits",
"HKEY_CURRENT_USER\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\about",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Feed Discovery",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_MIME_HANDLING",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Ratings",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_DOCUMENT_COMPATIBLE_MODE"
],
"resolves_host": [
"query.prod.cms.rt.microsoft.com"
],
"file_written": [
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ru-ru.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\gu-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sq-al.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-hk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ms-my.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ha-Latn-NG.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-at.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sv-se.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\as-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ca-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\cy-gb.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ro-ro.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-au.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-ca.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\si-lk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\InsertBOM.exe",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sk-sk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\te-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bn-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-be.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nn-no.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mi-nz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\th-th.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\da-dk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\he-il.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\el-gr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\am-et.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\gl-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pa-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mn-mn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\af-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ig-ng.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ph.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pl-pl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hr-hr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-de.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-cyrl-ba.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lt-lt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\or-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ar-SA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-xf.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\quz-pe.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\xh-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-mx.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hy-am.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ko-kr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-cyrl-rs.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mr-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bn-bd.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\id-id.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\km-kh.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bg-bg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-nz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-ar.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nso-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\az-Latn-AZ.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\prs-af.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tr-tr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sl-si.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hi-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ne-np.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\is-is.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ta-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pt-pt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\cs-cz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pt-br.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fi-fi.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-sg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tk-tm.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-gb.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nb-no.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ml-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-xl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zu-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nl-be.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-ch.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kk-kz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ur-pk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-hk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bs-Latn-BA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ca.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\vi-vn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-cn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ga-ie.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\it-it.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ie.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\et-ee.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hu-hu.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tn-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-is.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-tw.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ka-ge.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mk-mk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nl-nl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\eu-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fa-ir.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lv-lv.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lb-lu.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\yo-ng.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mt-mt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ky-kg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\metadata.json",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kok-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-id.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-co.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-fr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ja-jp.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\uz-Latn-UZ.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tt-ru.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pa-arab-pk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fil-ph.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bs-Cyrl-BA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-latn-rs.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-ch.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\default.cab",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-cl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\uk-ua.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sw-ke.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kn-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-my.html"
],
"regkey_deleted": [
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\ProxyBypass",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\ProxyBypass",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\IntranetName",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\IntranetName"
],
"file_deleted": [
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\index.dat"
],
"directory_removed": [
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\"
],
"file_exists": [
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\desktop.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\styles.css:Zone.Identifier",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"C:\\Windows\\System32\\C_1253.NLS",
"C:\\Windows\\System32\\C_1361.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"C:\\Windows\\System32\\C_1251.NLS",
"C:\\Windows\\System32\\C_874.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019111620191117\\",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\desktop.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\script.js:Zone.Identifier",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"C:\\Windows\\System32\\C_1257.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png",
"C:\\Windows\\System32\\C_950.NLS",
"C:\\cuckoo_1788.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html:Zone.Identifier",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\content.cab",
"C:\\Windows\\System32\\C_1254.NLS",
"C:\\Windows\\inf\\",
"C:\\Windows\\System32\\C_1250.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"C:\\Windows\\System32\\C_936.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Internet Explorer",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\default.cab",
"C:\\Windows\\System32\\C_1258.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019111620191117\\index.dat",
"C:\\Windows\\System32\\C_949.NLS",
"C:\\Windows\\System32\\C_1256.NLS",
"C:\\Windows\\System32\\C_1255.NLS",
"C:\\Windows\\System32\\C_932.NLS"
],
"mutex": [
"MSIMGSIZECacheMutex",
"Local\\ZonesCounterMutex",
"Local\\c:!users!cuck!appdata!local!microsoft!windows!history!history.ie5!mshist012019111620191117!",
"Local\\ZonesLockedCacheCounterMutex",
"Local\\ZoneAttributeCacheCounterMutex",
"Local\\ZonesCacheCounterMutex"
],
"file_opened": [
"C:\\",
"C:\\Users\\cuck\\AppData",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\Caches\\cversions.1.db",
"C:\\Users\\cuck\\",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\desktop.ini",
"C:\\Users\\",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\metadata.json",
"C:\\Users",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"C:\\Windows\\winsxs\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\default.cab",
"C:\\Users\\desktop.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft",
"C:\\Windows\\System32\\en-US\\KERNELBASE.dll.mui",
"C:\\Users\\cuck",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent",
"C:\\Windows\\System32\\atl.dll",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\",
"C:\\Users\\cuck\\AppData\\Local",
"C:\\Windows\\System32\\ntmarta.dll",
"C:\\Windows\\System32\\stdole2.tlb",
"C:\\Windows\\Globalization\\Sorting\\sortdefault.nls",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019111620191117\\index.dat",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\Caches\\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000004.db",
"C:\\Windows\\System32\\rsaenh.dll",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Internet Explorer\\MSIMGSIZ.DAT",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\",
"C:\\Users\\cuck\\AppData\\"
],
"guid": [
"{275c23e2-3747-11d0-9fea-00aa003f8646}",
"{6a01fda0-30df-11d0-b724-00aa006c1a01}",
"{dccfc164-2b38-11d2-b7ec-00c04f8f5d9a}",
"{660b90c8-73a9-4b58-8cae-355b7f55341b}",
"{3050f3bc-98b5-11cf-bb82-00aa00bdce0b}",
"{25336920-03f9-11cf-8fd0-00aa00686f13}",
"{a3ccedf7-2de2-11d0-86f4-00a0c913f750}",
"{5762f2a7-4658-4c7a-a4ac-bdabfe154e0d}",
"{4ef17940-30e0-11d0-b724-00aa006c1a01}",
"{00000000-0000-0000-c000-000000000046}",
"{00000146-0000-0000-c000-000000000046}",
"{6c736dc1-ab0d-11d0-a2ad-00a0c90f27e8}",
"{76765b11-3f95-4af2-ac9d-ea55d8994f1a}",
"{a3ccedf3-2de2-11d0-86f4-00a0c913f750}",
"{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}",
"{871c5380-42a0-1069-a2ea-08002b30309d}",
"{000214e6-0000-0000-c000-000000000046}",
"{00000001-0000-0000-c000-000000000046}",
"{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}",
"{ff393560-c2a7-11cf-bff4-444553540000}",
"{d9e89500-30fa-11d0-b724-00aa006c1a01}",
"{00000323-0000-0000-c000-000000000046}",
"{e7e4bc40-e76a-11ce-a9bb-00aa004ae837}",
"{8856f961-340a-11d0-a96b-00c04fd705a2}",
"{50d5107a-d278-4871-8989-f4ceaaf59cfc}",
"{bb1a2ae1-a4f9-11cf-8f20-00805f2cd064}",
"{46a6eeff-908e-4dc6-92a6-64be9177b41c}",
"{30c3b080-30fb-11d0-b724-00aa006c1a01}",
"{6c736db1-bd94-11d0-8a23-00aa00b58e10}",
"{3050f406-98b5-11cf-bb82-00aa00bdce0b}",
"{08c0e040-62d1-11d1-9326-0060b067b86e}"
],
"file_read": [
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\desktop.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"C:\\Windows\\System32\\stdole2.tlb",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\default.cab",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"C:\\Users\\desktop.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\metadata.json",
"C:\\Windows\\System32\\atl.dll",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png"
],
"regkey_read": [
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\.html\\Content Type",
"HKEY_CURRENT_USER\\FirefoxHTML-E7CF176E110C211B\\IsShortcut",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SecurityProviders",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2000",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSetFolders",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\3\\IEFontSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\Enable AutoImageResize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Rpc\\Extensions\\RemoteRpcDll",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\NoFileFolderJunction",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\MapNetDriveVerbs",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Url History\\DaysToKeep",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_UNC_SAVEDFILECHECK\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CachePrefix",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\HasNavigationEnum",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Feed Discovery\\Sound",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\AutoCheckSelect",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows Search\\CurrentVersion",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\SmoothScroll",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ProxyEnable",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\Icon",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\UrlEncoding",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\RecommendedLevel",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\DisableCachingOfSSLPages",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\1201",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\RestrictedAttributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\AllFilesystemObjects\\IsShortcut",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Display Inline Images",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Zoom\\ZoomDisabled",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\Comment",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\Flags",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\about\\CLSID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\AllFilesystemObjects\\DocObject",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1256",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CoInternetCombineIUriCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\IsTextPlainHonored",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CacheRepair",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\3\\IEFixedFontName",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\Type",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\\InProcServer32\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\MinLevel",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\DontPrettyPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\AllowFileCLSIDJunctions",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1255",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\DisableScriptDebuggerIE",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_SNIFFING\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\WebView",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410\\CachePrefix",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BROWSER_EMULATION\\*",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\InProcServer32\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\WantsUniversalDelegate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\Page_Transitions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\IETld\\IETldVersionLow",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SystemFileAssociations\\.html\\AlwaysShowExt",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\MapNetDrvBtn",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\.jpg\\Content Type",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Use Stylesheets",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\DigitalProductId4",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\QueryForOverlay",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\TCPIP6\\Parameters\\Winsock\\MaxSockaddrLength",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\Flags",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections\\WinHttpSettings",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\950",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ZONE_ELEVATION\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\2106",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_IMG\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\AutoDetect",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\IETld\\IETldDllVersionLow",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\TokenSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\SpecialFoldersCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\ShowTypeOverlay",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Always Use My Font Size",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\CPC\\Volume\\{3f5cc1b5-70f9-11e8-b07b-806e6f6e6963}\\Data",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\2500",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\HideFileExt",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\NonEnum\\{871C5380-42A0-1069-A2EA-08002B30309D}",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/jpeg\\Bits\\0",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Enable AutoImageResize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CacheRepair",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ZONE_ELEVATION\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CachePath",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\2700",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\IETld\\IETldDllVersionHigh",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\2500",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\MapNetDriveVerbs",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\RecommendedLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\SeparateProcess",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\PrivKeyCachePurgeIntervalSeconds",
"HKEY_CURRENT_USER\\Control Panel\\International\\Geo\\Nation",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoWebView",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CachePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\\InProcServer32\\LoadWithoutCOM",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\OLE\\MaximumAllowedAllocationSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\TabProcGrowth",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\Version",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_SCRIPT\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-png\\Bits\\0",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\Print_Background",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CacheLimit",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\AcceptLanguage",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\TypeLib\\{00020430-0000-0000-C000-000000000046}\\2.0\\0\\win64\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7\\*",
"HKEY_LOCAL_MACHINE\\SYSTEM\\Setup\\SystemSetupInProgress",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_IMG\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\WindowsSearch\\EnabledScopes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/pjpeg\\Bits\\0",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410\\CacheRepair",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\LDAP\\UseOldHostResolutionOrder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Version Vector\\IE",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Folder\\NeverShowExt",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\ShowInfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\WantsParseDisplayName",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Move System Caret",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\2000",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\LogMask",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\HideIcons",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\SessionMerging",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-wmf\\Bits\\0",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_SNIFFING\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\AppEvents\\Schemes\\Apps\\Explorer\\ActivatingDocument\\.Current\\(Default)",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\CurrentLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\TypeLib\\{44EC0535-400F-11D0-9DCD-00A0C90391D3}\\1.0\\0\\win64\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\SmartDithering",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_UNC_SAVEDFILECHECK\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Directory\\AlwaysShowExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\DOMStorage",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SystemFileAssociations\\.html\\NeverShowExt",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\SecuritySafe",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Wpad\\WpadOverride",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\Locale\\00000409",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\SpecialFoldersCacheSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2106",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\FirefoxHTML-E7CF176E110C211B\\NeverShowExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CoInternetCombineIUriCacheSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_FILEDOWNLOAD\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SystemFileAssociations\\.html\\IsShortcut",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoCommonGroups",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\IETld\\IETldVersionHigh",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\FirefoxHTML-E7CF176E110C211B\\DocObject",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\SQMClient\\Windows\\DisabledSessions\\MachineThrottling",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CacheOptions",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\COM3\\COM+Enabled",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\DisableCachingOfSSLPages",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Directory\\BrowseInPlace",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Tcpip\\Parameters\\Winsock\\MaxSockaddrLength",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SUBDOWNLOAD_LOCKDOWN\\*",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\RecommendedLevel",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\CurrentLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{00000134-0000-0000-C000-000000000046}\\ProxyStubClsid32\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_SCRIPT\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\2500",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2000",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\WantsParseDisplayName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\QueryForInfoTip",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\UrlEncoding",
"HKEY_CURRENT_USER\\FirefoxHTML-E7CF176E110C211B\\AlwaysShowExt",
"HKEY_CURRENT_USER\\FirefoxHTML-E7CF176E110C211B\\BrowseInPlace",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\949",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\ShowCompColor",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FrameTabWindow",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\MiscFlags",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\2500",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Directory\\IsShortcut",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoPropertiesRecycleBin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoPropertiesMyComputer",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_HANDLING\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\UseHR",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\DOMStorage",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\RecommendedLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\HasNavigationEnum",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\HideFolderVerbs",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ProtectedModeOffForAllZones",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ShellState",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Force Offscreen Composition",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\WantsFORDISPLAY",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SAFE_BINDTOOBJECT\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CoInternetCombineIUriCacheSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\FirefoxHTML-E7CF176E110C211B\\BrowseInPlace",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\Display Inline Videos",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\UrlEncoding",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\DisableImprovedZoneCheck",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Disable Script Debugger",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Winsock\\Setup Migration\\Providers\\Tcpip\\WinSock 2.0 Provider ID",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\1400",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CacheOptions",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Directory\\NeverShowExt",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Drive\\shellex\\FolderExtensions\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\DriveMask",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Services\\SelectionActivityButtonDisable",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\CPC\\Volume\\{3f5cc1b6-70f9-11e8-b07b-806e6f6e6963}\\Generation",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CreateUriCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\CurrentLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\LogMaxFileSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\RtfConverterFlags",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoControlPanel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_PROTOCOL_LOCKDOWN\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MSHTML_AUTOLOAD_IEFRAME\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\CurrentLevel",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Cached\\{FF393560-C2A7-11CF-BFF4-444553540000} {000214E6-0000-0000-C000-000000000046} 0xFFFF",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\932",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\936",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\RpcId",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1251",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\Defaults\\Provider\\Microsoft Strong Cryptographic Provider\\Type",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Play_Animations",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\CallForAttributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_FEEDS\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FrameTabWindow",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\SessionMerging",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Use Anchor Hover Color",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Default_CodePage",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\WantsFORPARSING",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\Default_IEFontSizePrivate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_PROTOCOL_LOCKDOWN\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.html\\UserChoice\\Progid",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_HANDLING\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ShareCredsWithWinHttp",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\Filter",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Anchor Color",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\HideInWebView",
"HKEY_CURRENT_USER\\.html\\(Default)",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\CPC\\Volume\\{3f5cc1b5-70f9-11e8-b07b-806e6f6e6963}\\Generation",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_XSSFILTER\\*",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\UseDropHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoInternetIcon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\DontShowSuperHidden",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ProxySettingsPerUser",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Winsock\\Parameters\\Transports",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\WantsAliasedNotifications",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{FF393560-C2A7-11CF-BFF4-444553540000}\\InProcServer32\\LoadWithoutCOM",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Print_Background",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CacheRepair",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Cached\\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {000214E6-0000-0000-C000-000000000046} 0xFFFF",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections\\DefaultConnectionSettings",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\XDomainRequest",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\2500",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy\\Enabled",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1253",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\Flags",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1250",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1257",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\CurrentLevel",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Disable Visited Hyperlinks",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1254",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\3\\IEFontSizePrivate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\blank",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\CPC\\Volume\\{3f5cc1b6-70f9-11e8-b07b-806e6f6e6963}\\Data",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\InProcServer32\\LoadWithoutCOM",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SAFE_BINDTOOBJECT\\*",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SystemFileAssociations\\.html\\BrowseInPlace",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\MinLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\HideOnDesktopPerUser",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\MinLevel",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CachePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/png\\Bits\\0",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\NavigationDelay",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SESSION MANAGER\\SafeProcessSearchMode",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Play_Background_Sounds",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Security\\DisableSecuritySettingsCheck",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\874",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Display Inline Videos",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\.css\\Content Type",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\TCPIP6\\Parameters\\Winsock\\HelperDllName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\PinToNameSpaceTree",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\FirefoxHTML-E7CF176E110C211B\\AlwaysShowExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_LOCALMACHINE_LOCKDOWN\\*",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Tcpip\\Parameters\\Winsock\\Mapping",
"HKEY_CURRENT_USER\\FirefoxHTML-E7CF176E110C211B\\NeverShowExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\WantsFORDISPLAY",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Suggested Sites\\Enabled",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\DisableCachingOfSSLPages",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CachePrefix",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{FF393560-C2A7-11CF-BFF4-444553540000}\\InProcServer32\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoNetCrawling",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\LsaExtensionConfig\\SspiCli\\CheckSignatureRoutine",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Q300829",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\SQMClient\\Windows\\DisabledProcesses\\EF76601B",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\TCPIP6\\Parameters\\Winsock\\MinSockaddrLength",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\LsaExtensionConfig\\SspiCli\\CheckSignatureDll",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\TabProcGrowth",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\HideOnDesktopPerUser",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CreateUriCacheSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\res\\CLSID",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\NoProtectedModeBanner",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\TurnOffSPIAnimations",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\WantsAliasedNotifications",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\No3DBorder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\PinToNameSpaceTree",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows\\DragDelay",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\Attributes",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\AdminTabProcs",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CreateUriCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Always Use My Font Face",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2700",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/gif\\Bits\\0",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\1201",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-png\\Image Filter CLSID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\QueryForInfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\EnablePunycode",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\.png\\Content Type",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2106",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\XDomainRequest",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\.html\\Content Type",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_LOCALMACHINE_LOCKDOWN\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CachePrefix",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\PrivKeyCacheMaxItems",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\SQMClient\\Windows\\DisabledSessions\\GlobalSession",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\MinLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Directory\\DocObject",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_FEEDS\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\ShowSuperHidden",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Tcpip\\Parameters\\Winsock\\UseDelayedAcceptance",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SSLUX\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\EnablePunycode",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CacheRepair",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\AdminTabProcs",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\XMLHTTP",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoFileMenu",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\WantsUniversalDelegate",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\SmartDithering",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\TCPIP6\\Parameters\\Winsock\\UseDelayedAcceptance",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\LDAP\\UseHostnameAsAlias",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\NoNetCrawling",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheRepair",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\NoFileFolderJunction",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\AutoDetect",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410\\CachePath",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Anchor Underline",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Page_Transitions",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\QueryForOverlay",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\UseDropHandler",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\WarnOnIntranet",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\Language Groups\\1",
"HKEY_CURRENT_USER\\FirefoxHTML-E7CF176E110C211B\\DocObject",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\FirefoxHTML-E7CF176E110C211B\\IsShortcut",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Use_DlgBox_Colors",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CachePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_FILEDOWNLOAD\\*",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Version Vector\\WindowsEdition",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1361",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\No3DBorder",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\SpecialFoldersCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CoInternetCombineIUriCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\3\\IEPropFontName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\ClassicShell",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\Capabilities",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\SpecialFoldersCacheSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\2500",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\EnablePunycode",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Allow Programmatic Cut_Copy_Paste",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2700",
"HKEY_CURRENT_USER\\Software\\Microsoft\\FTP\\Use Web Based FTP",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\2500",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\MachineGuid",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\EnablePunycode",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\MinLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\AllFilesystemObjects\\BrowseInPlace",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\IconsOnly",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SystemFileAssociations\\.html\\DocObject",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\LogLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\PrivateKeyLifetimeSeconds",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\2500",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\RestrictedAttributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\.js\\Content Type",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Cached\\{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0xFFFF",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\Flags",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\LDAP\\LdapClientIntegrity",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Always Use My Colors",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Anchor Color Hover",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Winsock\\Setup Migration\\Providers\\Tcpip6\\WinSock 2.0 Provider ID",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CachePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\HideInWebView",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows\\DragScrollInterval",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\SeparateProcess",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SUBDOWNLOAD_LOCKDOWN\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows\\DragScrollInset",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\LocalizedString",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BROWSER_EMULATION\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Folder\\DocObject",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FrameMerging",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Cleanup HTCs",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows\\DragScrollDelay",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/bmp\\Bits\\0",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\WarnOnIntranet",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Tcpip\\Parameters\\Winsock\\MinSockaddrLength",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CreateUriCacheSize",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\WarnOnIntranet",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\Defaults\\Provider\\Microsoft Strong Cryptographic Provider\\Image Path",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\SmoothScroll",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MSHTML_AUTOLOAD_IEFRAME\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Version Vector\\VML",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\WinHttp\\DisableBranchCache",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Show image placeholders",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\RecommendedLevel",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Tcpip\\Parameters\\Winsock\\HelperDllName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\NonEnum\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Security\\DisableSecuritySettingsCheck",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Anchor Color Visited",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Expand Alt Text",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FrameMerging",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Security_HKLM_only",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\UseClearType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_XSSFILTER\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\PageSetup\\Print_Background",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\HideFolderVerbs",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\Flags",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\WantsFORPARSING",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\UseThemes",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\Hidden",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1258",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\WinHttp\\Tracing\\Enabled",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\AllFilesystemObjects\\NeverShowExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\CallForAttributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\Show image placeholders",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Folder\\IsShortcut",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\SQMClient\\Windows\\CEIPEnable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSimpleStartMenu",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Folder\\BrowseInPlace",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\CSS_Compat",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SSLUX\\*",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\TCPIP6\\Parameters\\Winsock\\Mapping"
],
"regkey_written": [
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheRepair",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\AutoDetect",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Cached\\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {000214E6-0000-0000-C000-000000000046} 0xFFFF",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheLimit",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\SipNotify\\LastShown",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\UNCAsIntranet",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CachePath"
]
}Dropped
[
{
"yara": [],
"sha1": "8a18941ee8a12d000a75f2083636b8d7fd119685",
"name": "4361b6fda5bc6d7d_da-dk.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\da-dk.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "4361b6fda5bc6d7d1dad4001dbfd81db45177ea13a6e04239f8c78d36f457c13",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "9B00F059",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/4361b6fda5bc6d7d_da-dk.html",
"ssdeep": null,
"size": 1542,
"sha512": "96eaaea6c7a58f1efea97d7793a9ffe95c326d50fbced6913ccc62fdc49302017b4ed248e1c5b5b10c436c54ae023d42a872af0ee45ce94381b8596b31480f8e",
"pids": [
1512
],
"md5": "0b88961419e86b93961a0953a990b392"
},
{
"yara": [],
"sha1": "cf90f93b70a73f72afda2fd40b142b0abe8c5b97",
"name": "683081cae49cb42d_ml-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ml-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "683081cae49cb42dc4caf6419a957f68b58ff3810da31d912cf7091536e039a3",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "488DB032",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/683081cae49cb42d_ml-in.html",
"ssdeep": null,
"size": 2672,
"sha512": "143221a649f469b7fd7d99ededeccf4b717a2f89f1503e6188f39c3e8cf41e20e86e0baba612d62103f4250609a9d11575dd8451c9d828231c6a7220b900dafd",
"pids": [
1512
],
"md5": "f47ae88a7d68951a833b6cf820b65e00"
},
{
"yara": [],
"sha1": "33d0f106b586f7e1655b4fe889f6828c4ae79bfe",
"name": "334d74373a8c74af_ka-ge.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ka-ge.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "334d74373a8c74af133987d7c6bf444edd1afcdec7428bc2819b9a42b5342775",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "DB790641",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/334d74373a8c74af_ka-ge.html",
"ssdeep": null,
"size": 2505,
"sha512": "7a48b0a805abd34ac6092f0afb2dfd1954f6c49efef4388a7bf38f2716cac3cc70151fddeb115145369eb1d9c42d18c49b02b32e88edc5580c73025581623222",
"pids": [
1512
],
"md5": "0f3814ada5b2ba56713488bcedf79b47"
},
{
"yara": [],
"sha1": "ed96006e672318c9388169a2060deab41c7d41c3",
"name": "4d04d4909d873894_sr-cyrl-rs.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\sr-cyrl-rs.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "4d04d4909d87389415aef4d28aa237b3d89f065bffb6c50263b5d59fc2f17fbc",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "3FD87315",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/4d04d4909d873894_sr-cyrl-rs.html",
"ssdeep": null,
"size": 2084,
"sha512": "a68b3cbb0e575a101bfddc16f47d70ed80515660cee5462aa781208ea89cb406d9053873495f3c1bf3b55533c8e22c19a72921ff8eb4176ad8dd2355325bb735",
"pids": [
1512
],
"md5": "2edc365f4fe5b8214a309827cfbc1897"
},
{
"yara": [],
"sha1": "fac10b18a990bdfb9a7fa047e1a1fefe9b8732b6",
"name": "050be42c229883b6_es-xl.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\es-xl.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "050be42c229883b6e9280e3d6779aefaf2954614084514a787c3e8c9aa4a5bf8",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "1C8DA4C6",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/050be42c229883b6_es-xl.html",
"ssdeep": null,
"size": 1689,
"sha512": "b7b6def99f220d8c23d8a6b9b477c607b931d01c78488bd1bbadeaae29057577db45415a10928a8014c12765a7c7882fc0cb9b86c0b641390e6fc58661609b1f",
"pids": [
1512
],
"md5": "740ff338885752bf87061f0af8c4a487"
},
{
"yara": [],
"sha1": "251d6ec1f24df91238329f5629e8c9c2ca1bdcb1",
"name": "f11b0b107ef91d72_tr-tr.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\tr-tr.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "f11b0b107ef91d72446156d13f92ca200f5aa7a5c3f655e8b2b1195c20e65fd6",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "6990CD5F",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/f11b0b107ef91d72_tr-tr.html",
"ssdeep": null,
"size": 1612,
"sha512": "087e33f6de653c5499d26fa3e360db858e2e872496908fb36ecef39b19b045060a58e74c584b003711996154d461250ffdbb6a1323a626c19bb2a5388c9c8883",
"pids": [
1512
],
"md5": "b704b6a9b4967246d7c1341a584322f1"
},
{
"yara": [],
"sha1": "5405aea80d40b28f67a7114442e83d3b03c7a7b3",
"name": "c3c48b3d3cccc332_en-id.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-id.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "c3c48b3d3cccc3320ef3eec9b0132e3100b3344fbeae3987550969a962b79da9",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "8DC2C986",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/c3c48b3d3cccc332_en-id.html",
"ssdeep": null,
"size": 1503,
"sha512": "dd4edfa30e3e12d9f1bef6440f2540c8bc56925273d4bbe0406609bb8f3618beb53665b85dcb32b330d8188851c5ebc806684418604e59b47ca5073fd88fa29c",
"pids": [
1512
],
"md5": "6ee0021704f0ebb8ead6d43e0ad48153"
},
{
"yara": [],
"sha1": "0bfd9a3da6b4516ddd26f6c0fa0023542efaaff6",
"name": "f8c4f67a24e027ae_fi-fi.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\fi-fi.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "f8c4f67a24e027aec01592253ace912051b96dcf3e0de7502a221b8bfc19ea88",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "838F63A6",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/f8c4f67a24e027ae_fi-fi.html",
"ssdeep": null,
"size": 1555,
"sha512": "8f2bd12aebce13f1ac585f0753a8aff8cdb95e6f00c2699d576e9fd90eb3aaf0d3dee440076cf154b0ba833232196ce064c4e004949540316bebbae435b262ca",
"pids": [
1512
],
"md5": "f9954e58b428eca57d6a2fc923f9c91c"
},
{
"yara": [],
"sha1": "b7b3efdfe012659129304c4567db8b39e69d0584",
"name": "c36b423710864e5c_hr-hr.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\hr-hr.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "c36b423710864e5c5875ca0ddafcf045f68d0a5d9f52d907105f1903ac49e778",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "5F58B850",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/c36b423710864e5c_hr-hr.html",
"ssdeep": null,
"size": 1586,
"sha512": "5e6f288885d695478b002a37e0744733a89d753c025f0edb4c9f6fc74c8028fbc987597fdf5cb6340114a5d693a92e0c0679c122f2bbabcb144556482c7a3221",
"pids": [
1512
],
"md5": "4d4b2b9714872c3e41a62aaf61f8c0ec"
},
{
"yara": [],
"sha1": "9711b72f9e803b57759041831cf06cbc59b2a385",
"name": "fa5b65d681047cbb_tt-ru.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\tt-ru.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "fa5b65d681047cbb538fdd8e6bd12373729ab6c4703e87835e7ca43b22b35141",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "B7BACB6F",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/fa5b65d681047cbb_tt-ru.html",
"ssdeep": null,
"size": 1963,
"sha512": "cc19a49bc432710fcb5ba435e06160cf001bbf9153f4e790af91c40475b00e672a40feb2909d2b7a2ea30c5a3ca23cae12c6391c8b9fed301082b9f085ec0126",
"pids": [
1512
],
"md5": "f133a4c6829b379f80880aea13fe74d2"
},
{
"yara": [],
"sha1": "5d61a9dbdd769549816558a371c8846228374474",
"name": "3fd927825f607855_mt-mt.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\mt-mt.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "3fd927825f60785523c564acfd88ea8b084e5a330decc15aab92449a3360d58d",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "43B5399E",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/3fd927825f607855_mt-mt.html",
"ssdeep": null,
"size": 1619,
"sha512": "8e78e334036af6e625b6aeebde71b4c481dd439e99b02f9907ff741142b822c7446347064097a031c79235c6f052579a807ec5ea98312008d342fc3491fcd23b",
"pids": [
1512
],
"md5": "f63d06105478f0fd4de0aaf9dbec5aa2"
},
{
"yara": [],
"sha1": "537800e842eae4194b15059fa85eb11f1e849747",
"name": "0c3f68857fb8a736_pt-pt.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\pt-pt.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "0c3f68857fb8a736ac6686cecf0d6bbe8f180697e7e2d34520f8b2777a56e52a",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "4FA1AD28",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/0c3f68857fb8a736_pt-pt.html",
"ssdeep": null,
"size": 1703,
"sha512": "5ee4bf99bf1d93693e39c886915554231df6495b292ce0b6467eadfc87176ab3357872ebb67966617370b77dcbdb95f7d45e51655d8c11f7537fbd7fb776a6b3",
"pids": [
1512
],
"md5": "b96dbb3a4c9ec8249adc0d9dac4c558b"
},
{
"yara": [],
"sha1": "05fb695cb07b271ac856a41ee8e2b0144a668046",
"name": "2c17e94a567d1b7d_pt-br.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\pt-br.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "2c17e94a567d1b7d5d995eefb5837d1e3af211de4af17787a0d236b1e1a1f25f",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "A0429E14",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/2c17e94a567d1b7d_pt-br.html",
"ssdeep": null,
"size": 1609,
"sha512": "c1f22988cf743985e2238b6e0cadeca9c4a4d0760f182d2522e34cfb1496d7bb06fcf05ebf1dd72963b02e404ef653dfacf6c5ecdb3dc9a1d8325d70ff704889",
"pids": [
1512
],
"md5": "9cb7a3979fc8509f62f910e3649f5186"
},
{
"yara": [],
"sha1": "64e7971b737673030e9c51f093db83a5268dd960",
"name": "45efd717ed6b8908_ar-sa.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ar-SA.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "45efd717ed6b89080eab76b03a646c927f5b337752b9038332906052abb7fa80",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "5FC8C7D9",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/45efd717ed6b8908_ar-sa.html",
"ssdeep": null,
"size": 1783,
"sha512": "3dcc5f2646e25f532b092ca923bb958136ae76225abe33be56a40849e839bc0f0b8fc209882ab826947f61ceadcf595317c898decbd21f8c425cfc30394cee32",
"pids": [
1512
],
"md5": "c27fd6232d7e595ac99cfa89a9eb8b6c"
},
{
"yara": [],
"sha1": "15d90e0ba9f5d19e7c79e8801700c72f7685d709",
"name": "95fc3517cf09130c_es-ar.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\es-ar.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "95fc3517cf09130c3b83f717ff6bcf5fb52a5dee6331fec02c18a8a71b9c44fd",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "B1B17548",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/95fc3517cf09130c_es-ar.html",
"ssdeep": null,
"size": 1689,
"sha512": "053287ac7a84eb533bf2ba4ce69fb409404bfd907f1dd339da9c47ea06c81d249f4fa3372db20b91127050a89af1490e402682ef50617e14524ab5d7aa9646b2",
"pids": [
1512
],
"md5": "8ece8d0665426fa8a4196e6570dacd4d"
},
{
"yara": [],
"sha1": "9edebb9482667e0e2b4ed68ebf29d83e0a0b94d6",
"name": "1d8b27a0266ff526_microsoft-logo.png",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png",
"type": "PNG image data, 142 x 30, 8-bit\/color RGBA, non-interlaced",
"sha256": "1d8b27a0266ff526cf95447f3701592a908848467d37c09a00a2516c1f29a013",
"urls": [],
"crc32": "1C2C3992",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/1d8b27a0266ff526_microsoft-logo.png",
"ssdeep": null,
"size": 2912,
"sha512": "b83f9a93729440ac0c0c62d60633741573ae8e52c7e103099d122e1e46332c7d8998e8a6ddfed6fcab7311e334f87d3895a2fd689c933edd0fcc8ab08ade377b",
"pids": [
1512
],
"md5": "b7c73a0cfba68cc70c35ef9c63703ce4"
},
{
"yara": [],
"sha1": "7b2b67530c7aa83acb1873e56b421af8e8a419ac",
"name": "2235c16d84ed58b2_uz-latn-uz.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\uz-Latn-UZ.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "2235c16d84ed58b28066470cf37199ee01af853bb92da594d5d86b9069e2dd69",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "7C55F311",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/2235c16d84ed58b2_uz-latn-uz.html",
"ssdeep": null,
"size": 1636,
"sha512": "8ee22f1e6fd18542815652818dac809804d22b78396e044fe9aff50209c3900be8b1546bcbc88029359d10fc99a2f5fff90128b47a724011599206e54ead48fc",
"pids": [
1512
],
"md5": "71b621c0d0b9cc7eb4be5ade5187ff91"
},
{
"yara": [],
"sha1": "47ca05679b2733d62c5eccaf00558650af17659a",
"name": "46be7c46b1890355_es-cl.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\es-cl.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "46be7c46b189035526577ce2cdb1904eb05b6bd68560dd87374bf44ac7bb3266",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "27810C01",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/46be7c46b1890355_es-cl.html",
"ssdeep": null,
"size": 1689,
"sha512": "91d62e6435ed9ef9ffd7641d9f149d817d0647d36c87c7c5e254e6a00fd507cfb7161de770d44cc8e9a6bfccbe140057b2d77e1585448f193f9e983f7360ca03",
"pids": [
1512
],
"md5": "b80d7a63e4b95825528c0469f11df89c"
},
{
"yara": [],
"sha1": "6008aa4ba7e04e8996ccb29109ffe0ce036f3e90",
"name": "50822c8fab92baa9_id-id.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\id-id.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "50822c8fab92baa9c73f9c7a0c88c7d88c31414e237e9d33555cc308731bfb7c",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "5570B033",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/50822c8fab92baa9_id-id.html",
"ssdeep": null,
"size": 1579,
"sha512": "d806a670e32b22bb368a61e4af087ca88b9d2cb1a15c49ebfcb03202a0049d9b83681635a1c809641ce39c375a88913c829bbc81c5bc4b872d01dfa7da8b33fe",
"pids": [
1512
],
"md5": "52317b188154af581505befc6779e62c"
},
{
"yara": [],
"sha1": "368313fcfbb6019445b8ec1e826fef08e4a79170",
"name": "f516204d9fa67060_en-ca.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-ca.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "f516204d9fa67060ef491eff903d07191004de2b46551d6b81317a293b0902a9",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "BA2862A8",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/f516204d9fa67060_en-ca.html",
"ssdeep": null,
"size": 1500,
"sha512": "a2adc6d60cd195003b254a15d6ade53e8d722433fc119209bd7efa4e2159e117ac189e83d01dfeb19fad2fc4bdc62c5cb0233c32eb028ca02ec52ec864507d66",
"pids": [
1512
],
"md5": "838897f04aaeb65ea46b3cd46fd8281b"
},
{
"yara": [],
"sha1": "c94d7b6c440b8d918426ab3ac62813c9d191771c",
"name": "f2c9afd5ff507ec1_cs-cz.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\cs-cz.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "f2c9afd5ff507ec1dcb8042d63ca88389eacea483153d8cdc067df344fd2eeea",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "584A3919",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/f2c9afd5ff507ec1_cs-cz.html",
"ssdeep": null,
"size": 1573,
"sha512": "b6616c92e7020dcafa06c3cb0e2cd86db33b2d275843d4d8ab7b561de2c646b3a7f9afca59720fd44947246e32342007721d7d2845fdc27a480d5fd06eaac96f",
"pids": [
1512
],
"md5": "1cfe3b081f1d2d67ccf2fdb94d20e4a3"
},
{
"yara": [],
"sha1": "2587df762977d32b2384b0377c0f849f36591d53",
"name": "0a6bf85955ac6862_fr-ca.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\fr-ca.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "0a6bf85955ac68625302d2d3bae7f7326e1bbb0521d3b2048d641c6c2da41cac",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "6BCF9324",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/0a6bf85955ac6862_fr-ca.html",
"ssdeep": null,
"size": 1616,
"sha512": "4ce13ff5e45c121939d2560325d337f9925864bf08b75f24bd692a11d22425e2e8107753dc8fac43e7e1a0a31a01deaabf65bdeddf91bc4d666ebead0daac488",
"pids": [
1512
],
"md5": "60f04fcf5630bc3b92bf30c155b66bc2"
},
{
"yara": [],
"sha1": "52c388df61dd727a11fe94e3d3250cb40fe7a1b1",
"name": "93415691f35a1b49_prs-af.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\prs-af.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "93415691f35a1b49b18cc4b4538792d3846abb514b82e929cbd9fb715dbce73c",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "3CDCC26C",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/93415691f35a1b49_prs-af.html",
"ssdeep": null,
"size": 1990,
"sha512": "826fcf5a66803c972426600e6aeac6395e5c2e40014cf2a5a6048141b3cf1b555bede97b6bee5a33cb835b2e8ab5ab410d61abc6639d7c0ee53dc7f84c873a35",
"pids": [
1512
],
"md5": "e49cf9a15729e232b49020c3c076a22e"
},
{
"yara": [],
"sha1": "d7ef2e4c394314ce40bb2388500c9cb82f9605f4",
"name": "9755c59b70dc7b6c_gu-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\gu-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "9755c59b70dc7b6cb565247899704e9af497eb03d39a8840dbc2777361c60017",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "3E16010B",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/9755c59b70dc7b6c_gu-in.html",
"ssdeep": null,
"size": 2276,
"sha512": "c6ec4b8f1deb29066c17d07567fc3eeb9bb92c566b37cbc1e57fd7117e09f9768c1012371709771d2f78cf6ccc44e95c065a08a4b713d341bf1369f9d0526ad7",
"pids": [
1512
],
"md5": "7d0de2c5e6b45ad6ae9eaca0669b7eb3"
},
{
"yara": [],
"sha1": "caf1deb38961c10128bc8f0ad7069967985ac9a4",
"name": "aabdf824116081d9_sr-latn-rs.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\sr-latn-rs.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "aabdf824116081d9a2e907de26f5af9aff744167ad18ea622cb1134c1368bd59",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "1EBF8419",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/aabdf824116081d9_sr-latn-rs.html",
"ssdeep": null,
"size": 1650,
"sha512": "1d6b68fe43329f6b055a891a45b0b7892917f3351f647031f15fa75f51a380c5fc6c0eabd8716de4487c3e7336fc6a6ab041eb40cffdc0d736af2adb0018b008",
"pids": [
1512
],
"md5": "73fbb04593e4b85e754f5e75fae6bb2f"
},
{
"yara": [],
"sha1": "47c681c26db8ad4b9db22fc6bea22ebc3cebab31",
"name": "ef745e40c78de9e9_lb-lu.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\lb-lu.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "ef745e40c78de9e9fab1fa6a1108c4ca144b11cb475b30529b2eefd3a1b49eec",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "A29D848B",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/ef745e40c78de9e9_lb-lu.html",
"ssdeep": null,
"size": 1624,
"sha512": "48c9845dc7e4d2106921cf5f6b96c896a8f45d85cc9363f950f5b5b9255d631f2d20ea3ecab8e25cef7e3dd5e1c93f7b959f5899d64ec366b1f836aed071d745",
"pids": [
1512
],
"md5": "2d675ee0f614ceeb05da8cdbd3f3bbcf"
},
{
"yara": [],
"sha1": "6ba371a0276c8cdfcac2ccdef54cc92fc517baa6",
"name": "1692b3b47388dc7c_ne-np.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ne-np.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "1692b3b47388dc7c5b0797a7a3c6253a40fc6dbc2cdece7b3ca8421c7efd904e",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "1953D0EB",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/1692b3b47388dc7c_ne-np.html",
"ssdeep": null,
"size": 2304,
"sha512": "fa24672da1cd9b0bd9fabd9639138ed22a773f42cee3f01947a0b5ff7b7007c89eac88684dbaed7456bdfbd2be1dbb22e2bb4bf3b269efa59c03c5d729223653",
"pids": [
1512
],
"md5": "39d496e5cc98164ca0263313893970e9"
},
{
"yara": [],
"sha1": "50d677702ce363905d36bdf08d78817c90b0f690",
"name": "a729cd57a90c1c52_fr-be.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\fr-be.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "a729cd57a90c1c52f183d75c3f7306a1e31b0e21e6f00fc60f51462b22a09e12",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "232244C2",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/a729cd57a90c1c52_fr-be.html",
"ssdeep": null,
"size": 1623,
"sha512": "c2a338717fdf789aeb088f03107ef7b5a355ecb1f3fee1f9cb9295e847c9b862879743997d6e464fea7921c13e7f803831411243d305c74cee23959e0c841273",
"pids": [
1512
],
"md5": "ea82b2a514d5ec991a265f0e7087a829"
},
{
"yara": [],
"sha1": "6b67efb4d198d5f3c95c903be602eb360c0f4283",
"name": "1905e7e43097dd4b_en-us.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "1905e7e43097dd4b95a6285e7b072a969216ea2a16dfe714cd13782abc3831a0",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "12638957",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/1905e7e43097dd4b_en-us.html",
"ssdeep": null,
"size": 1503,
"sha512": "a880e2d7d2ef6c4b9b93c0501a27c30e378f85751a7b81e1406a973152943e3b9e20f07399963f5482f7d961cd012fc75157bf2128a72a8cc71db191ec1dc0e1",
"pids": [
1512
],
"md5": "898caa6586bb8fa6ba97bdab1f7a5b23"
},
{
"yara": [],
"sha1": "66767ff2e73cd3609e3d12db753900b06e1b9b03",
"name": "c7b7cbbd78eafca2_tk-tm.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\tk-tm.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "c7b7cbbd78eafca294304f3c94ca636dd86caf9485e6beccf5a211cb99cd6d1a",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "BDD72DA2",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/c7b7cbbd78eafca2_tk-tm.html",
"ssdeep": null,
"size": 1713,
"sha512": "f60fdeac5f5d500c9f36918623e4362e940a1b3a9f0c0ee6837f678977dcbc00cd5c810f4c609f6bcfe82e8634b4d0000254c48d38c505d3571f81a0831fafa8",
"pids": [
1512
],
"md5": "da086456beca069e31ba6e3a1e71c30a"
},
{
"yara": [],
"sha1": "b6e8cd8e00e8c391b8ceef0796a381a086e0f61e",
"name": "51daa58f2d4713ea_is-is.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\is-is.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "51daa58f2d4713ea8e03711b7213a03748fff1a3e25c44f565309fbd0ce49fdd",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "E256F12B",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/51daa58f2d4713ea_is-is.html",
"ssdeep": null,
"size": 1656,
"sha512": "7f2aa7e932a8981ec5bb8bf463bbd7a7a8a247366d3a53fbcec2c0f509d6d128daf9339bc22b7f8bd9f2323b355d565797e80410d13b97d9bed17a27e04868ab",
"pids": [
1512
],
"md5": "408cdb389e10dbddb04f6adc9bbf7f16"
},
{
"yara": [],
"sha1": "adadaa8274b2bbd6d5c24f48c59ab106c45bf846",
"name": "f48db277eea7c9b3_nso-za.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\nso-za.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "f48db277eea7c9b33e1bf8c3827def66675b6c7d5fb36a51b82b64d95fa4092e",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "B0648C01",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/f48db277eea7c9b3_nso-za.html",
"ssdeep": null,
"size": 1654,
"sha512": "5bb74868bec88fcc150d13bf66fd7f7c97dd2564f826bde81554a3714a92d5af9201c3bb72b78d28fa7a57b9c7d08d7432ca54d4811aeefae120d2292f772b87",
"pids": [
1512
],
"md5": "892f06300d23f38dabe7f6f9034f891c"
},
{
"yara": [],
"sha1": "04b7e1ba1567dc894f6164a5deebc82771742814",
"name": "1f11dc606e6acabf_en-au.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-au.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "1f11dc606e6acabf3422f454a843a2b12ad8fab176d1d7f75e7d7819e9c33cd8",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "95ECC670",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/1f11dc606e6acabf_en-au.html",
"ssdeep": null,
"size": 1503,
"sha512": "8dd09813c518e4a4ad3e1f054d31368dcf2b213a4fe753e9c66c94776ebc99ea04b6ca792eaabaf6c2142e5afde0f45c55ee9d14dd9542535b9117480cf0388e",
"pids": [
1512
],
"md5": "c41d864704cea3d9139dfdbe493a1fd9"
},
{
"yara": [],
"sha1": "49685650b74301aa2eb07a533f4c934d0f0f30a8",
"name": "a00b1ba420bab0ae_am-et.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\am-et.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "a00b1ba420bab0ae92b3cc8b8e8c4d80a79dffe626fc1aaa80b3057ead1b0692",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "DC0B1F53",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/a00b1ba420bab0ae_am-et.html",
"ssdeep": null,
"size": 2054,
"sha512": "d3282032dbf57998918cdb95101913fa9cabffc0ebfaecdc20728655b2b2bba7e8c1b1beea0eae47f49d06f45512827edf0f730c2136510b94ea32016ca94083",
"pids": [
1512
],
"md5": "1aa565a93997f9e612da6b8baf90b037"
},
{
"yara": [],
"sha1": "3a7252fd3156d256cf464bf2bf64d11b32ce6351",
"name": "628a6889e9ed2b34_ur-pk.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ur-pk.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "628a6889e9ed2b3427715a3491dad4bf6964c47f9b255b4836ec24b52aa553bb",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "24C1E7AD",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/628a6889e9ed2b34_ur-pk.html",
"ssdeep": null,
"size": 1944,
"sha512": "b5c0daaa723c864d62737c452c14eca12e56e3f613e641656bfebfa1640273c217bf9611c2d811f9faf6d8f6049a73f5b25fb90c6b0e03c9c4a49ff592e6ccc5",
"pids": [
1512
],
"md5": "4363a25200caa235bc032edf48a90ecf"
},
{
"yara": [],
"sha1": "9f9011061e69ddc37e0e11a9a327396012a0597d",
"name": "880429958ad822df_de-ch.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\de-ch.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "880429958ad822df548cfdfadc183e5b1a4e7ebdb8f9b8bcd732664db1c78781",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "DB188953",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/880429958ad822df_de-ch.html",
"ssdeep": null,
"size": 1692,
"sha512": "7534ed648ef5aa0657859c28ac1585054c2dcad0292ca54454aba32befa1f6bc55164b103104ca28b1e3560603d0a8c1b2fbe1559fd512a7de1d2b35ee3540fc",
"pids": [
1512
],
"md5": "063c721fec51ebdd82cef525c9ed21ed"
},
{
"yara": [],
"sha1": "79e10ea8608a70f3fa2bb345d71c231a4a2b8ba8",
"name": "a326236959aa80ae_fil-ph.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\fil-ph.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "a326236959aa80aeea55e1282c9121dababbfe3de0a51ff9730da3a050060537",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "4641CF9E",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/a326236959aa80ae_fil-ph.html",
"ssdeep": null,
"size": 1632,
"sha512": "e56157bb579dfd3c13e995d8dc00ebe590ffe002c6648c80bd913bdec2c3d41c39e11de66c796afeed6c503ccf98eef439ff5a4c291c6fc703d9e34526d7cbc8",
"pids": [
1512
],
"md5": "b9c47913ce2331327128931565ab9221"
},
{
"yara": [],
"sha1": "bf4c8698c71020798587888ab6ed252971b0ccad",
"name": "7f4f0f274b28de22_bn-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\bn-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "7f4f0f274b28de2218f355896fc1561c5f4e2049cda0f6c31797e20d4562f25f",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "200D7094",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/7f4f0f274b28de22_bn-in.html",
"ssdeep": null,
"size": 2289,
"sha512": "2c9d06a36ce11f60420a45116a8415b0bf4760eafda030cf094c5cfca029bdc9534e5a12f5f4805eccaf283ffe993ebb7d7bb50aba113025daa292dea6dcc40a",
"pids": [
1512
],
"md5": "1f7a2cc5401cf71d59a942382c461b79"
},
{
"yara": [],
"sha1": "077039cf5ff5ec49e21e7a4e92dda1557f23fe6e",
"name": "29c5dee647789ec6_en-sg.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-sg.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "29c5dee647789ec60383df0ea5fb886a104b2a2c2fc1ab2fafde8a90b6265fca",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "4F80C6E8",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/29c5dee647789ec6_en-sg.html",
"ssdeep": null,
"size": 1503,
"sha512": "493b970ddd0a07faa3fe1f6de30c1439798bdf99198ff9d4f4fe7e12faf43f947b03dfc3127e619e1a6235e0b22c1f3f828f750733778701828f6b9511d89890",
"pids": [
1512
],
"md5": "918ff827cb0a8764d23bdb1e24006b08"
},
{
"yara": [],
"sha1": "7040abe1f3d3c02808f714670879ea1e418de647",
"name": "f7936f48679e5223_zh-hk.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\zh-hk.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "f7936f48679e52237d32c6b17e53b845f6ea5940ba170a02ee40adafbf580f9e",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "2DAF0855",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/f7936f48679e5223_zh-hk.html",
"ssdeep": null,
"size": 1484,
"sha512": "65f4d88a829f7ae359a2e666d4d98e70cf2b0363b91f981cb167626b7d394ed379d2a8c905b568b23388aeba4063d3845d457f18ffc8fb618ba3509453c21e90",
"pids": [
1512
],
"md5": "1b16642baca76b92605da0e38f720193"
},
{
"yara": [],
"sha1": "6096970f783deb7105a46a4494442c994e5628f8",
"name": "0168e4f363658ac6_vi-vn.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\vi-vn.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "0168e4f363658ac6014466c3d677c5bc76ddce4236587d070a9f04461d08d318",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "683A2A61",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/0168e4f363658ac6_vi-vn.html",
"ssdeep": null,
"size": 1739,
"sha512": "7c4003c5c94df4b0063b1316161f1ddd98f76881f9c0099d8bbae0d41790b2440ac76940c678f7a613340746e312f5214fad8be3e62c67149c24ec728fbca013",
"pids": [
1512
],
"md5": "831d2365b57dcaf9ce564b48fcbdcc09"
},
{
"yara": [],
"sha1": "8324f2ae81110f2609c3cdf40c221a36d8c809eb",
"name": "c89aae8bcb04f793_ta-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ta-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "c89aae8bcb04f793712ca3279c73ef07a7459a73268a9068400e594f64cdbcda",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "170D6155",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/c89aae8bcb04f793_ta-in.html",
"ssdeep": null,
"size": 2510,
"sha512": "1e1e29d55638015ff74cb930aca2336a2e21e031f129a3b21b9d0b9db2a974e60a05da06303918fa8069086beb534f309850efbc5dcda3ddae9b5a37a9c352bf",
"pids": [
1512
],
"md5": "3840502e696e9af2245f4acc26479b61"
},
{
"yara": [],
"sha1": "3e7f01eb10cb1d74c229910ba338c1f15e2cbb36",
"name": "097b8c2f0f66506f_ca-es.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ca-es.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "097b8c2f0f66506fd9634be6295a05ce4fa73f204a5c1d4ac3ea692a5984d453",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "3A22A65C",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/097b8c2f0f66506f_ca-es.html",
"ssdeep": null,
"size": 1730,
"sha512": "94e5252c2842ebed5c619f8e0551552c83758c8280650d2b9363fdc9fb484caab65b3f70842b786e02608f328d8ad7deece5c7be580b8b5f7b51de37fc53ec6f",
"pids": [
1512
],
"md5": "e71e0b6b2bcaeac2d4f8bf2d31959af4"
},
{
"yara": [],
"sha1": "ef18b0a89c2f4a29ff545056ecca3f4a9a76293f",
"name": "50504e9b4f047fc5_ig-ng.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ig-ng.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "50504e9b4f047fc5dc8d692f3ddd5e87f1750116f938fc29f3fea72b426477c7",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "4F53CD1A",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/50504e9b4f047fc5_ig-ng.html",
"ssdeep": null,
"size": 1653,
"sha512": "534ad1de46ec69f8526c5e310bc0fe80e0d34483879eaa99048b3aee05d442d8b6d7bd442a40bb5603f08a34c2f6f21652d47abadf8c0ea7ed2a2993fab87408",
"pids": [
1512
],
"md5": "4e63de57c7ccdb3347a5a3111902fd46"
},
{
"yara": [],
"sha1": "ec1d65eb6dd33137dfe11a1846ed7547db0eabdd",
"name": "333621b78acf45a9_lv-lv.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\lv-lv.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "333621b78acf45a9bd87c707121c1680555b8280ebbe703a0d0b67c28ec162c5",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "605780E2",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/333621b78acf45a9_lv-lv.html",
"ssdeep": null,
"size": 1566,
"sha512": "40aa1c2e47c72b32e56d067293a876e6f63dbcef60c1f3dcbb3d75717301b72580a391a101dd23d711f4449e9cafc4ddac2a6ebadbfa125ca8f7d32933084b62",
"pids": [
1512
],
"md5": "4ce6bc57ebc084559760df22ba199d26"
},
{
"yara": [],
"sha1": "6621b5685b6fdbc1860796a6a51ed26712eeecda",
"name": "b8ce946eec223066_hu-hu.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\hu-hu.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "b8ce946eec223066267d434c722032f9f3ed4216d10a46d61b79b3ea270ef264",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "039C1EED",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/b8ce946eec223066_hu-hu.html",
"ssdeep": null,
"size": 1710,
"sha512": "01a445092da595880fa9b6c549afb32eb1e90e627424f2ced0ddf323911d490c5d6b35f2710c0d5fb292f4cde0b19fd3a278808c60e48272d091a80a6c2791f6",
"pids": [
1512
],
"md5": "0ee1907fc1110578fde0323e569ae1f4"
},
{
"yara": [],
"sha1": "7ff4ae2a0210cc8e6be2523a7f40609b04f6863a",
"name": "aa576ea49394ddf8_main.jpg",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"type": "JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 782x300, frames 3",
"sha256": "aa576ea49394ddf86db84a1afdd773e8eb793262b7249b7915eceb741ddd6d1b",
"urls": [
"http:\/\/ns.adobe.com\/xap\/1.0\/mm\/",
"http:\/\/ns.adobe.com\/xap\/1.0\/sType\/ResourceRef",
"http:\/\/ns.adobe.com\/xap\/1.0\/"
],
"crc32": "F446D659",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/aa576ea49394ddf8_main.jpg",
"ssdeep": null,
"size": 27910,
"sha512": "13b53120866f0f3de29a3b51aaeb3059685b71942aaee186e216dce241778b8eeaba090cf9431217cd92f6370897aafd969b064b0c442dcb726c64c39e27caf2",
"pids": [
1512
],
"md5": "61893862a20efa7b46c8b43a3fe9bbaa"
},
{
"yara": [],
"sha1": "f55460568f65cf76eadfa6aaada44966b7ace3f6",
"name": "1fddcd12abbdfdfb_en-za.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-za.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "1fddcd12abbdfdfb37dfa71aacf9cba326d91d9eb1b76d8676853fa75fed78b2",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "35BA6521",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/1fddcd12abbdfdfb_en-za.html",
"ssdeep": null,
"size": 1503,
"sha512": "1ceb62de52df7000f1e5e82933dd291d08b176269060d1a3f186a17a90781f5b40864de3c2d5e419cc6883442b494e81cb3a07c70e90b164fcd66e68b7f3e185",
"pids": [
1512
],
"md5": "549eefb71b812344fd9bb659c2b02f48"
},
{
"yara": [],
"sha1": "b1f5a5e9ad7488d2158f3383f9b92b1da0b2bcd5",
"name": "bdbf683c25db589e_nl-nl.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\nl-nl.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "bdbf683c25db589eff2ab5be2d1ec1126240dc50e437dea9a09a61573d24d59b",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "B9500000",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/bdbf683c25db589e_nl-nl.html",
"ssdeep": null,
"size": 1593,
"sha512": "b573c38dd65567fa5f35b1fb831fa17168c0c7a0d1a043502cfc2f33ed25533a1b645c9f28cb16c0e73aea48a9690e8c7bb693fa2a201fc0818bdb04b222feb9",
"pids": [
1512
],
"md5": "a6f5a68ee2d40d2fa9bf8fe0fb9e8d14"
},
{
"yara": [],
"sha1": "22e176b0ccf7f7d6a221aefdc28465cd67cdacaa",
"name": "7b349cd616b7ace4_sr-cyrl-ba.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\sr-cyrl-ba.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "7b349cd616b7ace44f58a90f73dd2079f07d974dba71a301153e26d5c18976c1",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "68ED2361",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/7b349cd616b7ace4_sr-cyrl-ba.html",
"ssdeep": null,
"size": 2023,
"sha512": "1caab372a53dd7d76ba59e90b42f778b852ccd190acd8d3a928615f5c6b56e3159e3b4a024d220469507262c49b725aaffe33325bb4ab991549e51f458e29579",
"pids": [
1512
],
"md5": "a2186425b37d005cc7c3e4c85791dd91"
},
{
"yara": [],
"sha1": "7d92bb9b822ba16b60adb184f085d609b93062dc",
"name": "2f483cf9aa2a771e_kok-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\kok-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "2f483cf9aa2a771e481c2af755c7e6eb272266abcde50b282b551367f15be693",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "322E0279",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/2f483cf9aa2a771e_kok-in.html",
"ssdeep": null,
"size": 2263,
"sha512": "1ad7310ab4a7a10498ba569461fe9625aea035b708d7e83f4841ddfec90a7b2c18f3f8ecebe06106021f5c12ab16fcdfbebc3c9f2a3bfb081c1a6f2cd5fbaad5",
"pids": [
1512
],
"md5": "46756d152e4ea1e0e4a60781118b2ca6"
},
{
"yara": [],
"sha1": "d3aa082589ffeb6f3d03f8d683aa60d5a878e2be",
"name": "442b65b766deaae3_pl-pl.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\pl-pl.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "442b65b766deaae3143960ba3b8d9b6d610ee2241c79eff16b2934480a5df32c",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "8BF4AC9A",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/442b65b766deaae3_pl-pl.html",
"ssdeep": null,
"size": 1620,
"sha512": "e34e8a6c24dc599e4f4a10accd64079ee6f44868b328190076ede4115ecc9eb2721eb3d5dceb3710b957d7a276d39635c10ed1f5f9b93850c1edfb1bb1b0c576",
"pids": [
1512
],
"md5": "be07ac8a8f18c71b2c3c781d8c0ff1b3"
},
{
"yara": [],
"sha1": "323bdeac4b066fa3c3c5c7861f1d32cf9be2836c",
"name": "1559aedd2f6eb447_lt-lt.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\lt-lt.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "1559aedd2f6eb44736afacede60df648bd65ce8315187191a8563310287b2f09",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "4D01A9B1",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/1559aedd2f6eb447_lt-lt.html",
"ssdeep": null,
"size": 1666,
"sha512": "0037fbce7e1404d7a6b3550e875cf22960f91ef0ddf1ea37371476ab8c6b1589d9928be09dce55227d47e3eff621bd141fbdbe6242fbcf89089c2a8ce5d93f93",
"pids": [
1512
],
"md5": "aff4be1c7a756727025be937865cabd6"
},
{
"yara": [],
"sha1": "17c66e0cde899cdbef51223af957acda70a9effa",
"name": "1cbd5edb2a87d691_ru-ru.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ru-ru.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "1cbd5edb2a87d691efc2d62566ee158ae6b6a1f6207e81e1888b4193cb02b92b",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "C8640B42",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/1cbd5edb2a87d691_ru-ru.html",
"ssdeep": null,
"size": 2061,
"sha512": "9c1dba151cfed752e7ad7df4d608a9a1468dfc5205169ca53a02eb6893c57f4a49198a232c7bfbe774909f0ec209216d97755b7216358c435ca8f9e2e0cc675b",
"pids": [
1512
],
"md5": "adf36055a84c79cd314d12e600b913ea"
},
{
"yara": [],
"sha1": "215c5f61545328f31b24d95e5ca3f92f8b5429bc",
"name": "0435a08df000da1e_en-nz.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-nz.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "0435a08df000da1eb9f8a99907da75f6564d65eb806e0cef883c34336d2bd199",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "1F251EF9",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/0435a08df000da1e_en-nz.html",
"ssdeep": null,
"size": 1503,
"sha512": "05fc2e164f96bf0e2925432bddf3f75b54d27558159c98da6303d5b1bbf4106a4e204833f974a78ee100061b2557181061f190aaa1e2b8ce5fc3ff2cd455d9f2",
"pids": [
1512
],
"md5": "05b5c577d37fe440aabaeaaad8a3ec8c"
},
{
"yara": [],
"sha1": "031e06fadd65f39cf04cf5c5a368ff96a75ff9d2",
"name": "00e6bb9ddef52df3_et-ee.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\et-ee.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "00e6bb9ddef52df35ae88b3d587ac2cde68c9c7bea4677cda9e9907af9e47599",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "B38E8696",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/00e6bb9ddef52df3_et-ee.html",
"ssdeep": null,
"size": 1563,
"sha512": "07a0c9590d43ea1a77414b0fc6ba28edd381cb3091bd4363791af4d50bcf4e1c7bfbd3fd0baedce21df4b072810e38a17ea49e81b31bbb449dd69fbf4cf4110e",
"pids": [
1512
],
"md5": "c1abf0533ae3f11cb6c441ecb320f55e"
},
{
"yara": [],
"sha1": "32227d5acd535231bba3b544b1c09ce4d4eebd55",
"name": "4516932b60440ec6_si-lk.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\si-lk.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "4516932b60440ec6a45c3085825e91ebca841a724071843e3ddb63e859431da0",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "AAD12A08",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/4516932b60440ec6_si-lk.html",
"ssdeep": null,
"size": 2258,
"sha512": "532283e655f35a3dec3fb99e1e0b6db35b8077b7ba0d775a12dbd1e3f4e96ad020b8e47f0030a2c87ba7ae65aaa48b8956e0fff893acf38e47413ecbea55502d",
"pids": [
1512
],
"md5": "6e7c511f7123778d80efe35114230fe9"
},
{
"yara": [],
"sha1": "796a4d7dd78f95aa0621174a98e71ba036e77d3f",
"name": "38fdf1153112ab36_default.cab",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\default.cab",
"type": "Microsoft Cabinet archive data, 72489 bytes, 127 files",
"sha256": "38fdf1153112ab368e29eb257c82234c210156764c07bb3f6e588a03d6586ef6",
"urls": [
"http:\/\/www.microsoft.com\/pki\/certs\/MicRooCerAut2011_2011_03_22.crt0",
"http:\/\/www.microsoft.com\/pkiops\/certs\/MicCodSigPCA2011_2011-07-08.crt0",
"http:\/\/www.microsoft.com\/pkiops\/docs\/primarycps.htm0",
"http:\/\/www.microsoft.com\/pki\/certs\/MicrosoftTimeStampPCA.crt0",
"http:\/\/www.microsoft.com0",
"http:\/\/www.microsoft.com\/pki\/certs\/MicrosoftRootCert.crt0",
"http:\/\/www.microsoft.com\/pkiops\/crl\/MicCodSigPCA2011_2011-07-08.crl0a"
],
"crc32": "B722D8D4",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/38fdf1153112ab36_default.cab",
"ssdeep": null,
"size": 80081,
"sha512": "14978d8c4710753c4d3673e94b734fb87595d5254477d19eac404c128294ff415665c9339d4169252b2f5a21bba658ba69221f62a36e6b499cb3d434921354c5",
"pids": [
1512
],
"md5": "5b03e0bba894208fbb0ec108c6812ca6"
},
{
"yara": [],
"sha1": "720a3e6e17f9a796e0c95193f2ed421932ef93d0",
"name": "58203f2a9e049ef7_insertbom.exe",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\InsertBOM.exe",
"type": "PE32 executable (console) Intel 80386 Mono\/.Net assembly, for MS Windows",
"sha256": "58203f2a9e049ef78a2e4d84422a9eb839f2f4e6da236abe3c4858ec7b6d1d0e",
"urls": [],
"crc32": "C2DEA78F",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/58203f2a9e049ef7_insertbom.exe",
"ssdeep": null,
"size": 5120,
"sha512": "2cf48900cdf347b7dac5ceccfe6bad1fe5a845e25b2e6e3ea797fa59126fdb262ebe0ef0d4f827b16bf452635059812136bbdbc01846f4b542b0e72f2c2e6384",
"pids": [
1512
],
"md5": "632a7713ce24dcaffa075ed60cdec51f"
},
{
"yara": [],
"sha1": "a2f6b51a7bd5cdf5d0570bdab64da21cf557b1e0",
"name": "47eaef235ecd55b1_en-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "47eaef235ecd55b1ada264df24d8e1d900987888cbe6bd1d34fa55f7e21e64f6",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "211AF6BF",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/47eaef235ecd55b1_en-in.html",
"ssdeep": null,
"size": 1503,
"sha512": "4a288051531c8894175b9fd549656437eebe71c7ceea13714f33fc95f2a212f52df3d6a55bb7f6da77fbc2eb8aa035073be0771c4a3feff2047066436f26e458",
"pids": [
1512
],
"md5": "a71aa7ca70482370c284eb46ad67aa5e"
},
{
"yara": [],
"sha1": "ae65e92e40f67d1f8c456ce64b1625f964528b5f",
"name": "701b961ef31ce8bc_zh-tw.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\zh-tw.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "701b961ef31ce8bc2768728d10dea63bd6417c883186e8205363f247d0ac0d77",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "9CD3CF2F",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/701b961ef31ce8bc_zh-tw.html",
"ssdeep": null,
"size": 1487,
"sha512": "2927e3e63b480fcde4846e67894fae106549ba6867404fa25aadc3107c235340a95539684199f1e194a1c564d27cd3283ca093f608ffba1c0d8ea7e13f175074",
"pids": [
1512
],
"md5": "ebd7c9932ee39a2d3a74582002ce28c8"
},
{
"yara": [],
"sha1": "6e83d58a7b3fde4ac2f80a06c85f1ae692c7fc21",
"name": "8edc11a3d723230c_el-gr.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\el-gr.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "8edc11a3d723230c8beaf0bfb09dbd817e17648f70f82be884af827c42b1af6a",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "E8CDA7EA",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/8edc11a3d723230c_el-gr.html",
"ssdeep": null,
"size": 2126,
"sha512": "b351a6220ccc5536ceb43759bda437e3217405ffc788cee236b3b5ce7afcbe2afd0fdc6bfd1795ef301a02b673150a4038db02624db8cbc88facb4f5be893e65",
"pids": [
1512
],
"md5": "3cb3808bdbb5a264f8f27a4ecd450fc0"
},
{
"yara": [],
"sha1": "da3d347338826f9bce86e591c2f555d599633484",
"name": "8a24b4bc214c0424_styles.css",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"type": "ASCII text, with CRLF line terminators",
"sha256": "8a24b4bc214c0424baa789b0288467d73432f4921e6f83d429eeb3e79ca06af7",
"urls": [],
"crc32": "3C849DE1",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/8a24b4bc214c0424_styles.css",
"ssdeep": null,
"size": 1574,
"sha512": "47a15353affdea2ca6cef9691798fde60d9ab9d50adde8aac136d169287f0245671479c8a4ebed949b2a4d6f4fe09ad5b373452520811dfedbd7d8f1f4a667da",
"pids": [
1512
],
"md5": "be56f09e42cf5d6829650c252f30d071"
},
{
"yara": [],
"sha1": "6cdd4f01662fd0771c7287cff9ac3747ad30a6b3",
"name": "dfb6d3bdc308a667_quz-pe.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\quz-pe.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "dfb6d3bdc308a667477ac35214f0533a49b78acdc25311812b22f3635284e31b",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "F7D98D10",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/dfb6d3bdc308a667_quz-pe.html",
"ssdeep": null,
"size": 1553,
"sha512": "a70dddcac2742fc13baff9a2553605f58421e49b4f0f82e0cd356de89afff902616192df9f6a2a9ef502843d02c09fb29350744cbeab40ee4956b8f61ca5f33d",
"pids": [
1512
],
"md5": "cf43e5af59ac65c13c42cb5728944b08"
},
{
"yara": [],
"sha1": "449885675ee7d42207b5a2971f555ba9c9e23b2b",
"name": "09b1dadaec3bf99e_te-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\te-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "09b1dadaec3bf99edbcf060ea1e732cd36664adc75c430e391021f9739e3aaff",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "3D476154",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/09b1dadaec3bf99e_te-in.html",
"ssdeep": null,
"size": 2499,
"sha512": "7b8c9c8aa31fe71b05eead04d2efeacbb2aad4c15a8fa6ad8306ff6d380eb164be3b9173f6b87e7fa4a33e7959cf1a0c98b9a51d25105cd81aa7534d6eb71e4c",
"pids": [
1512
],
"md5": "fbb5c111c5f615b4a98673f409a2bb2e"
},
{
"yara": [],
"sha1": "7e58baea295cee45763c9062a8506be3cdbe9062",
"name": "0e28d046370df35a_zh-cn.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\zh-cn.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "0e28d046370df35a9e6ac9cc7e7d15521ceb6fb390767c427868cb966947a7e6",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "BBB7FF97",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/0e28d046370df35a_zh-cn.html",
"ssdeep": null,
"size": 1513,
"sha512": "ce014a9ff07365aec3986a515c1828b3a8db62c21792287e85a236ea487bbd53ad176bdacd9e5e1ba778dece07b1f869c21f16f35a882948594664cdae0bcc3e",
"pids": [
1512
],
"md5": "e6664d14a0ec9f1f5cdcd074ef233535"
},
{
"yara": [],
"sha1": "1df675885e2f2219796be4e5fd0856f1222c7751",
"name": "62d530c0d84c59e1_sl-si.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\sl-si.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "62d530c0d84c59e1698b21103c45dfc3dcc6ac44e82e43d0da9cdf392ffe8758",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "EE898A62",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/62d530c0d84c59e1_sl-si.html",
"ssdeep": null,
"size": 1615,
"sha512": "335a3bb77c04e7e20c7b14800c0c4d1b86035a01eee0e01ada579cbb3ec06f87eb2a70e89911dcca1db68c375dc9cc9569917423815189a100f50d4185008d92",
"pids": [
1512
],
"md5": "27f3f0385f9652863ec37d7fba2f8724"
},
{
"yara": [],
"sha1": "2ab808bebbdcf387e9972b7cac3770ba3c0d8444",
"name": "95f2cf1026b7ba88_fa-ir.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\fa-ir.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "95f2cf1026b7ba88df7be0bb250bac72b9493e589ddd856c7946d3d752c40f13",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "48F46055",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/95f2cf1026b7ba88_fa-ir.html",
"ssdeep": null,
"size": 1934,
"sha512": "6230d2f504bb10c1e19cf56eea03a525efc719f6c25942eb0cadecdd491c48ade04aa42dc6960ee4a9a592e569f2f9426e8a77a76d03ba71ac7a5924a92c480a",
"pids": [
1512
],
"md5": "0672930dc15d1802f774687d9fdf63c8"
},
{
"yara": [],
"sha1": "8efa94c6f7e732ad2976d4c4636da144d9fd32ca",
"name": "45bd2293c00fe06f_fr-fr.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\fr-fr.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "45bd2293c00fe06f5498340014865d13859773aceb23b06f5510873dd25f9411",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "3A93389A",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/45bd2293c00fe06f_fr-fr.html",
"ssdeep": null,
"size": 1623,
"sha512": "aab306c3f4be5dada933a5b92d03136fef8856edb43457802acadaa20cf1620f75ae404c501657b453ee96b4892fae5b81dd033884abc655dd19a93df5b062dd",
"pids": [
1512
],
"md5": "63eda33c0dcffd290f7e7c32465e0d78"
},
{
"yara": [],
"sha1": "0737caa8300c4b2f9902e42efd87141927c59842",
"name": "ea7235f9d7cc8b53_kn-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\kn-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "ea7235f9d7cc8b539cbdc59688ca0bafd4f24069c3d59f14b6c13df3c7b6c945",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "54359BA4",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/ea7235f9d7cc8b53_kn-in.html",
"ssdeep": null,
"size": 2411,
"sha512": "02c318c20d1166de31c8e756c96860b90a3ad551dabb98099543a6beefe2dcf33efadb41d231a43480596e767fba0b77bf034b263ba80790fea6b670ff5daea0",
"pids": [
1512
],
"md5": "caaa6bac06fa86f069df67833c08aa50"
},
{
"yara": [],
"sha1": "213956e9e45c4f93794f971210284d8845947790",
"name": "a192212316c9dfcc_sv-se.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\sv-se.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "a192212316c9dfccb19bbc4e82284470e8592019934edbe2c09270c0beb303da",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "7DAFB906",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/a192212316c9dfcc_sv-se.html",
"ssdeep": null,
"size": 1581,
"sha512": "81b6a5050932da529594480b9946ffed483a07e6b17eb1832ce7d6aa61121c25466cd69f543f16abe4a5e865b39fe80d7ae94af007b89d8d029032b784b4eea6",
"pids": [
1512
],
"md5": "49a1f2cc72cb789739671d49cbfe85ef"
},
{
"yara": [],
"sha1": "c5336e49c46e4395ff51d7130a399c56401a2eaa",
"name": "cf9a22e8f9747292_or-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\or-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "cf9a22e8f97472921fc1390574510aefd727e06dd31e5fbd0187ba9d2ef43d71",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "7C18B689",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/cf9a22e8f9747292_or-in.html",
"ssdeep": null,
"size": 2281,
"sha512": "ba6d1efdfc354d3ecb15bc46d6b4beb82c5c8d816d185bd2d2f0356edf07adb0977815d93163e1e9fdacd4108415368e87f07da05e12a59c1afa2d85fd2f4cf0",
"pids": [
1512
],
"md5": "b9ff8bb48a4a36b45afb5d917a1a715b"
},
{
"yara": [],
"sha1": "787485ed13403751bd6216f2f28215ef904d4768",
"name": "48461d3f16b0e76f_en-ph.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-ph.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "48461d3f16b0e76ff1af600ebe67c4b9d87d03561925075d33f8b51215c6bea2",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "19578384",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/48461d3f16b0e76f_en-ph.html",
"ssdeep": null,
"size": 1503,
"sha512": "9f0df03352a81c82ff67bd0674ddd63fe6a8839dbd8fa6be66cad8ebcce445511fd9a9aa84678b7dda5ce136fd5ac3bc6bf7f3c9a5d2dfcf5feca031e1a7aad7",
"pids": [
1512
],
"md5": "373fa2f53a77923d3e3f2f56e198c623"
},
{
"yara": [],
"sha1": "3d23e74c0fa1eba46d5c8acf811775cdb2925197",
"name": "0ce4b90548c2cb40_az-latn-az.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\az-Latn-AZ.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "0ce4b90548c2cb40b84be8685ba93777bcbd24e7a5e2837d5f7aa369cb5900d5",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "D2E077C2",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/0ce4b90548c2cb40_az-latn-az.html",
"ssdeep": null,
"size": 1674,
"sha512": "b7c2ef22eed383bec760a501c2577afa670504288615c10c62a25053fa1d59ddf5a69f8560930688a4e5b1f056581c28337aca1a484dbc8788271fec5ae6efbf",
"pids": [
1512
],
"md5": "9f8608c9b12f328a26e03adcb572b68a"
},
{
"yara": [],
"sha1": "2d13dd79898a39999fef3950dcc7f8b3fb113f7f",
"name": "1970619f7edf792e_es-co.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\es-co.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "1970619f7edf792e281be63a84801f1772aafadbe36aa74f59864eabe9c970f4",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "A04D4617",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/1970619f7edf792e_es-co.html",
"ssdeep": null,
"size": 1689,
"sha512": "c3cce6ff2aee79ef4853c7184fc62967d4f5c404fd3ed8508124f8a23d4020809df639bf96706bb42eeda51760680fee30440f2ce78475873f641556f58b68a7",
"pids": [
1512
],
"md5": "ad088109423d0f6713344b415eac0ecd"
},
{
"yara": [],
"sha1": "bcda243ed5e56fbd5ae94430bcfe0f0712d69fac",
"name": "4d0ba9d5b63d2e95_ro-ro.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ro-ro.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "4d0ba9d5b63d2e95d01126d4f4cc1912e53981cfbe85619de89d81c7f9676063",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "699FC7D8",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/4d0ba9d5b63d2e95_ro-ro.html",
"ssdeep": null,
"size": 1641,
"sha512": "38cb1d5ea7fef3d23e0f96b30c2fe852acfb75a63b76b2bbb963ff219174f894d560d3189c4da6a0e03ca412e449a2e1cd1c7ef89ae992767cccbfcfebb764eb",
"pids": [
1512
],
"md5": "3d18c5ed2aead7d48a68870f71b7582f"
},
{
"yara": [],
"sha1": "36b7c0e55d91dea7aa86ad7ba437546625eb710b",
"name": "34f3d32b336b3b72_uk-ua.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\uk-ua.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "34f3d32b336b3b726a5bb72f01f0fe0d1ee959c15cebce34ca37050296cb02cb",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "2FD614CC",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/34f3d32b336b3b72_uk-ua.html",
"ssdeep": null,
"size": 2003,
"sha512": "b56866e1c4b0a196f1bfa6c5b072365bf185ec3b01257fbebf9faaf6bde8eba7c38efe6827bc2d339655a3bf302031d5e4b326874808e562cf780dec742b653b",
"pids": [
1512
],
"md5": "58a44ec9b490b778b60c595b4bc3e2d6"
},
{
"yara": [],
"sha1": "239f87a30ed926288b15db63d51f8bd37dc23a3b",
"name": "aeba6cc537297c99_fr-xf.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\fr-xf.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "aeba6cc537297c99c32739bc79cd22164b27589d764da72b995d6e760f798dc0",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "24B644A5",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/aeba6cc537297c99_fr-xf.html",
"ssdeep": null,
"size": 1623,
"sha512": "ee058a565b2f3aded2cc58b502b0768ac170634babcad8420d2b311b068857d33f622192efa563e0221e2becc56ece7c1216fddfb2fabce07db87ec5a7ed2b60",
"pids": [
1512
],
"md5": "4e9ae14cca3aa435bdf820a7a68c233c"
},
{
"yara": [],
"sha1": "de12f909f4627e12ed39fc8a3d630e7d6858912d",
"name": "30e97aa150751ba9_af-za.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\af-za.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "30e97aa150751ba966fe598767b802285e07eee1cb2eb9bce0e8f575b87be89f",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "56FA411B",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/30e97aa150751ba9_af-za.html",
"ssdeep": null,
"size": 1534,
"sha512": "adc8bfc0d237deed34d65082d1b2d460a1d59486cd70705492fc7ecd71ebf4e74819967b9fc201769f81ca565b3f18e8340acdfdb8e9843d72e79a829c023296",
"pids": [
1512
],
"md5": "74e8500cd7a6b5629b2bfe5488d8ac95"
},
{
"yara": [],
"sha1": "af8e58dc008b0fd2e3f327b601b73365da2fb8a9",
"name": "76921384b6fa92e9_ha-latn-ng.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ha-Latn-NG.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "76921384b6fa92e9b65b2456ca47da1d2f6ba5690effd1df45616c17225e42ff",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "A75E1328",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/76921384b6fa92e9_ha-latn-ng.html",
"ssdeep": null,
"size": 1598,
"sha512": "6a9b22539f722d555c68cb8460102dc350bacc22f004b1d297f35c10dff40d121792d8e9891dbe5878862dec043bb4b415b025d5da73fb25c1bd4f864fc9e3ee",
"pids": [
1512
],
"md5": "479abdbd39f7741252056547fce8acce"
},
{
"yara": [],
"sha1": "0bbd3dad817bd3753ca6d6a754b940323cb49969",
"name": "35000dacab6116f2_sq-al.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\sq-al.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "35000dacab6116f29ea05d40a58d3f10e7f8b081ca61996ecf0ea65021838c73",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "ADD77B79",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/35000dacab6116f2_sq-al.html",
"ssdeep": null,
"size": 1655,
"sha512": "3d05e182199ca3e6956b2b50caf6b94c07d086b931f0a2106412fae60690acf1d2ef9813b2fe39b742a9bf4099605fc12f0c3be5160a8c99e52c5ab5a461844f",
"pids": [
1512
],
"md5": "5ae086a810f789dd4e124fe6940e8699"
},
{
"yara": [],
"sha1": "b4dd062c409fe75b9f21a7ec647bea9c6a952fc0",
"name": "d74ad0970faae8ac_en-is.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-is.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "d74ad0970faae8ac052841b3b3588f9304b9150e37d2cc576d3abfa118ceb0d8",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "D09F381E",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/d74ad0970faae8ac_en-is.html",
"ssdeep": null,
"size": 1503,
"sha512": "56dca6fd600d62b4ab1f9a025326787e4c27e9a6346f2cc9eaf4193e83885031ccc72681a03fcc05b2cd9bcae4c7e0c76b6819ed51135c4f0c68ba4a04d0dd58",
"pids": [
1512
],
"md5": "7d2c7d11e139332a54fb48d1d208a858"
},
{
"yara": [],
"sha1": "b32182b616943ce5ff0710b48a3121faa7d02473",
"name": "b0e427e650c259cf_zu-za.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\zu-za.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "b0e427e650c259cf62fe86f64130cae73966d8e17bbbbefe8a4ebaec0e7b425f",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "4C61C20F",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/b0e427e650c259cf_zu-za.html",
"ssdeep": null,
"size": 1632,
"sha512": "76206e6caa99a5edaf4e871aa091e6a86878a2a9e1bac3e6e19dd7d12a42ffa95be9a795697af99a3fa52645bd84945a3b1daa0fccafe08e708ac59b994971fc",
"pids": [
1512
],
"md5": "bf97a26ffe6b5d61bf51f0b811907787"
},
{
"yara": [],
"sha1": "f71bf32f43a7b2da8f78b53c40b4914bf6651938",
"name": "4dad2b255ca37613_de-at.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\de-at.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "4dad2b255ca3761366233d07a09ee664108d723a509e374ced1add56f44a2633",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "35ED9438",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/4dad2b255ca37613_de-at.html",
"ssdeep": null,
"size": 1692,
"sha512": "c8ad9ea46f2a5e08dbf9a2fecdb62866c6edb75a554b8f1bcb5d2f3d9a83a7495b8911db856afc52c8e7bb1ff1a031f86348927981eb261218868e73c019eb3d",
"pids": [
1512
],
"md5": "9fa56738c09e9038a78c21b1469cdc80"
},
{
"yara": [],
"sha1": "0c020d89b4c6309a1d2b75d8b0b028f74dcf7655",
"name": "53f546331f185cdd_en-my.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-my.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "53f546331f185cdd5939d4fa3e94b780a2d2d5fc126cf5e9d77d9705733c3511",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "816271BB",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/53f546331f185cdd_en-my.html",
"ssdeep": null,
"size": 1503,
"sha512": "d6aeaabb9b1ef0c63a3e6164612cfa20e11856fbf3d61f40ebff3cef6d6904d71ad64b140df258fdbe600c5a2d8d7c4c06f454f80008ed694d997fa744efea35",
"pids": [
1512
],
"md5": "c43f49a3cda32042d8718f3ed8001533"
},
{
"yara": [],
"sha1": "13b44c14e6a1e24819fe8ce0ac190adfa5f3b5f7",
"name": "6cff04ab4a742c8b_nl-be.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\nl-be.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "6cff04ab4a742c8be605ab1b1071e7198a14c98fe23dd775b83ce443665f432d",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "12469236",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/6cff04ab4a742c8b_nl-be.html",
"ssdeep": null,
"size": 1593,
"sha512": "1d001f9227ec858dc14f2a05ef0629d83c08894f1958fadabb3dbf671af05eba2516f944549faf4992b34d6cad50885c6f016531041a7d2205757b49864ffbd0",
"pids": [
1512
],
"md5": "8c5ce6e500a4ef60c1d99d2148de4dd8"
},
{
"yara": [],
"sha1": "e39dd3e18bd014781cb29f7db7ee2a90fd15eb9c",
"name": "cf368682e313234e_pa-arab-pk.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\pa-arab-pk.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "cf368682e313234eb5a231f96025b788e4b2cc1afb8205a77531591145e58c01",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "C654BDB0",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/cf368682e313234e_pa-arab-pk.html",
"ssdeep": null,
"size": 1857,
"sha512": "5f28746460176a018c63295c7fee7cf434e71e390309f5fbb29362adfc200ee2b1fbe1006866dafecc11d07ffcf57c8e9ffe1c7f122d5e58c0a92e51c3dff435",
"pids": [
1512
],
"md5": "e91e754eb9350cb2a5e9423919ae44ae"
},
{
"yara": [],
"sha1": "85af3ff6f523e134d450990d2ce8b4a821c2331b",
"name": "f5264de9fd83812b_kk-kz.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\kk-kz.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "f5264de9fd83812bb4bdc4b7934cd0d9ced27d6a8da35b3202dabc86e1b4b295",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "ED95F5A9",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/f5264de9fd83812b_kk-kz.html",
"ssdeep": null,
"size": 2081,
"sha512": "4cf18c1b529f3e1465b22371d01393ed12d446272bf66a0eb8e327279279044a87a9d974d61e4eca3b9469e5d288a31da64592afba365b0e2f3238cca8a13e75",
"pids": [
1512
],
"md5": "d50e77d515f884e89d3c480449db1476"
},
{
"yara": [],
"sha1": "a14254ede2ed59bedfaa9b5668f8556c52000dcd",
"name": "26bf4abc322b2475_ky-kg.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ky-kg.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "26bf4abc322b2475132a501c10aca847b256b88fecdb717217a002361821708b",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "9F679826",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/26bf4abc322b2475_ky-kg.html",
"ssdeep": null,
"size": 2074,
"sha512": "aa60dc4931e1a468a67e6b249dd2ccec3a7cb6727ddc7ebc215c8640769251a05d551ea2c5ecaaebc51002341960b69a970d5e68314a001e90159a7aabc60eaa",
"pids": [
1512
],
"md5": "203b521f8ceb6cdc23039acf172501ef"
},
{
"yara": [],
"sha1": "d7a2e9b95f1199517f8e94ba842d949cab01f765",
"name": "d36e792a3addaefc_fr-ch.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\fr-ch.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "d36e792a3addaefc5159c97ebc23c8469cb1aac09828475d28b0945283e71c15",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "33D20F93",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/d36e792a3addaefc_fr-ch.html",
"ssdeep": null,
"size": 1623,
"sha512": "825ce3790040d160d4aaedbec102bb957a4f63127544f197bf30fa5eaf87a020ff4d121db4cfd10c3fc6f33ed42052045c407cbd07c77bf058d4cd0b7cc32fa8",
"pids": [
1512
],
"md5": "a56a6687362b5c1b6a245ec785872c93"
},
{
"yara": [],
"sha1": "f0ff1fae87644bd11570fc35084009035afc8060",
"name": "8dda5fcdf3c04511_cy-gb.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\cy-gb.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "8dda5fcdf3c04511d20ebcd84f8b24f10657540c0e65eb25f56e55a731ce65ae",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "E9A1F2BD",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/8dda5fcdf3c04511_cy-gb.html",
"ssdeep": null,
"size": 1626,
"sha512": "27b0f3f196f80334b88ab257b79217bf692893dd8e57aaaca481315f8f07911782425f5bebf27db5c3405dd000957127a2afcccf62cad4adf3f7a238d0b69805",
"pids": [
1512
],
"md5": "2f10e995c48391b4889ca3c797ab5a61"
},
{
"yara": [],
"sha1": "d576cd07d573e7afd1703dd9d768957772dbfb59",
"name": "63e9e5368771bdb8_he-il.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\he-il.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "63e9e5368771bdb81f0d4ea5c0c3493101bf534146baca1910e5888450ec054d",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "563443CE",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/63e9e5368771bdb8_he-il.html",
"ssdeep": null,
"size": 1730,
"sha512": "5b22bde625e0c86976e045f833d85af3dd4fe8be1039f216fe6699cb2eeb629e05472e494157029778ba9efe7e2da4f3528852d6c8c13a9a1a54718c86121e47",
"pids": [
1512
],
"md5": "dccd33e3964dfbcc2846c1fd37f95d22"
},
{
"yara": [],
"sha1": "0bce705e89b4ff3fc2dd19d3fae5434f23a593a0",
"name": "331faca93a0af4f2_ja-jp.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ja-jp.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "331faca93a0af4f2d165f5f94becb671221ba9184b0f06c32c917614955d75e8",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "90455242",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/331faca93a0af4f2_ja-jp.html",
"ssdeep": null,
"size": 1708,
"sha512": "fec72c295f6ad1f822c4beb6bc30a8753474a0acc0e6f6e972abc9d1eeda8e5fa0463a9a556b94899ff3b8e683f431c4fd44063920aaa70adeab48e6245d5442",
"pids": [
1512
],
"md5": "d6f0ea64c8001936ec0c3037a2e98d12"
},
{
"yara": [],
"sha1": "eb465365cabfc56d05fd8dcae4caae0ad5c0ef97",
"name": "544b857cd45ac852_es-mx.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\es-mx.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "544b857cd45ac8523c505d8ebbae4031b0f556d7d4a34f19b16c707545ecd72c",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "70552D50",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/544b857cd45ac852_es-mx.html",
"ssdeep": null,
"size": 1689,
"sha512": "5e55d077752517e7aff651c839d909e67fc0228324cb644a198d0c4e0339dbcb0b325907aa47d4e37514fa713d8aaa318a80c655dabe880998b86bf0106c3247",
"pids": [
1512
],
"md5": "c307a15a16e8cec7c01e19bb377b9983"
},
{
"yara": [],
"sha1": "690dab4c606f6e648d136de900e9061c17d1585e",
"name": "43b430e3f74b71cf_sw-ke.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\sw-ke.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "43b430e3f74b71cffa69a94e9fb88b42b0a3d731174756813eef2b56f26aa328",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "5EA24DD9",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/43b430e3f74b71cf_sw-ke.html",
"ssdeep": null,
"size": 1554,
"sha512": "00d82151810262ca30a2775da7aca407bcdcd323d79e7b0410bdc03442bc0d81731f324bef268d19578d4253778fe4f5fff232a6e1ebaa5314d11bcd5a748692",
"pids": [
1512
],
"md5": "ee0163487aa37b0474c5be533aefef2d"
},
{
"yara": [],
"sha1": "139df7271824b566c1de497a7f85efa866e8798a",
"name": "07558cd7454564ba_metadata.json",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\metadata.json",
"type": "ASCII text, with CRLF line terminators",
"sha256": "07558cd7454564ba1b06e42a85767ab2e1f5c4ea1c046639fd3cedcf40f83429",
"urls": [],
"crc32": "37038657",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/07558cd7454564ba_metadata.json",
"ssdeep": null,
"size": 504,
"sha512": "1f10042843bf24cbed671c66d0c90beb71d9fac6cc4bedccf079f70ce8427751e59d34655b288cc305a791dc25e5a81f91ff6cffb7459a82b4c055834187a87e",
"pids": [
1512
],
"md5": "d96d132842fbf14d5aa6df2b4d4d2f1a"
},
{
"yara": [],
"sha1": "0afdf6517536a2f373a37e384fd145f2d043ecc5",
"name": "915308fcda42fc42_mk-mk.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\mk-mk.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "915308fcda42fc429a9a2a0430572066b3d139d1e821107b3c6e0b41f4f6b047",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "4F584597",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/915308fcda42fc42_mk-mk.html",
"ssdeep": null,
"size": 1947,
"sha512": "a074abb5ef47caae9048d22af7154ac69bb0a00ed3d6d20ae5a0ee7fee05ab8522dee86de9b2e5a79f9119d9a364b8a8b09f024b85e60f317abf998130cb0f68",
"pids": [
1512
],
"md5": "1e1fddea52d37cddef910fb1ec345fc4"
},
{
"yara": [],
"sha1": "c7ba25e16d84704f186f22563606f347fe164653",
"name": "7846e35847c22a7a_en-gb.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-gb.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "7846e35847c22a7ac76e71b0e3931b7721e69ebcc3281c7f0b12b0ac27884afa",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "69BF050D",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/7846e35847c22a7a_en-gb.html",
"ssdeep": null,
"size": 1503,
"sha512": "b9eec7cdc5f68992bfa31846e9c799f9dd543489f173c938e37fdcc210234ab340ef8ad9b0b4170a1a3625a4be35cf19e276e0b79df357cdae25fb27bae18ace",
"pids": [
1512
],
"md5": "8cf49e49b56ba59152bfd4082de95a4e"
},
{
"yara": [],
"sha1": "01639626b251845609f3f98d98e3379cb37071fb",
"name": "fe7e533da0cae1b0_ko-kr.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ko-kr.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "fe7e533da0cae1b0d9f2a9a8feeee00bf0a929e1a59e8d9f330b7d9fbed863f1",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "0EA4861E",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/fe7e533da0cae1b0_ko-kr.html",
"ssdeep": null,
"size": 1739,
"sha512": "3391b213cc18f155918a723a8c8d94e56319877668437c7d56dbc6af06555eac4c10f20e558a6f34f53eca3cbec6eb69aa02b8e8dd65beb0764b401ed243b29a",
"pids": [
1512
],
"md5": "1fc429b613a94389d140992ed603d64b"
},
{
"yara": [],
"sha1": "f6fbd509718f3b83fe6800a1754d25ddae5482fe",
"name": "aca9597a9d8f63f6_yo-ng.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\yo-ng.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "aca9597a9d8f63f623d05b3f8432e94ee4ef99eaa24d61cbae047f7212d57a14",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "05D7E340",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/aca9597a9d8f63f6_yo-ng.html",
"ssdeep": null,
"size": 1787,
"sha512": "2f97463a7082a9adf08e4afb04370e9686b8bdc404222ea10be90772c15830b872a57b8393098c68ce2761ef11ce62f944cf4145d9fb7ef556e4e52a47f8e79d",
"pids": [
1512
],
"md5": "e23d634b989213d4f5b7b8b66ccf3c98"
},
{
"yara": [],
"sha1": "5fa10539e4f6815cf0e6d0935cb887d1cc7ba8b1",
"name": "36b1d26f1ec69685_script.js",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"type": "ASCII text, with CRLF line terminators",
"sha256": "36b1d26f1ec69685648c0528c2fce95a3c2dbecf828cdfa4a8b4239a15b644a2",
"urls": [],
"crc32": "53BC932D",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/36b1d26f1ec69685_script.js",
"ssdeep": null,
"size": 1113,
"sha512": "9408dc895ff1f14e8f1d6a07de19afdbb408a11259f3efe719db1aa15114767120a674e706c7f3b93d471b09b933733d67429912a5c2c0ef39f94fb786077c1e",
"pids": [
1512
],
"md5": "a2682382967c351f7ed21762f9e5de9e"
},
{
"yara": [],
"sha1": "27004931dd4b85353be8a3d2634600d6732ab1ba",
"name": "12a813c89973a3d7_xh-za.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\xh-za.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "12a813c89973a3d707718c3c97c2f2bd55804df5bedc310dfb626899fabadfda",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "15AE3550",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/12a813c89973a3d7_xh-za.html",
"ssdeep": null,
"size": 1585,
"sha512": "f99926deb361b435ab6ec0ae537027cd3b8132e3de62524e154e2644286905abff2912b8ecf76d3f13cb08a10ef6d77b46a2de5f2a0a1b0ad275933b661ac58b",
"pids": [
1512
],
"md5": "5cbfa4fa728ac37173537559e6862107"
},
{
"yara": [],
"sha1": "ca7d75e30f11cb1f59bb4771a24957bbb6fb1d0b",
"name": "040186be528ec7df_km-kh.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\km-kh.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "040186be528ec7dfe6288cd03e9f55dad521e92c7b376423812d5bd11dccada2",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "626821E1",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/040186be528ec7df_km-kh.html",
"ssdeep": null,
"size": 2821,
"sha512": "559e7b22365ccd8cc2c8b937afc63358cec311ced99eaef17e0526624ef18f52bae8f2d8b18be476a4fee0384be279a30b55e7a027fcd8fa5606d9c8d380ed36",
"pids": [
1512
],
"md5": "3f99e3bb2c095ae3d0c06979f73dc84a"
},
{
"yara": [],
"sha1": "c1bd840bf5109f111dbc3d99811441250300cc50",
"name": "1eb97b8439bdba5b_gl-es.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\gl-es.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "1eb97b8439bdba5b9f1800807864b749ed94615068453a2455215581c3277c51",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "79A7EA26",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/1eb97b8439bdba5b_gl-es.html",
"ssdeep": null,
"size": 1676,
"sha512": "939ac8b1ceab6a46a2e40895ef854af02c241f68790d45fed6373fa8966beda83f5c42b68c5eaf5a5db73ca9a061b059a8f1f7f5fcf39594cffc457106050266",
"pids": [
1512
],
"md5": "a037406a7592fa6de2ad227854be0732"
},
{
"yara": [],
"sha1": "4921fbd75dca105277b86134f4aff55f9269723a",
"name": "5017e6e7ae5317e5_en-ie.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-ie.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "5017e6e7ae5317e5a2f0c34cca45fb1d30341b385ad0d4b9db63a8d47c7bb654",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "7199B320",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/5017e6e7ae5317e5_en-ie.html",
"ssdeep": null,
"size": 1503,
"sha512": "c6581d6a17b589cbbfc15f5ce6d5518511102178d1ab8d87a23e43ba104e98335cf0606fcc1290fc669bd1f2bc5558f69683f3f6a2998ee9c4eb9ce9ff31d136",
"pids": [
1512
],
"md5": "c1426998d22c14fb66bb6a181630f863"
},
{
"yara": [],
"sha1": "838d67032f5c47e91d4569d682177df126293b45",
"name": "5400bba86839dffd_nn-no.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\nn-no.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "5400bba86839dffd0b70a476358acdee13b1d81198b2b4aa1af44838f34edadb",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "DF22C733",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/5400bba86839dffd_nn-no.html",
"ssdeep": null,
"size": 1495,
"sha512": "0fa726f4a08cfe742c44b02e8ab129c4e6b76c331eb1f79a76b9363067bb7b96f5a601dc95d604aeb5d3b18c0f19035606e08f90f45cf5bf665b2a7441556a38",
"pids": [
1512
],
"md5": "e4723b0a7d803e3be5f88564fd379cc0"
},
{
"yara": [],
"sha1": "f59a48f0e16a74689fe7858272b5bd46ffa10eff",
"name": "0552bb6bf596f75e_ms-my.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ms-my.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "0552bb6bf596f75e46259773eb11996bb7196c2fa81fa66c08a2ac1a47d7d066",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "D3DFDD24",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/0552bb6bf596f75e_ms-my.html",
"ssdeep": null,
"size": 1608,
"sha512": "bfb33659a711ff53e3c3420e716a9d20a77805f503dcccb707755a4b4ba108dfac85959be9114d1ab9ed709d1402f80018d56ebdd4c9160c69f4504a270f5941",
"pids": [
1512
],
"md5": "dc79ab561b2f97b2db6c0329b7044523"
},
{
"yara": [],
"sha1": "4a855bc9a02f785c95f3031f1c6ad15fa094c174",
"name": "1991828cd8a64b3c_sk-sk.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\sk-sk.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "1991828cd8a64b3c3fbae5d8f7d75dcffc1db6b9944e7dac29b1ce733a7b7a9c",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "1D59F955",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/1991828cd8a64b3c_sk-sk.html",
"ssdeep": null,
"size": 1626,
"sha512": "23d033f6531a294dc96b8a9faec0df1ee5fe05c6f83ff258ed4050d7e1ea19ef3a3688fd17d72dc196c740e1c3b21bccc44ec15262ab3da66dcf56bd588f0fa5",
"pids": [
1512
],
"md5": "b72001dc11016600ee8a1534226c66c6"
},
{
"yara": [],
"sha1": "fdcdef2cf84d3a2a4f3a697183d535538c9e5638",
"name": "822a31d7da35599e_as-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\as-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "822a31d7da35599e8aa8811f8863c05872cbdcb1256bb8ad3b8006fdd8ea0102",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "BB146F4E",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/822a31d7da35599e_as-in.html",
"ssdeep": null,
"size": 2403,
"sha512": "e0f9cc04251e042aebb3810d507947f74f22e1877bdbb125938bc0c9e415d3017330a3554bf6abb3f21fce78756d98cdc4798b3180be1e5f0fc03f272c7122d5",
"pids": [
1512
],
"md5": "acbf73b5fad3c336035f2d034a7450ae"
},
{
"yara": [],
"sha1": "30376cbd45b5465695f745883615ca041a085731",
"name": "9a60f54258f81ccd_tn-za.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\tn-za.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "9a60f54258f81ccd6de6d3b0dcd9a70b014430cd213073057f17ceb8ab35bbfe",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "70F8121F",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/9a60f54258f81ccd_tn-za.html",
"ssdeep": null,
"size": 1656,
"sha512": "2ea4cb104b547d16d9b7347c1c81938ba39bf4a66c0358eafabeb277388781d52141dfbcb2652e69ce9ab117fd73b6d0abe662babeff47b34208191f3384ba16",
"pids": [
1512
],
"md5": "9773f8dfd6290501fd61e6d827819b8b"
},
{
"yara": [],
"sha1": "11cbd9712fbc9ad6ca61ac978553c1f646230cf5",
"name": "f0fa0de2f262431d_mn-mn.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\mn-mn.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "f0fa0de2f262431dd4c49abb6b62b17ae92ff563e65f4590c1acb6e48af0fc93",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "AA8562F0",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/f0fa0de2f262431d_mn-mn.html",
"ssdeep": null,
"size": 1956,
"sha512": "74d0b3c97f87567a85f41cf28439e478c59e81cbfbcc47107b9be50a865651f3975bca921f91915ead47e6f2faae0c85d155e41239665cc56e48012011b35669",
"pids": [
1512
],
"md5": "87fb4fbf7406e545befa41b6748ca81e"
},
{
"yara": [],
"sha1": "9428a77690d72a0dc97da74abd9ce9a26988dee2",
"name": "4c185963672b9328_index.dat",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\index.dat",
"type": "Internet Explorer cache file version Ver 5.2",
"sha256": "4c185963672b9328803419163c44921f86dfbcc43c80a05c404f45ec98c3f3c7",
"urls": [],
"crc32": "2FD5BD0F",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/4c185963672b9328_index.dat",
"ssdeep": null,
"size": 32768,
"sha512": "ab48ce2d403af192b18cc353d6607447b5dc629246ba39a8e0c124cbcc12594a8e130e0f943d121578f036e2c3ac8536a9246b83e55f09f5e64a70eb9ffd68de",
"pids": [],
"md5": "1ceeb21b5ecce1bfb45cd0b931505a3e"
},
{
"yara": [],
"sha1": "0af4f4fbaf1c5a383330bef0cd9d9092b0129399",
"name": "8ded907207366573_de-de.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\de-de.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "8ded907207366573d150662ceec0a03ea7e64ec8941367101ad3da64cd7ac364",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "F8EC6FBF",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/8ded907207366573_de-de.html",
"ssdeep": null,
"size": 1692,
"sha512": "10f1316060828fee31345fa8cec3257bccfb3d03c99945be1e0e9cd45f020bcc9119590e8779c8da68f9d6a6992c4e9123cf1518e4a9c0978cecc3a5e9fc308a",
"pids": [
1512
],
"md5": "ef1c99ff957d5943dab6ca3ad88f1905"
},
{
"yara": [],
"sha1": "c42b32c10ef615c74297e8ec3867e8200afec059",
"name": "5dcd4f50650f8ea7_it-it.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\it-it.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "5dcd4f50650f8ea7b099ba5847de7e553f6232dd3f3ff4ed7c0a6eab09fb1619",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "B3162AAA",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/5dcd4f50650f8ea7_it-it.html",
"ssdeep": null,
"size": 1554,
"sha512": "4e9cad7e1317821e9fffaccd434cafb7072e75e707d0b7a256ebf8d6063fe8f3cecc47f8243d1c344396d2dfb4cb60f1a195a1262ce28c284dfea08df34141d0",
"pids": [
1512
],
"md5": "2ea3a1d2f3b2e50d04f75b54435af780"
},
{
"yara": [],
"sha1": "6d19defa8cc260d167d17f37c9d0ab869433c5af",
"name": "d68a48c72ca8b0ec_mr-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\mr-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "d68a48c72ca8b0ec546a3d2cbb2dd37543d86fa7b52223f796016bf35cedb2f9",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "22B35B0F",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/d68a48c72ca8b0ec_mr-in.html",
"ssdeep": null,
"size": 2375,
"sha512": "fe3e9660ffbf525579b9a17850a1d8c730ec8510e8749b8d4effeb8df9639fe76b307ad7b755fd0e6775b9465d34a17a814534931463452cd4e7326660dc1989",
"pids": [
1512
],
"md5": "e8fc063de00b7251aeb2b984659c59f5"
},
{
"yara": [],
"sha1": "ed731186b4401969d0ccc090165f0e941d3a9581",
"name": "c3d7b9786953144e_es-es.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\es-es.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "c3d7b9786953144efb267b03ce8d7c278cabd794e655d93f67668d62e85d77b6",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "70184661",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/c3d7b9786953144e_es-es.html",
"ssdeep": null,
"size": 1732,
"sha512": "221560ac96e9fa2ea24d07d0465a24b46bdf7014a651c3111f6ff608975aee2c09c1d5bfc6b35c20679f21d79f363904df323f4e0235845c7b95c39725928e58",
"pids": [
1512
],
"md5": "027d252249021f4afc8b73b5960be729"
},
{
"yara": [],
"sha1": "c0ab49b26386b003c7d593b2b69ef24a163e545c",
"name": "9b74cde53fd5fa45_eu-es.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\eu-es.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "9b74cde53fd5fa45ab081d416532bd574ae86d3646e39ee1b05b55d4d738decd",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "410EEFE6",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/9b74cde53fd5fa45_eu-es.html",
"ssdeep": null,
"size": 1674,
"sha512": "4bd7da0e05e3334ea1b8746deda8ec570a4e1a363b76c8d015af50888f1acd925494cfbe72035c0bfe10ddbcb910f279afeea491876bdb6b3577320dce43d740",
"pids": [
1512
],
"md5": "754d1652f9331b657349fa2660f37eb7"
},
{
"yara": [],
"sha1": "a2f8cd97c33e7b2b0f18013e134901558537a016",
"name": "336dbd7010d3c04e_hy-am.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\hy-am.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "336dbd7010d3c04e288c6eafe424ce05b16da99d7816039ca8bb984fe1d791a7",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "EF626052",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/336dbd7010d3c04e_hy-am.html",
"ssdeep": null,
"size": 2057,
"sha512": "9b538a67087b6731486312eb7ee732bb76ce50d4e9ecd2ad10a3c11efc044172d2640ee00acf38641460927ffbc1dd00a070211b39cc2a18e7f00724d4222d8c",
"pids": [
1512
],
"md5": "8222107f73f84800fa55b5aadcf50466"
},
{
"yara": [],
"sha1": "29826913ff33b4c75fb9d758fe9d03532443238e",
"name": "c2f6f5449c9243de_pa-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\pa-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "c2f6f5449c9243de4045104499ef122da1569678561f5f0fc9bdfb4291e1f422",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "CCB615E2",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/c2f6f5449c9243de_pa-in.html",
"ssdeep": null,
"size": 2239,
"sha512": "43f09c6987f19ca0c4591a764f8363cf74338c97783619060e110685150c0358d72e4fd34f6e9202f38faf1da34e0218bcf66e15c8d96712dc28f321b1d91ffe",
"pids": [
1512
],
"md5": "166d587530742c265db81a1d37f66563"
},
{
"yara": [],
"sha1": "beb14f50b585119c192b041c9e2fcdcfd18f06d0",
"name": "f0e0330172317037_nb-no.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\nb-no.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "f0e0330172317037ec9b500c690c8b6c89d864b7e6acda3e33ba52ef9da38a0f",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "E7A027AA",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/f0e0330172317037_nb-no.html",
"ssdeep": null,
"size": 1529,
"sha512": "5eec71b971c0d5022fbb3e5a17d4282652558a34285a4e8dbeaba6fd47587ca5ee62738e586e45041a337a0f2ddaa84fd71651fce7a11268525346942715aa5e",
"pids": [
1512
],
"md5": "e5e5e64c7c5982408ff45572d476f531"
},
{
"yara": [],
"sha1": "bf58a465bbbe2ac355d7a15ce5fc587a000b792b",
"name": "3e3ad71da052cfc3_bg-bg.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\bg-bg.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "3e3ad71da052cfc3d9a8681d8d19ac1ef94e27a6775295c8ec6ef454e4d4c456",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "E2D69E80",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/3e3ad71da052cfc3_bg-bg.html",
"ssdeep": null,
"size": 1960,
"sha512": "b1e649114cd08de3345d98588c6e0d59de7362f26d81b4a2d051ff1c7fbc9e7befbded147092a3cb8e086e91c41a6f9c12427914bd26e959c3ae636c0cfd5dbd",
"pids": [
1512
],
"md5": "57bd30056c9d37bb935aecf6ef84c2e3"
},
{
"yara": [],
"sha1": "109a6535b5df3d02cf3bbf0bd815ff6213d79ef3",
"name": "25bb6e775d5de942_ga-ie.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\ga-ie.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "25bb6e775d5de942b3b3477236566a784259a51c91b47abe8cbb6bd5f0024c46",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "FA63EEF1",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/25bb6e775d5de942_ga-ie.html",
"ssdeep": null,
"size": 1709,
"sha512": "e7d95b3cb3d82b477afa454c07a76b790282be608e2e4a653abf1a59c136023079eeb63e6ea4cee0dc5af5026619eb64357f9cd472e7a674c112ddcaa93c2c50",
"pids": [
1512
],
"md5": "7c198113f8b92f2fe708cbe66221824c"
},
{
"yara": [],
"sha1": "07b86caedacab51b15c507583b943db3b295a96c",
"name": "a00eeed7a083d091_mi-nz.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\mi-nz.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "a00eeed7a083d09111e452e6a6b775ec8a0f022b2922f30c649919e06b9d3291",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "F9DFB82A",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/a00eeed7a083d091_mi-nz.html",
"ssdeep": null,
"size": 1633,
"sha512": "9ba487d136045221031006058cafc0cc709ebe70e218f38d8ce92028ba2ac75ab8ee138cb28c81c4447ac27dad23a6c3d0462b3703b50df23e346831c0c25141",
"pids": [
1512
],
"md5": "840c73dc813a02a4ae6bb7f54290158f"
},
{
"yara": [],
"sha1": "d5316dce6be4677d80a505b65305b5c152bd03bc",
"name": "70315d568e82926f_bn-bd.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\bn-bd.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "70315d568e82926f6e7da48ef21329c267f47f3d258f074bb226b4819a0ebbee",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "8D06B1B8",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/70315d568e82926f_bn-bd.html",
"ssdeep": null,
"size": 2284,
"sha512": "eaad2a635884262ca678fb03b191d1eb5a7f194be71d2dfb9f5f446b21b87389e57fdc12564b34ec60f274be3a943306c9c60b536ebff9537d7f449bb3de8b46",
"pids": [
1512
],
"md5": "5f2a528aa76767729544d297b6ceb4eb"
},
{
"yara": [],
"sha1": "2baa212d94d633d03566ea779581f9276b6dfd07",
"name": "3a7ace50c1e78e28_bs-cyrl-ba.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\bs-Cyrl-BA.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "3a7ace50c1e78e2869c3e3cb872cef4d157ed70761c0746129963b8f68e012c8",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "4FF405F2",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/3a7ace50c1e78e28_bs-cyrl-ba.html",
"ssdeep": null,
"size": 2010,
"sha512": "43051822af607d5abe6e20ce271f185361e34ec4433d1390597e6ce88685bb01143d7556d6b9c5ce987b753d66936a40556509279348b1da92781d90a39831ca",
"pids": [
1512
],
"md5": "f6b97d08568b83c5affc52420468f1b1"
},
{
"yara": [],
"sha1": "0a016c9d7f78565e53e69f67f9d21d750c0d41c8",
"name": "569484522ab9de44_th-th.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\th-th.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "569484522ab9de440b5be69156d66835d0ccb4d5ebeec116404e29aeb63f65ed",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "E14DF7E4",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/569484522ab9de44_th-th.html",
"ssdeep": null,
"size": 2441,
"sha512": "5197b8c5839e6a1a1e6295cc862ab62b6e28dc53c97420b87027a4a5136c883ebbdbcad976737fb8d770dc5e908027745e4dcc72a73807793849e497dcc1c1b1",
"pids": [
1512
],
"md5": "71d3ab992efd638998385402ba357f5e"
},
{
"yara": [],
"sha1": "cbe777942a60907e90f4eea2410da07536430eb3",
"name": "c8ee4e820ed5401f_hi-in.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\hi-in.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "c8ee4e820ed5401f8816cb7414c294610aa7c3e5cda53b93d2f2b89c01df7eb9",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "098A8BC9",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/c8ee4e820ed5401f_hi-in.html",
"ssdeep": null,
"size": 2327,
"sha512": "7d4a8ea9da28b21da69a572b84a72caaea818f68e599ba2385581d9bbf72f3e4f944cf2717a42380ef8fd5e2190d45bec1bc56ca5686a0a2f09a35f6df46db45",
"pids": [
1512
],
"md5": "748247823380689bfdcb7d88ea9ad9af"
},
{
"yara": [],
"sha1": "035710a7badcf2acb2dff28ecd3684b0b434ef28",
"name": "0463f69b609d3dd4_en-hk.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-hk.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators",
"sha256": "0463f69b609d3dd4db6467cb35077ff356d8c7d4239ed62ceb59baa3d6341d8a",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "A58737A4",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/0463f69b609d3dd4_en-hk.html",
"ssdeep": null,
"size": 1503,
"sha512": "600a9e38584d4ed80bc9533b79dc3ee18af4c0b63726f14c426245044df69d2fa05fff29c3e0497a05dc661e0f620651f58a820eadcf306b54567b30561aaac3",
"pids": [
1512
],
"md5": "1bca7a309f13ac443511bcccd9b784a9"
},
{
"yara": [],
"sha1": "f184287c1551dd381efcf7c735f39a749ea66bab",
"name": "73bdc50fc6fcc636_bs-latn-ba.html",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\bs-Latn-BA.html",
"type": "HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators",
"sha256": "73bdc50fc6fcc6362f69ef6de71a856e0aa70897d13c6896416a0381ff414260",
"urls": [
"https:\/\/www.microsoft.com\/windows\/windows-7-end-of-life-support-information?OCID=win7_app_omc_win"
],
"crc32": "7E1F343D",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/3592\/files\/73bdc50fc6fcc636_bs-latn-ba.html",
"ssdeep": null,
"size": 1610,
"sha512": "a261b9c71dd14a06a7cb62f9094356ccadc36951f82a189e29817c08dc56535ff62ab009e3853d34601faa3e27bea11a7aa6355842c322faeb1a3dbc710e0cf5",
"pids": [
1512
],
"md5": "70ce340e07189415b1f656ee1095b33e"
}
]Generic
[
{
"process_path": "C:\\Users\\cuck\\AppData\\Local\\Temp\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"process_name": "54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"pid": 1512,
"summary": {
"file_created": [
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ru-ru.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\gu-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sq-al.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-hk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ms-my.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ha-Latn-NG.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-at.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sv-se.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\as-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ca-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\cy-gb.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ro-ro.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-au.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-ca.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\si-lk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\InsertBOM.exe",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sk-sk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\te-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bn-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-be.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nn-no.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mi-nz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\th-th.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\da-dk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\he-il.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\el-gr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\am-et.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\gl-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pa-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mn-mn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\af-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ig-ng.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ph.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pl-pl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hr-hr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-de.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-cyrl-ba.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lt-lt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\or-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ar-SA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-xf.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\quz-pe.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\xh-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-mx.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hy-am.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ko-kr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-cyrl-rs.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mr-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bn-bd.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\id-id.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\km-kh.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bg-bg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-nz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-ar.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nso-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\az-Latn-AZ.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\prs-af.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tr-tr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sl-si.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hi-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ne-np.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\is-is.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ta-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pt-pt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\cs-cz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pt-br.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fi-fi.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-sg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tk-tm.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-gb.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nb-no.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ml-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-xl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zu-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nl-be.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-ch.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kk-kz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ur-pk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-hk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bs-Latn-BA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ca.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\vi-vn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-cn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ga-ie.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\it-it.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ie.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\et-ee.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hu-hu.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tn-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-is.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-tw.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ka-ge.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mk-mk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nl-nl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\eu-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fa-ir.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lv-lv.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lb-lu.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\yo-ng.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mt-mt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ky-kg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\metadata.json",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kok-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-id.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-co.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-fr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ja-jp.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\uz-Latn-UZ.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tt-ru.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pa-arab-pk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fil-ph.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bs-Cyrl-BA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-latn-rs.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-ch.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\default.cab",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-cl.html",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019111620191117\\index.dat",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\uk-ua.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sw-ke.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kn-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-my.html"
],
"directory_created": [
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019111620191117\\",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\Caches"
],
"dll_loaded": [
"IEFRAME.dll",
"gdiplus.dll",
"urlmon.dll",
"mshtml.dll",
"apphelp.dll",
"DNSAPI.dll",
"kernel32.dll",
"UxTheme.dll",
"CRYPTBASE.dll",
"oleaut32.dll",
"dwmapi.dll",
"ntdll.dll",
"C:\\Windows\\system32\\msimg32.dll",
"cryptsp.dll",
"winhttp.dll",
"ImgUtil.dll",
"API-MS-WIN-Service-Management-L2-1-0.dll",
"API-MS-WIN-Service-Management-L1-1-0.dll",
"WININET.dll",
"API-MS-WIN-Service-winsvc-L1-1-0.dll",
"C:\\Windows\\WinSxS\\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\\gdiplus.dll",
"ole32.dll",
"SHLWAPI.dll",
"CRYPTSP.dll",
"Comctl32.dll",
"credssp.dll",
"SspiCli.dll",
"C:\\Windows\\system32\\DUser.dll",
"IPHLPAPI.DLL",
"C:\\Windows\\system32\\xmllite.dll",
"OLEAUT32.dll",
"SHELL32.dll",
"RPCRT4.dll",
"C:\\Windows\\System32\\wship6.dll",
"DUser.dll",
"comctl32.dll",
"NSI.dll",
"SXS.DLL",
"RpcRtRemote.dll",
"CFGMGR32.dll",
"MLANG.dll",
"DEVRTL.dll",
"C:\\Windows\\system32\\mswsock.dll",
"VERSION.dll",
"ADVAPI32.dll",
"C:\\Windows\\System32\\wshtcpip.dll",
"SETUPAPI.dll",
"WS2_32.dll",
"Cabinet.dll",
"user32.dll",
"C:\\Windows\\system32\\rsaenh.dll"
],
"file_opened": [
"C:\\",
"C:\\Users\\cuck\\AppData",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\Caches\\cversions.1.db",
"C:\\Users\\cuck\\",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\desktop.ini",
"C:\\Users\\",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\metadata.json",
"C:\\Users",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"C:\\Windows\\winsxs\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\default.cab",
"C:\\Users\\desktop.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft",
"C:\\Windows\\System32\\en-US\\KERNELBASE.dll.mui",
"C:\\Users\\cuck",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent",
"C:\\Windows\\System32\\atl.dll",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\",
"C:\\Users\\cuck\\AppData\\Local",
"C:\\Windows\\System32\\ntmarta.dll",
"C:\\Windows\\System32\\stdole2.tlb",
"C:\\Windows\\Globalization\\Sorting\\sortdefault.nls",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019111620191117\\index.dat",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\Caches\\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000004.db",
"C:\\Windows\\System32\\rsaenh.dll",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Internet Explorer\\MSIMGSIZ.DAT",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\",
"C:\\Users\\cuck\\AppData\\"
],
"regkey_opened": [
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Zoom",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_MIME_SNIFFING",
"HKEY_CLASSES_ROOT\\PROTOCOLS\\Name-Space Handler\\about\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/tiff\\Bits",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/pjpeg\\Bits",
"HKEY_CURRENT_USER\\Software\\Microsoft\\windows\\CurrentVersion\\Internet Settings\\Zones",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\TravelLog",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Security\\Adv AddrBar Spoof Detection",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_IPERSISTMONIKER_LOAD_REDIRECTED_URL_KB976425",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_SSLUX",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\MenuExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_Cross_Domain_Redirect_Mitigation",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\ActiveDesktop",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Security\\Adv AddrBar Spoof Detection",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-wmf\\Bits",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MANAGE_SCRIPT_CIRCULAR_REFS",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_UNC_SAVEDFILECHECK",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SAFE_BINDTOOBJECT",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-png\\Bits",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Services",
"HKEY_LOCAL_MACHINE\\Software",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows Search",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Url History",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\LanguagePack\\SurrogateFallback",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Suggested Sites",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SUBDOWNLOAD_LOCKDOWN",
"HKEY_CLASSES_ROOT\\.js",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Url History",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\DxTrans",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4",
"HKEY_CLASSES_ROOT\\.html",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\ActiveX Compatibility",
"HKEY_CLASSES_ROOT\\PROTOCOLS\\Name-Space Handler\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\MenuExt\\%s",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-icon\\Bits",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Activities",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_SSLUX",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_WEBOC_DOCUMENT_ZOOM",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Activities",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_IGNORE_LEADING_FILE_SEPARATOR_IN_URI_KB933105",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\3",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\Infodelivery\\Restrictions",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Url History",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_IEDDE_REGISTER_URLECHO",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Security",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Feeds",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_UNC_SAVEDFILECHECK",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\about",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\Main",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\ActiveX Compatibility\\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}",
"HKEY_CURRENT_USER\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\text\/html",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\Zoom",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_CUSTOM_IMAGE_MIME_TYPES_KB910561",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/png\\Bits",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\IETld",
"HKEY_LOCAL_MACHINE\\System\\Setup",
"HKEY_CLASSES_ROOT\\MIME\\Database\\Content Type\\text\/html",
"HKEY_CURRENT_USER\\Software\\Policies",
"HKEY_CLASSES_ROOT\\PROTOCOLS\\Name-Space Handler\\res\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Security\\Floppy Access",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\Feature_Enable_Compat_Logging",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_XSSFILTER",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\4",
"HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Class\\{4d36e972-e325-11ce-bfc1-08002be10318}",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\2",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\1",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\0",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\4",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\0",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\1",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\2",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Main\\FeatureControl",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\0",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\BrowserEmulation",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Services",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_DISABLE_NAVIGATION_SOUNDS",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\PageSetup",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Feeds",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_READ_ZONE_STRINGS_FROM_REGISTRY",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings",
"HKEY_CURRENT_USER\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\res",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Low Rights",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Styles",
"HKEY_CLASSES_ROOT\\MIME\\Database\\Content Type",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\WindowsSearch",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Zoom",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_ZONE_ELEVATION",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/bmp\\Bits",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_IEDDE_REGISTER_PROTOCOL",
"HKEY_CLASSES_ROOT\\PROTOCOLS\\Name-Space Handler\\*\\",
"HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Nls\\CodePage",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\res",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_Isolate_Named_Windows",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Url History",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/gif\\Bits",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Main",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SCRIPTURL_MITIGATION",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_SNIFFING",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Main",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\3",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_SAFE_BINDTOOBJECT",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-jg\\Bits",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_FILEDOWNLOAD",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Accepted Documents",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BROWSER_EMULATION",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Ranges\\",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Services",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\LanguagePack\\SurrogateFallback\\MS Shell Dlg",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\Main\\FeatureControl",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache",
"HKEY_CURRENT_USER\\AppEvents\\Schemes\\Apps\\Explorer\\ActivatingDocument\\.current",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Ftp",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\",
"HKEY_CURRENT_USER\\Software",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MSHTML_AUTOLOAD_IEFRAME",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Activities",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Restrictions",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\TravelLog",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_PROTOCOL_LOCKDOWN",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Suggested Sites",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Suggested Sites",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Ftp",
"HKEY_LOCAL_MACHINE\\Software\\Policies",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Control Panel",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\COM3",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Ranges\\",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\3",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\text\/html",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_RESTRICT_FILEDOWNLOAD",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_LOCALMACHINE_LOCKDOWN",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\International\\Scripts",
"HKEY_CLASSES_ROOT\\.png",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Version Vector",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_HANDLING",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-png",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_ZONE_ELEVATION",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_PROTOCOL_LOCKDOWN",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_DISABLE_NAVIGATION_SOUNDS",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\ProtocolDefaults\\",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Infodelivery\\Restrictions",
"HKEY_CLASSES_ROOT\\.jpg",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_IMG",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Feed Discovery",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\DxTrans",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Ranges\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117",
"HKEY_CLASSES_ROOT\\.css",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\3",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\2",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\1",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_LOCALMACHINE_LOCKDOWN",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\Restrictions",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Lockdown_Zones\\4",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\MediaTypeClass",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ADDITIONAL_IE8_MEMORY_CLEANUP",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_SCRIPT",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_FEEDS",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Settings",
"HKEY_CLASSES_ROOT\\PROTOCOLS\\Name-Space Handler\\file\\",
"HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Internet Explorer\\BrowserEmulation",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_FEEDS",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Zoom",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/jpeg\\Bits",
"HKEY_CURRENT_USER\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\about",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Feed Discovery",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_MIME_HANDLING",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Ratings",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_DOCUMENT_COMPATIBLE_MODE"
],
"resolves_host": [
"query.prod.cms.rt.microsoft.com"
],
"file_written": [
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ru-ru.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\gu-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sq-al.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-hk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ms-my.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ha-Latn-NG.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-at.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sv-se.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\as-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ca-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\cy-gb.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ro-ro.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-au.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-ca.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\si-lk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\InsertBOM.exe",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sk-sk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\te-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bn-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-be.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nn-no.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mi-nz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\th-th.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\da-dk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\he-il.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\el-gr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\am-et.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\gl-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pa-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mn-mn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\af-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ig-ng.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ph.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pl-pl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hr-hr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-de.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-cyrl-ba.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lt-lt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\or-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ar-SA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-xf.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\quz-pe.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\xh-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-mx.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hy-am.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ko-kr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-cyrl-rs.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mr-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bn-bd.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\id-id.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\km-kh.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bg-bg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-nz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-ar.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nso-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\az-Latn-AZ.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\prs-af.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tr-tr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sl-si.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hi-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ne-np.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\is-is.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ta-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pt-pt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\cs-cz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pt-br.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fi-fi.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-sg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tk-tm.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-gb.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nb-no.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ml-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-xl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zu-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nl-be.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\de-ch.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kk-kz.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ur-pk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-hk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bs-Latn-BA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ca.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\vi-vn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-cn.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ga-ie.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\it-it.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-ie.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\et-ee.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\hu-hu.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tn-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-is.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\zh-tw.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ka-ge.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mk-mk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\nl-nl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\eu-es.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fa-ir.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lv-lv.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\lb-lu.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\yo-ng.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\mt-mt.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-za.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ky-kg.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\metadata.json",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kok-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-id.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-co.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-fr.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\ja-jp.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\uz-Latn-UZ.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\tt-ru.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\pa-arab-pk.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fil-ph.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\bs-Cyrl-BA.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sr-latn-rs.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\fr-ch.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\default.cab",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\es-cl.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\uk-ua.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\sw-ke.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\kn-in.html",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\en-my.html"
],
"regkey_deleted": [
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\ProxyBypass",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\ProxyBypass",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\IntranetName",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\IntranetName"
],
"file_deleted": [
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\index.dat"
],
"directory_removed": [
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\"
],
"file_exists": [
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\desktop.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\styles.css:Zone.Identifier",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"C:\\Windows\\System32\\C_1253.NLS",
"C:\\Windows\\System32\\C_1361.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"C:\\Windows\\System32\\C_1251.NLS",
"C:\\Windows\\System32\\C_874.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019111620191117\\",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\desktop.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\script.js:Zone.Identifier",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"C:\\Windows\\System32\\C_1257.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png",
"C:\\Windows\\System32\\C_950.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html:Zone.Identifier",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\content.cab",
"C:\\Windows\\System32\\C_1254.NLS",
"C:\\Windows\\inf\\",
"C:\\Windows\\System32\\C_1250.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"C:\\Windows\\System32\\C_936.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Internet Explorer",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\default.cab",
"C:\\Windows\\System32\\C_1258.NLS",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019111620191117\\index.dat",
"C:\\Windows\\System32\\C_949.NLS",
"C:\\Windows\\System32\\C_1256.NLS",
"C:\\Windows\\System32\\C_1255.NLS",
"C:\\Windows\\System32\\C_932.NLS"
],
"mutex": [
"MSIMGSIZECacheMutex",
"Local\\ZonesCounterMutex",
"Local\\c:!users!cuck!appdata!local!microsoft!windows!history!history.ie5!mshist012019111620191117!",
"Local\\ZonesLockedCacheCounterMutex",
"Local\\ZoneAttributeCacheCounterMutex",
"Local\\ZonesCacheCounterMutex"
],
"guid": [
"{275c23e2-3747-11d0-9fea-00aa003f8646}",
"{6a01fda0-30df-11d0-b724-00aa006c1a01}",
"{dccfc164-2b38-11d2-b7ec-00c04f8f5d9a}",
"{3050f3bc-98b5-11cf-bb82-00aa00bdce0b}",
"{25336920-03f9-11cf-8fd0-00aa00686f13}",
"{a3ccedf7-2de2-11d0-86f4-00a0c913f750}",
"{5762f2a7-4658-4c7a-a4ac-bdabfe154e0d}",
"{4ef17940-30e0-11d0-b724-00aa006c1a01}",
"{00000000-0000-0000-c000-000000000046}",
"{00000146-0000-0000-c000-000000000046}",
"{6c736dc1-ab0d-11d0-a2ad-00a0c90f27e8}",
"{a3ccedf3-2de2-11d0-86f4-00a0c913f750}",
"{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}",
"{871c5380-42a0-1069-a2ea-08002b30309d}",
"{000214e6-0000-0000-c000-000000000046}",
"{00000001-0000-0000-c000-000000000046}",
"{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}",
"{ff393560-c2a7-11cf-bff4-444553540000}",
"{d9e89500-30fa-11d0-b724-00aa006c1a01}",
"{00000323-0000-0000-c000-000000000046}",
"{e7e4bc40-e76a-11ce-a9bb-00aa004ae837}",
"{8856f961-340a-11d0-a96b-00c04fd705a2}",
"{50d5107a-d278-4871-8989-f4ceaaf59cfc}",
"{bb1a2ae1-a4f9-11cf-8f20-00805f2cd064}",
"{30c3b080-30fb-11d0-b724-00aa006c1a01}",
"{6c736db1-bd94-11d0-8a23-00aa00b58e10}",
"{3050f406-98b5-11cf-bb82-00aa00bdce0b}",
"{08c0e040-62d1-11d1-9326-0060b067b86e}"
],
"file_read": [
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\desktop.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\en-us.html",
"C:\\Windows\\System32\\stdole2.tlb",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\default.cab",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\styles.css",
"C:\\Users\\desktop.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\script.js",
"C:\\Users\\cuck\\AppData\\Local\\microsoft\\Windows\\SipNotify\\eoscontent\\metadata.json",
"C:\\Windows\\System32\\atl.dll",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\main.jpg",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\microsoft-logo.png"
],
"regkey_read": [
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\.html\\Content Type",
"HKEY_CURRENT_USER\\FirefoxHTML-E7CF176E110C211B\\IsShortcut",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SecurityProviders",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2000",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSetFolders",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\3\\IEFontSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\Enable AutoImageResize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Rpc\\Extensions\\RemoteRpcDll",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\NoFileFolderJunction",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\MapNetDriveVerbs",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Url History\\DaysToKeep",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_UNC_SAVEDFILECHECK\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\HideIcons",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\HasNavigationEnum",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Feed Discovery\\Sound",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\AutoCheckSelect",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows Search\\CurrentVersion",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\SmoothScroll",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ProxyEnable",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\Icon",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\UrlEncoding",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\RecommendedLevel",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\DisableCachingOfSSLPages",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\1201",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\RestrictedAttributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\AllFilesystemObjects\\IsShortcut",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Display Inline Images",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Zoom\\ZoomDisabled",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\Comment",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\Flags",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\about\\CLSID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\AllFilesystemObjects\\DocObject",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1256",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CoInternetCombineIUriCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\IsTextPlainHonored",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-png\\Image Filter CLSID",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\3\\IEFixedFontName",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Tcpip\\Parameters\\Winsock\\UseDelayedAcceptance",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\\InProcServer32\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\MinLevel",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\DontPrettyPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\AllowFileCLSIDJunctions",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1255",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\DisableScriptDebuggerIE",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_SNIFFING\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\WebView",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410\\CachePrefix",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BROWSER_EMULATION\\*",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\InProcServer32\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\WantsUniversalDelegate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\Page_Transitions",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections\\WinHttpSettings",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\IETld\\IETldVersionLow",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SystemFileAssociations\\.html\\AlwaysShowExt",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\MapNetDrvBtn",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\.jpg\\Content Type",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Use Stylesheets",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\DigitalProductId4",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\QueryForOverlay",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\TCPIP6\\Parameters\\Winsock\\MaxSockaddrLength",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\Flags",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\EnablePunycode",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\950",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ZONE_ELEVATION\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\2106",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\AutoDetect",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\IETld\\IETldDllVersionLow",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\TokenSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows\\DragScrollInterval",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\ShowTypeOverlay",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Always Use My Font Size",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\CPC\\Volume\\{3f5cc1b5-70f9-11e8-b07b-806e6f6e6963}\\Data",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\2500",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\HideFileExt",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\NonEnum\\{871C5380-42A0-1069-A2EA-08002B30309D}",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/jpeg\\Bits\\0",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Enable AutoImageResize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CacheRepair",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_ZONE_ELEVATION\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CachePath",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\2700",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\IETld\\IETldDllVersionHigh",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\2500",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\MapNetDriveVerbs",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\RecommendedLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\SeparateProcess",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\PrivKeyCachePurgeIntervalSeconds",
"HKEY_CURRENT_USER\\Control Panel\\International\\Geo\\Nation",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoWebView",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CachePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\\InProcServer32\\LoadWithoutCOM",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\OLE\\MaximumAllowedAllocationSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\WantsFORDISPLAY",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\Version",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_SCRIPT\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-png\\Bits\\0",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\Print_Background",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_XSSFILTER\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\AcceptLanguage",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\TypeLib\\{00020430-0000-0000-C000-000000000046}\\2.0\\0\\win64\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7\\*",
"HKEY_LOCAL_MACHINE\\SYSTEM\\Setup\\SystemSetupInProgress",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_IMG\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\WindowsSearch\\EnabledScopes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/pjpeg\\Bits\\0",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410\\CacheRepair",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\LDAP\\UseOldHostResolutionOrder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Version Vector\\IE",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Folder\\NeverShowExt",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\ShowInfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\WantsParseDisplayName",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Move System Caret",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\2500",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\SessionMerging",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/x-wmf\\Bits\\0",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_SNIFFING\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\AppEvents\\Schemes\\Apps\\Explorer\\ActivatingDocument\\.Current\\(Default)",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\CurrentLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\TypeLib\\{44EC0535-400F-11D0-9DCD-00A0C90391D3}\\1.0\\0\\win64\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\SmartDithering",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_UNC_SAVEDFILECHECK\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Directory\\AlwaysShowExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\DOMStorage",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SystemFileAssociations\\.html\\NeverShowExt",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\SecuritySafe",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Wpad\\WpadOverride",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\Locale\\00000409",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\SpecialFoldersCacheSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2106",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CoInternetCombineIUriCacheSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_FILEDOWNLOAD\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SystemFileAssociations\\.html\\IsShortcut",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoCommonGroups",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\IETld\\IETldVersionHigh",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\FirefoxHTML-E7CF176E110C211B\\DocObject",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\SQMClient\\Windows\\DisabledSessions\\MachineThrottling",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CacheOptions",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\COM3\\COM+Enabled",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\DisableCachingOfSSLPages",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Directory\\BrowseInPlace",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Tcpip\\Parameters\\Winsock\\MaxSockaddrLength",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SUBDOWNLOAD_LOCKDOWN\\*",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\RecommendedLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{00000134-0000-0000-C000-000000000046}\\ProxyStubClsid32\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_SCRIPT\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\2000",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2000",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\WantsParseDisplayName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\QueryForInfoTip",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\UrlEncoding",
"HKEY_CURRENT_USER\\FirefoxHTML-E7CF176E110C211B\\AlwaysShowExt",
"HKEY_CURRENT_USER\\FirefoxHTML-E7CF176E110C211B\\BrowseInPlace",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\949",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\ShowCompColor",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FrameTabWindow",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\MiscFlags",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\2500",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Directory\\IsShortcut",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoPropertiesRecycleBin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoPropertiesMyComputer",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_HANDLING\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\UseHR",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\DOMStorage",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\RecommendedLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\HasNavigationEnum",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MSHTML_AUTOLOAD_IEFRAME\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ProtectedModeOffForAllZones",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ShellState",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Force Offscreen Composition",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\TabProcGrowth",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SAFE_BINDTOOBJECT\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CoInternetCombineIUriCacheSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\FirefoxHTML-E7CF176E110C211B\\BrowseInPlace",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\Display Inline Videos",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\UrlEncoding",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\DisableImprovedZoneCheck",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Disable Script Debugger",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Winsock\\Setup Migration\\Providers\\Tcpip\\WinSock 2.0 Provider ID",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\1400",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\CurrentLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Directory\\NeverShowExt",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Drive\\shellex\\FolderExtensions\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\DriveMask",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Services\\SelectionActivityButtonDisable",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\CPC\\Volume\\{3f5cc1b6-70f9-11e8-b07b-806e6f6e6963}\\Generation",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CreateUriCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\CurrentLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\LogMaxFileSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\RtfConverterFlags",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoControlPanel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_PROTOCOL_LOCKDOWN\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MSHTML_AUTOLOAD_IEFRAME\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\CurrentLevel",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\UseClearType",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\932",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Cached\\{FF393560-C2A7-11CF-BFF4-444553540000} {000214E6-0000-0000-C000-000000000046} 0xFFFF",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\936",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\RpcId",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1251",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\Defaults\\Provider\\Microsoft Strong Cryptographic Provider\\Type",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Play_Animations",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\CallForAttributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_FEEDS\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FrameTabWindow",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\SessionMerging",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Use Anchor Hover Color",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Default_CodePage",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\WantsFORPARSING",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\Default_IEFontSizePrivate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_PROTOCOL_LOCKDOWN\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.html\\UserChoice\\Progid",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_MIME_HANDLING\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ShareCredsWithWinHttp",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\Filter",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Anchor Color",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\HideInWebView",
"HKEY_CURRENT_USER\\.html\\(Default)",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\CPC\\Volume\\{3f5cc1b5-70f9-11e8-b07b-806e6f6e6963}\\Generation",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CacheLimit",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\UseDropHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoInternetIcon",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\CPC\\Volume\\{3f5cc1b6-70f9-11e8-b07b-806e6f6e6963}\\Data",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ProxySettingsPerUser",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Winsock\\Parameters\\Transports",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\WantsAliasedNotifications",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{FF393560-C2A7-11CF-BFF4-444553540000}\\InProcServer32\\LoadWithoutCOM",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Print_Background",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CacheRepair",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Cached\\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {000214E6-0000-0000-C000-000000000046} 0xFFFF",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections\\DefaultConnectionSettings",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\XDomainRequest",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\2500",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy\\Enabled",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1253",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\Flags",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1250",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1257",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\CurrentLevel",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Disable Visited Hyperlinks",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1254",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\3\\IEFontSizePrivate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\AboutURLs\\blank",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\DontShowSuperHidden",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\InProcServer32\\LoadWithoutCOM",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SAFE_BINDTOOBJECT\\*",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SystemFileAssociations\\.html\\BrowseInPlace",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\MinLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\HideOnDesktopPerUser",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\MinLevel",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CachePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/png\\Bits\\0",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\NavigationDelay",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SESSION MANAGER\\SafeProcessSearchMode",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Play_Background_Sounds",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Security\\DisableSecuritySettingsCheck",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\874",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Display Inline Videos",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\.css\\Content Type",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\TCPIP6\\Parameters\\Winsock\\HelperDllName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\PinToNameSpaceTree",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\FirefoxHTML-E7CF176E110C211B\\AlwaysShowExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_LOCALMACHINE_LOCKDOWN\\*",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Tcpip\\Parameters\\Winsock\\Mapping",
"HKEY_CURRENT_USER\\FirefoxHTML-E7CF176E110C211B\\NeverShowExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\WantsFORDISPLAY",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Suggested Sites\\Enabled",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\DisableCachingOfSSLPages",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CachePrefix",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{FF393560-C2A7-11CF-BFF4-444553540000}\\InProcServer32\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoNetCrawling",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\LsaExtensionConfig\\SspiCli\\CheckSignatureRoutine",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Q300829",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\SQMClient\\Windows\\DisabledProcesses\\EF76601B",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\TCPIP6\\Parameters\\Winsock\\MinSockaddrLength",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\LsaExtensionConfig\\SspiCli\\CheckSignatureDll",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\TabProcGrowth",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\HideOnDesktopPerUser",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CreateUriCacheSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\PROTOCOLS\\Handler\\res\\CLSID",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\NoProtectedModeBanner",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\(Default)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\TurnOffSPIAnimations",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\WantsAliasedNotifications",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\No3DBorder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\PinToNameSpaceTree",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows\\DragDelay",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\FirefoxHTML-E7CF176E110C211B\\NeverShowExt",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\AdminTabProcs",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CreateUriCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Always Use My Font Face",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2700",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/gif\\Bits\\0",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\1201",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CacheRepair",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\QueryForInfoTip",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\Capabilities",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\.png\\Content Type",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2106",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\XDomainRequest",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\.html\\Content Type",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_LOCALMACHINE_LOCKDOWN\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\LogMask",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\PrivKeyCacheMaxItems",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\SQMClient\\Windows\\DisabledSessions\\GlobalSession",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\MinLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Directory\\DocObject",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_FEEDS\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\ShowSuperHidden",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\SspiCache\\credssp.dll\\Type",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SSLUX\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\EnablePunycode",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CacheRepair",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\AdminTabProcs",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\FrameMerging",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\XMLHTTP",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoFileMenu",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\WantsUniversalDelegate",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\SmartDithering",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\TCPIP6\\Parameters\\Winsock\\UseDelayedAcceptance",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\LDAP\\UseHostnameAsAlias",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\NoNetCrawling",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheRepair",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\NoFileFolderJunction",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\AutoDetect",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\\*",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019040920190410\\CachePath",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Anchor Underline",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Page_Transitions",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\QueryForOverlay",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\UseDropHandler",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\WarnOnIntranet",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\Language Groups\\1",
"HKEY_CURRENT_USER\\FirefoxHTML-E7CF176E110C211B\\DocObject",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\WantsFORPARSING",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Use_DlgBox_Colors",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CachePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_RESTRICT_FILEDOWNLOAD\\*",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Version Vector\\WindowsEdition",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1361",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\No3DBorder",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\SpecialFoldersCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CoInternetCombineIUriCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\International\\Scripts\\3\\IEPropFontName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\ClassicShell",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\SpecialFoldersCacheSize",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\2500",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\EnablePunycode",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Allow Programmatic Cut_Copy_Paste",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\2700",
"HKEY_CURRENT_USER\\Software\\Microsoft\\FTP\\Use Web Based FTP",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\2500",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\MachineGuid",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\EnablePunycode",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\MinLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\AllFilesystemObjects\\BrowseInPlace",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\IconsOnly",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SystemFileAssociations\\.html\\DocObject",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\LogLevel",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\PrivateKeyLifetimeSeconds",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\2500",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\RestrictedAttributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\.js\\Content Type",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Cached\\{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0xFFFF",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\Flags",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\LDAP\\LdapClientIntegrity",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Always Use My Colors",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Anchor Color Hover",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Winsock\\Setup Migration\\Providers\\Tcpip6\\WinSock 2.0 Provider ID",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CachePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\HideInWebView",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\SpecialFoldersCacheSize",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\SeparateProcess",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SUBDOWNLOAD_LOCKDOWN\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows\\DragScrollInset",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\LocalizedString",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BROWSER_EMULATION\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Folder\\DocObject",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FrameMerging",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Cleanup HTCs",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows\\DragScrollDelay",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\MIME\\Database\\Content Type\\image\/bmp\\Bits\\0",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\WarnOnIntranet",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Tcpip\\Parameters\\Winsock\\MinSockaddrLength",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\CreateUriCacheSize",
"HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\WarnOnIntranet",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\Defaults\\Provider\\Microsoft Strong Cryptographic Provider\\Image Path",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\SmoothScroll",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\HideFolderVerbs",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Version Vector\\VML",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\WinHttp\\DisableBranchCache",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Show image placeholders",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\RecommendedLevel",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\Tcpip\\Parameters\\Winsock\\HelperDllName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\NonEnum\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Security\\DisableSecuritySettingsCheck",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Settings\\Anchor Color Visited",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Expand Alt Text",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\ShellFolder\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Security_HKLM_only",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_BLOCK_LMZ_IMG\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_XSSFILTER\\54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276.bin",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\PageSetup\\Print_Background",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\HideFolderVerbs",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\Flags",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\FirefoxHTML-E7CF176E110C211B\\IsShortcut",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\UseThemes",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\Hidden",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CodePage\\1258",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\WinHttp\\Tracing\\Enabled",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\AllFilesystemObjects\\NeverShowExt",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\ShellFolder\\CallForAttributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\Show image placeholders",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Folder\\IsShortcut",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\SQMClient\\Windows\\CEIPEnable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSimpleStartMenu",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Folder\\BrowseInPlace",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\CSS_Compat",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\MAIN\\FeatureControl\\FEATURE_SSLUX\\*",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\services\\TCPIP6\\Parameters\\Winsock\\Mapping"
],
"regkey_written": [
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheRepair",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\AutoDetect",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Cached\\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {000214E6-0000-0000-C000-000000000046} 0xFFFF",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheLimit",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\SipNotify\\LastShown",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\UNCAsIntranet",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CachePath"
]
},
"first_seen": 1573919585.5781,
"ppid": 2892
},
{
"process_path": "C:\\Windows\\System32\\lsass.exe",
"process_name": "lsass.exe",
"pid": 476,
"summary": {},
"first_seen": 1573919585.3438,
"ppid": 376
},
{
"process_path": "C:\\Windows\\explorer.exe",
"process_name": "explorer.exe",
"pid": 1788,
"summary": {
"file_failed": [
"C:\\cuckoo_1788.ini",
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\"
],
"regkey_opened": [
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache"
],
"file_exists": [
"C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\MSHist012019040920190410\\desktop.ini",
"C:\\cuckoo_1788.ini"
],
"file_opened": [
"C:\\"
],
"guid": [
"{ff393560-c2a7-11cf-bff4-444553540000}",
"{00000000-0000-0000-c000-000000000046}",
"{46a6eeff-908e-4dc6-92a6-64be9177b41c}",
"{76765b11-3f95-4af2-ac9d-ea55d8994f1a}",
"{660b90c8-73a9-4b58-8cae-355b7f55341b}",
"{000214e6-0000-0000-c000-000000000046}"
],
"regkey_read": [
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Cached\\{FF393560-C2A7-11CF-BFF4-444553540000} {000214E6-0000-0000-C000-000000000046} 0xFFFF",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CacheLimit",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CachePrefix",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{FF393560-C2A7-11CF-BFF4-444553540000}\\InProcServer32\\(Default)",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheRepair",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CacheLimit",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CacheRepair",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CachePath",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CacheLimit",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CachePath",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\SQMClient\\Windows\\CEIPEnable",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CachePath",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\PrivacIE:\\CacheRepair",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CachePath",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\feedplat\\CachePath",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CachePrefix",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CacheRepair",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\MSHist012019111620191117\\CacheLimit",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{FF393560-C2A7-11CF-BFF4-444553540000}\\InProcServer32\\LoadWithoutCOM",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\ietld\\CacheOptions",
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\5.0\\Cache\\Extensible Cache\\DOMStore\\CacheRepair"
]
},
"first_seen": 1573919657.9056,
"ppid": 1740
}
]Signatures
[
{
"markcount": 8,
"families": [],
"description": "Checks if process is being debugged by a debugger",
"severity": 1,
"marks": [
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 997,
"nt_status": -1073741772,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1573919156.2534,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 240
},
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 997,
"nt_status": -1073741772,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1573919156.2534,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 241
},
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 12007,
"nt_status": -1073741700,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1573919156.8624,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 597
},
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 12007,
"nt_status": -1073741700,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1573919176.8624,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 603
},
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 12007,
"nt_status": -1073741700,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1573919196.8624,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 612
},
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741700,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1573919216.8624,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 617
},
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741700,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1573919216.8624,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 618
},
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741700,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1573919216.8624,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 621
}
],
"references": [],
"name": "checks_debugger"
},
{
"markcount": 1,
"families": [],
"description": "Collects information to fingerprint the system (MachineGuid, DigitalProductId, SystemBiosDate)",
"severity": 1,
"marks": [
{
"category": "registry",
"ioc": "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\MachineGuid",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "recon_fingerprint"
},
{
"markcount": 1,
"families": [],
"description": "This executable has a PDB path",
"severity": 1,
"marks": [
{
"category": "pdb_path",
"ioc": "sipnotify.pdb",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "has_pdb"
},
{
"markcount": 2,
"families": [],
"description": "The file contains an unknown PE resource name possibly indicative of a packer",
"severity": 1,
"marks": [
{
"category": "resource name",
"ioc": "MUI",
"type": "ioc",
"description": null
},
{
"category": "resource name",
"ioc": "UIFILE",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "pe_unknown_resource_name"
},
{
"markcount": 1,
"families": [],
"description": "Executes javascript",
"severity": 2,
"marks": [
{
"call": {
"category": "iexplore",
"status": 1,
"stacktrace": [],
"api": "COleScript_Compile",
"return_value": 0,
"arguments": {
"type": "JScript - window script block",
"script": "function resize(){\r\n\tvar width = document.body.clientWidth;\r\n\tvar img = document.querySelectorAll(\".img-container img\").item(0);\r\n\tvar p = document.getElementsByTagName(\"p\").item(0);\r\n\tvar h1 = document.getElementsByTagName(\"h1\").item(0);\r\n\tvar span = document.getElementsByTagName(\"span\").item(0);\r\n\tvar html = document.getElementsByTagName(\"html\").item(0);\r\n\tvar body = document.body;\r\n\tvar content = document.querySelectorAll(\".content\").item(0);\r\n\t\r\n\tif(width <= 460) {\r\n\t\timg.style.width = \"100%\";\r\n\t}\r\n\tif(width <= 727) {\r\n\t\t\/\/html.style.height = \"442px\";\r\n\t\t\/\/body.style.height = \"442px\";\r\n\t\tcontent.style.height = \"auto\";\r\n\t\timg.style.width = \"70%\";\r\n\t\tp.style.fontSize = \"11px\";\r\n\t\th1.setAttribute(\"style\", \"font-size: 18px; font-weight: 600\");\r\n\t\tspan.style.fontSize = \"16px\";\r\n\t}\r\n\tif(width >= 728) {\r\n\t\timg.style.width = \"100%\";\r\n\t\t\/\/html.removeAttribute(\"style\");\r\n\t\t\/\/body.removeAttribute(\"style\");\r\n\t\tcontent.removeAttribute(\"style\");\r\n\t\tp.removeAttribute(\"style\");\r\n\t\th1.removeAttribute(\"style\");\r\n\t\tspan.removeAttribute(\"style\");\r\n\t}\r\n\tif(width <= 1060) {\r\n\t\tcontent.style.height = \"auto\";\r\n\t}\r\n}"
},
"time": 1573919226.4724,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 5128
}
],
"references": [],
"name": "js_eval"
},
{
"markcount": 1,
"families": [],
"description": "Allocates read-write-execute memory (usually to unpack itself)",
"severity": 2,
"marks": [
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtAllocateVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"region_size": 4096,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"protection": 64,
"process_handle": "0xffffffffffffffff",
"allocation_type": 4096,
"base_address": "0x00000000020f0000"
},
"time": 1573919217.7694,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE",
"allocation_type": "MEM_COMMIT"
}
},
"pid": 1512,
"type": "call",
"cid": 1842
}
],
"references": [],
"name": "allocates_rwx"
},
{
"markcount": 1,
"families": [],
"description": "Drops an executable to the user AppData folder",
"severity": 2,
"marks": [
{
"category": "file",
"ioc": "C:\\Users\\cuck\\AppData\\Local\\Microsoft\\Windows\\SipNotify\\eoscontent\\InsertBOM.exe",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "exe_appdata"
},
{
"markcount": 1,
"families": [],
"description": "Checks adapter addresses which can be used to detect virtual network interfaces",
"severity": 2,
"marks": [
{
"call": {
"category": "network",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "GetAdaptersAddresses",
"return_value": 111,
"arguments": {
"flags": 15,
"family": 0
},
"time": 1573919156.3784,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 465
}
],
"references": [],
"name": "antivm_network_adapters"
},
{
"markcount": 2,
"families": [],
"description": "The binary likely contains encrypted or compressed data indicative of a packer",
"severity": 2,
"marks": [
{
"entropy": 7.6486679829346,
"section": {
"size_of_data": "0x00025600",
"virtual_address": "0x0002e000",
"entropy": 7.6486679829346,
"name": ".rsrc",
"virtual_size": "0x00025498"
},
"type": "generic",
"description": "A section with a high entropy has been found"
},
{
"entropy": 0.45929339477727,
"type": "generic",
"description": "Overall entropy of this PE file is high"
}
],
"references": [
"http:\/\/www.forensickb.com\/2013\/03\/file-entropy-explained.html",
"http:\/\/virii.es\/U\/Using%20Entropy%20Analysis%20to%20Find%20Encrypted%20and%20Packed%20Malware.pdf"
],
"name": "packer_entropy"
},
{
"markcount": 1,
"families": [],
"description": "Creates a windows hook that monitors keyboard input (keylogger)",
"severity": 3,
"marks": [
{
"call": {
"category": "system",
"status": 1,
"stacktrace": [],
"api": "SetWindowsHookExW",
"return_value": 15008213,
"arguments": {
"thread_identifier": 0,
"callback_function": "0x00000000ffe9ae10",
"module_address": "0x00000000ffdf0000",
"hook_identifier": 13
},
"time": 1573919254.7999,
"tid": 1828,
"flags": {
"hook_identifier": "WH_KEYBOARD_LL"
}
},
"pid": 1788,
"type": "call",
"cid": 2049
}
],
"references": [],
"name": "infostealer_keylogger"
}
]Yara
The Yara rules did not detect anything in the file.
Network
{
"tls": [],
"udp": [
{
"src": "192.168.56.101",
"dst": "192.168.56.255",
"offset": 662,
"time": 6.2200000286102,
"dport": 137,
"sport": 137
},
{
"src": "192.168.56.101",
"dst": "192.168.56.255",
"offset": 5342,
"time": 12.21982383728,
"dport": 138,
"sport": 138
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 7186,
"time": 5.2922348976135,
"dport": 5355,
"sport": 51001
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 7506,
"time": 4.1523108482361,
"dport": 5355,
"sport": 53595
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 7834,
"time": 6.1815268993378,
"dport": 5355,
"sport": 53848
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 8162,
"time": 4.660943031311,
"dport": 5355,
"sport": 54255
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 8490,
"time": 3.0424189567566,
"dport": 5355,
"sport": 55314
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 8818,
"time": 6.1946058273315,
"dport": 5355,
"sport": 55880
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 9146,
"time": 4.6571829319,
"dport": 1900,
"sport": 1900
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 28556,
"time": 4.17249584198,
"dport": 3702,
"sport": 49152
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 36940,
"time": 6.2665758132935,
"dport": 1900,
"sport": 53598
}
],
"dns_servers": [],
"http": [],
"icmp": [],
"smtp": [],
"tcp": [],
"smtp_ex": [],
"mitm": [],
"hosts": [],
"pcap_sha256": "25f45d8e223a8be76bbcbc0b762d8c823c15f9ff08572be536852fef60a64d0e",
"dns": [],
"http_ex": [],
"domains": [],
"dead_hosts": [],
"sorted_pcap_sha256": "3191dea6d7152e4b0874b4694c62ffd97c0db0882af1985c9b7c210e8540f35a",
"irc": [],
"https_ex": []
}Screenshots
Other files also named sipnotify.exe
sipnotify.exe (16 votes)
Hashes [?]
| Property | Value |
|---|---|
| MD5 | 15d10dd3dcbbaecd6cecab54ef6ff9eb |
| SHA256 | 54552ebb2ee12baf930bba66b1cc1f2631ca7c77513c39f0910ff08bd7d4c276 |
Error Messages
These are some of the error messages that can appear related to sipnotify.exe:
sipnotify.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
sipnotify.exe - Application Error. The instruction at "0xXXXXXXXX" referenced memory at "0xXXXXXXXX". The memory could not be "read/written". Click on OK to terminate the program.
sipnotify has stopped working.
End Program - sipnotify.exe. This program is not responding.
sipnotify.exe is not a valid Win32 application.
sipnotify.exe - Application Error. The application failed to initialize properly (0xXXXXXXXX). Click OK to terminate the application.
What will you do with sipnotify.exe?
To help other users, please let us know what you will do with sipnotify.exe:
What did other users do?
The poll result listed below shows what users chose to do with sipnotify.exe. 100% have voted for removal. Based on votes from 1 user.
| Votes | |||
|---|---|---|---|
| Keep | 0 % | 0 | |
| Remove | 100 % | 1 |
NOTE: Please do not use this poll as the only source of input to determine what you will do with sipnotify.exe. Only 1 user has voted so far so it does not offer a high degree of confidence.
Malware or legitimate?
If you feel that you need more information to determine if your should keep this file or remove it, please read this guide.
And now some shameless self promotion ;)
Hi, my name is Roger Karlsson. I've been running this website since 2006. I want to let you know about the FreeFixer program. FreeFixer is a freeware tool that analyzes your system and let you manually identify unwanted programs. Once you've identified some malware files, FreeFixer is pretty good at removing them. You can download FreeFixer here. It runs on Windows 2000/XP/2003/2008/2016/2019/Vista/7/8/8.1/10. Supports both 32- and 64-bit Windows.
If you have questions, feedback on FreeFixer or the freefixer.com website, need help analyzing FreeFixer's scan result or just want to say hello, please contact me. You can find my email address at the contact page.
Comments
Please share with the other users what you think about this file. What does this file do? Is it legitimate or something that your computer is better without? Do you know how it was installed on your system? Did you install it yourself or did it come bundled with some other software? Is it running smoothly or do you get some error message? Any information that will help to document this file is welcome. Thank you for your contributions.
I'm reading all new comments so don't hesitate to post a question about the file. If I don't have the answer perhaps another user can help you.
No comments posted yet.