IP Address: 64.53.56.121Previously Malicious
Weekly Summary
Browse or download a weekly review of our cyber threat intelligence data and gain more insight to help protect your network
Top Threats
Cyber Threat Intelligence
Discover Malicious IPs and Domains with Guardicore Cyber Threat Feed
IP Address:
64.53.56.121
Previously Malicious
This IP address attempted an attack on a machine protected by Guardicore Centra
Threat Information
|
Role |
Attacker |
|
Services Targeted |
SMB |
|
Tags |
HTTP Malicious File Outgoing Connection Scheduled Task Creation Access Suspicious Domain Listening CMD Download File Download and Execute SMB Null Session Login Service Configuration Service Start DNS Query SMB |
|
Connect Back Servers |
www.download.windowsupdate.com softlayer.com 4711.se testlabje.net mit.edu api.nuget.org archive.torproject.org torauth.de inet.fi poneytelecom.eu ip-51-255-198.eu rabbani.jp cacerts.digicert.com znx.cc torproject.org 72.21.81.200 104.16.237.184 163.172.142.92 82.195.75.101 154.35.32.5 95.211.216.9 193.23.244.244 84.250.0.210 128.31.0.39 149.202.49.87 51.255.198.77 80.127.109.50 171.25.193.9 163.172.21.117 8.254.247.30 |
Basic Information
|
IP Address |
64.53.56.121 |
|
|
Domain |
- |
|
|
ISP |
Spirit Communications |
|
|
Country |
United States |
|
|
WHOIS |
Created Date |
- |
|
Updated Date |
- |
|
|
Organization |
- |
|
|
First seen in Guardicore Centra |
2017-05-21 |
|
Last seen in Guardicore Centra |
2017-05-21 |
What is Guardicore CentraGuardicore Centra is a data center and cloud security solution that protects the organization's core assets, using flexible, quickly deployed and easy to understand micro-segmentation controls. Centra generates in-context security incidents, with details on attacker tools and techniques, that help IR teams prioritize incident investigation and reduce dwell time. Learn More
Attack Flow
|
The file C:\WINDOWS\UpdateInstaller.exe was downloaded and executed |
Download and Execute |
|
Process c:\windows\updateinstaller.exe attempted to access domains: api.nuget.org |
DNS Query |
|
Process c:\windows\updateinstaller.exe generated outgoing network traffic to: 72.21.81.200:80 |
Outgoing Connection |
|
C:\WINDOWS\UpdateInstaller.exe was identified as malicious by YARA according to rules: Packer, Antidebug Antivm, Peid and Packer Compiler Signatures |
Malicious File |
|
The file C:\Program Files\Microsoft Updates\svchost.exe was downloaded and executed 2 times |
Download and Execute |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net20\JetBrains.Annotations.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net20\JetBrains.Annotations.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net20\Microsoft.Win32.TaskScheduler.dll was identified as malicious by YARA according to rules: Packer, Antidebug Antivm and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net20\Microsoft.Win32.TaskScheduler.dll was identified as malicious by YARA according to rules: Packer, Antidebug Antivm and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net20\Microsoft.Win32.TaskScheduler.XML was identified as malicious by YARA according to rules: Antidebug Antivm |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net20\Microsoft.Win32.TaskScheduler.XML was identified as malicious by YARA according to rules: Antidebug Antivm |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net20\de\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net20\de\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net20\es\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net20\es\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net20\fr\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net20\fr\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net20\it\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net20\it\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net20\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net20\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net35\JetBrains.Annotations.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net35\JetBrains.Annotations.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net35\Microsoft.Win32.TaskScheduler.dll was identified as malicious by YARA according to rules: Packer, Antidebug Antivm and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net35\Microsoft.Win32.TaskScheduler.dll was identified as malicious by YARA according to rules: Packer, Antidebug Antivm and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net35\Microsoft.Win32.TaskScheduler.XML was identified as malicious by YARA according to rules: Antidebug Antivm |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net35\Microsoft.Win32.TaskScheduler.XML was identified as malicious by YARA according to rules: Antidebug Antivm |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net35\de\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net35\de\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net35\es\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net35\es\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net35\fr\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net35\fr\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net35\it\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net35\it\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net35\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net35\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net40\JetBrains.Annotations.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net40\JetBrains.Annotations.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net40\Microsoft.Win32.TaskScheduler.dll was identified as malicious by YARA according to rules: Packer, Antidebug Antivm and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net40\Microsoft.Win32.TaskScheduler.dll was identified as malicious by YARA according to rules: Packer, Antidebug Antivm and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net40\Microsoft.Win32.TaskScheduler.XML was identified as malicious by YARA according to rules: Antidebug Antivm |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net40\Microsoft.Win32.TaskScheduler.XML was identified as malicious by YARA according to rules: Antidebug Antivm |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net40\de\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net40\de\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net40\es\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net40\es\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net40\fr\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net40\fr\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net40\it\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net40\it\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net40\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net40\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net452\JetBrains.Annotations.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net452\JetBrains.Annotations.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net452\Microsoft.Win32.TaskScheduler.dll was identified as malicious by YARA according to rules: Packer, Antidebug Antivm and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net452\Microsoft.Win32.TaskScheduler.dll was identified as malicious by YARA according to rules: Packer, Antidebug Antivm and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net452\Microsoft.Win32.TaskScheduler.XML was identified as malicious by YARA according to rules: Antidebug Antivm |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net452\Microsoft.Win32.TaskScheduler.XML was identified as malicious by YARA according to rules: Antidebug Antivm |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net452\de\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net452\de\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net452\es\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net452\es\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net452\fr\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net452\fr\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net452\it\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net452\it\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for TaskScheduler.zip\lib\net452\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\TaskScheduler\lib\net452\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll was identified as malicious by YARA according to rules: Packer, Peid and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\Microsoft.Win32.TaskScheduler.dll was identified as malicious by YARA according to rules: Packer, Antidebug Antivm and Packer Compiler Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\SharpZLib\lib\11\ICSharpCode.SharpZipLib.dll was identified as malicious by YARA according to rules: Packer, Peid, Packer Compiler Signatures and Crypto Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for SharpZLib.zip\lib\11\ICSharpCode.SharpZipLib.dll was identified as malicious by YARA according to rules: Packer, Peid, Packer Compiler Signatures and Crypto Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\SharpZLib\lib\20\ICSharpCode.SharpZipLib.dll was identified as malicious by YARA according to rules: Peid, Packer Compiler Signatures and Crypto Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for SharpZLib.zip\lib\20\ICSharpCode.SharpZipLib.dll was identified as malicious by YARA according to rules: Peid, Packer Compiler Signatures and Crypto Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for SharpZLib.zip\lib\SL3\SharpZipLib.Silverlight3.dll was identified as malicious by YARA according to rules: Packer, Peid, Packer Compiler Signatures and Crypto Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\SharpZLib\lib\SL3\SharpZipLib.Silverlight3.dll was identified as malicious by YARA according to rules: Packer, Peid, Packer Compiler Signatures and Crypto Signatures |
Malicious File |
|
C:\WINDOWS\Temp\Temporary Directory 1 for SharpZLib.zip\lib\SL4\SharpZipLib.Silverlight4.dll was identified as malicious by YARA according to rules: Packer, Peid, Packer Compiler Signatures and Crypto Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\SharpZLib\lib\SL4\SharpZipLib.Silverlight4.dll was identified as malicious by YARA according to rules: Packer, Peid, Packer Compiler Signatures and Crypto Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\ICSharpCode.SharpZipLib.dll was identified as malicious by YARA according to rules: Peid, Packer Compiler Signatures and Crypto Signatures |
Malicious File |
|
C:\Program Files\Microsoft Updates\svchost.exe was identified as malicious by YARA according to rules: Antidebug Antivm, Peid and Packer Compiler Signatures |
Malicious File |
|
Service RasMan was started |
Service Start |
|
C:\Program Files\Microsoft Updates\taskhost.exe was identified as malicious by YARA according to rules: Packer Compiler Signatures |
Malicious File |
|
Process c:\program files\microsoft updates\svchost.exe attempted to access domains: archive.torproject.org, www.download.windowsupdate.com and cacerts.digicert.com |
DNS Query |
|
Process c:\program files\microsoft updates\svchost.exe generated outgoing network traffic to: 8.254.247.30:80, 104.16.237.184:80 and 82.195.75.101:443 |
Outgoing Connection |
|
C:\Program Files\Microsoft Updates\temp\tor.zip was identified as malicious by YARA according to rules: Antidebug Antivm |
Malicious File |
|
The file C:\Program Files\Microsoft Updates\ICSharpCode.SharpZipLib.dll was downloaded and loaded by c:\program files\microsoft updates\svchost.exe |
Download and Execute |
|
Process c:\program files\microsoft updates\tor\tor.exe started listening on ports: 9050 2 times |
Listening |
|
Process c:\program files\microsoft updates\tor\tor.exe generated outgoing network traffic to: 51.255.198.77:443, 193.23.244.244:443, 84.250.0.210:443, 80.127.109.50:9001 and 171.25.193.9:80 |
Outgoing Connection |
|
Process c:\program files\microsoft updates\tor\tor.exe attempted to access suspicious domains: testlabje.net, ip-51-255-198.eu, torauth.de and 4711.se |
Access Suspicious Domain Outgoing Connection |
|
The file C:\Program Files\Microsoft Updates\Microsoft.Win32.TaskScheduler.dll was downloaded and loaded by c:\program files\microsoft updates\svchost.exe |
Download and Execute |
|
The command line C:\Program Files\Microsoft Updates\svchost.exe was scheduled to run by modifying C:\WINDOWS\Tasks\Microsoft Service Host.job |
|
|
The command line C:\Program Files\Microsoft Updates\taskhost.exe was scheduled to run by modifying C:\WINDOWS\Tasks\Microsoft Task Host.job |
|
|
The command line C:\Program Files\Microsoft Updates\Tor\tor.exe was scheduled to run by modifying C:\WINDOWS\Tasks\Microsoft Tor Host.job |
|
|
The file C:\WINDOWS\system32\framedyn.dll was downloaded and loaded by c:\windows\system32\netsh.exe |
Download and Execute |
|
Service SharedAccess was started |
Service Start |
|
Service ALG was started |
Service Start |
|
Process c:\program files\microsoft updates\tor\tor.exe generated outgoing network traffic to: 149.202.49.87:443, 193.23.244.244:443, 163.172.21.117:443, 128.31.0.39:9101, 95.211.216.9:9001, 154.35.32.5:443 and 163.172.142.92:443 |
Outgoing Connection |
|
Process c:\program files\microsoft updates\tor\tor.exe attempted to access suspicious domains: rabbani.jp, poneytelecom.eu, znx.cc and torauth.de |
Access Suspicious Domain Outgoing Connection |
|
The file C:\Program Files\Microsoft Updates\taskhost.exe was downloaded and executed |
Download and Execute |
Associated Files
|
C:\Program Files\Microsoft Updates\TaskScheduler.zip |
SHA256: 60eaf06eb6527d9aad26bbc27195b58e5a6f1368cd382b656ea6e3f10347ef1f |
890401 bytes |
|
C:\Program Files\Microsoft Updates\SharpZLib.zip |
SHA256: 5906c248bb986d50489192f490f94d2331d04e7d34337bc3c0d64df6d0008207 |
454026 bytes |
|
C:\WINDOWS\UpdateInstaller.exe |
SHA256: 64442cceb7d618e70c62d461cfaafdb8e653b8d98ac4765a6b3d8fd1ea3bce15 |
344064 bytes |
|
C:\Program Files\Microsoft Updates\svchost.exe |
SHA256: c4762489488f797b4b33382c8b1b71c94a42c846f1f28e0e118c83fe032848f0 |
305152 bytes |
|
C:\Program Files\Microsoft Updates\ICSharpCode.SharpZipLib.dll |
SHA256: 40b3d590f95191f3e33e5d00e534fa40f823d9b1bb2a9afe05f139c4e0a3af8d |
200704 bytes |
|
C:\Program Files\Microsoft Updates\Microsoft.Win32.TaskScheduler.dll |
SHA256: a5cedbb6a252c47d0f3d2828bb05a319e97ef9158f802a91723af9b19f4fbd30 |
348672 bytes |
|
C:\Program Files\Microsoft Updates\taskhost.exe |
SHA256: 20240431d6eb6816453651b58b37f53950fcc3f0929813806525c5fd97cdc0e1 |
61440 bytes |