Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.GO.Filecoder

Trojan.GO.Filecoder

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 3,318
Threat Level: 80 % (High)
Infected Computers: 120
First Seen: September 18, 2023
Last Seen: November 14, 2025
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.GO.Filecoder
Signature status: No Signature

Known Samples

MD5: 08e76dd242e64bb31aec09db8464b28f
SHA1: 3f3f62c33030cfd64dba2d4ecb1634a9042ba292
SHA256: 1FD07B8D1728E416F897BEF4F1471126F9B18EF108EB952F4B75050DA22E8E43
File Size: 2.07 MB, 2069504 bytes
MD5: 173c4085c23080d9fb19280cc507d28d
SHA1: a186c08d3d10885ebb129b1a0d8ea0da056fc362
SHA256: 731ADCF2D7FB61A8335E23DBEE2436249E5D5753977EC465754C6B699E9BF161
File Size: 3.07 MB, 3068928 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have resources
  • File doesn't have security information
  • File has TLS information
  • File is 32-bit executable
  • File is 64-bit executable
  • File is either console or GUI application
Show More
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

  • golang
  • No Version Info
  • ntdll
  • x64
  • x86

Block Information

Total Blocks: 11,670
Potentially Malicious Blocks: 5,527
Whitelisted Blocks: 6,143
Unknown Blocks: 0

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x 0 0 0 x x 0 0 0 x x 0 0 0 x x 0 0 0 x 0 x 0 x 0 0 x 0 x x x x x 0 x x x x x x 0 x 0 x 0 0 0 0 0 0 0 x 0 0 0 x 0 x x 0 0 0 0 0 0 0 0 0 x x x 0 x x x 0 0 0 0 0 0 0 x 0 0 0 0 x 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 x x 0 0 0 x 0 x 0 x 0 0 0 0 0 0 0 0 x x x x 0 0 0 x 0 0 x 0 0 0 0 x 0 x 0 x x x 0 0 0 x x 0 x x x 0 0 0 0 0 0 0 x 0 0 x 0 x 0 0 0 0 x x 0 0 0 x x 0 0 0 0 x 0 0 0 0 x x 0 0 0 0 0 0 0 x 0 x x x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 x x x 0 x 0 0 0 0 x 0 0 0 x 0 0 x 0 0 0 0 x 0 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 x 0 x 0 x 0 x 0 0 x 0 x 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 x x 0 x x x x x 0 x 0 x 0 0 0 x 0 x x 0 x x x x 0 x 0 0 x x x 0 0 0 x 0 x 0 x 0 0 0 0 x 0 0 x 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 x x 0 x 0 0 0 0 0 0 0 x x 0 0 0 0 x 0 0 0 0 0 x 0 0 0 x x 0 0 0 x x x 0 x x x x 0 x x 0 x 0 0 x 0 0 0 0 0 0 0 0 x x 0 0 x 0 x 0 0 0 0 0 x 0 0 0 0 0 0 x x 0 0 x 0 x x x x 0 x 0 0 x 0 x 0 x x 0 x 0 x x 0 x 0 x x x x x 0 x x x 0 0 0 0 x 0 0 x x x x 0 x x 0 x x 0 x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 0 x x x 0 0 0 0 0 x 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x x 0 0 0 0 0 x 0 x x x x 0 x 0 0 x 0 0 0 x x 0 x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x 0 x x 0 0 0 0 0 0 0 0 0 x x 0 x x x x x x x x x x x x 0 x x x x 0 x 0 x 0 0 x x x x x x 0 x x x 0 0 x x 0 x x x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x x x 0 0 x 0 x x x 0 0 x 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 x x x 0 x x 0 0 0 0 x x 0 x x x x x x 0 0 0 0 x x x x 0 0 0 x x x x x 0 x x x x 0 0 x 0 x 0 0 x x 0 0 0 x x x 0 x x x x 0 0 0 0 x 0 x x x x x 0 x x x x x x 0 x x 0 x x 0 0 x 0 x x x 0 x 0 0 0 x x x x x 0 0 0 0 x 0 0 x x x 0 0 0 x x 0 0 x 0 0 x x x 0 x 0 x x x 0 x x x x x 0 0 x x x 0 x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 x x x x x x x x x x x x 0 0 0 0 x x 1 x x x 0 x x 0 0 0 0 0 x x x x x x 0 x 0 0 0 0 0 0 x 0 0 x x x 0 x 0 0 x 0 x x 0 0 0 x x x x x x 0 x x x 0 0 0 0 x 0 x x x 0 x 0 x x 0 x 0 0 x x 0 x x x x x 0 0 x x x x x x 0 x 0 x x 0 0 0 0 x x x 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 x 0 x x x x x x x x x 0 0 x x x x x x x x x x x x x x x x x 0 x 0 0 x x x 0 x x x 0 x 0 x x x 0 x 0 x 0 0 x x x 0 0 x x 0 0 0 x x 0 x x 0 x x 0 x x x x x 0 0 0 x 0 x 0 0 0 x x x x x x 0 x x 0 x x 0 x 0 x 0 x x 0 0 x x x x x x x x x x x 0 x x x x 0 x x x 0 0 x 0 0 0 0 x 0 0 0 x 0 0 x x 0 0 0 0 0 x 0 x x x x x x x x x x x x 0 x x 0 x x x x x 0 x x x x 0 0 0 0 x 0 0 0 0 0 x x 0 x 0 x x 0 x 0 0 x x x x x x x x 0 x x 0 x x x x x 0 x x x x x 0 x x x 0 0 0 x x x x x x x x 0 0 x 0 x x x x x 0 0 x x x x x x x 0 x x 0 x x x 0 x x x 0 0 x 0 x x 0 0 0 0 x x 0 x x x x x 0 0 x x 0 0 x 0 0 0 x 0 x x 0 x 0 x x 0 x x x 0 x 0 x 0 0 x 0 x x 0 x x x x x 0 x 0 0 x x x x 0 x x x x x 0 0 x x 0 x 0 0 0 x x x 0 0 0 x x x 0 x 0 x x x x x x 0 x x 0 x x x x 0 x x x x x 0 0 x x 0 x x 0 x x x x x 0 x 0 0 0 0 0 x x 0 x 0 0 0 0 x x 0 0 0 x x x x x 0 0 x 0 x x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x x x 0 0 x 0 x x x 0 0 x 0 x 0 x 0 0 x x 0 0 x 0 x x x 0 x x 0 0 0 x x 0 x x x x x x x x x x 0 x x x 0 x x 0 x x x 0 x x 0 x 0 x x 0 x 0 x x x 0 x x x x x x x x x x x 0 x 0 0 x 0 x 0 0 0 x 0 x x 0 0 0 x x x x x x 0 0 x x x x 0 x x 0 0 x x 0 x 0 0 0 x 0 x x 0 x 0 x x x x x x 0 x x x x x x 0 x 0 0 0 x 0 x x x x 0 0 x 0 x x x x x x 0 x x x x x x x x x x 0 x 0 0 0 x 0 0 0 x x x x 0 x 0 x 0 0 0 0 0 0 0 0 x x x x x x x x 0 0 x x x 0 x x x 0 0 0 x x x x 0 x 0 x x x x x x x x x x 0 x x x x x 0 x x x x x x x x 0 x x x x 0 x x 0 x 0 x x 0 0 x 0 x x x 0 x 0 0 x x x 0 0 0 0 x 0 x x 0 0 0 x x x 0 x x 0 x 0 x x x 0 0 x x x 0 x x 0 x x 0 0 x 0 0 0 0 0 0 x x 0 0 x 0 0 0 0 0 0 0 x 0 0 x x x x x x x x x x x x x x x x x x x 0 x x x 0 0 x 0 0 x x 0 x x x 0 x x 0 0 x x x 0 0 0 0 0 0 x 0 x x x x 0 x 0 x x x 0 x 0 x x 0 0 0 0 x 0 0 x 0 x 0 0 0 0 0 x x x x x x x x x 0 x 0 0 0 x x 0 x x 0 x x x x 0 0 x 0 0 x x x x x 0 x x x 0 x x x x x x x x x 0 x x x 0 x x 0 x x x x x x 0 x x x x x x x 0 x 0 x 0 0 x 0 0 x 0 x x x x x 0 x x 0 x x x x x x 0 x 0 x 0 x x x x x 0 0 0 x 0 0 x 0 x 0 x 0 0 x x x 0 0 x x x x 0 0 x x x x x x x 0 x x x x x x 0 0 x x x 0 x 0 0 x x x x x x 0 x 0 x x x x 0 0 0 x x x x 0 x 0 x 0 0 x x 0 x x x 0 x x x x 0 x x 0 0 0 0 0 0 0 0 x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • CobaltStrike.XN
  • Filecoder.FA
  • Filecoder.FG
  • Filecoder.GOA
  • Go.Agent.E
Show More
  • Go.Rozena.A
  • Rozena.EA
  • TIYWEPXB.A

Files Modified

File Attributes
c:\$recycle.bin\look at this instruction.txt Generic Write,Read Attributes
c:\$recycle.bin\s-1-5-18\look at this instruction.txt Generic Write,Read Attributes
c:\$recycle.bin\s-1-5-21-3119368278-1123331430-659265220-1001\look at this instruction.txt Generic Write,Read Attributes
c:\$winreagent\look at this instruction.txt Generic Write,Read Attributes
c:\$winreagent\scratch\look at this instruction.txt Generic Write,Read Attributes
c:\dumpstack.log Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\dumpstack.log.bianlian Synchronize,Write Data
c:\dumpstack.log.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\look at this instruction.txt Generic Write,Read Attributes
c:\perflogs\look at this instruction.txt Generic Write,Read Attributes
Show More
c:\program files (x86)\common files\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\common files\microsoft shared\filters\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\common files\microsoft shared\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\common files\microsoft shared\textconv\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\common files\services\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\common files\system\ado\en-us\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\common files\system\ado\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\common files\system\en-us\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\common files\system\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\common files\system\msadc\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\common files\system\ole db\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\internet explorer\en-us\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\internet explorer\images\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\internet explorer\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\internet explorer\signup\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\microsoft.net\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\microsoft.net\redistlist\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\microsoft\edge\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\microsoft\edgecore\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\microsoft\edgeupdate\download\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\microsoft\edgeupdate\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\microsoft\edgewebview\application\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\microsoft\edgewebview\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\microsoft\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\microsoft\temp\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\msbuild\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\msbuild\microsoft\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\reference assemblies\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\reference assemblies\microsoft\framework\look at this instruction.txt Generic Write,Read Attributes
c:\program files (x86)\reference assemblies\microsoft\look at this instruction.txt Generic Write,Read Attributes
c:\program files\common files\look at this instruction.txt Generic Write,Read Attributes
c:\program files\common files\services\look at this instruction.txt Generic Write,Read Attributes
c:\program files\common files\system\en-us\look at this instruction.txt Generic Write,Read Attributes
c:\program files\common files\system\look at this instruction.txt Generic Write,Read Attributes
c:\program files\cuassistant\logs\look at this instruction.txt Generic Write,Read Attributes
c:\program files\cuassistant\look at this instruction.txt Generic Write,Read Attributes
c:\program files\internet explorer\en-us\look at this instruction.txt Generic Write,Read Attributes
c:\program files\internet explorer\images\look at this instruction.txt Generic Write,Read Attributes
c:\program files\internet explorer\look at this instruction.txt Generic Write,Read Attributes
c:\program files\internet explorer\signup\look at this instruction.txt Generic Write,Read Attributes
c:\program files\look at this instruction.txt Generic Write,Read Attributes
c:\program files\microsoft update health tools\logs\look at this instruction.txt Generic Write,Read Attributes
c:\program files\microsoft update health tools\look at this instruction.txt Generic Write,Read Attributes
c:\program files\msbuild\look at this instruction.txt Generic Write,Read Attributes
c:\program files\msbuild\microsoft\look at this instruction.txt Generic Write,Read Attributes
c:\program files\reference assemblies\look at this instruction.txt Generic Write,Read Attributes
c:\program files\reference assemblies\microsoft\framework\look at this instruction.txt Generic Write,Read Attributes
c:\program files\reference assemblies\microsoft\look at this instruction.txt Generic Write,Read Attributes
c:\program files\rempl\look at this instruction.txt Generic Write,Read Attributes
c:\program files\uninstall information\look at this instruction.txt Generic Write,Read Attributes
c:\program files\xenserver\look at this instruction.txt Generic Write,Read Attributes
c:\program files\xenserver\xentools\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\comms\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft onedrive\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft onedrive\setup\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\appv\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\appv\setup\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\crypto\dss\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\crypto\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\crypto\systemkeys\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\datamart\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\datamart\paidwifi\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\device stage\device\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\device stage\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\device stage\task\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\devicesync\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\customtraceprofiles\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\downloadedscenarios\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\downloadedsettings\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\etllogs\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\eventtranscript\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\feedbackhub\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\localtracestore\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\parse.dat Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\microsoft\diagnosis\parse.dat.bianlian Synchronize,Write Data
c:\programdata\microsoft\diagnosis\scenariossqlstore\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\sideload\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\siufloc\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\softlanding\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\softlandingstage\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\temp\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\tenantstorage\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosis\timetraveldebuggingstorage\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosticlogcsp\channels\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosticlogcsp\collectors\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosticlogcsp\devicestatedata\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\diagnosticlogcsp\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\drm\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\edgeupdate\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\grouppolicy\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\identitycrl\int\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\identitycrl\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\identitycrl\production\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\mapdata\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\media player\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\mf\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\netframework\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\network\connections\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\network\downloader\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\network\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\provisioning\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\search\data\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\search\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\settings\accounts\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\settings\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\smsrouter\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\smsrouter\messagestore\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\spectrum\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\speech_onecore\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\storage health\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\uev\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\user account pictures\administrator.dat Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\microsoft\user account pictures\administrator.dat.bianlian Synchronize,Write Data
c:\programdata\microsoft\user account pictures\defaultuser0.dat Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\microsoft\user account pictures\defaultuser0.dat.bianlian Synchronize,Write Data
c:\programdata\microsoft\user account pictures\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\user account pictures\user.dat Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\microsoft\user account pictures\user.dat.bianlian Synchronize,Write Data
c:\programdata\microsoft\vault\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\wdf\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\winmsipc\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\wwansvc\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\xboxlive\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\microsoft\xboxlive\nsalcache\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{010792ba-551a-3ac0-a7ef-0fab4156c382}v12.0.40664\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{010792ba-551a-3ac0-a7ef-0fab4156c382}v12.0.40664\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{010792ba-551a-3ac0-a7ef-0fab4156c382}v12.0.40664\packages\vcruntimeadditional_amd64\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{0c3457a0-3dce-4a33-bef0-9b528c557771}v14.40.33810\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{0c3457a0-3dce-4a33-bef0-9b528c557771}v14.40.33810\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{37b8f9c7-03fb-3253-8781-2517c99d7c00}v11.0.61030\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{37b8f9c7-03fb-3253-8781-2517c99d7c00}v11.0.61030\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{37b8f9c7-03fb-3253-8781-2517c99d7c00}v11.0.61030\packages\vcruntimeadditional_amd64\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{47109d57-d746-4f8b-9618-ed6a17cc922b}\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{53cf6934-a98d-3d84-9146-fc4edf3d5641}v12.0.40664\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{53cf6934-a98d-3d84-9146-fc4edf3d5641}v12.0.40664\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{53cf6934-a98d-3d84-9146-fc4edf3d5641}v12.0.40664\packages\vcruntimeminimum_amd64\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{59ced48f-ebfe-480c-8a38-fc079c2bec0f}v14.40.33810\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{59ced48f-ebfe-480c-8a38-fc079c2bec0f}v14.40.33810\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{59ced48f-ebfe-480c-8a38-fc079c2bec0f}v14.40.33810\packages\vcruntimeadditional_amd64\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{5af95fd8-a22e-458f-acee-c61bd787178e}\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{5ea6c998-d5ac-4ed9-89c3-9f25b17ccd3d}v14.40.33810\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{5ea6c998-d5ac-4ed9-89c3-9f25b17ccd3d}v14.40.33810\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{8122dab1-ed4d-3676-bb0a-ca368196543e}v12.0.40664\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{8122dab1-ed4d-3676-bb0a-ca368196543e}v12.0.40664\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{b175520c-86a2-35a7-8619-86dc379688b9}v11.0.61030\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{b175520c-86a2-35a7-8619-86dc379688b9}v11.0.61030\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{b175520c-86a2-35a7-8619-86dc379688b9}v11.0.61030\packages\vcruntimeadditional_x86\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{b8b3bb4a-a10d-4f51-91b7-a64ffac31ea7}v14.40.33810\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{bd95a8cd-1d9f-35ad-981a-3e7925026ebb}v11.0.61030\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{cf2bea3c-26ea-32f8-aa9b-331f7e34ba97}v11.0.61030\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{cf2bea3c-26ea-32f8-aa9b-331f7e34ba97}v11.0.61030\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{cf2bea3c-26ea-32f8-aa9b-331f7e34ba97}v11.0.61030\packages\vcruntimeminimum_amd64\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{d401961d-3a20-3ac7-943b-6139d5bd490a}v12.0.40664\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{d401961d-3a20-3ac7-943b-6139d5bd490a}v12.0.40664\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\package cache\{d401961d-3a20-3ac7-943b-6139d5bd490a}v12.0.40664\packages\vcruntimeadditional_x86\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.549981c3f5f10_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.549981c3f5f10_8wekyb3d8bbwe\s-1-5-21-3119368278-1123331430-659265220-1001\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.desktopappinstaller_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.gethelp_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.getstarted_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.getstarted_8wekyb3d8bbwe\s-1-5-21-3119368278-1123331430-659265220-1001\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.microsoft3dviewer_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.microsoft3dviewer_8wekyb3d8bbwe\s-1-5-21-1832833530-1895299580-991349761-500\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.microsoftedge.stable_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.mixedreality.portal_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.office.onenote_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.skypeapp_kzf8qxf38zg5c\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.skypeapp_kzf8qxf38zg5c\s-1-5-21-3119368278-1123331430-659265220-1001\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.xboxgamingoverlay_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\packages\microsoft.yourphone_8wekyb3d8bbwe\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\regid.1991-06.com.microsoft\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\softwaredistribution\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\ssh\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\usoprivate\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\usoprivate\updatestore\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\usoshared\logs\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\usoshared\look at this instruction.txt Generic Write,Read Attributes
c:\programdata\xenserver\installagent\installagent.9.1.7.48-2024-09-17.log Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\xenserver\installagent\installagent.9.1.7.48-2024-09-17.log.bianlian Synchronize,Write Data

160 additional files are not displayed above.

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcConnectPort
  • ntdll.dll!NtAlpcSetInformation
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtAssociateWaitCompletionPacket
  • ntdll.dll!NtClose
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtCreateIoCompletion
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateTimer2
Show More
  • ntdll.dll!NtCreateWaitCompletionPacket
  • ntdll.dll!NtCreateWorkerFactory
  • ntdll.dll!NtDeviceIoControlFile
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSymbolicLinkObject
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDirectoryFileEx
  • ntdll.dll!NtQueryInformationFile
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQuerySystemInformationEx
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRemoveIoCompletionEx
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSetIoCompletion
  • ntdll.dll!NtSetTimerEx
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWriteFile
  • ntdll.dll!NtYieldExecution
Network Winsock2
  • WSAStartup

Trending

Most Viewed

Loading...