Last active
November 12, 2018 14:36
-
-
Save pinksawtooth/8a0020d6d628ee809e6ff00e14aaeba8 to your computer and use it in GitHub Desktop.
Nocturnal_Stealer_information.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Date: Sat Nov 10 14:59:11 2018 | |
| MachineID: 90059c37-1320-41a4-b58d-2b75a9850d2f | |
| GUID: {e29ac6c0-7037-11de-816d-806e6f6e6963} | |
| Path: C:\Users\admin\AppData\Local\Temp\2018-11-10_23-45-01.exe | |
| Work Dir: C:\ProgramData\BEJ9QK4EIV6EK30NDC91 | |
| Windows: Windows 7 Professional [x86] | |
| Computer Name: PC | |
| User Name: admin | |
| Display Resolution: 1280x720 | |
| Display Language: en-US | |
| Keyboard Languages: English (United States) | |
| Local Time: 10/11/2018 14:59:11 | |
| TimeZone: UTC-0 | |
| [Hardware] | |
| Processor: Intel Xeon E3-12xx v2 (Ivy Bridge) | |
| CPU Count: 4 | |
| RAM: 3583 MB | |
| VideoCard: Standard VGA Graphics Adapter | |
| [Network] | |
| IP: | |
| Country: () | |
| City: () | |
| ZIP: | |
| Coordinates: , | |
| ISP: () | |
| [Processes] | |
| - System [4] | |
| ---------- smss.exe [264] | |
| - csrss.exe [344] | |
| - wininit.exe [392] | |
| - csrss.exe [400] | |
| - winlogon.exe [440] | |
| - services.exe [484] | |
| - lsass.exe [500] | |
| - lsm.exe [508] | |
| - svchost.exe [612] | |
| - svchost.exe [692] | |
| - svchost.exe [784] | |
| - svchost.exe [824] | |
| - svchost.exe [852] | |
| - svchost.exe [980] | |
| - svchost.exe [1056] | |
| - spoolsv.exe [1208] | |
| - svchost.exe [1244] | |
| - qemu-ga.exe [1520] | |
| - dwm.exe [1556] | |
| - explorer.exe [1604] | |
| - svchost.exe [296] | |
| - SearchIndexer.exe [332] | |
| - svchost.exe [2864] | |
| - OSPPSVC.EXE [2324] | |
| - SearchProtocolHost.exe [716] | |
| - SearchFilterHost.exe [2228] | |
| - windanr.exe [3852] | |
| - 2018-11-10_23-45-01.exe [4020] | |
| [Software] | |
| Adobe Flash Player 26 ActiveX [26.0.0.131] | |
| Adobe Flash Player 26 NPAPI [26.0.0.131] | |
| Adobe Flash Player 26 PPAPI [26.0.0.131] | |
| CCleaner [5.35] | |
| FileZilla Client 3.36.0 [3.36.0] | |
| Mozilla Firefox 61.0.2 (x86 en-US) [61.0.2] | |
| Notepad++ (32-bit x86) [7.5.1] | |
| Microsoft Office Professional 2010 [14.0.6029.1000] | |
| Opera 12.15 [12.15.1748] | |
| Skype version 8.29 [8.29] | |
| VLC media player [2.2.6] | |
| WinRAR 5.60 (32-bit) [5.60.0] | |
| Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [12.0.21005] | |
| Java 8 Update 92 [8.0.920.14] | |
| Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 [14.15.26706] | |
| Microsoft .NET Framework 4.6.1 [4.6.01055] | |
| Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 [14.15.26706] | |
| Java Auto Updater [2.8.92.14] | |
| Google Update Helper [1.3.33.17] | |
| Google Chrome [68.0.3440.106] | |
| Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 [14.15.26706.0] | |
| Microsoft Office Access MUI (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Excel MUI (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office PowerPoint MUI (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Publisher MUI (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Outlook MUI (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Word MUI (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Proof (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Proof (French) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Proof (Spanish) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Proofing (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Single Image 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Definition update for Microsoft Office 2010 (KB982726)Microsoft Office Shared MUI (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office OneNote MUI (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Shared Setup Metadata MUI (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access Setup Metadata MUI (English) 2010 [14.0.6029.1000] | |
| Microsoft Office 2010 Service Pack 1 (SP1)Microsoft .NET Framework 4.6.1 [4.6.01055] | |
| Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [9.0.30729.6161] | |
| Adobe Refresh Manager [1.8.0] | |
| Adobe Acrobat Reader DC MUI [15.023.20070] | |
| Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [10.0.40219] | |
| QEMU guest agent [2.10.59] | |
| Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 [12.0.30501.0] | |
| Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [12.0.21005] | |
| Realtek AC'97 Audio |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment