Processes CreatedPId Process Name Image Name
0x378 cc.exe C:WINDOWScc.exe
Threads CreatedPId Process Name TId Start Start Mem Win32 Start Win32 Start Mem
0x2ac lsass.exe 0x298 0x7c810856 MEM_IMAGE 0x77e76bf0 MEM_IMAGE
0x348 svchost.exe 0xf8 0x7c810856 MEM_IMAGE 0x7c910760 MEM_IMAGE
0x378 cc.exe 0x374 0x7c810867 MEM_IMAGE 0x4973f0 MEM_IMAGE
0x3f4 svchost.exe 0x67c 0x7c810856 MEM_IMAGE 0x77e76bf0 MEM_IMAGE
DNS QueriesDNS Query Text
bss-crypt.no-ip.info IN A +
jotar.no-ip.biz IN A +
HTTP QueriesHTTP Query Text
bss-crypt.no-ip.info GET /MSWINSCK.OCX HTTP/1.1
bss-crypt.no-ip.info GET /MSWINSCK.OCX HTTP/1.1
Mutexes Created or OpenedPId Image Name Address Mutex Name
0x378 C:WINDOWScc.exe 0x40237e 8P2L1BIYP3ZxfFJS
0x378 C:WINDOWScc.exe 0x7c859add DBWinMutex
0x684 C:TESTsample.exe 0x77f76e78 _SHuassist.mtx
0x77c C:WINDOWScc.exe 0x7351f7f5 Q3AUMH135M
0x77c C:WINDOWScc.exe 0x76ee3a06 RasPbFile
0x77c C:WINDOWScc.exe 0x771ba3ae _!MSFTHISTORY!_
0x77c C:WINDOWScc.exe 0x771bc21c WininetConnectionMutex
0x77c C:WINDOWScc.exe 0x771bc23d WininetProxyRegistryMutex
0x77c C:WINDOWScc.exe 0x771bc2dd WininetStartupMutex
0x77c C:WINDOWScc.exe 0x771d9710 c:!documents and settings!user!cookies!
0x77c C:WINDOWScc.exe 0x771d9710 c:!documents and settings!user!local settings!history!history.ie5!
0x77c C:WINDOWScc.exe 0x771d9710 c:!documents and settings!user!local settings!temporary internet files!content.ie5!
Events Created or OpenedPId Image Name Address Event Name
0x684 C:TESTsample.exe 0x77a89422 Globalcrypt32LogoffEvent
0x77c C:WINDOWScc.exe 0x769c4ec2 Globaluserenv: User Profile setup event
0x77c C:WINDOWScc.exe 0x77a89422 Globalcrypt32LogoffEvent
0x77c C:WINDOWScc.exe 0x77de5f48 GlobalSvcctrlStartEvent_A3752D