LowDateTime:-1337772912,HighDateTime:30778796***Binary mof compiled successfully HKLM\Software\Microsoft\WBEM\WDM\%windir%\system32 \advapi32.dll LowDateTime:-503062016,HighDateTime:30016570***Binary mof compiled successfully HKLM\Software\Microsoft\WBEM\WDM\%windir%\System32 \Drivers\en-US\ LowDateTime:-1867536076,HighDateTime:30116016***Binary mof compiled successfully HKLM\Software\Microsoft\WBEM\WDM\%windir%\system32 \DRIVERS\HDAudBus.sys LowDateTime:-403062016,HighDateTime:30016570***Binary mof compiled successfully HKLM\Software\Microsoft\WBEM\WDM\%windir%\system32 \drivers\en-US\ LowDateTime:-1221632304,HighDateTime:30487028***Binary mof compiled successfully HKLM\Software\Microsoft\WBEM\WDM\%windir%\System32 \Drivers\portcls.SYS HKLM\Software\Microsoft\WBEM\WDM\%windir%\system32 \drivers\ndis.sys \\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Time Zones\Paraguay Standard Time\TZI HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\Updating HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\Last Help HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\Last Counter HKLM\SOFTWARE\Microsoft\WBEM\PROVIDERS\Performance \Performance Refreshed HKLM\SOFTWARE\Microsoft\WBEM\PROVIDERS\Performance \Performance Refresh
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BIT S\StateIndex HKLM\SYSTEM\ControlSet001\Control\BackupRestore\Fi lesNotToBackup\BITS_BAK HKLM\SYSTEM\ControlSet001\Control\BackupRestore\Fi lesNotToBackup\BITS_LOG \\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Time Zones\Iran Standard Time\TZI HKLM\SYSTEM\ControlSet001\Control\TimeZoneInformat ion\ActiveTimeBias \\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Time Zones\Greenland Standard Time\TZI
HKLM\Software\Microsoft\WBEM\CIMOM\ConfigValueEssN eedsLoading When executing the file being studied, it performed the following actions on the registry of the sandbox environment.
ZoneAlarm by Check Point - Not-a-virus:HEUR: Running Puppy Linux with Chromium, so of course I clicked on it, got the source, and downloaded the referenced Javascript file from.