| MD5 | SHA1 | 경로(파일명) |
| 540b65dc57148f0d0faa8a3346bb68ce |
b5a6155e744701d266af0d26a128af58b146df8c |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4LogonTasksChannel.evtx |
| a7a750f66125ef0e544b5363d3f94ffa |
033735ff502f6ba4ab3b805d313c92e884b136ec |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4AppDefaults.evtx |
| b92d5674b35a53c4218ca9b9950457f7 |
da1ad6fd39399488b4e57ab0f7a844c1e058528b |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4Operational.evtx |
| 540b65dc57148f0d0faa8a3346bb68ce |
b5a6155e744701d266af0d26a128af58b146df8c |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4ActionCenter.evtx |
| c3b54521399f6225b34ffd7f3db74342 |
31878dfa40f358b28d657148b32fa04ec3204d29 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Operational.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Provisioning-Diagnostics-Provider%4ManagementService.evtx |
| aad56dfb8d59e90bb077aadc3019a429 |
6cc2f83befa79efd8b7a436f4e6d5a8ea0f5f1e0 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Admin.evtx |
| f7edde854ee60d88a38dc9f525c7251f |
79e586062b7c5090cb2cde38d5c4c6a3be531156 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Provisioning-Diagnostics-Provider%4Admin.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Provisioning-Diagnostics-Provider%4AutoPilot.evtx |
| 1a1e3a13ca9e02ee9b9d9572dca55555 |
ae39782453e44e545447d606a1730d37e5c22dc9 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx |
| 202a3d57c95a804c1e4609fc9d887e71 |
5bb5a618229aa24c64290048d4aef56264953c01 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-LiveId%4Operational.evtx |
| fd936cb0ee4186c31d117258f0276bad |
fd3600d29eb7f4dcb3bdcaf640949183198b7798 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Client-Licensing-Platform%4Admin.evtx |
| 5003f5a67db3feeb58b8b7d1de92cf05 |
a73c4caa0f83f39883f86779fcdb20a3d264a0d2 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-AppxPackaging%4Operational.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4CompatAfterUpgrade.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeploymentServer%4Restricted.evtx |
| af12c78728c3a79e24316d9c0a54416f |
183cbdafe0f9230fff319b324d8dcbf4e32cdf25 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeploymentServer%4Operational.evtx |
| e2a699c99619821ac19ac57253dbbd78 |
5b3d53cc6cc59b9dddc9d38115453f5599894213 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-WMI-Activity%4Operational.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-SmbClient%4Audit.evtx |