| MD5 | SHA1 | 경로(파일명) |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Crypto-DPAPI%4BackUpKeySvc.evtx |
| c28d3a92dfdfaffc5cc7f6ec93564fec |
a89ac6238d15af0608314de702b0045a0fe8e0fb |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Crypto-DPAPI%4Operational.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx |
| ce55ce3f4bbb5e62031c547ae420008b |
9312b654836e1ed0423f773bef6fb66105fd5e5c |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx |
| bc0c6fa2fcf0365fbd3c1a4e21a85a17 |
c7445ce7e91e992a74ce5c6465f170a8e011d3be |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-VolumeSnapshot-Driver%4Operational.evtx |
| f17fd04ce5c1d9dca5dd0d7014241b28 |
6125843c8377c4efca8c3a8c71c0aaf5b360d265 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Partition%4Diagnostic.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-StorageSpaces-Driver%4Diagnostic.evtx |
| d7c27e4ae3d185146341bca21ab2e647 |
0c2a72acbc5ddfc788820eb20a512652d2b26699 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-StorageSpaces-Driver%4Operational.evtx |
| 2bafe09eb918265652a59dbd7393129a |
8ae394defad956b115d03a7002629574654090e2 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Ntfs%4WHC.evtx |
| 020834b77c77234a7c8e6e9f054986de |
87372dafe289ea25963f59f5a728f70392c6b378 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Ntfs%4Operational.evtx |
| 5457b439bf1d866f12f2b87cb17a3a79 |
d386bdd53b852a515b53cdc5e41e3e20e11690d3 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Storage-Storport%4Health.evtx |
| 686e9a6b6ff5226eaac0e21295004a93 |
d35f7c9c2db2caa3e32fbc9515d1027b2b4efdbb |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Storage-Storport%4Operational.evtx |
| a6011a76488df6cb9ace8c1e4ae19107 |
1ed2b37de0f33969e63594950477edc9fa8c1d34 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-ShimEngine%4Operational.evtx |
| ba55b8eddcd9f72c4ee880a8e413c4ce |
03b03ac24897d526e61ab3b536c85f1bab824e17 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Operational.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Errors.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-PnP%4Driver Watchdog.evtx |
| ce773cbea5b711e7820c295b9c652158 |
5b014d10ceff68e7d99c5c7730144d6356ce6166 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-PnP%4Configuration.evtx |
| b1aa6ccd3afba340f1d7610a85abb012 |
038e354180d0b45b7008a060562a7bc36abedb26 |
[NTFS]\[root]\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Boot%4Operational.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Windows PowerShell.evtx |
| 1f83dae35478669aef357fe90594264a |
c70bfff0a559af8cb76ad80a504dd55bd6cc484d |
[NTFS]\[root]\Windows\System32\winevt\Logs\Key Management Service.evtx |