Knowing the source of the file would allow me to provide more targeted details for your report.
Where the evidence was found (e.g., C:\Windows\System32\config\SOFTWARE ). The Evidence: A screenshot or snippet of the data. IM2.7z
Provide a chronological list of the attacker's actions. Knowing the source of the file would allow