diff --git a/Additional Analysis/RagnarLocker/2020-08-08/CSV/FilesMSIInfos.csv b/Additional Analysis/RagnarLocker/2020-08-08/CSV/FilesMSIInfos.csv
new file mode 100644
index 0000000..7374a4e
--- /dev/null
+++ b/Additional Analysis/RagnarLocker/2020-08-08/CSV/FilesMSIInfos.csv	
@@ -0,0 +1,86 @@
+"File","Hash","Date","Filename"
+"fil0AA9BE3BB79C49B1A736ABA4DD6C1D45","175fe5899969086f190488faa29c09ac4e64994873001d8d8bf9565a39bc8b99","2009-08-05 17:05:20","VBoxVMM.dll"
+"fil1042E159A216479AA47BA0F4D22C8892","2a7611842c320db9530b67eab550c4bfe7dbadad47a4514dcbbeeb380cb528c0","2009-08-05 17:05:30","VBoxOGLrenderspu.dll"
+"fil10DD8C7A4E0F4E208CC1199D8A4DE078","fcc068814a4e1cd5bb5b37415dd019a2a79803369f3f47ace6f0fc93390c3f5c","2009-08-05 17:05:26","VBoxDbg.dll"
+"fil1E276BC3F65A472D9FFDBB74DF7BCEE3","2ca8ac58ad62fe516e26c7d22fcca17eb96fe5709d5713004474e7ab99eede6f","2009-08-05 17:24:30","VBoxTestOGL.exe"
+"fil2114C0223BD04775A9A0CAA3A15304ED","784a3419359485c3129b5d4786cca3337fe3c35f3da116e90dc75dc8b622b4b4","2009-08-05 17:05:26","VBoxVRDP.dll"
+"fil214E79061E5F448AA71986B3DB633973","b3bbaf92f16726b9489ee13e23f3c6a1078107e488cc297b80df2c0db9bff484","2009-08-05 17:24:30","VBoxREM64.dll"
+"fil22CA18A647BC4AED91B92D9E106554E3","25704cb8842184009efa3130c93c599cbbbc52e4450e8cd817b179ddb08a8b21","2020-04-27 07:11:50","s.txt"
+"fil24BE21B94A754822BF00190E07C55748","cf9596ddb9385a1f02255c09ec2e4d90b646bd8a534707a6bf2f51e35a74393c","2009-08-05 17:24:30","VBoxSharedClipboard.dll"
+"fil252F5BB4DBA84C7CB1AC99F0932F13B5","3207c6cec9caa65c8de2db65921a06856c5703d1abd16638062117aa18c7acba","2009-08-05 17:20:20","VBoxDrv.cat"
+"fil27F7C87FFBE5498D8D959D238A673114","18f008efed6a75fa251e284f42b04f3332bfa7ee64244fb7b2746e3b542a2928","2009-08-05 17:00:56","VBoxDDGC.gc"
+"fil299A89A7DA454611A8D04BCA2918C5BD","3c2fbaf2197f6599f5f99d5e21c1edfe8231249a64b040427a3d69dd8165acc7","2009-08-05 17:24:30","VBoxREM.dll"
+"fil29E37E07465E41B0AE489389F571C7FE","a172adfafc8a0bf26a2b0f36f25e6646b443321a5591e035f68b864ad5974339","2009-08-05 17:24:50","VBoxSharedCrOpenGL.dll"
+"fil2AB9A701253E4B86B3B1094F4DC4CCAA","4759a7cb2a62075e6e408d35e02c65fb1f6f4ca346e16c87495669b01245c739","2009-08-05 17:24:34","VBoxC.dll"
+"fil2D0ED7758163468CA7C24E869C4E3E11","b281230c87b688b39464c3a8d42bf93f0039a479f5f692c82a385574b235b1dd","2009-08-05 17:14:10","SDL_ttf.dll"
+"fil2D6893127C8748F99027E7B52B049616","c365f365085db782b349cbc63e71e452f870b13878cad289826aaa26c351c132","2009-08-05 17:05:28","VBoxHeadless.exe"
+"fil3362D45CAE354744BF95ED0ADED95BDD","64ad7aa5f4db12e4a193d84b73ded2225f611b6513eae5359cf289bb0b7219dd","2009-08-05 17:24:30","VBoxOGLhosterrorspu.dll"
+"fil38B6AD3F6C684A01A77B95AC79C98329","55adf55ff4b5d6a9895e027ee5792fdf5881db3bf1a1f1325ab8a55e97eb979d","2020-05-09 02:24:34","va.exe"
+"fil39451B83025C46DD915ED681E7577024","181293a54b43284188ee5610dbaa1b600f386da8dd5e0b3227cb6babe182212f","2009-08-05 17:05:38","VBoxDD2.dll"
+"fil3FAE22219928464280F511953022AF1B","2409ef47007a16078a4af490cf045f885155f459da93917d57a13af66a6a6cb5","2009-08-05 17:05:42","VBoxDD.dll"
+"fil3FD389A662D04D04A957E42409369AA3","602098201f53e12d8627f25e9f532b73009c533791f764514c065518f071e8d5","2009-08-05 17:24:30","VBoxManage.exe"
+"fil455F90DCB74E42EDA01DB8D422286A6F","a30106c1e25c79ebcdceef4702969c3944c292ff3e4ddcd71a1cc9f7d2714054","2020-05-09 00:10:12","install.bat"
+"fil4A6468C864B04083A524855938B92895","3cf7bb340365490d7f2b44f294b81c4285a3a2d8a6c82ba5f69b1e1483d64676","2009-08-05 17:24:50","VBoxDD.dll"
+"fil5286B0DB440A48ED89A0583863B37911","d9e5e6d1c7c0301b8f9d78a5e0c8ac3219352e7748236afa6e2cdf1cdd963277","2009-08-05 17:24:30","VBoxDbg.dll"
+"fil533EE02C75034138AB1ADF731BA0CA14","410b1c94fe148fa6182dc7b3d9b2f3028de91e3c957d2438aae3b823d294e021","2009-08-05 17:20:20","VMMR0.r0"
+"fil5405F9D184A54ECE909A8FFF7104E0BE","9c0d2a5930b846f712cdf7f1a9efc6242cfe08b26647afebe65333be272f319f","2009-08-05 17:00:56","VBoxDrv.sys"
+"fil5420F4FE74524A68B13C0DC75E1AB6DA","e468ed8998770460ce24708541abd287d6b74b10ce48f7b355c5c63901cbf00f","2009-08-05 17:05:26","VBoxOGLhostcrutil.dll"
+"fil54B2FE01859B494898119220381F1C60","ccdb8bb37c231e2f62a0805e9c45ec38cafca76c8925e3120fe4f5455b95ada3","2009-08-05 17:03:26","VBoxDrv.cat"
+"fil556C736C2B23414889FE12856C807E80","3325b60a71491047e16677058cc8d3f2c81d83eecbab77799592b19ae0585af9","2009-08-05 17:20:20","VBoxDD2GC.gc"
+"fil559F57796B4542309BA5A88693F8617C","916e464b261fa0f6819e3286fdb2ff961c0d5ffe51960b3652295bfd8f149265","2009-08-05 17:00:56","VBoxDD2R0.r0"
+"fil5DA03D5F9B0049D996D3CBCEF70EA867","b48a02f8f11ee659913e48c9a40c571db256bd60a2d75c51253822c03dc974a7","2009-08-05 17:05:32","VBoxSharedCrOpenGL.dll"
+"fil5FC00714EE794F4797BD9B5779EC8380","36ceea501793824e8abe2ab2ad03b29815831183c046f400d011ec57505df206","2009-08-05 17:15:50","VBoxDrv.inf"
+"fil62066EE1043F4D95843A8967EAB00D47","4f701f5a81a2ca1c2a0d1a283d5b570769437224036c7971db89c54d0037ccd0","2009-08-05 17:21:22","VBoxRT.dll"
+"fil64CB60DE9537408AA0CEC3FAD8D98945","6dba9c7af2079fd1091631707d1ec27f9e33cfc5db9ee62d28c9b580b298d240","2009-08-05 16:48:46","SDL.dll"
+"fil663ADBF7365F4C869851A89C4E3B256B","0fe8df6b11383c7496f1a0bee07aa415f974865d8bea13a66fe831be3b590ee8","2009-08-05 17:23:14","VBoxHeadless.exe"
+"fil66BFE81A798D4F1D8AB2ED0CAE6BE850","970511f9a14246f34c21d92ae44ecd801c4d6c75eb4237700940e21afba2883c","2009-08-05 17:20:20","VBoxDDR0.r0"
+"fil66D4F1E71388413ABCE5BEF1B749DAF4","21a87978a538f96d84bc6bf6a752baa23e847fe4242dff02aa3273e0c69a0b2a","2009-08-05 17:05:30","VBoxSharedClipboard.dll"
+"fil671E0FDF9D1546BAB44DBD6580B8A060","d837674a4c98ab3e3f555129a133e6cd5fa73072f4eff918e690ca7342d2a9f1","2009-08-05 17:14:10","SDL.dll"
+"fil6BDB9250F2504B16917F868CE89A6128","26eea75314e4f6a5587259ad6434de303b9b11572b5647cf50ab4db0a348396e","2009-08-05 17:24:30","VBoxGuestPropSvc.dll"
+"fil6BEC1400548F466BB98F21114E4CBB93","d235c826ee9a9e6b82d71e1f1bbcc1a808d33ff56fd3f8af6c50b210b75824fe","2009-08-05 17:05:28","VBoxManage.exe"
+"fil6E69CE253BF84697872F913626647D21","7da9b84dcb3851879bc77221d5cf924cf0532b88c74988dca6d813e2aae95826","2009-08-05 17:24:30","VBoxREM32.dll"
+"fil72BE2CE926A6485BBC93150153303691","2b4548a8d8725f8f19a371b35e6c406202aad90805ee4d58d0ce71e5aa6361f6","2020-05-07 18:01:32","vm2.txt"
+"fil7E120CEB7FDA4070A288185E0829E83E","a5dbe0597bb662369eb390565ffe3269eb156a439c57af5df628fbda50ead35c","2009-08-05 17:24:48","VBoxOGLrenderspu.dll"
+"fil85A136F4BF3C412EB9CDF40378C90CB4","0eab4fac5cdcc75d1bbf7b88100ce97495b364ae0ffeeffc3533b8ad76c55863","2009-08-05 17:14:10","msvcrt.dll"
+"fil86EC8F9EDB0A42E9BF3D2AC73908C24F","81a38301ffb74c3d3b0347bffbba8ef14512f203310a059ab3958ebc682fa66c","2009-08-05 17:23:12","VBoxSDL.exe"
+"fil8AEED6C3798D41D9A62FC31415328E80","1d2e12766b7daed86800d35eb5b01acc9f43cff5fc9079d4409314d02a870fba","2009-08-05 17:20:20","VMMGC.gc"
+"fil90C7334F50E24CD7863D3FF92E8F62E5","ef51bf0cf0ea8363a881433662156f25b85de7049689d645b5c3c4b86489cc55","2009-08-05 17:24:36","VBoxDD2.dll"
+"fil90E38C77BC4046BF99316FC9952FFBAC","f5fa5fe8cfdf51583d22adf99e3d949d521264d4f96ce5239973d3ae0b2586ea","2009-08-05 17:24:28","VBoxDDU.dll"
+"fil92A7342CCD3749D8BF7B48B275075AA1","724a577c54726790521361d98afef92d17b8ddc553c62aebe025ea8fc18b444c","2009-08-05 17:20:20","VBoxDDGC.gc"
+"fil93C99039F5D2476388AF282B11E304BF","20cfccdf4b481cc69cb080db04f46b66df7e4b5c7753628e345969b6dc8604a4","2009-08-05 17:05:28","VBoxSDL.exe"
+"filA10C08B194AB409A8D5391AC70E123E6","5f72de01d04b63acd86dd128a1c0ad1e797992a97f19b0cde323e4e57c58ba3e","2009-08-05 17:05:28","VBoxC.dll"
+"filA2E0886F7CC04B98A065BC6D32327B4B","419299d9aba11bb18136202523e62247518d5a122540f11f6cb74bee4db3d106","2020-05-06 02:39:22","vm1.txt"
+"filA7153814234A45E1B07201E44584A531","fe9b1580f81c8b07514a690f4f9804a4bba98d78025a8c9b643613f380a9678b","2009-08-05 17:24:30","VBoxVRDP.dll"
+"filAB8F319017C04BBFAA16EDEB5130EC72","4a3f7c2b249269e0b576051dcd05730ed0d75fdc4d0cb3e089ee604a69dc8f29","2009-08-05 17:01:06","VBoxRT.dll"
+"filAEAAA999E789411D94800655F311A999","45556fce9d888524b95f954afc19fa6c8685c9b25d7ee544cd38ba6b812b04f0","2009-08-05 17:00:56","VMMR0.r0"
+"filAF20173F307E433F8A5B08D27523B956","b051ab071c750dea2fb755d460366c7ea3901538222e0509cb214800a28d5393","2009-08-05 17:15:54","VRDPAuth.dll"
+"filB14657C16D74478AA75E64A7B75C6FD4","6c06bc2322565316502754ea232a4ad5da7bdb4146a9b2b922470c2e4f25e0a6","2009-08-05 17:21:30","VBoxOGLhostcrutil.dll"
+"filB17F4B3D52724866AF349BCE400A3AAB","4f487d0105db0f072034daa3cc1576fe86f586227c9f162f3188ef573f35e324","2009-08-05 17:05:28","VBoxTestOGL.exe"
+"filB314B0416745450E84971A11862F5E35","46b6d7b422a1c9c0bcc3651ffc23cc00527d6dda80af1068365be464a8e33acd","2009-08-05 17:05:30","VBoxREM.dll"
+"filB3D2FF3F89EA4704B4C04B9BB1F95691","564ff8ce1b050e9ec51d08d4470217dd19039a1dd32dd85ca1a729d0ed6eecc5","2020-05-04 17:52:56","VirtualBox.xml"
+"filB46B178772F64D1FAF0E3FBEF8457EF7","b0d7a1aa87f8df92fa8e553d58f9fbe3d583cb8dbf47b014f084854208f72cda","2009-08-05 17:05:20","VBoxDDU.dll"
+"filBF37D7971529490B91AFB5193DF45E37","d93d1f86f726673f98fa72ab19e4e4550f061f209643932c426c7afc61fb2596","2009-08-05 17:00:56","VBoxDD2GC.gc"
+"filC0036BF4399C4077A87142D8365B469A","d3ed3fef0f3fd9d547d7ef60d5f532d6aab5bd45966abcb24bdf61dec60c813e","2009-08-05 16:48:46","msvcp80.dll"
+"filC0A9B28EE8F24C11B1B50B6A24F73DA3","6a07c4865ef6c15ba34938bbf5f97bc68ceb7bfe60b622a935dccbe506fdd311","2009-08-05 17:05:30","VBoxOGLhosterrorspu.dll"
+"filC1D5A90474D249658FFBDDBC95269B6E","02e74623650f1f634c7db07e01d3942d9f81a29671ff82e62578832a2b5bdd5e","2009-08-05 17:24:30","VBoxSVC.exe"
+"filC9636334A68F4F848CB625432C107298","42eed81b274e2acfdd16b329f4763613750ed0e1b7a6b785137572ac1b733263","2009-08-05 16:51:12","VBoxDrv.inf"
+"filCC166CEEF8E34F86B10765DABE177BD8","0577fc4cff0a27108a9a3471d7850be7e3bdc82a4a85de03a2c3aa963b765177","2009-08-05 17:24:28","VBoxSharedFolders.dll"
+"filCD2CA106CD82426E87EE8E3572423086","000a938bfeaeadc9e4ada1be7629dbb398f5619638de4e95f68d3c2c044a7ea2","2009-08-05 17:24:28","VBoxVMM.dll"
+"filD10B65CBB1564D358A5615E8D6EA2004","3d568d503596410fa5dd0d971cbbc1b33f17cd48903333980c3276795ac59166","2020-05-04 16:43:46","vm3.txt"
+"filD4159E2AACDB48F99E07E032C988844D","bdce904c91ded43929591a4c3acadfcb46e0c9f9002f63d3b53f0e464b04b8b0","2009-08-05 17:05:14","VBoxSettings.dll"
+"filD45DC43C44044930A5265DB22D05BF15","5ee5fb0703e464671ab70cf51401263b02778b9bb86d21d136f3f095b2aaf43a","2020-05-12 19:14:36","micro.vdi"
+"filD7EFAE2273B943C094835A0292D2E9A5","e45529154bc5c14769c8548efb1c4a52fd6a10d7644c368da80b6f61d561ff06","2009-08-05 17:00:56","VBoxREM2.rel"
+"filD7F16C8531A941FDA790E86D801E2AA8","f9fb4e2cc9de8ecff9694a00799618c4e940aab11c3a981a3932a53347e6c546","2009-08-05 16:52:26","VRDPAuth.dll"
+"filD83E8954DA854263844AFB9DED5A97D3","eee4ec8857c7b0f9f0ef0ae5c6c72b728bb61e00fb0d1a93405b315e7fcbd533","2009-08-05 17:05:28","VBoxSharedFolders.dll"
+"filD915E4E283E04CAA8BF2BA7A62DAEBE1","5705a51134197c495d31d6464c6245cd5f63e9a06018d4132d41fc1ecad1d8cf","2009-08-05 17:00:56","VBoxDDR0.r0"
+"filD9939C610FB140C3AB32F61523E5837A","df96156f6a548fd6fe5672918de5ae4509d3c810a57bffd2a91de45a3ed5b23b","2009-08-05 17:14:10","msvcp71.dll"
+"filDFF9B83894944D6FB3D95A3161518CC4","f59cb16eaf30ce28c73b633f27057d271e8f6c95aa75f407753f7f6c9b7252c1","2009-08-05 17:19:56","VBoxDrv.sys"
+"filE3B3AA8E693E429EB5E8AD4B8F9A19EE","f326ac10582359285968dcf8a9e45b6d9e03157ba4b73df1ee2f0e56aae1c2c0","2009-08-05 17:05:30","VBoxGuestPropSvc.dll"
+"filE7BBC35F9B1845F0848834C734D55A94","3d9f4abaf8f42ed6c557968851faa42ca2cacfc94677368fbd9706029ba3be6b","2009-08-05 17:20:20","VBoxDD2R0.r0"
+"filEA1F6EE65D8145FC8EE6D82AA9F3EF11","2219e15b66aba301909128e6775e0b4f8b28b529b3ec087161edae55e2676c65","2009-08-05 16:48:46","msvcr80.dll"
+"filEA34770105C3406AA6E3A643F3F12151","e5291bae18b0fa3239503ab676cacb12f58a69eb2ec1fd3d0c0702b5a29246cb","2009-08-05 17:05:28","VBoxSVC.exe"
+"filF39C894C41CB4869ACDC3A09EA821EA7","8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe","2009-08-05 17:14:10","msvcr71.dll"
+"filF8631485FCA243C18E762133C76CF6C4","7d4442b09525aa6f3cf1187bd7c1eee8770eec59fcb683739e5ea7fb64124aad","2009-08-05 17:24:28","VBoxSettings.dll"
+"filF89C313602C04BC29325E8B4A7198A83","bc6ba66a1e93c8fae1c36a29a8e3b2500f3ee1950a99214f219f6d11058cf55c","2009-08-05 16:48:46","Microsoft.VC80.CRT.manifest"
+"filF9C60988A36A4623B9143225034C8E2B","428ca1c35a820a6949b542ccec23a2d5536ff4f2b69b00de4ce4c8d18c64dfea","2009-08-05 17:00:56","VMMGC.gc"
+"filFF6043DE46534258A3B562B72C747D8C","3fb9cea88fbd24a76535270fb403fe114bc21b9a9ec170621f0894df45caa1c7","2020-04-27 07:18:30","p.txt"