Multi-License Discount Quote

Change Region

English
Threat Database Potentially Unwanted Programs PUP.DriverPackSolution

PUP.DriverPackSolution

By CagedTech in Potentially Unwanted Programs

Threat Scorecard

Popularity Rank: 204
Threat Level: 10 % (Normal)
Infected Computers: 640,959
First Seen: December 11, 2019
Last Seen: February 7, 2026
OS(es) Affected: Windows

SpyHunter Detects & Remove PUP.DriverPackSolution

File System Details

PUP.DriverPackSolution may create the following file(s):
Expand All | Collapse All
# File Name MD5 Detections
1. DriverPackAssistant.exe 6240b0cdff841559e960785fbbd43738 131,467
2. driverpack-alice.exe e616df77731b0cd296fad94e7f651a26 29,422
3. DriverPack-17-Online_1238906502.1595003698 (1).exe 0f51d6a45c8d838e31b5ea665a0b5f03 18,732
4. DriverPack-17-Online_2111656049.1619849226.exe b2e44d9a821a3ca7e7be9c61033569c7 6,236
5. DriverPack-17-Online_1689864258.1584706745.exe f9d8113ccfaa00f5fb6d1c8d88613d16 4,704
6. DRP-17-Online_win10.exe dafda79bdff3b3ce8f4dc6f4dd4022b9 2,997
7. cloud.exe 6f8da76fabbaf2631c4681e65a74ecfe 2,534
8. 4.4.9_DriverPack-17-Online_1693490056.1575331632.exe eab54e3dd04650975fa9dc9c2f521405 842
9. f_000810 b21ffcd5a782b112e32ef997b265e1b4 727

Registry Details

PUP.DriverPackSolution may create the following registry entry or registry entries:
File name without path
driverpack-17-online.exe

Analysis Report

General information

Family Name: PUP.DriverPackSolution
Signature status: No Signature

Known Samples

MD5: 71248b4820052183b65db7d0588caf66
SHA1: e598db2534ee4806739af2f29d97f362e1622874
File Size: 532.53 KB, 532528 bytes
MD5: ebeeaeff4fc6893bedce5225a76ea460
SHA1: 6caca97c167603abdebfe97baebc8015818a2887
File Size: 489.62 KB, 489624 bytes
MD5: 59da38a559aaffa3aa56641ba448fd56
SHA1: a601a1012d231603f439ea6d90a2727a40bb00a0
File Size: 4.27 MB, 4266428 bytes
MD5: e0483d23d2f81747fe684ddb8f673fc6
SHA1: fd097bfa95f5bfd561e45ab2c9e02852c3282279
File Size: 6.74 MB, 6741264 bytes
MD5: 6bb3667dc8aed3bc5ac41f42b433e12c
SHA1: 47232d05acc98941c0d4959e1192eccc20edc54e
File Size: 2.37 MB, 2373980 bytes
Show More
MD5: 042ac4437a421bc06ccf2c4e097502cc
SHA1: 09c0ed25b87158a713e481e5de9d820f69695b91
File Size: 529.74 KB, 529744 bytes
MD5: 7b0d5da6dbb1add98633d83a4bf378e0
SHA1: 5f9a97c1dbddce2362b2ba49fcb84083a7309307
File Size: 2.90 MB, 2899654 bytes
MD5: 33bcf5530a2ff76ffae27a5258446ece
SHA1: a786657c493d3d9a57e0816bceb291bf57821f49
File Size: 7.13 MB, 7130313 bytes
MD5: 58f92d075b288080775c3685a52de5fe
SHA1: 51199ad2254257a84073ade2f5cc1a8f0f05de75
File Size: 9.16 MB, 9162631 bytes
MD5: e65df362902c5180a1b55694d28749bc
SHA1: 2960f66619dfd54331b8fa5a34aa6733253372c4
File Size: 272.86 KB, 272864 bytes
MD5: 993b8d2ea759e25749f495e3f80af38d
SHA1: a4b9feaede5ed4e5d7e4153454a30e90d0343716
File Size: 5.01 MB, 5013147 bytes
MD5: fb28e5b4fe35b763dd3e2f0c283239c0
SHA1: f643154991da5f1220e1730764f4c27c2b34f36d
File Size: 530.71 KB, 530712 bytes
MD5: 23367065b75414d9a96df0f38c94f658
SHA1: 20b4f60a64af644aac12a6af869c39d70a09360b
File Size: 532.58 KB, 532584 bytes
MD5: b323ed2c50e65f112bb35ca51c00e807
SHA1: f27be6d3bd7678e65760f256e14d0df7b21f1088
File Size: 108.20 KB, 108203 bytes
MD5: af9db2e7beeed80e82b664bbaf8d6f35
SHA1: 07c10ffb4a13a19bb6f907880a0656338bf04842
File Size: 532.58 KB, 532584 bytes
MD5: 387e3d356291a7153d6cde42c1da2ae1
SHA1: 9869712868d34b8aad2cbfc723171bf7e4e35bdc
File Size: 4.81 MB, 4807450 bytes
MD5: f0bcaef6208c83081480b25c5ce800c1
SHA1: 1e9c4eb83d9911bd950914968fc0ed3f9c550547
File Size: 87.77 KB, 87769 bytes
MD5: 77e53a41b88977705a0ab3768ec0e336
SHA1: 36b239d8718240a5c949d3cbf70b8b90c64ed9cd
File Size: 6.99 MB, 6994350 bytes
MD5: 4ca853ae2df741f4ef43bfafe7307135
SHA1: 3da009fe95ce67201d31d08f389950ac4edb2e75
File Size: 532.53 KB, 532528 bytes
MD5: 74293ad8a0467e5e2f94435caac27ee9
SHA1: 9f39b42f030c19b20f86a370792ff424b125d66c
File Size: 309.46 KB, 309464 bytes
MD5: 0281b4d9f33bc7d9fdbb7ac9110fdddd
SHA1: d4b6336e42a70f699233ec01e554452f5428a5d1
SHA256: AC0ABD1E64E1619563915899165CFC67613CDCF7E0E0DAD64DED2E481F62E1E1
File Size: 108.36 KB, 108360 bytes
MD5: 191a981a5f5a7598c44aeeef16d23012
SHA1: a8ffe7f95d17f10503b8881862e52ffbf7231f10
SHA256: DAA046FA2954EAD8DF32CDE318C1E36B8A0FA7824C4AB55703AF6CE114686C3A
File Size: 166.39 KB, 166391 bytes
MD5: f113d21aac235cb34a7c95884c4e734f
SHA1: 68949af8f87f95f96da57be81e3c52a8e3f9bf4b
SHA256: 04B5CAD131BE0160C652A51483641A37EEF44CE9A23696A576ED94F03B341319
File Size: 6.95 MB, 6945147 bytes
MD5: 6e5e90c2b1c0b7e0685e97cf30be0dfa
SHA1: bf164f3edbf85767cf51edfb8b158283264956e6
SHA256: D9DF9C48210F1AD10376F15798903439B529AD8633F25C230850C9B264C99A63
File Size: 1.93 MB, 1932994 bytes
MD5: a4c41d9ea2529abfe1bea79d4ae1abed
SHA1: 64715ade87ff1be34202f55cba1f7b98a6a5f719
SHA256: 7F0C1B478A2128456FB0406A4D4626B3F331B8D8622665AA5CB2AB0431EF1229
File Size: 532.58 KB, 532584 bytes
MD5: fbc7ebe906e359695fa9b9939d3790d5
SHA1: 49d1da76c953a5187be8893b078697b759c37717
SHA256: B7BFE23F50E374F7538C43D94188E95B5C5CC1A7319CEF13C50C1ADD7E708560
File Size: 5.23 MB, 5227192 bytes
MD5: 3bc9509e0570dd9ff0e77c2d70adefaa
SHA1: 47a072d3e7a264c63a4861f325688784f61e5f61
SHA256: 3F587C2D3EF64826EBE9AAE180AE0EA30A6808B27CA6017A69C406ADD7599E8E
File Size: 131.79 KB, 131795 bytes
MD5: 924d9083363f0cb3dd98f3ab2f99c891
SHA1: 0fa1d791fc5bbc17e0561d9ab0108dc79973ef92
SHA256: B46B3537F20A0F29770612D66407342C1F19775C37C9DC339DFF23D71D4BB668
File Size: 59.64 KB, 59639 bytes
MD5: bf28a890fa998448dbafecc695f91778
SHA1: e4d3aa3ba03ce47675d7c832a666c56e039f894d
SHA256: D585E645A24A50012DCA516CDD693A270CEA1632BE68441900DC226B6CFCACF4
File Size: 532.58 KB, 532584 bytes
MD5: bbf8464b4d605fe2a050b27f5d3c7a06
SHA1: a353ec9af3d242961e508dc3732f44c8a8de6c36
SHA256: A9B2035BA1E109B8CC8FE40E7F237A5A04811359E67D4981C0D4BE5ED18CF776
File Size: 103.46 KB, 103456 bytes
MD5: ed75d2e506618f96654e160f6d7aaf2a
SHA1: fb1b3d6d218cbbac93b2aa6487ea4358b6829d6c
SHA256: C5845797DE7A03D876A42458B4208F5D8EFEC3D72DF315531BC2DD1F3D1CA0AF
File Size: 8.65 MB, 8648624 bytes
MD5: bb006facecf3045f9c264d6ffd609740
SHA1: eb0a3a2ed56a911afc0c7fde2ac2b0bb975e96db
SHA256: 739D3110349E7ECB08C24B603DE19593D8010E34C138BEB5CC5B014817CE1E25
File Size: 174.33 KB, 174330 bytes
MD5: 212fd612985b2fec2fcf393999eae7b2
SHA1: 6404da57a3d65d94c7298f72642e37f71e338c7e
SHA256: 547CD569B4D75684E31C77C44F9CD4015A5A742281BAFFFAB8ABBC97E441BE9C
File Size: 8.97 MB, 8970607 bytes
MD5: b1f657df34a0a70a092470892e3b7c26
SHA1: 84da82f4e449e00df497ecb446efd5e0890c317d
SHA256: 74154F6A5E379F55D743D4BEEA2A46EF399A372D99B12B20DC523889E3464373
File Size: 34.63 KB, 34632 bytes
MD5: 41ba38134280b06dd75c478365841276
SHA1: d6d87c83eef0c7bd0b7ff8c36f3a56d962168216
SHA256: 55672D5E3A289DE1DBAB82519B17A4B3F52EFF5A595B3AC19FBDD6AE0E0125C4
File Size: 484.76 KB, 484760 bytes
MD5: 318b0e1bd4b80f8637cd5ce711e47222
SHA1: 4e04f8ea6e0dcd09d2e1dac0c838f75e6c09dd6d
SHA256: 50DB5C47086653D1AE1D89EE68A437A02A0A40F6BB102CB1D3F4D5AF95A4BCC8
File Size: 419.57 KB, 419570 bytes
MD5: 7f4cc0abeae279cf35c3013760398485
SHA1: 343f9b65f353cac8c1cd796013c362fc241151bc
SHA256: 6FE0431ED61AA958AE0C0AB637C60034FBCF4D3EE831896B551D123A57F91605
File Size: 4.68 MB, 4684184 bytes
MD5: 39f0476b349a42041026608705fe90a9
SHA1: e42982262364b08c22a5b287df42ed5b68235027
SHA256: 2707E2CE52A395C4D376EA575F833A1EF062580CA3BD15F74F869D2CDEA0F94B
File Size: 8.50 MB, 8502614 bytes
MD5: c0cc7e0d673f2026d9b6550390a97ca4
SHA1: 1e12818a3a10a3b6f2f00939b378142162c5f704
SHA256: 00D4C31885FEA49FC3D5200B32974D644258B0E7F379CCE22DC73BE0DE701D8A
File Size: 4.52 MB, 4521628 bytes
MD5: 55b596907f56ca489cb7869af5e52073
SHA1: 4fb2a65042c7dd89d68ff9f4156f266d43dda528
SHA256: A151A39E48B289A66AD9BA7898C7A9E8FF43676B22E1DBFE8FA281FC058A2D47
File Size: 537.25 KB, 537248 bytes
MD5: f4c60e798dfa0803ae4cec34ffe61b60
SHA1: 7759e1cbc1e2643509d683531332690e57b8e3fd
SHA256: B1CCF9763DA03179E7840BF72C07A0222A7F23A022694AD09D98961CAA865171
File Size: 227.88 KB, 227881 bytes
MD5: 9df90c380bf2fdec61098b1d1389b8f5
SHA1: e66f43e89e0851f1dddf8e9dc8b37c43fb2da31b
SHA256: B16C793249CF88B53AF8263650BF1AF033F9D0806CE550E0CAF52C536AFBF471
File Size: 4.32 MB, 4323703 bytes
MD5: ad83014debd60e92f5331e577f3d8fd7
SHA1: b8fbda0bdf91a3bd944a8e4a1a3a55dcd75aaa17
SHA256: 0FF33B3272ACF8D5E812EC53553285AFD085013F433C4375FB2137BF72C2B54A
File Size: 1.92 MB, 1915241 bytes
MD5: 7f6d4d8e61676f1d4083b2959627816d
SHA1: 1fa2ac4fb27817c5d107eb795366330cecf202d6
SHA256: 0B5B443692E305A511F1A1EEA6D318CB1245C94F9D940592D9239B0A41D96E45
File Size: 483.48 KB, 483480 bytes
MD5: fbe69cd77e870640cc56bab8d2d24dea
SHA1: 0b5f4b3abc117c947c97ad6f3ed0ef875bfde81f
SHA256: DD8F33247935F4201603503064E81B98B104C7C9680898E00761670FA75F37E4
File Size: 537.25 KB, 537248 bytes
MD5: f8c41b6c010a7a0aa213d8503c5c2322
SHA1: a3b37d8ca9cc246a19df53ec9faec992dcb8aa70
SHA256: 7E902965FFB34E2C4F5AA81D8C612AE960F87F5C61C65DCADABA430ED6C8E926
File Size: 1.56 MB, 1555968 bytes
MD5: 3648561f46173185e25f8ab8f5290dcc
SHA1: f1ca022df2f70b3148f40f3d714da747c8716631
SHA256: 0B17452FC0C144BD25576242DB686B613FCA0333BD08FC48435E0429671C756A
File Size: 530.81 KB, 530808 bytes
MD5: cdea01550e8f2f327034ac7011909801
SHA1: 2aa24f6e8ca9287b3e0d21f2a167228b61190619
SHA256: C3800764C86CB15F94F9254B7C57A4EDAA2CAA6BC1FCC0369FEB56135C92BFA2
File Size: 537.25 KB, 537248 bytes
MD5: eb43a785f0bbc36c7caeb9d35f23ea64
SHA1: 58e8a51266b0116c050ff7da114e1b2de6ca7fa3
SHA256: 438D1557BB7AE11D1AC74C6CFEEC520AC2567DBEB72B5765CF7D76DA6B226A04
File Size: 2.02 MB, 2019256 bytes
MD5: 01d1ee621dce5085c2c04aafa46a986b
SHA1: 83c1b258250928c17985c326f4294b799ba9cbe9
SHA256: E476F149F6E4AFE29AAF0E068869B308B49FD2CA0F2DF701CBCDF4DE093C1C2A
File Size: 415.47 KB, 415468 bytes
MD5: 4a921d3b86dc4d41bb74ccacf7afaea2
SHA1: 1260f58e74714ec9b007a5a41510924387c60519
SHA256: C655CD38A4DE3EC7DF24336002137ACBDCC6310D2CFB49BE1581B9A1513253C7
File Size: 102.84 KB, 102840 bytes
MD5: 32b50b360872416a627fc2de93397d70
SHA1: e334c3d82ac44866ee1ac59166a0574468f9140d
SHA256: 36514A49078F6A1D51E966A4E478DC35C7894A213B3CBE55D2AD324916D1C297
File Size: 531.17 KB, 531168 bytes
MD5: 9b989f46135acc0e29782148efbd4fe9
SHA1: 7e00a9c39c23f8b174ac22eaa9334e7f769ae985
SHA256: 7C2D7FD58578B4F4C6622F13364B9C258A6E38A3140DADC3141AFA6BB4C46A8D
File Size: 6.82 MB, 6817144 bytes
MD5: 6eecaf051f1af4f1ea20080c25045335
SHA1: 308b94f3149c1926e2cee35b0c04b0540e844602
SHA256: 1E28D48FE9C18F056B0EA339242D7D1C8F6BE055658E45F3E89928BA6905E269
File Size: 4.38 MB, 4378959 bytes
MD5: 40973f0803ad345db9d75756aa042eb4
SHA1: 57765efac8138646f7101776793590d873af4ca9
SHA256: E7E84E2B6534F055E5DC4F7ECE259D421165FBB13EDA849EA3395C685803AF61
File Size: 531.10 KB, 531096 bytes
MD5: f8c0fa642bf729742cd8ce2409fb12c9
SHA1: 0d57967ffff55cb6cc3a1155c9c00200efbfbb3f
SHA256: 53AC09C054DD4B9A7C668DDB017772061C77FBE53F43E3B35539EB2724527531
File Size: 278.97 KB, 278968 bytes
MD5: f1301f61ad59ebd2bd336aa2b2f7973e
SHA1: 05f47016e6e778e12a57c3a51f365f3637d18225
SHA256: E70D0CDC4FC1B425AEB331274186C71EEDA99DCA50C03546B55EE99F63B95525
File Size: 166.39 KB, 166391 bytes
MD5: aabd62682acb7351ce95ce29668594fa
SHA1: 6578f61aa10738aa2ba74fe7a1ffb029fda3d4e3
SHA256: D3CA7BB9EAF31687B6E6D7A6ED3B175D0B925C49BB20E5E723A805295D6FA973
File Size: 487.10 KB, 487095 bytes
MD5: 64b548cbe240008a32cf03b3aa8b0965
SHA1: 66e7d75c11b12bc6e94ad7040494d9f0e1634b22
SHA256: 2AC16D63910F3BFCCFDB59CF881E4A6849F358FD85F4F254097232313364EF70
File Size: 537.25 KB, 537248 bytes
MD5: 6bfeb2b021c601629aaf4e582addbc8c
SHA1: cd87086b95227b8ba25a8bcacb0ab98e7b692fc0
SHA256: 46287C38F0EF1BADD23BDFFC344D13F992B15A52DA910657A6F1EA32A4134055
File Size: 37.06 KB, 37064 bytes
MD5: 7869f63797fb5c9d9d3c42572b61c016
SHA1: 364ce59998cefb2c4614ff52b21d2471e9317095
SHA256: E2467329119411D2482B770CD7CE37B50A70C970BAF7BAB50A5605886A44E3C4
File Size: 94.76 KB, 94764 bytes
MD5: 8caafab0186d9cc855d01ac136b20736
SHA1: 057536800f3f2407837482714a93ffdb6f7d0310
SHA256: 58995B1FEB64789787FB4BE18EFA9EA79818033B2844D30C35A3534D0B1E8B86
File Size: 2.40 MB, 2398451 bytes
MD5: dd9c6c0fff4ae70340093f2655bbf38c
SHA1: 688bf90e11326c221100a2a265b1f33562b88223
SHA256: B7F73A7A4B3D783092BC9131A8BF80AAA3FD6B16D3590115DD6B549C23A53446
File Size: 166.39 KB, 166391 bytes
MD5: 18a24f1a3895fc51cf66d4e38f4b9f73
SHA1: f960041d9a3e2a75bc6cfd1ee6608fdd17d85563
SHA256: 081C03F0A6F56D4577B399D9E48134C97721B8C5B80E06A522381B23DB8D6161
File Size: 248.32 KB, 248320 bytes
MD5: 397e2e6b68ceefc22c9ed9c39614015b
SHA1: 99f667c6d1de9a5e4f46282a9d61099e26c40b44
SHA256: 468F498BEA1F8E0A78765C3F270A4576E4439400D2BD103456EF1F2D99C0036A
File Size: 237.57 KB, 237568 bytes
MD5: 6af5405a360f3a868620a344c460a3f4
SHA1: 693f32088bf606f18ca499f0b92d456163d64b33
SHA256: F52B6C476DDA5B004615469886B6B13D31E79BD5D3B27FB47086D298257FA367
File Size: 2.45 MB, 2447757 bytes
MD5: 0639203b1fd2d6c991a5fa09c2cce3ab
SHA1: c5c1556c0ec9e60b0fcd33679de21252c1e12df5
SHA256: C976251C5961B9D023E716359137834A5D051DE34964980BDD08CAADA7CE9A1B
File Size: 657.91 KB, 657912 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have resources
  • File doesn't have security information
  • File has been packed
  • File has TLS information
  • File is 32-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
Show More
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Show More

18 additional icons are not displayed above.

Windows PE Version Information

Name Value
Company Name
  • Igor Pavlov
  • Oleg N. Scherbakov
  • SteelSeries ApS
File Description
  • 7-Zip Standalone Console
  • 7z Setup SFX (x86)
  • Installs and updates drivers
  • SteelSeries GG installer
File Version
  • 99.0.0
  • 95.0.0
  • 94.0.0
  • 93.0.0
  • 92.0.0
  • 90.0.0
  • 88.0.0
  • 87.0.0
  • 86.0.0
  • 80.0.0
Show More
  • 77.0.0
  • 69.0.0
  • 60.2.0
  • 59.0.0
  • 58.1.0
  • 58.0.0
  • 54.1.0
  • 51.0.0
  • 41.0.0
  • 15.14
  • 1.7.0.3900
  • 1.3.2502.14001
  • 1.3.2101.27001
  • 1.00
  • 1.0
Internal Name
  • 7za
  • 7ZSfxMod
  • DPS
  • TJprojMain
Legal Copyright
  • Copyright (c) 1999-2015 Igor Pavlov
  • Copyright (C) 2023 SteelSeries ApS
  • Copyright © 2005-2016 Oleg N. Scherbakov
Original Filename
  • 7za.exe
  • 7ZSfxMod_x86.exe
  • DriverPack Solution.exe
  • DriverPackSolution.exe
  • TJprojMain.exe
Private Build April 1, 2016
Product Name
  • 7-Zip
  • 7-Zip SFX
  • DriverPack Solution
  • Project1
  • SteelSeries GG
Product Version
  • 99.0.0.0
  • 95.0.0.0
  • 94.0.0.0
  • 93.0.0.0
  • 92.0.0.0
  • 90.0.0.0
  • 88.0.0.0
  • 87.0.0.0
  • 86.0.0.0
  • 80.0.0.0
Show More
  • 77.0.0.0
  • 69.0.0.0
  • 60.2.0.0
  • 59.0.0.0
  • 58.1.0.0
  • 58.0.0.0
  • 54.1.0.0
  • 51.0.0.0
  • 41.0.0.0
  • 15.14
  • 1.7.0.3900
  • 1.00

Digital Signatures

Signer Root Status
SteelSeries ApS DigiCert EV Code Signing CA (SHA2) Self Signed
Bentel Security S.r.l. DigiCert SHA2 Assured ID Code Signing CA Self Signed
SteelSeries ApS DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 Self Signed
GN Hearing A/S DigiCert Trusted Root G4 Root Not Trusted
SONEL S.A. GlobalSign Code Signing Root R45 Root Not Trusted
Show More
SONEL S.A. GlobalSign Extended Validation CodeSigning CA - SHA256 - G3 Self Signed
Kuzyakov Artur Vyacheslavovich IP Kuzyakov Artur Vyacheslavovich IP Hash Mismatch
Kuzyakov Artur Vyacheslavovich IP Sectigo RSA Code Signing CA Hash Mismatch
Kuzyakov Artur Vyacheslavovich IP Symantec Class 3 SHA256 Code Signing CA Hash Mismatch
Kuzyakov Artur Vyacheslavovich IP UTN-USERFirst-Object Hash Mismatch
Kuzyakov Artur Vyacheslavovich IP VeriSign Class 3 Public Primary Certification Authority - G5 Root Not Trusted
Kuzyakov Artur Vyacheslavovich IP VeriSign Class 3 Public Primary Certification Authority - G5 Hash Mismatch

File Traits

  • 2+ executable sections
  • dll
  • HighEntropy
  • Installer Manifest
  • Installer Version
  • nosig nsis
  • No Version Info
  • Nullsoft Installer
  • packed
  • upx
Show More
  • UPX!
  • x86

Block Information

Total Blocks: 1,513
Potentially Malicious Blocks: 0
Whitelisted Blocks: 1,512
Unknown Blocks: 1

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 1 0 1 0 1 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Agent.HDA
  • Agent.LA
  • Agent.XCO
  • Agent.XXA
  • BadJoke.AU
Show More
  • BadJoke.GC
  • BadJoke.LMB
  • Bitcoinminer.EE
  • Chapak.HBX
  • CobaltStrike.GI
  • CobaltStrike.GIA
  • ConvertAd.AR
  • Expiro.KA
  • Injector.RB
  • Injector.RBA
  • Injector.RBB
  • MSIL.Bulz.DG
  • MSILZilla.TC
  • NetCat.B
  • OnlineIO.B
  • Parite.F
  • Pondfull.BA
  • Pondfull.BB
  • Rozena.AZ
  • Rozena.M
  • Rozena.TR
  • Rozena.XC
  • Spy.Keylogger.X
  • TeslaCrypt.EB
  • Teslacrypt.E
  • VCrypt.A Ransomware

Files Modified

File Attributes
\device\namedpipe\gmdasllogger Generic Write,Read Attributes
c:\program files (x86)\microsoft\edgeupdate\1.3.207.5\msedgeupdate.dll Synchronize,Write Attributes
c:\program files (x86)\microsoft\edgeupdate\1.3.207.5\msedgeupdate.dll Synchronize,Write Data
c:\program files (x86)\microsoft\edgeupdate\1.3.207.5\msedgeupdate.dll.dat Synchronize,Write Data
c:\program files (x86)\microsoft\edgeupdate\1.3.207.5\msedgeupdate.dll.tmp Generic Write,Read Attributes
c:\program files\common files\system\symsrv.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\config.js Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\config.js Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css Synchronize,Write Attributes
Show More
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\blank.gif Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\blank.gif Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\generator_config.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\generator_config.txt Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-bold-webfont.eot Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-bold-webfont.eot Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-bold-webfont.ttf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-bold-webfont.ttf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-italic-webfont.eot Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-italic-webfont.eot Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-italic-webfont.ttf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-italic-webfont.ttf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-regular-webfont.eot Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-regular-webfont.eot Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-regular-webfont.ttf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-regular-webfont.ttf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-semibold-webfont.eot Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-semibold-webfont.eot Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-semibold-webfont.ttf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\open-sans\opensans-semibold-webfont.ttf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-light-webfont.eot Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-light-webfont.eot Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-light-webfont.ttf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-light-webfont.ttf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-regular-webfont.eot Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-regular-webfont.eot Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-regular-webfont.ttf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-regular-webfont.ttf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-thin-webfont.eot Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-thin-webfont.eot Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-thin-webfont.ttf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\fonts\roboto\roboto-thin-webfont.ttf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\ie6.css Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\ie6.css Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\ie7.css Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\ie7.css Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\lte-ie9.css Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\lte-ie9.css Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\normalize.min.css Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\normalize.min.css Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\open-sans.css Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\open-sans.css Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\roboto.css Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\roboto.css Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\style.css Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\style.css Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\ui2.css Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\css\ui2.css Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\driverpacksolution.html Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\driverpacksolution.html Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\drp.css Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\drp.css Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\drp.js Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\drp.js Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\fake-soft.js Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\fake-soft.js Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\blank.gif Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\blank.gif Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\cam.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\cam.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\apps.jpg Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\apps.jpg Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\arrow.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\arrow.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\computer.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\computer.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\download.jpg Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\download.jpg Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\download.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\download.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\gears.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\gears.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\help.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\help.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\info.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\info.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\line.jpg Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\line.jpg Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\pc.jpg Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\pc.jpg Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\pc.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\pc.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\programms.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\programms.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\reload-sm.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\reload-sm.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\setup.jpg Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\setup.jpg Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\setup.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\setup.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\store.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\store.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\toolkit.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\charms\toolkit.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\device-generic.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\device-generic.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\info.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\info.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\banner_yandex.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\banner_yandex.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\cancel.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\cancel.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\cancel_disable.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\cancel_disable.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\cancel_hover.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\cancel_hover.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\close.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\close.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\close_hover.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\close_hover.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\info_hover.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\info_hover.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\info_normal.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\info_normal.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\less_hover.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\less_hover.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\less_normal.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\less_normal.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\more_hover.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\more_hover.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\more_normal.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\more_normal.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\pause.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\pause.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\pause_hover.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\pause_hover.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\play.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\play.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\play_hover.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\play_hover.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\reload.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\reload.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\reload_disable.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\reload_disable.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\reload_hover.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\reload_hover.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\settings.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\settings.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\settings_hover.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\controls\settings_hover.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\bluetooth.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\bluetooth.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\cardreader.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\cardreader.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\chipset.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\chipset.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\dp_biometric.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\dp_biometric.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\dp_printer.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\dp_printer.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\dp_touchpad.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\dp_touchpad.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\dp_tv_dvb.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\dp_tv_dvb.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\dp_xusb.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\dp_xusb.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\inputdev.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\inputdev.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\lan.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\lan.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\massstorage.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\massstorage.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\modem.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\modem.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\monitor.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\monitor.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\notebook.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\notebook.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\other.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\other.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\phone.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\phone.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\scanner.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\scanner.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\sound.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\sound.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\tvtuner.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\tvtuner.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\vendor.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\vendor.png Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\video.png Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zipsfx.000\bin\img\installation\drivers\video.png Synchronize,Write Attributes

1103 additional files are not displayed above.

Registry Modifications

Key::Value Data API Name
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Wcgqnchq\AppData\Local\Temp\~nsuA.tmp\Un_A.exe RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Wcgqnchq\AppData\Local\Temp\~nsuA.tmp\Un_A.exe\??\C:\Users\Wcgqnchq\AppData\Local\Temp\~nsuA.tmp RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Jqieyobk\AppData\Local\Temp\~nsuA.tmp\Un_A.exe RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Jqieyobk\AppData\Local\Temp\~nsuA.tmp\Un_A.exe\??\C:\Users\Jqieyobk\AppData\Local\Temp\~nsuA.tmp RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Pfoexldb\AppData\Local\Temp\~nsuA.tmp\Un_A.exe RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Pfoexldb\AppData\Local\Temp\~nsuA.tmp\Un_A.exe\??\C:\Users\Pfoexldb\AppData\Local\Temp\~nsuA.tmp RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Iqwrepfj\AppData\Local\Temp\~nsuA.tmp\Un_A.exe RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Iqwrepfj\AppData\Local\Temp\~nsuA.tmp\Un_A.exe\??\C:\Users\Iqwrepfj\AppData\Local\Temp\~nsuA.tmp RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Iqwrepfj\AppData\Local\Temp\~nsuA.tmp\Un_A.exe\??\C:\Users\Iqwrepfj\AppData\Local\Temp\~nsuA.tmp\??\C:\Users\Iq RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
Show More
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Jcuvnlvn\AppData\Local\Temp\~nsuA.tmp\Un_A.exe RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Jcuvnlvn\AppData\Local\Temp\~nsuA.tmp\Un_A.exe\??\C:\Users\Jcuvnlvn\AppData\Local\Temp\~nsuA.tmp RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Albmsgci\AppData\Local\Temp\~nsuA.tmp\Un_A.exe RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Albmsgci\AppData\Local\Temp\~nsuA.tmp\Un_A.exe\??\C:\Users\Albmsgci\AppData\Local\Temp\~nsuA.tmp RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Scmgolup\AppData\Local\Temp\~nsuA.tmp\Un_A.exe RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Scmgolup\AppData\Local\Temp\~nsuA.tmp\Un_A.exe\??\C:\Users\Scmgolup\AppData\Local\Temp\~nsuA.tmp RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Quolinxd\AppData\Local\Temp\~nsuA.tmp\Un_A.exe RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Quolinxd\AppData\Local\Temp\~nsuA.tmp\Un_A.exe\??\C:\Users\Quolinxd\AppData\Local\Temp\~nsuA.tmp RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Pxabmxxh\AppData\Local\Temp\~nsuA.tmp\Un_A.exe RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Pxabmxxh\AppData\Local\Temp\~nsuA.tmp\Un_A.exe\??\C:\Users\Pxabmxxh\AppData\Local\Temp\~nsuA.tmp RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer\advanced::hidden  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusoverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalldisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalloverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::updatesdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::uacdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusoverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalldisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalloverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::updatesdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::uacdisablenotify  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings::globaluseroffline RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\policies\system::enablelua RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::enablefirewall RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::donotallowexceptions RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::disablenotifications  RegNtPreCreateKey
HKCU\software\alujnancfcu\0::0 ߑ RegNtPreCreateKey
HKCU\software\alujnancfcu\0::0 RegNtPreCreateKey
HKCU\software\alujnancfcu\0::0 # RegNtPreCreateKey
HKCU\software\alujnancfcu\0::0 Ï RegNtPreCreateKey
HKCU\software\alujnancfcu\0::0 http://kaloyanvt.com/images/menu.jpghttp://drix.ro/images/men RegNtPreCreateKey
HKCU\software\alujnancfcu\0::0 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_0 毞㊞ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_0 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_0 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_0 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_1 今䙢 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_1 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_1 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_1 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_2 奆 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_2 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_2 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_2 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_3 질㚵 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_3 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_3 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_3 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_4 ⍲ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_4 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_4 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_4 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_5 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_5 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_5 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_5 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_6 ᇉ缄 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_6 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_6 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_6 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_7 纽ਰ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_7 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_7 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_7 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_8 퀴绉 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_8 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_8 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_8 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_9 튯꧎ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_9 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_9 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_9 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_10 ㊂ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_10 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_10 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_10 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_11 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_11 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_11 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_11 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_12 陶빣 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_12 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_12 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_12 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_13 犝 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_13 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_13 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_13 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_14 묉 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_14 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_14 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_14 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_15 쯄鋘 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_15 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_15 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_15 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_16 볋훱 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_16 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_16 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_16 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_17 璖⏞ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_17 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_17 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_17 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_18 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_18 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_18 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_18 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_19 撆㋪ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_19 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_19 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_19 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_20 爡 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_20 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_20 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_20 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_21 㖱ꐑ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_21 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_21 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_21 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_22 뱃⟖ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_22 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_22 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_22 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_23 쉻䌠 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_23 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_23 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_23 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_24 藜玭 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_24 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_24 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_24 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_25 ඿ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_25 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_25 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_25 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_26 ≲䙬 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_26 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_26 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_26 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_27 鼱衘 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_27 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_27 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_27 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_28 暷ㆸ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_28 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_28 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_28 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_29 ⁲僃 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_29 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_29 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_29 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_30 蟜͋ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_30 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_30 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_30 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_31 暇 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_31 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_31 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_31 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_32 擐 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_32 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_32 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_32 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_33 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_33 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_33 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_33 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_34 늿ᴔ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_34 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_34 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_34 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_35 ᙧ炵 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_35 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_35 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_35 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_36 ⡔輅 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_36 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_36 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_36 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_37 螲 RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_37 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_37 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_37 RegNtPreCreateKey
HKCU\software\alujnancfcu::m1_38 藋፱ RegNtPreCreateKey
HKCU\software\alujnancfcu::m2_38 RegNtPreCreateKey
HKCU\software\alujnancfcu::m3_38 権ă RegNtPreCreateKey
HKCU\software\alujnancfcu::m4_38 RegNtPreCreateKey

769 additional registry modifications are not displayed above.

Windows API Usage

Category API
Anti Debug
  • IsDebuggerPresent
  • NtQuerySystemInformation
User Data Access
  • GetUserObjectInformation
Process Shell Execute
  • CreateProcess
  • ShellExecute
  • ShellExecuteEx
  • WriteConsole
Keyboard Access
  • GetKeyState
Process Manipulation Evasion
  • NtUnmapViewOfSection
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAddAtomEx
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClearEvent
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateFile
Show More
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateSemaphore
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtEnumerateKey
  • ntdll.dll!NtEnumerateValueKey
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryInformationFile
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReadFile
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationKey
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWorkerFactoryWorkerReady
  • ntdll.dll!NtWriteFile
  • ntdll.dll!NtWriteVirtualMemory
  • UNKNOWN
  • win32u.dll!NtGdiAnyLinkedFonts
  • win32u.dll!NtGdiBitBlt
  • win32u.dll!NtGdiCreateBitmap
  • win32u.dll!NtGdiCreateCompatibleBitmap
  • win32u.dll!NtGdiCreateCompatibleDC
  • win32u.dll!NtGdiCreateDIBitmapInternal
  • win32u.dll!NtGdiCreateRectRgn
  • win32u.dll!NtGdiCreateSolidBrush
  • win32u.dll!NtGdiDeleteObjectApp
  • win32u.dll!NtGdiDoPalette
  • win32u.dll!NtGdiDrawStream
  • win32u.dll!NtGdiExtGetObjectW
  • win32u.dll!NtGdiExtTextOutW
  • win32u.dll!NtGdiFontIsLinked
  • win32u.dll!NtGdiGetCharABCWidthsW
  • win32u.dll!NtGdiGetDCDword
  • win32u.dll!NtGdiGetDCforBitmap
  • win32u.dll!NtGdiGetDCObject
  • win32u.dll!NtGdiGetDeviceCaps
  • win32u.dll!NtGdiGetDIBitsInternal
  • win32u.dll!NtGdiGetEntry
  • win32u.dll!NtGdiGetFontData
  • win32u.dll!NtGdiGetGlyphIndicesW
  • win32u.dll!NtGdiGetOutlineTextMetricsInternalW
  • win32u.dll!NtGdiGetRandomRgn
  • win32u.dll!NtGdiGetRealizationInfo
  • win32u.dll!NtGdiGetTextFaceW
  • win32u.dll!NtGdiGetTextMetricsW
  • win32u.dll!NtGdiGetWidthTable
  • win32u.dll!NtGdiHfontCreate
  • win32u.dll!NtGdiIntersectClipRect
  • win32u.dll!NtGdiQueryFontAssocInfo
  • win32u.dll!NtGdiRestoreDC
  • win32u.dll!NtGdiSaveDC
  • win32u.dll!NtGdiSelectBitmap
  • win32u.dll!NtGdiSetDIBitsToDeviceInternal
  • win32u.dll!NtGdiSetLayout

62 additional items are not displayed above.

Process Terminate
  • TerminateProcess
Other Suspicious
  • SetWindowsHookEx

Shell Command Execution

"C:\Users\Wcgqnchq\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Jqieyobk\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Pfoexldb\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Iqwrepfj\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Jcuvnlvn\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
Show More
"C:\Users\Albmsgci\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Scmgolup\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Quolinxd\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Pxabmxxh\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
open Tools\mshta.exe "c:\users\user\downloads\Autorun.hta"
open C:\WINDOWS\System32\cmd.exe /c Tools\init.cmd "c:\users\user\downloads\bin\run.hta"
WriteConsole: The system canno
open C:\WINDOWS\System32\mshta.exe "c:\users\user\downloads\bin\run.hta"
open C:\WINDOWS\System32\cmd.exe /c Tools\onexit.cmd "c:\users\user\downloads\bin\run.hta"
"C:\Users\Gvhabbbb\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Tkiigwpw\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Zuyxiceu\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Fphnxiiw\AppData\Local\Temp\~nsu1.tmp\Un.exe" _?=c:\users\user\downloads\
"C:\Users\Dajypysi\AppData\Local\Temp\~nsu.tmp\Au_.exe" _?=c:\users\user\downloads\
"C:\Users\Tujhhdyn\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Prkyacqe\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Gvousksc\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Wcwrkzlo\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Dfwnltyd\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Ipqgjrtl\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
(NULL) wscript.exe "C:\Users\Wsghyuvx\AppData\Local\Temp\DRPSu15\bin\tools\start.vbs" "C:\Users\Wsghyuvx\AppData\Local\Temp\DRPSu15\driverpacksolution.exe" 0 false "58e8a51266b0116c050ff7da114e1b2de6ca7fa3_0002019256"
"C:\Users\Qklbpric\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Bjhcbpxm\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Fxilrwly\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Qenmgxmm\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\
"C:\Users\Pysekymb\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=c:\users\user\downloads\

Trending

Most Viewed

Loading...