PUP.Hooker.C

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.Hooker.C
Signature status:	No Signature

Known Samples

MD5: dbef0b8b1d34f919157b2b6a32bd73af

SHA1: a01e18ca13a80321058ff167ca34bed69cf18695

File Size: 8.67 MB, 8666624 bytes

MD5: 26aaa045b302c5717a7fc67b8aa8e81c

SHA1: 3424dc54e80390ecb9b672587e8029e2f0f4958d

File Size: 5.98 MB, 5984768 bytes

MD5: fbec7f5dc679e77094bb7354d7b86618

SHA1: f9c6a3ba69801a9020ca07e5d391278cf52f1fd8

File Size: 771.58 KB, 771584 bytes

MD5: 57f013483ed11b49ec60cecf4a756ab8

SHA1: 1be4d1d20faab9b44ac2ea69d7e35530ee05cd06

File Size: 3.92 MB, 3918336 bytes

MD5: f5cad552accdcb52ea229ba452ff14fc

SHA1: db7bf616df9d3e447f490e20004d8ffbc41b793f

File Size: 2.00 MB, 1995776 bytes

MD5: d8c2805b29c2a10a6a5e52da211b9753

SHA1: b3eb8f0ea96bc0743e1c510c47055c324ac42619

File Size: 2.70 MB, 2696192 bytes

MD5: b24d7fe1571e0c6a1aef9dedb78d8347

SHA1: 1b60dabd23ebf7fb28ce76be8b46772547e122b5

File Size: 771.58 KB, 771584 bytes

MD5: 0863ca043c78d43e3a9c7c7a0d13bd0d

SHA1: 8059e06fc7667c45c37faf728ad892258cf072df

File Size: 8.69 MB, 8685568 bytes

MD5: 55a083f4e9034af7959cd22b39f09e05

SHA1: d678fcbf24b44014e2847bf7ea5edb34755aa557

File Size: 771.58 KB, 771584 bytes

MD5: c59ff21b0b927960c179626f5d16a0c0

SHA1: 27b2e108f655884625fbdedbfbc8ac0c4e8f0896

File Size: 999.94 KB, 999936 bytes

MD5: 224c9151022d76fdba1e0f7e4f3f6746

SHA1: 69611355783aafac685684a616e6e37a67642520

File Size: 771.58 KB, 771584 bytes

MD5: 7332a9105315fb827e8058d6c9d37052

SHA1: 5aaf4b0d13aa635a88453bf9127f52d8ba22c613

File Size: 1.24 MB, 1241088 bytes

MD5: 976d624b29a2dd9c2d6a8f4c0a927441

SHA1: 0269004a5f9233169d225a6d7a8ceaedc3477225

File Size: 1.08 MB, 1081856 bytes

MD5: 93fc4f9143f273e0c94f3a8c771c93ac

SHA1: d83234fdae9bad350599ad409c902f318ca75abe

File Size: 906.18 KB, 906183 bytes

MD5: 24c400fd3d82e1cc6db23bf3d3f4bfc8

SHA1: 1c26f61e707f0e22681e39c0871cd94ce9e2c037

File Size: 771.58 KB, 771584 bytes

MD5: 31d8b8ff725712783263b6bdd2568b37

SHA1: 183d8b2428b2bd545851f32045a020359a3c5ea4

File Size: 771.58 KB, 771584 bytes

MD5: e16694d59b5fc57a245c75418621845f

SHA1: f4d1c9d549118e68d59493055f43b9b217d914e7

File Size: 848.90 KB, 848896 bytes

MD5: 76e91535bf2992459c307831472c053c

SHA1: bd33e61c3738d1cb098ebfff918c4d794c2ddbb7

File Size: 3.08 MB, 3077632 bytes

MD5: 7cb54e66daba54adfcac5b39750ce195

SHA1: a54fe3b892b71621ac20b0a86f579acf503da814

File Size: 2.10 MB, 2103808 bytes

MD5: 9dec18105e1976229445ad3b38af37d5

SHA1: 3cbbe825b895e0c1f88895e82620b7f67d0ea4f6

File Size: 771.58 KB, 771584 bytes

MD5: b343c1392dc7f280b216bfe59e12cc07

SHA1: 9432269cae5ba13bdaac0fbdcdcf637e9ea4638f

File Size: 1.82 MB, 1818112 bytes

MD5: 39207c7439457bbad7bb74725f4872f0

SHA1: b4e5112a26f23f957cac7d79a3ff0cec93e0e11f

File Size: 4.08 MB, 4076544 bytes

MD5: b48f7835489bf7ebbc66436ce67cab8e

SHA1: d675ebf66a8e7cc1df5f977f94cdcdacc19d3785

File Size: 1.68 MB, 1677312 bytes

MD5: 9e987be5a079afd4dd3cea0c84035ca7

SHA1: be77cb54c74273a38b897094f8fcb6de262b8a34

File Size: 771.58 KB, 771584 bytes

MD5: 4c964f9561e11c0c913f8d9d8b4df9a4

SHA1: 2a580cd4b32c9fa9a39da07b74a5dce79dd33179

File Size: 6.98 MB, 6982144 bytes

MD5: 4daf81a2d695dfc3a7a8cd18d9e65b59

SHA1: b8ce7caaf912c3a0e1e7c0a0380c9a899279b2e0

File Size: 973.31 KB, 973312 bytes

MD5: 8236ed92174202821e55d4cec0b11915

SHA1: a8665db735da9a4039899ead4f2ff09821966aa7

SHA256: 23A5A1D88B4C5AF7F75769300D7DBCE1ABF6D47F5E561503B7244776548CBD88

File Size: 6.35 MB, 6345728 bytes

MD5: 67e7fb89488f6886ed45987bd1455a4e

SHA1: 698d7479553814765c1fbfab5c108ce87eccfdea

SHA256: 4A3E85F17B530C1EA67F910DF9B4E29700F9EF7FA3A7515BFC0BD1C8AFB0EEEA

File Size: 805.89 KB, 805888 bytes

MD5: e850ee773838b31b710abd91313a522a

SHA1: 6e9abb9bc942d9615b7c7117417727758a4ceef8

SHA256: 362FDA122B4E18411A6477A96E77D49797F239FA56171EA06AF1AFD2474ED006

File Size: 771.58 KB, 771584 bytes

MD5: 2414160ace74a36afe99b961367122c6

SHA1: 0b2ced67c7f0971a1ca38ff678362533802d7466

SHA256: 086BB8A35738929C46D7DBC2943061F2FEC1ED0EF758F25B73E5E87E2674BE3C

File Size: 3.52 MB, 3516928 bytes

MD5: d69fb5c1f84fa8dc87ad5601a5d2be12

SHA1: 02db8f28d03c2c6e8369325a7880eaeb1fc6333e

SHA256: 089C257D4FB37BF5BBAFE568976BCE5A222DCA22E700F67816031AC453F9A394

File Size: 3.37 MB, 3371008 bytes

MD5: eb1f248e5672b8ae941fa24ca3ed82c4

SHA1: 6b57735514a8bf19e48cad584fbb0d9bf392956e

SHA256: C6332175E99B4DE1CCA3FC87C355CBA4F9A62F522E38F7BCBEACCB7959181EBF

File Size: 4.11 MB, 4105728 bytes

MD5: 4eb6ba6d352c5b1b3e8f04aa1f7dd203

SHA1: e00303975823a3d036682c725960e778eeb127f8

SHA256: 955DC69A5551AB225C5F62246F7B52D32718A7F5A942825FE8A81EF4E9A46CE5

File Size: 771.58 KB, 771584 bytes

MD5: dcc9d3b93d7b7e0c1b45bb7926ee3f53

SHA1: df9e63ae25378c85f49adf2c329653363461dbbb

SHA256: C3E92FAEAEC3BA6168A734ECAC99897AFBB123C85543A212CF4B515E16B61E75

File Size: 771.58 KB, 771584 bytes

MD5: c0f3390fd183af85e811ac0de126b01a

SHA1: 379722570e8e534e702c1b229b552a3f8a2d87f6

SHA256: 1E0C60954B89B8647F8DA3400E5D4A00A7BAE2E38CD2BF2645C447621EDA2492

File Size: 8.87 MB, 8872448 bytes

MD5: 10fe9648d05458b01f79b9c99319eb96

SHA1: c1fa29436f04ddd27243386665da2622575e2563

SHA256: 9C4A8BDD4864D9C4A94220939A82813EA24579EBB3596DC22A6849D6566C639B

File Size: 8.62 MB, 8622080 bytes

MD5: 7e306e78f1c2a8f90597f52051369bf6

SHA1: 709dc6019b49bee9069fbd6d508dad09f3db7eea

SHA256: F3275456F67A8E7AD6B44FE06DECA5702212AE25284615C57EAA5E2CD38A4F70

File Size: 1.82 MB, 1820160 bytes

MD5: 16c7891d743cb7038d68afb53ae226f0

SHA1: 026b1d49cead5a094b76fe580343a323e850f4ba

SHA256: 316776A1D7CF610A6B1D8D8FB92DDAA1984F239501551D27B5A2CC53E9797751

File Size: 771.58 KB, 771584 bytes

MD5: 159709645ce73aa77325af10fc10204f

SHA1: 1d4ff7f885e752b4fcb8ad4634092a51591ada00

SHA256: 41C58EA5F6C8A1BBD8CA29E8C040E26574AAA5683C7100ADA7872126C84B462B

File Size: 783.36 KB, 783360 bytes

MD5: c7df83435243462d8d533ace13d5b8e3

SHA1: 1eefaa841120716f67d74c1feb0745ba3e7023e9

SHA256: 3570B31013A7FA4F17FBFA12644BE0BC9343614E9DB5397BFB052DC5CD29BA50

File Size: 771.58 KB, 771584 bytes

MD5: 725a20737efa58fade6ce54910fad6a9

SHA1: 811598c26cbfdce17193826daf24c0c9d0d8c989

SHA256: B9C2BB2B7A6E612FCA36E33560FCA637C202B011DBF8D6023553401E60C2A0A7

File Size: 3.45 MB, 3447296 bytes

MD5: 7af5c92d9c6201bc75998213bca80c39

SHA1: e775394993dbb17c775f58e6aa5863b50f3ff354

SHA256: 405CBC16BE14867494258F290CD5CD2B4CC3DAA5E1779071999C8BC4C55B8443

File Size: 1.31 MB, 1305600 bytes

MD5: e1eeca549f673b56b664fc3e892c75ba

SHA1: f3902cc46e204daa20131f220749cd9a85e57ee1

SHA256: F20B784E739FDE310C889BC975446D734260F29B95C0F76E8B936B03E0842918

File Size: 1.11 MB, 1112576 bytes

MD5: c13018f20145520dcb9b987e1be0d1d7

SHA1: f021e424bc3955386d9dad9efeabb7bcb1430e72

SHA256: 5A3D5E09C3FC4FACD40AB4415994A0AD1DED2C007CCBC187CA0C6620F8B1E266

File Size: 771.58 KB, 771584 bytes

MD5: 4c4cd7f3a52368e69f565e212cfb4109

SHA1: d2cf7aee30a7ac95f502a14c87ff7372e5703142

SHA256: 0877B598766C6AFDB6AE2B9F6431EE0874A061C0FE67862FE6C1B5996D49EAA4

File Size: 1.03 MB, 1025536 bytes

MD5: 2317006653cddca71e8dccc7146052b9

SHA1: e550d7824aa51bf31efbfc2b6f8969bb1b4b8368

SHA256: F474E8E4847AE6BC3AE2D480C411F883BFA29A70BEFD9115454B2857D36F86DB

File Size: 771.58 KB, 771584 bytes

MD5: c248db9014f68b6c1d5124c1d6b1828d

SHA1: c2154c09618d41bc0e713f412ec29f8732141a06

SHA256: B13CD33E8BDA8A334E88E1099B51E552834E188FDDA3CA496B0DFE24AE9FB303

File Size: 8.76 MB, 8757248 bytes

MD5: 5b5fd3732c3b3a1df7b75de4b9c6fa50

SHA1: 9ee2b6b1b88c3344b2e3b6347f892909a59cbde4

SHA256: 3FE678777A9923F676383EDCC8C9D50CBF32A34E67750FC94C484043DA4B9226

File Size: 1.12 MB, 1124352 bytes

MD5: ec78f7fb3456dc6f35c192eccdde0ea6

SHA1: 379247422db5584a826a03795c83963035657125

SHA256: BEF6C9C602B8247AC982ED40ABEF22C6DAE6D20DF7CF9A496107375FAB39AA31

File Size: 2.50 MB, 2502656 bytes

MD5: e6b7f9eabfdbe8f3274b826c46915ff0

SHA1: c780f68b1cd20600b880d4ae97283a639fc00914

SHA256: D9A6B76778A1670B85B1D499FA74E606DA809D7720BB836159F244C9EBDF0CD5

File Size: 771.58 KB, 771584 bytes

MD5: cf233bf71975e69740ffc4a9bff991b2

SHA1: 27d7a7cc9774937b44345a94fe5c6287af130e8d

SHA256: 908D3DCE3A9ACF4C868E2341C6784BB1A0622FAABF411FA11B69721D604F9735

File Size: 4.53 MB, 4528128 bytes

MD5: a994b1b988e4fac59e6d1276be5db6bc

SHA1: 15f626df0b26253db6d844ef3ec7a1162101da91

SHA256: DD6181839FA019610F50344415FDD1F3721AE083008D71F400F8D0ABEA975AEA

File Size: 4.54 MB, 4538880 bytes

MD5: 3822fab1769c15ae7242025e4e46d65e

SHA1: 4561b9bce3934e2134999ac60f6d4864c11a0d93

SHA256: A90B4125184941556BFEE622C4CA56ED7B4E162C22F74C3782E690D0FEE3BDFF

File Size: 847.87 KB, 847872 bytes

MD5: 4cf0442ebe2072816ec385644a62c8f2

SHA1: 3d5c0daba28b3d09180c2344a3cf428bcd244b40

SHA256: A98DC37AA82DFA84B1599F463D9B529CC76B86632265BA896A3A83E1DC9C07BD

File Size: 5.98 MB, 5978624 bytes

MD5: c885b13901af5f0da7f3242b25d37bf7

SHA1: ac326cc4dfa745f4fdebb003bc59653269041060

SHA256: C71006C86CC1CC398528E29185B109C10965F2F487A96655246C17E572635E3D

File Size: 1.31 MB, 1305600 bytes

MD5: 5d3e69b88285621ed11b19c55c6759ec

SHA1: 253691f386532d9ae556914247ce3c687e6c3677

SHA256: 84CC51575175E99D553F794ED72B84397D1DC54BC3653912269A1A1D5C8734F4

File Size: 777.22 KB, 777216 bytes

MD5: 467d98b605c7057e3c6a823cd8d27653

SHA1: 2ea98c9a02bda99b66553d0bdcf3c0f3f9aff137

SHA256: BD3681DAA18D07D2E81BAEE7C1A8661E0CAB589668F2A548E5525F3B444EC5A0

File Size: 2.18 MB, 2176512 bytes

MD5: 928c7d956eabf79c21003f44dc300867

SHA1: 9865a97e3fa63203968f9cfad95cc268373bae85

SHA256: 823DACCB85AD2DBD1C7014EEE671FAAAF3E2BD4820501AC82916D3295FE96453

File Size: 808.45 KB, 808448 bytes

MD5: 5f8c39297d134df4881f30ee85aa5dd5

SHA1: a01a3bdee80c0e32a2ec8adacfccfae1a1f1a582

SHA256: 0516029333ECAD9F6F84DED53D3F58EC2660BE8C088AC0B3582CEE00353862FE

File Size: 771.58 KB, 771584 bytes

MD5: c064774e237710941db38abb21ad7fbd

SHA1: 4462b02a38c717010a27866c538835af7397dd76

SHA256: 0C0D5B3AB03D0CAFC44D568C3C6EC97B9526F6EE437B1763341074CC24B66857

File Size: 2.42 MB, 2415104 bytes

MD5: 04fb9e284f116af35412f5ba08031558

SHA1: 1438204ba4f80eeb170a466e10963db5b0da4c3d

SHA256: D65A9C76391362055DECDBF89351D768DA6A3FFF7DED302A8D62CD6F04DED530

File Size: 771.58 KB, 771584 bytes

MD5: 6449eb563fd616e92e080aec6d334f95

SHA1: be0086d160b8e318245d12887f8dd4d8bc496b5e

SHA256: D74B43C38AD41E2E0AF279F8E64CC5880344D5A61C4701EE6E49802619D89F3D

File Size: 1.03 MB, 1025536 bytes

MD5: d51fa8a7ef45f2164ffa95bc96905b94

SHA1: 3869dd17e3939015b9e33edb780e80298eb12ec0

SHA256: 11BCA0BEA432CDFE690D620A82907DC4FEDE9A3AC57A18556061160CED57B772

File Size: 4.80 MB, 4798976 bytes

MD5: 0c03ca475a0d9207cebe62c19ebb8631

SHA1: 94691ff4eb7e1e8bd2c376246b89c2c823a6cce7

SHA256: CAD5EABC5D204D1E040F8CFD0A825E2D9D541381A29A46464C3969C13C7735AB

File Size: 771.58 KB, 771584 bytes

MD5: 3508af49404cc4b5b41e817e1c52b876

SHA1: de39d0c772c321adc3ddf4d9704471cf240dbb9a

SHA256: 08AA26B375EFF25E334FDD1C537CAB3B474A87F7F48FB9C0BE4549B4F49FBAF9

File Size: 5.52 MB, 5519360 bytes

MD5: 2fff01cfbad29d83985a6773588721b6

SHA1: d02fa6cf0fb9b2009e8032c2574296946b0f9a80

SHA256: 417604EE8E0CA843AFDC32F473B5C4E369837386FB0B387E84F26F2D6FE40FA5

File Size: 3.56 MB, 3558912 bytes

MD5: f907cc028ac2bb53564b9ecec1e756f4

SHA1: 583fa87ac89613ffc906800ffc9c2d1846b73b61

SHA256: 39CEF913460502F85FA5F0BAE2CF9C9923A6900BD42EA21FAB4611F7E225DCF1

File Size: 7.02 MB, 7015424 bytes

MD5: 11dcad14d2c0b66a42a0df1a71084b1e

SHA1: c5b4d24dff66f763315b3373bf775110aea0bb8e

SHA256: 4EEB172800E2AFA1CBCEA6196E292AB40DA637FC43DEEFEC51D09F19A8B5BDCC

File Size: 1.36 MB, 1361920 bytes

MD5: 2369d69d4ac2b43d6ed17705313abd5d

SHA1: 5c0d4e48752a19f729e63c45e40b8cb069c0f9b8

SHA256: BA8F2745100C7730FD84340472D4307BB05ED3947667599E66F8812FEF57FE7B

File Size: 771.58 KB, 771584 bytes

MD5: c1679b0f7bce1c873307c07142605c2d

SHA1: 52a76f2a447064957c2f0883a14859bd17a01e94

SHA256: 30A775E29FE74F29F80FD9D07D215DBC74A1945C4CF7D73ADEC1842C94854FFA

File Size: 1.10 MB, 1099264 bytes

MD5: 301f592fe8007ce96e720470307f871a

SHA1: 10edc9f05deac5ed618fefcd43ed0f16a8201249

SHA256: FAA6943333B00940BA174D3A0D42E67433C8F89F593779E406CB2FC529F80469

File Size: 5.27 MB, 5273088 bytes

MD5: 0b5ada6ca91a8d9e95650e32b0658b3a

SHA1: 73a4809af37577701347f769cb29512908554217

SHA256: CDF7A65BE6C965D4D2D6AB258E3DDCED6B2958B084478598670C85AEBB0DA2CA

File Size: 2.64 MB, 2640384 bytes

MD5: 6e602d1ae75c88f97488151ea2dbdadf

SHA1: d3378440fe1fbf97529289681554c0dea5771151

SHA256: 2703DF5AF72D3D88BBAD419EA9F3AF75566FA1103566FF3F272DEA8FBFD31D83

File Size: 1.55 MB, 1545216 bytes

MD5: 4f841ae1c3702e7e743845b6d5ce5fd6

SHA1: bd8e43b2e32bd071a07b66944899eed2180f5a1b

SHA256: 725851BDDC382E199361995A09F00FF1AFE5641FA1ADAF7CE9C7EBF5E6163423

File Size: 1.87 MB, 1866240 bytes

MD5: 2fbf40d5bcc7be90a4883114538bcb89

SHA1: 06a05452b613369d948312fc42bd3b5b4d596cf6

SHA256: 9F46018F171866E7CEAFBF126A29E3FE7EBD317EC5767403A4E0C4761EC0C473

File Size: 2.11 MB, 2105344 bytes

MD5: 1d7159d288b8ba800efc521bb0887e19

SHA1: 0d1fa6e9ec151a500bc2fd91cde1d777a38e7c66

SHA256: 5BEA899ACDE76ADAF069EEE93427F7C9624343B8BB9EA650373F1F09708AA9A5

File Size: 1.24 MB, 1241088 bytes

MD5: 0ad11cbd50855088be79de5c9bdec2ad

SHA1: 9e22c7592ee8a0d6ca7b2b0d52d2f2e83ae4cab4

SHA256: 398EBF1E0E43D6041E70DEFB54F73DB82A2CECD7B74B1CAA869C37762D7B9859

File Size: 771.58 KB, 771584 bytes

MD5: 87e4735a93cee405c54e6015cb15b373

SHA1: f29514f0259018d8054a603f1eaeac90488af549

SHA256: 1CB0B1289CE1566F4A48761AFCBC068BB96D1DC1670EC79306D94722553E4592

File Size: 1.14 MB, 1144320 bytes

MD5: 16c8923dcb5a882c061de32bbe510de7

SHA1: c5d5338333678f9ad0380fd80700a5a7215823a5

SHA256: CAF5F9DC941FFB16B49B998415BF19DCAF3508644F31493F90D678D650DCBA79

File Size: 1.03 MB, 1025536 bytes

MD5: e7b0cd4e283cd348cd4101e407abd364

SHA1: a4beeda94e828ef2f9a4cebeeed0ec039a5635fd

SHA256: 6061970DFA1C43019AE09BFCDF15B1DE8716B7DC385B0F4BC5F86C0A16261876

File Size: 771.58 KB, 771584 bytes

MD5: 3eed5be3d1e5911f306c5d9e9538140b

SHA1: da50740604cf47338967e663d3ff865549558a98

SHA256: 35FF8E7226DE75B9DAE0D9F96B3D3F69E3DBC603D664B7751CB498CC66C54B7B

File Size: 1.11 MB, 1110016 bytes

MD5: 7c9c7e19af43071fa7d9fbb2066e033f

SHA1: 3041243146522d4c93a107c53afb935d562d79c2

SHA256: 5AF254B2BBF5B22222FE03804AE856D0EC70EC2B73FCA5F6EEF31E738E61D4FC

File Size: 771.58 KB, 771584 bytes

MD5: 3011ee4c9aa184d4e1a72c000c3a988c

SHA1: 292310ec91a17b48b4b1da7f0a3ebd73c24370c5

SHA256: C2A6FA41CBB0705D42868821B4D5012FCF1B7A5EC7664C08A2607848D9D4EEE9

File Size: 771.58 KB, 771584 bytes

MD5: f0baaf3bc018011bb24bd3bd8ad0ea9a

SHA1: 2e404f6ea73aa0aab36211f0f08d591110f2dee1

SHA256: 0F75E4AAE6E9FCFD9491509BEB2F95E6D7943C24D43DBF3DAB9C7902D08E0898

File Size: 775.68 KB, 775680 bytes

MD5: 195a1721286f6e716964501f95fad3ac

SHA1: 906e8e7772720c8655d750fd95e401d3f133a58b

SHA256: 3347B07672060BC973ABC6ECA2DAAF080820D4376D57D5555153291935CC434B

File Size: 1.86 MB, 1859584 bytes

MD5: b4d56631a9c71685c993a9835f942222

SHA1: 2cd3d6abd98c523b4b7d3ac2fa5c1cb5538cfcf9

SHA256: E31414E20C6DC40C70336E3524DFD5B8E411C5E7F45907F4296BC22189475B19

File Size: 878.08 KB, 878080 bytes

MD5: 850e2fcd3aee15e946efe683964c8ac5

SHA1: 435108821bfe8aff5a7b5a9cb048051e9f092dca

SHA256: D2C7C24AB201B34498233031FF3B34148FA5BA90F1AB03399D448DAD7AFA3F64

File Size: 771.58 KB, 771584 bytes

MD5: 8fa904293ffb04cdb7acd525d20c314a

SHA1: 6c21b319a10d8ba725fbc519b4f1315b32261565

SHA256: 12A63A0380F28381512E244F1376FE1C797A002F053FB52E2464A9A7663D2B68

File Size: 1.10 MB, 1095680 bytes

MD5: e1302e70a83c4c7fd8db1e89610e1a98

SHA1: 2e009d816d87a31a4832c1fe2319b5491daa4963

SHA256: CC5A30EE2A88D78F4186B4EAE73D7123E729677E51C652F2C24A2DE134E68A1B

File Size: 3.33 MB, 3333632 bytes

MD5: 1917139d6fdb30c8c01e7da9327c226e

SHA1: e676db2f747007711e2dbddbb0bee0d48f36bf92

SHA256: 1B71960BC0CF46414844AFCA9AAEC071DF27ED70A134DAF700FCFACCCD1069FE

File Size: 2.45 MB, 2454513 bytes

MD5: f51fc368fa51982e1d7c78c4ee762981

SHA1: f2ffdc0b1075fd237ea2229ca388744970fc9b00

SHA256: 9B50B803BDBA6CC586206A23A20B558A3F5B2877EF25FBB718CF35359F3CEB6C

File Size: 771.58 KB, 771584 bytes

MD5: c5121bdf3053a14e2e659a1d8e75bd9a

SHA1: 09b46b3950fcb5d491d19eff97332178e58e4c09

SHA256: 302A5E8F6731056463266EBBAE151F5DA5D6BEC0C4441FB50E187B8A6C4EA677

File Size: 771.58 KB, 771584 bytes

MD5: 33ec6078ccc576b55a963e0894954671

SHA1: 1b63c8a093ee600be7f11cb0e769c0833dc523d1

SHA256: C8749A3B29B573076F878FD2120CE5CBB9E013DCB0088C25BA2ACFC82B0B875A

File Size: 2.05 MB, 2049536 bytes

MD5: 5840fdf1127e7070d6e8afea9bb160e9

SHA1: 91a29eeac2b0d70a88274686e9019ae30dc84fb5

SHA256: F7FB7813817DE2413274B9F37D5BEFBB0F89B94370EB37FC0A045664D8453D32

File Size: 4.80 MB, 4802560 bytes

MD5: 5ab1c9de42de59b29da7e1b29fb30183

SHA1: 96d8d2159db2e5e568aace011abb58a1660e6edc

SHA256: DACE069BB8DB1C84C6DAAACD967466D93834822303C8C2AF4C8890452DB2660C

File Size: 771.58 KB, 771584 bytes

MD5: 1914186eae499d5e07a041a9d26e696f

SHA1: b7d228dd8ed2433417cad9d950ab1cf6be2091e6

SHA256: 8FADFB3230C237185472C58DC3295DD7118332A5867C74EA2C79E890EEF4B015

File Size: 771.58 KB, 771584 bytes

MD5: 467d1e96b580cbd43b0179ee32d43f4c

SHA1: 1f1cc778b50a7fbf7c396d523895f1ab04f7aaff

SHA256: 1DCE4D765514BC02A9ADAC6955DC3B3EC60D8D3337F76DC9A943C6921E1C372F

File Size: 5.21 MB, 5213696 bytes

MD5: ca4dacc460481de3faa279a6e7eb552f

SHA1: 3e318a7461b37dc72e00cd5ec089696ba3e8f3de

SHA256: 7B5705E231004FFEEFC36CDCE6233AACD5B85186BDF0E425F8DC543370F0182F

File Size: 2.14 MB, 2138624 bytes

MD5: 2ea23185019497bc9714cc61f5ca7efe

SHA1: 9012595654d7f4048259d9dc5bdb834197eaa81e

SHA256: 1210F3D308AB1F7C4EBED563787CE86AD4F5EE17320610AFEB5F039F5889BDCA

File Size: 1.36 MB, 1356800 bytes

MD5: fdd63622ad3e079640ce04fb9f972f12

SHA1: f83bef2954ec7003735da2321e706a5e76694b59

SHA256: 5DD64F195585075905E8FB596D3A164950702E5677340B2D3A51E9A6E797F85E

File Size: 2.06 MB, 2057728 bytes

MD5: 5ea3241940d058f09abf746b41d17423

SHA1: 8ac5682dcad648fb40b0419f0efeb404dacebc44

SHA256: FB7E26813C387E3AF63AED405F6A376544075039FA95E3E62DEA9D5B6E584F1E

File Size: 1.83 MB, 1829888 bytes

MD5: 743788f410bb0b828509aa9a5f5fd3a0

SHA1: 1d37c466a0474af34c4aa99bfc3a0eef12beda9d

SHA256: 621DE7067435D8F5FB11643B6EC87ADA206AAC12983FADA3F41B6121CB6CBAF6

File Size: 804.35 KB, 804352 bytes

MD5: d30056db6df0553764e9d12199aef89c

SHA1: 560b443269521b95fb733cbd315283cc2bcd6776

SHA256: B1AC17685A5877032BC45E260DE751508CC2F9C984687C162274BD16382FB569

File Size: 5.15 MB, 5150208 bytes

MD5: e7046b5d6cb0dd285a975a7a556b4b3e

SHA1: 3ad538bf5eff9855ad0d8e741be1679f231f6784

SHA256: 674CA561A1357EB58182602BBED0A125EC4969ABDD2D02811DA5CD1D72DC0845

File Size: 7.41 MB, 7413248 bytes

MD5: c519977d8fdf28bee8113fc60cf7e8f1

SHA1: 8300e9f7c31eedfad151ae16ac7cb9accc473106

SHA256: CF292B31AC51F9CB2DD33C811393AC17E011CE363B12C5740D7976DAEA5578E3

File Size: 771.58 KB, 771584 bytes

MD5: e66807292f67982a876aaa551fa45c65

SHA1: aac08c2c046515af02b14c6f0bfe4fd7bae56344

SHA256: 2574A0D0F9B555B8B1EBDC73854A0BD7FC152F898891B39ED1498F7688053DC5

File Size: 922.11 KB, 922112 bytes

MD5: 9c5b3293b55db035526078ef4a32286b

SHA1: 180873f6a626c7e2be70dddc5a9cc34d4b302f35

SHA256: 845C77204CD12E270BD5555434BA79FB809AC65DEF69849F640865F7E464B712

File Size: 849.86 KB, 849863 bytes

MD5: 9243fdbee4e3e077c553c9e8b4606cac

SHA1: 6c979688d578c8236735acf8948008d8be9e49f8

SHA256: 56CAF6DAFA59A054CC60AF152B646048564607ECFB199253B2F976F9AF53E66D

File Size: 1.88 MB, 1875968 bytes

MD5: 77e9b095ebceef5661b03ee59d99cc4e

SHA1: 2e9f6f6640bd2fa1159eef82086491071a6cba7f

SHA256: D8E0564159C8F29A3C240E5C07C93A7DFC575AD39D873F65238EEBB09A483798

File Size: 1.01 MB, 1011200 bytes

MD5: 1c67d190d70a6c0c4026d5c5c4579e97

SHA1: bc15a699061262be13ced1e3ef84ca872157fabc

SHA256: E4BDDD9BAB73ECFB2B4C71754459018C5F2BC4F23A2AF50CF6C523FC47B6464E

File Size: 930.82 KB, 930816 bytes

MD5: 2569d1df46c9616b9bf08da862bb727e

SHA1: 4d1b607bfde6fd75d1be341b7599e11f25d73ccc

SHA256: 130590CE0E45AABFC0C109619B12D734F4D9E9F36493784B50B02F0289B908C0

File Size: 1.82 MB, 1820160 bytes

MD5: 2bdfd97419e3b73c46e0c3c7c7dac20d

SHA1: de77670fc735ca4821cb88f6a60520313012b4d2

SHA256: 5F6BA1F36A76F1D5B0A447A58B49DCA796B69EF1B0714E9A5DDA182948D2BEA2

File Size: 913.41 KB, 913408 bytes

MD5: 2c33b77a988a4a3d6b6392f45e92c27b

SHA1: 36597819857ae51b4123db8111ee14c4cb0d41ee

SHA256: 5FAB757338F686035B648CE590786A6998219549A7147C04A51D9C27D9E1FA95

File Size: 2.53 MB, 2533376 bytes

MD5: 68da6362f3313a430d55053a6e8f8a15

SHA1: 0f573f89961e16e6e1005507554cc4e7937e5fe7

SHA256: 46BD5B605CF72A3612C14A367981C8AF4E27C83316D478F6FA8E5E2F4A41A4C9

File Size: 3.77 MB, 3774976 bytes

MD5: 6e0477931ba51360e4217112281a354b

SHA1: 06a4c6c5d48572234b7eae15711eb7fce4712c70

SHA256: A766BDCAC190D3F7A41F830E612D2307C03F2AF78D0B41B8AE0A6C89585E8EF5

File Size: 7.27 MB, 7272960 bytes

MD5: c5b72c6c4bdbbf14440820abc087c373

SHA1: dae355e0cdd6b24e19c09daa210f1020f71440c7

SHA256: 396030B1EF445ED4B433E26B9FB6999A5D3F478A279725EB27C296C7014C06E1

File Size: 771.58 KB, 771584 bytes

MD5: 5d89371f33430afe069c74c09c876330

SHA1: 5dd379df5f14828d8649515b50a750054e8f7d21

SHA256: E45C65D9EED885BFCFA9E0150B26725344CFD4CFEF3FEF568B1181953D837E9D

File Size: 1.45 MB, 1449472 bytes

MD5: 8c900eaa4518d98f074393197ddecca6

SHA1: e0919b219a7fc3c638185f9076c5ad65be300224

SHA256: 1FAA2F6D36399CF9D20B24F8F8AFBE60FF223E7CB6CEE68964305AED9253793E

File Size: 894.46 KB, 894464 bytes

MD5: f42de742ac5865d21f48ba0cb14e8cde

SHA1: 05662a1312c79d9a3e57fbe4463a995d2d52490d

SHA256: EDB84DF57FA9D053130E590B8BD8A683A8CB4A858089663CB48DFF55DC8B40D4

File Size: 1.48 MB, 1483776 bytes

MD5: 9a1012310fc723510265b03c55a12409

SHA1: f624dc792da44d2e1ccdfdeb720a89a40904a852

SHA256: 88BAD0A32AF7EC3C9C62D93396CACF368F4C1D0FC127304A140C22ACBBD0BAD5

File Size: 8.72 MB, 8716800 bytes

MD5: d8568467a6f315f9ee8e87e93b1c99da

SHA1: f7d4c9e523ad9a1fa7d043a7be974b83e14229cf

SHA256: 7F0422E1E0D9189D2C004936B44584FA964F65127D35B5C1158E96627817D804

File Size: 1.01 MB, 1011200 bytes

MD5: 7f176008a6100c060727290d97fb0fc3

SHA1: 6ca67d1143406d04180f13769752d34ff753e4b0

SHA256: 365B46391A4A1691216A3596DCF248314D6C437EAB71D40E7D42036491EBCF7E

File Size: 2.69 MB, 2690560 bytes

MD5: 124b8c8cb9ba167a5f3231eab7299fcf

SHA1: a3fd72611ae19bb7f4899ee74950bcbc19cb2b15

SHA256: EDF1E423868D8B5E16A0D4305DBD92A0BA3E0659A3C8FB5861FF2FC023058C9E

File Size: 2.13 MB, 2134528 bytes

MD5: 837d455256c29e838db464e8cb0cb398

SHA1: a35cf8b9f702b0c6152a183e9eb8ab5b9281879a

SHA256: C9B722E594C86DCDFF95148185F94210E24F3AB2B6ACBA9A32702317D47D3964

File Size: 1.83 MB, 1827328 bytes

MD5: 5c358d26304b45a7d1875d8cf955513f

SHA1: ae434150ca88a9059329df14972e99bfe67db972

SHA256: F81E01CD11F1A3034ACF1A96863025D8C755150F0A747A36B02E2C0355E9EEE6

File Size: 4.80 MB, 4800512 bytes

MD5: 5dd1dea8a3924081ae6de05065c81673

SHA1: 91c7a62101ba79ad5fc5c48439b66ccdda9228f9

SHA256: 9D85FC71A538F959519627A0CAC5D1DB3A2729ABB7B0DD7BF412A23DE121936F

File Size: 761.86 KB, 761856 bytes

MD5: 525ca57599530720b06721349669bd65

SHA1: f2268a4818e2555200329ec41959e7a903fbcc1e

SHA256: 815115ABB6F33592DEEE90075A71D432C6A027851DFC7ACB05C15C59D207121B

File Size: 9.92 MB, 9915904 bytes

MD5: 6029cd614f1f2d4d45ac62060dbf26ce

SHA1: e4b7f888607a85368dd9aedba87e0a11215db392

SHA256: E1FF51FEFCEB1F919BED15820975DDA6BB9A976B94197ADB91A14ACF40B7F1E1

File Size: 8.68 MB, 8675840 bytes

MD5: 333a84d575c470fb149afc26448bdcc3

SHA1: a275bba8a2e26279d55ba8e11b0cee99c636c628

SHA256: DC6951F6C2049C3CAF5C8938B963687481603B77C737C37BF8775D48B914AB31

File Size: 771.58 KB, 771584 bytes

MD5: 8e7dbebe44e7b21521d7e69520ebd117

SHA1: f8a6fd73dae19ccc9d424f797c9d3136eb6ab989

SHA256: 761B35AE0754836BDBAFD809C2CA6B132DC521C61988FC84DDBF4D0E4B510C82

File Size: 3.13 MB, 3132416 bytes

MD5: b531b7bd4dce098e0ccd4cf9416aa067

SHA1: 37620e1bd4637bf9aac93502424efaa508943fdc

SHA256: EE9E2266A018BFEAD8E3E268F60B0C76CD4C9C347D3C9F58F0C80C6F0B1FD2F5

File Size: 1.87 MB, 1866240 bytes

MD5: 062f45819bd16827ee6fe3ff2feec9be

SHA1: 452456a4d934ed60f55da6354239afac80a14b39

SHA256: 4F0FEA63C9E875FD53668C3E8F4F05244EBADEBFAB8553AE652B8D43A27A64BF

File Size: 1.87 MB, 1866752 bytes

MD5: 76f8ab6e7ac3895b52469978078af133

SHA1: 00f87dbf088f956a01474fb5db275906f90c7be8

SHA256: 8C44EF4790DBEDBD0AE5E2DB4487629C29B7AB90E645400C72664BA884F8783E

File Size: 1.38 MB, 1382400 bytes

MD5: 33b4f304bd045727a297ee6eb8b0425b

SHA1: f6de56c4d9a3a5f1f127dcf1efac09a57d398f3a

SHA256: E6D0CC3F17373241D64874595F807A0527516D8E73C9620DD1DA85AF05F8D5C1

File Size: 1.88 MB, 1875968 bytes

MD5: 119da2dfe32ff8b1ab8e92ecfba68ee8

SHA1: c456199e5d8b9291c767ff1ea46816ea0ce00093

SHA256: C98759C6944B3560216A71C1C2970DFC17588EED415BDC3C686A96600B8BB5E1

File Size: 1.08 MB, 1084416 bytes

MD5: 2494ec74fb78c70109813f1644ad27ad

SHA1: c048f613cf6a1b882f7e7ceb740f6a390db76887

SHA256: A64A4DB5CDEA4489D80224D950008CCD6939BEA3F4025F88EEEEB33F583E4CC1

File Size: 1.19 MB, 1187328 bytes

MD5: 065f24ffed5ab1d0526436ce9d9c5226

SHA1: a8304f41a4698a20c0d802c548500085a6ecd090

SHA256: 3A558FB4E5C258217A4B4D6911F9A5CB0E94E62EBA0988768A8EC58A647ADCD0

File Size: 761.86 KB, 761856 bytes

MD5: 566e2dfbe7d0d7751b3fef663703bdc8

SHA1: 09c37a178d629771046c26ade2c73afee31d7c5d

SHA256: 16525584FFC50CEBF8BD3B8921B93AC7E5BD263F7240A32D60661FA7309D7A4B

File Size: 1.81 MB, 1805312 bytes

MD5: a689484c5827606052e9c5f21fb00b60

SHA1: 93b87887db4692f1a1b171c045892a32497a4c9c

SHA256: 64CA939371DB70AAD464214FBD77F1F3C67F765C579BAD15688FBC1112B30D56

File Size: 1.01 MB, 1011200 bytes

MD5: cdaf1854a9ab56a4b1cdaf8737272cee

SHA1: 86017af6fa76deb31d7497bfd7008dd2cb860041

SHA256: 7E64DC82A4CBC133F17D6EE04A42BA8C0B7BAA8890F2D1D6040A083246732F77

File Size: 9.68 MB, 9679360 bytes

MD5: 96c8db1bac4bb908ba81ce70cbceaea0

SHA1: 842f623650c64d5853a220912ef693b1f49d3c52

SHA256: F62EA323E074C78DFE6E89A66E4F68FACA63433CCF6501E5BB8EC8B065A99BD5

File Size: 2.08 MB, 2076160 bytes

MD5: 8ad6134f669da5bd968b179fea97b708

SHA1: d6732007ccaa5a818f82c5b1855713b33ce405ec

SHA256: C4728C93D6991984E844EE4498F5613027865FAA724000455235186847C43DB1

File Size: 2.07 MB, 2065920 bytes

MD5: a3a1bcaea60db0728ae4bfa8ce74c9be

SHA1: 4646b071977c78817ebc85f768f6e67842549a75

SHA256: 5632921C82249031703A448D8C09C76D498FBC00775155353F0D5BA4E3567FDD

File Size: 1.08 MB, 1082368 bytes

MD5: 7e607605702187e37e3cb3c5ccdc4848

SHA1: 09f35fddf7db5cede6a76d02510db7747bd5f500

SHA256: E9F8F42E4E7B428081EEA078F017BD708BC02A46B0572148DE48D9C44DC04D9E

File Size: 1.01 MB, 1011200 bytes

MD5: 635cc7721259c29a5dd1fe6977c4f76d

SHA1: d88ab62b862cab9cf8cc7a971a26d1341c821b1b

SHA256: 9ECE192B0007045496B2C230609A5ED6443D3D4F97D86D4A6FB3746F69B4FA75

File Size: 771.58 KB, 771584 bytes

MD5: 6d346e3ee2146d37edce876c9694366d

SHA1: 551c55ced90d0f0037e40159bceafdc67409363d

SHA256: 3CB1294F17B8858CD85D2094377BD645DC85B781168BBAEBF3DDCD50B7E61B6E

File Size: 774.14 KB, 774144 bytes

MD5: 3a1c90649b0a0e721bbb0da919b14eff

SHA1: 3ea8f43ed58f12ad8caf8bc76e83ad02dd5e3767

SHA256: F7A01068A0543CC2953A47F4EE3DA90F0355D0B94D9D7F17D0D999AF87112217

File Size: 814.08 KB, 814080 bytes

MD5: e8a10aa834069ab703fa7ed846212d27

SHA1: ad33259d171795984af559a8586303dce0a733e3

SHA256: 6F51CDF5215863BCB4548785A135FAC999E24C81848E5677C6B222A7DC1F37CE

File Size: 761.86 KB, 761856 bytes

MD5: 6683b7eb2c82f36e20701ff3ee290975

SHA1: a1052081357b627ac5af3bd7242d9c3ed07cf5c6

SHA256: B34C14D33F199E6BD97A66F6BC7F2E5007588D1106BA4A7EBEBBBE6B153BE9B6

File Size: 9.80 MB, 9798011 bytes

MD5: 927587ac2cb763f82c92d547c7dcef6c

SHA1: d28d840f84f106d438a2394a5072ba328de1c6c2

SHA256: 3603E94792499570ABB6023C1076AACB1410F63F41E999CB386D9143B6FE0451

File Size: 5.97 MB, 5968896 bytes

MD5: ae885047398e8a7aad3723ca7d4a5979

SHA1: 62e3484984f97b7ee60cebd33f2ff7485ce5419a

SHA256: ACF7087F44E01454A30674462A31C5BB32BF519A3D91E14E581C5D4942DD9021

File Size: 802.82 KB, 802816 bytes

MD5: 35d4264861022a5ae2b80d3e2f9c845e

SHA1: 8939d9c16b39aae437788e1c4cfee386abb5071e

SHA256: A627DB353D61815F7A0BC8C084E709668D672AB3B7F7933ED6932A23877FA60B

File Size: 2.14 MB, 2135552 bytes

MD5: fc7f79eae6972598d68218ddc3b36f93

SHA1: 61e77a2893dce0c836caed5f1fb91651841af4e8

SHA256: D8B48481B92AAA8095F3FCF0BE23DC93BCA2C68F4DB2F2C50A47A1843CDD5580

File Size: 2.64 MB, 2638336 bytes

MD5: e6bf20a66021c72843ddd452dd3331f9

SHA1: 5ddbddbd345e840f21515fad7ab587a09c6e1fdc

SHA256: FE4167A12ADCE02B58B4586462BE41A84EF1A5142F33CD2623BDF4E49F096D1F

File Size: 962.56 KB, 962560 bytes

MD5: 5cad97eb537621ea045b7d718743e059

SHA1: 8d3a637740771cb03dd0be965e3c7949d48e089d

SHA256: 30DC283A859B76594D0BB8A6BFDCFEE19CF82FADAF2B2BE2124CDC3879558DA8

File Size: 2.48 MB, 2480640 bytes

MD5: 9f9a870f562468b778973ab44c44ec0f

SHA1: 661aebab8bed62a57a35be5a95d001ecb7d6f0f5

SHA256: B0860562E29F8735E7C52CBBB85F7753DF29114FF982CBF27B928F36BD9DA19F

File Size: 2.95 MB, 2954752 bytes

MD5: f0c98a6ffc28b6861a325592cf50793b

SHA1: 06c9a370c14d88224896f9c4de657d6d70174cfd

SHA256: ED666C19957FD9CF564D4C3A95CB0364A73B8AA505BAEF66CE8962BCF78D3DE8

File Size: 3.42 MB, 3417600 bytes

MD5: 3e6c0ef1e83ea5f28c51ac7b3678689b

SHA1: 87321006dbc9d36ad756a9aa4775ecc1c8a84c72

SHA256: 1947127F7BD76280662FA55A12A697B2B3FE7A1694CF26DE001D8F504C8D0839

File Size: 1.03 MB, 1025536 bytes

MD5: f6a1a0f580d762e7433266c77f59a3a7

SHA1: 1fd5c725a0a3ea36756443e6c328a05915c7ced7

SHA256: 67EC6C6F4DB9F3A761C1219A289FFD8C7E9CA10EBE9E841A99C92DFEF95FA314

File Size: 1.24 MB, 1241088 bytes

MD5: 2edfbc968efd34d326a97da514627b32

SHA1: 9d1c72689a65dfa9da62d025857c5f7954198167

SHA256: 051A0FCAD5E98105BAC03F36C326B0464BC48641B348AF0E1FAD357BF64452F1

File Size: 771.58 KB, 771584 bytes

MD5: ed41720178d216c4cd22a1fb0e42790c

SHA1: 28816d655a125afb742520ba8ad0eb4b4a9136ef

SHA256: 29D7ED3C897D3FC951E8080F02497C88C120240BBFEB381015B64FAD9B6076D3

File Size: 771.58 KB, 771584 bytes

MD5: 5e8ddd6f965d915f5e1f202e9a014564

SHA1: 88dc2a794df95e28e1845494e41ed367655fefcc

SHA256: 93E325F228ED43193BD352D1F2BA69A3845FAAEB51B4D256FD802217D9EC6AA8

File Size: 5.71 MB, 5709824 bytes

MD5: c87a953d3126be93c22999085ec98140

SHA1: 1cdc8aec8c19bc2d29a78137014bcca5a7f5e884

SHA256: D45343C56C7CE0344C0125A04747F415DD0DD3A1B11A12B07B281EB3F81C8934

File Size: 771.58 KB, 771584 bytes

MD5: 5c85d1858418cf684952b329d113480b

SHA1: 9f33c3a34a9b78baf8680455199dd1505555e561

SHA256: D94141AEB30FA736B203F3D6BF34C9CC9406AD005625AE4E756502B5BBAFEFD2

File Size: 9.16 MB, 9157120 bytes

MD5: d0825627acad7fa519edff44292f57df

SHA1: 10f9142f2a350fdb9822fb15766a53d5fb925c36

SHA256: 7EABE8F6D8CA61B9D4FE2FCDBA7A6297FD5C1BE86E4E8CCC7BE4A6F9CB6DE6F9

File Size: 846.34 KB, 846336 bytes

MD5: c3301e01431d03c2359c5d491030afae

SHA1: 0ebc3cb3dc7385e3a1c40d3ad23801d4e32d38ff

SHA256: 96C95D30885FD7C20DFEFE7F29F18A94F660AE1F9EE9C5AFECF95003FE1723B6

File Size: 848.90 KB, 848896 bytes

MD5: 123b66976a941e40b9488e47a273e3a5

SHA1: d56813ff5ebcd4fe81557e054841e466e3fe06dc

SHA256: D1432D099AC81FBCDE36AB17130CF0D11FF8B6468332E6DA442812940DA8BFBD

File Size: 1.11 MB, 1106432 bytes

MD5: 80ea99edfc6b634407638cc1e9bdeb2c

SHA1: 00b4a27ce9591cd9b0758df9a6912101eacdd936

SHA256: 151BB896DCF28F5F4427CFD04C9A868B2490900C9DAE2C30B8138FBF21FABAFD

File Size: 1.89 MB, 1892864 bytes

MD5: 14f05abc0106e759884245347839f37c

SHA1: ee033da7aa600794f09c4e12062e0cd8df1cbe9d

SHA256: 44DCC7430624E3B3917E7A636CB2DA119446633D0183436D2ABD92D876595999

File Size: 4.55 MB, 4550144 bytes

MD5: 4bfb86700d2a5999ae1356435975cdbc

SHA1: 17625e4aa55605c06bb5e25d36dbf2f1c2c1ea8d

SHA256: F828A8F910AE770B3532DEA2A42CB64393C8737E48A9899BDED7BB090AF23363

File Size: 3.17 MB, 3172864 bytes

MD5: 349b75bc852f2f7069201236219dfeb9

SHA1: 5a3ebabc1d3b9cb6fc849c09a7bfd13b291a8061

SHA256: D80BE07087EDA132C72DDD25A92165747ED3924E3CB76B06290DDBFE8E104388

File Size: 771.58 KB, 771584 bytes

MD5: 5b3a8d45c62aa574fb1ce5c19c6ba8d5

SHA1: ce25bc8635a4186d61fe536dad89e66dd39a720d

SHA256: 35345F99EB77ED4B6D63D38832B6F6B7D5A3660E81430760AB2263297A5987EC

File Size: 2.14 MB, 2144256 bytes

MD5: d3161325a0bf2a3656a27ec6a031abcb

SHA1: 5f43578ccdacc6fc759b819d5bc7d8cac364f0eb

SHA256: A60D84DA5A2C46211F5DBEABE138C7B8B8F7EBC71892B1CF54CCB76CE6A5A6FD

File Size: 5.16 MB, 5156864 bytes

MD5: 65c6e6d0a4308ee71e157d746a487382

SHA1: 3f0915b2c4e41cda3d105e1b1abdb7dc7b979cbe

SHA256: 3E2E69E47A76332DF3B88C5DF78CBE9C92C894AAFCCA39818183A0B0DCD60CB5

File Size: 2.39 MB, 2388480 bytes

MD5: e553658c45f1ad01eb20afcacec97c9c

SHA1: 04956ec08e9f0891ce1745799ff621b86e0b71bc

SHA256: AC10CA0F13A6ED6462C87ABFD21ABF0D60FB3ADD3E05ED7A4DC65B8B422C2B00

File Size: 1.88 MB, 1875968 bytes

MD5: 15589d6b5e292a00920d7bd3545eef94

SHA1: 40ba0721a9ac315e258f1a79bdb8f2b1efc08dec

SHA256: E366A194A5C002D8903C3A19E4B6807DA4A3E9AD9C5EE73CD149E814BC58FC89

File Size: 774.66 KB, 774656 bytes

MD5: 0e8894dee08a3359858d633afb1c602a

SHA1: 1c4fcc9399a4e9c9d685d52dbcd11312841f2470

SHA256: 4CEE23371B2ED064B7FD975FBDBB3556EC9F837A3FE9212C4CF80FB292EA21E9

File Size: 8.73 MB, 8725504 bytes

MD5: 5f7c813c490806f100924c014d1f0454

SHA1: 36b109fb0688623e924e01d9659703f375b9ebdb

SHA256: 023C05E4B17AF72D8B5EF331C6A1777B8971ECEF2A591E44891243706411D488

File Size: 5.14 MB, 5136896 bytes

MD5: 295df02630fe237bb3555c221c89a84f

SHA1: 28fb7bbb3a461e87c51b8239b28ff7625d8630fb

SHA256: DE7C0AF83D320415DBE88D42B8B2BEBE45792260AE66031B30EF3345B50C3613

File Size: 1.72 MB, 1721344 bytes

MD5: 0bc0d79e008f282acf8f5d5027ce64ab

SHA1: e68dcd912136ed7bd60b10d87dbe51a888bff61b

SHA256: A24B6245B8065C5D91EC711874C70FA1873ADE8C64080ED6331F4314FFED32C7

File Size: 3.77 MB, 3770368 bytes

MD5: 8945e3b6e1f706428bb4f6f5ecafc2a0

SHA1: c3a02d8be35137e57494cdd946cd81c3d351575a

SHA256: AF20050F91A84E44BEDACA5A87249F582816889CA48424948036E6E419130301

File Size: 769.54 KB, 769536 bytes

MD5: c9b83f960f88f7f1ecac554997d7ed1e

SHA1: 8dd5ab9ae30e89aa2ffef08812aa44c58b7c0f62

SHA256: 260FCDBA6077F99164FCDA55567D7FAE4C8D38E83072197814DA1CA38ED531E6

File Size: 771.58 KB, 771584 bytes

MD5: 9ad391f674b0dac907652b0a445ef504

SHA1: 0015c10f9d509911e617e5bcfad47eeded1db633

SHA256: 340C1862989CB77C4EBC56F96F59F4737AE2863DE37063EEAD7E5DF2AEF93A41

File Size: 771.58 KB, 771584 bytes

MD5: 0a725215bc58d5e7f0c7d08144fb1398

SHA1: 0666d7750f32f581ddd9037d66040578bfa1b54a

SHA256: F3DACC2D589F0842BF59B210E562D5B30EADEE12138036228F8EB7412190BFBB

File Size: 8.71 MB, 8714240 bytes

MD5: fbb3c98ce9d8f70037c5fff883de28c0

SHA1: 69450b6b84406a18e17711c063795e80e93c1e38

SHA256: B0987834D5034F5FBEE2117F91FF571D0A3F7A4947A4D1CECA03616FAA2752A2

File Size: 1.72 MB, 1715712 bytes

MD5: 413fec44ad99627057df679dd8047db4

SHA1: 2225188faf5b674dca25453495ef21e6e6456b1c

SHA256: 8801CCE41E6A0D25848F926E6C51485AD8293D1620AB1F44E545D1575E04F4C8

File Size: 4.55 MB, 4549120 bytes

MD5: a2625a63c941cdf0302ec324d7732c29

SHA1: 5243f49484d8108810d87223d2c5ae6ba784425d

SHA256: A14CE7C09CEF07107C78C633617156126E85B48ABF9B2C6125377EC4DB71BDE4

File Size: 771.58 KB, 771584 bytes

MD5: 658d9b5b5b2ca21e2d451c5e3777e723

SHA1: e0f3a482fcd9cae9be235380d1111a708a2eb421

SHA256: 16D24A8D873086C3F36BBD570465B06D9A6839FD5E8A11BF317E970B2E659411

File Size: 849.86 KB, 849863 bytes

MD5: 3254dcf0b4fe5ffd5da22b79a3816f4a

SHA1: 0ef718752e709a01f659bd05abc345f5111e6b4b

SHA256: D3338D8C47F900FED3DFF0B6EC787C8F4AADA04EF3B5620D55FBFD17361181A4

File Size: 1.02 MB, 1020928 bytes

MD5: 1087e2326b0ef3c62b2ba7f28573a31a

SHA1: 2c792a89d944f95f11e500a589a17310f5d76d43

SHA256: 99CE39C216C877102AE0054AC3769647CFA60B7A3FBB8BF9E79E9264DC0FC9F1

File Size: 771.58 KB, 771584 bytes

MD5: cbba680154f38863a26d19b64228d41e

SHA1: da0ab0cb4bc202a2b63f5f3270166ce94b24b66e

SHA256: 7E9947E8176651B5DA1EC4BAB933B52577DB99CAA67EF5A17D22C1AB76C0C0AD

File Size: 1.60 MB, 1598464 bytes

MD5: d5da93aee7c00c9a451f72e3049f706a

SHA1: 0a0109c2138db62c70d25e1c2f164db81689ac20

SHA256: 86D6BD43715341D54FFFDBC027630AEF251B6785C6EAFA9297E707B40173F58D

File Size: 8.74 MB, 8744448 bytes

MD5: b4b2f5d594eeb695579bee071a2fe5e8

SHA1: ba3913fc54c61e08ce1d4b5deac1c210ac0e4a21

SHA256: D06F99686C7EF63B23EDCD4BCC82DEEDECF458412C26BC18DBB66EB1452430EB

File Size: 771.58 KB, 771584 bytes

MD5: 6fd903781774e6dc9c2b4104c14fdbd6

SHA1: a90790d150d673357e35b512b4b9cfb7459ff94d

SHA256: 05C008CF92E1182A4E45CC7E4D00C011693457D093F6336BEF47D7C65AC145B6

File Size: 1.66 MB, 1655296 bytes

MD5: 1f426a68cedc85eadd564879efee708c

SHA1: 4f772192e4b737d688d368e1b262a546ee5e109b

SHA256: 38B3C1BF36F4CF7A05E97E8B12D4D6607223F3CDEC6560B1C4CD13A2F8CF633C

File Size: 2.57 MB, 2566144 bytes

MD5: 2a117be30ab06c7dcb1a47153873993f

SHA1: 8178cd191e5a08cb29f63d736be78e9cd6ca5898

SHA256: DD0C403698B27E46C367FCAF9C7EECFF6683C7B6E3CE81D2AC6687AF51AE6F88

File Size: 4.24 MB, 4240384 bytes

MD5: e3eb7c959f4e01aaec262d369a43f665

SHA1: 56475b039611fa48c54c2fba08231afab50ce130

SHA256: 5E3019B753AF6DCC39CE471C24E4E0DF09D2C189DEEEB436A4938DC21DFA9BD9

File Size: 854.02 KB, 854016 bytes

MD5: e59376ef69746ee96d9f81033198f795

SHA1: eccdf455e69c705dd633cf65df799f015866498c

SHA256: 36138D00D80A85C4446D32048CB01CCE207E1704EEBBBD4BDCDEB2718D67C643

File Size: 5.45 MB, 5451776 bytes

MD5: 8c731ca41d15010ee6ae5e2718fa7b69

SHA1: 44760c26a61944c5926128994d357b7d09b77416

SHA256: 73217E0D8635B20BE50436861FE00D6F21045B4E40C12286F28576988E2DB66A

File Size: 1.87 MB, 1868800 bytes

MD5: 7efabd7638d111d7d75be1a7c2bed3d9

SHA1: 482e8563f98304c710a451cc329dc88f6816e137

SHA256: 862115B8A580C43FE4FAAAB4BD9B605A0571DEB9648A07BE38FA9980408B4336

File Size: 4.09 MB, 4085248 bytes

154 additional samples are not displayed above.

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File has TLS information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)

File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

100 additional icons are not displayed above.

Windows PE Version Information

Name	Value
Comments	Modified by an unpaid evaluation copy of Resource Tuner 2. http://www.heaventools.com
Company Name	CRACK BY RETRIX Microsoft Synaptics
File Description	SS CRACK RETRIX Synaptics Pointing Device Driver
File Version	1.1.1.1 1.00 1.0.0.4
Internal Name	Win
Original Filename	Win.exe
Product Name	SS CRACK RETRIX Synaptics Pointing Device Driver Win
Product Version	1.00 1.0.0.0

File Traits

Block Information

Similar Families

Agent.HJFB
Autorun.DC
BHO.X
Banker.MA
Banker.TB

Darkkomet.DA
Delf.OF
Dropper.Daws.A
Ekstak.AN
FakeAV.MB
FakeAlert.X
Injector.DFF
Injector.FGSA
Injector.FHBB
Injector.FHBD
Injector.FHBE
Injector.FHE
Injector.JHE
Injector.KDF
Injector.KF
Injector.KI
Kasperagent.A
Klone.A
Kryptik.GSJ
Kryptik.YFF
Lumma.DA
PWS.Onlinegames.AS
QQPass.AK
Rugmi.IA
SchwarzeSonneRAT.A
Sheloader.A
Trojan.Downloader.Gen.HP
Trojan.Downloader.Gen.MD
Woreflint.A

Files Modified

File	Attributes
\device\namedpipe\adprinterpipe	Generic Read,Write Data,Write Attributes,Write extended,Append data
\device\namedpipe\crashpad_6192_upcnakwptojyhjpq	Generic Read,Write Data,Write Attributes,Write extended,Append data
\device\namedpipe\crashpad_6192_upcnakwptojyhjpq	Generic Read,Write Data,Write Attributes,Write extended,Append data,LEFT 524288
\device\namedpipe\gmdasllogger	Generic Write,Read Attributes
c:\bigfishcache\gamemanager\log\gamestub_t_install_log.txt	Generic Write,Read Attributes
c:\bigfishcache\upgrade\stub\._cache_27b2e108f655884625fbdedbfbc8ac0c4e8f0896_0000999936.exe	Generic Write,Read Attributes
c:\buildbot\ad-windows-32\build\release\app-32\win_loader\anydesk.pdb	Read Attributes,Synchronize,Write Attributes
c:\program files (x86)\microsoft\edgeupdate\1.3.215.9\msedgeupdate.dll	Synchronize,Write Attributes
c:\program files (x86)\microsoft\edgeupdate\1.3.215.9\msedgeupdate.dll	Synchronize,Write Data
c:\program files (x86)\microsoft\edgeupdate\1.3.215.9\msedgeupdate.dll.dat	Synchronize,Write Data

c:\program files (x86)\microsoft\edgeupdate\1.3.215.9\msedgeupdate.dll.tmp	Generic Write,Read Attributes
c:\program files\common files\system\symsrv.dll	Generic Write,Read Attributes
c:\programdata\synaptics	Synchronize,Write Attributes
c:\programdata\synaptics\rcx1023.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx14a3.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx197b.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx1beb.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx2343.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx25a5.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx267f.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx2c4c.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx2db9.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx2e65.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx3006.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx348.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx35c4.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx3814.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx3da1.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx3eda.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx3fec.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx43ac.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx4458.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx4736.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx483b.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx491b.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx4be4.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx4be9.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx4f3a.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx4ff5.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx5209.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx5237.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx5506.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx59aa.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx5a46.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx5b5.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx5bbd.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx5bfe.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx5c4a.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx5c78.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx5ebb.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx6206.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx634e.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx6487.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx64e5.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx67f8.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx6c52.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx7522.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx7572.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx7a55.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx7b58.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx8177.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx86ee.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx87d4.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx8d64.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx8e2.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx9431.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcx97e.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxa3bc.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxa499.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxa5a1.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxa67c.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxa68b.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxa6ab.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxa6f9.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxa747.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxa7b3.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxa91c.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxaa64.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxaa93.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxaab2.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxaae1.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxac48.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxac77.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxaf07.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxaf75.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxb09d.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxb2ef.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxb9bf.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxba7f.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxbb4e.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxbb94.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxbd2.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxbe73.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxbe92.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxbfcb.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc019.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc038.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc0d4.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc0e4.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc122.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc180.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc1de.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc305.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc3af.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc4d4.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc80f.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc85e.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxcdc.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxd1ab.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxdc5b.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxe571.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxe5c8.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxeb57.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxec3b.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxec9e.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxedf0.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxeef.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxf03c.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxf795.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxfd39.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\synaptics.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\programdata\synaptics\synaptics.exe	Synchronize,Write Attributes
c:\programdata\synaptics\synaptics.exe	Synchronize,Write Data
c:\repos\spyhunter5\sandboxtool\builds\releasenologencrypt-win32\injected-win32.pdb	Read Attributes,Synchronize,Write Attributes
c:\users\user\appdata\local\microsoft\windows\explorer\iconcache_16.db	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\microsoft\windows\explorer\iconcache_idx.db	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\.opera	Synchronize,Append data
c:\users\user\appdata\local\temp\.opera\opera gx installer temp\setup.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\users\user\appdata\local\temp\.opera\opera gx installer\opera_installer_20250721184617601.log	Read Attributes,Synchronize,Append data
c:\users\user\appdata\local\temp\1aqioql.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\1smppe7.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\1wjineu.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\1zzzbld.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\2afvpoi.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\2p1kcjh.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\418s4bh.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\4rnquvx.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\6192_2137616046	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\6l4munc.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\6m4rxoa.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\72wrgaa.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\7vfhlv8.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\7zs0b3ead51\setup.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0b3ead51\setup.exe	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\8dki33d.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\8jtqzqb.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\8trnl4k.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\at629u9.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\bcmruem.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\bpegip.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\bpegip.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\bpegip.exe	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\caajxou.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\dxhmsp6.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\ebqobyh.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\ekjac3q.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\fkyuu1d.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\g2az3mg.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\gvbfbe7.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\h2qnbu7.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\helwvdc.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\i6vsoiu.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\iwyri8n.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\kgkxiqd.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\kxxk3o6.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\ky5gmfz.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\lwxxejz.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\mjbwey5.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\nf3fdck.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\nsp4c81.tmp\system.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp4c81.tmp\userinfo.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsw5134.tmp\inetc.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsw5134.tmp\nsisdl.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsw5134.tmp\system.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsw5134.tmp\uac.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsw5134.tmp\userinfo.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\oexqtd7.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\om9xixo.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\opera_installer_2507220146167106192.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\opera_installer_2507220146174765236.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\opera_installer_2507220146184766576.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\opera_installer_ui.lck	Generic Write,Read Attributes,Delete
c:\users\user\appdata\local\temp\pasgwly.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\q1kjrnp.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\q2ioi22.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\r6rzu1h.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\rsc5vpp.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\setup_20250718183811_failed.txt	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\tbx948t.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\throttle.txt	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\uqjx5va.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\utttpfp.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\v3d1vdq.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\winqjndx.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\winqjndx.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\winqjndx.exe	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\xwweklv.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\yj7f13e.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\ad.trace	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\service.conf	Generic Read,Write Data,Write Attributes,Write extended,Append data

507 additional files are not displayed above.

Registry Modifications

Key::Value	Data	API Name
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet		RegNtPreCreateKey

HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\run::synaptics pointing device driver	C:\ProgramData\Synaptics\Synaptics.exe	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	ꏍȁ偫~ꚐơŮ龡^듛ï 紘Ça獖}偫~⦘·엦1좟Êdᵂċᵆċe䃸엦1%¶}ꙥꙥ	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\wow6432node\anydesk::id		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\wow6432node\big fish games\persistence\enabledtoolbars::1		RegNtPreCreateKey
HKLM\software\wow6432node\big fish games\client::gameclubmember		RegNtPreCreateKey
HKLM\software\wow6432node\big fish games\persistence\install::	{5B25E676-FE36-4635-98EE-50D5E7FD7D9E}	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasapi32::enablefiletracing		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasapi32::enableautofiletracing		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasapi32::enableconsoletracing		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasapi32::filetracingmask		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasapi32::consoletracingmask		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasapi32::maxfilesize		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasapi32::filedirectory	%windir%\tracing	RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasmancs::enablefiletracing		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasmancs::enableautofiletracing		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasmancs::enableconsoletracing		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasmancs::filetracingmask		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasmancs::consoletracingmask		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasmancs::maxfilesize		RegNtPreCreateKey
HKLM\software\microsoft\tracing\rasmancs::filedirectory	%windir%\tracing	RegNtPreCreateKey
HKLM\system\controlset001\services\eventlog\application\._cache_a54fe3b892b71621ac20b0a86f579acf503da814_0002103808.exe::eventmessagefile	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\EventLogMessages.dll	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix	Cookie:	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix	Visited:	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc4c75	܍ā먎ÍÑŐ耄º$좢i$㳺¥°]湯捥牯略灡獜敨汬睜湩潤獷献潴慲敧獜慴整敲潰敶扲捳捡敨挮灰昀㈰攱㈴戴㍣㔹㌵㘸㥤慤㥤晥慥扢户扣㐱〳㝥弲〰〰㜷㔱㐸眀湩潤獷献潴慲敧搮汬匀䍈剏⹅汤l瑓瑡剥灥噯牥獢慃档彥敒畢汩䍤捡敨Ā夀ᰏᰁ茀Ȁ܀຀␁昀昀簀	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75	墟ĸ鈉øꌉĶꄍ阎Ľ鬎ʂԏÞ阐䈑Âø밓Ɣ똕ĥ츕ë䈛x䤝Ē猟ɢ䀣ʲ찣ŏ갤Ç숤ʨ春ʐ븥ė椧ĒꄨěสĹ뜪Ģ윪Þ㴬䠱Oⰵɝ혺ɲ츻Ĵ噀ñ끀Ī덂®䡆¶賂¦홌ʅ቎ĤÁꝒª穔R띔Ü录Ī乖ʗ፡Ĥ陣w걣ʛづŔ퍥h坧ʡ㹭ŃŁ詰ʜ䁱£㱲湲Jꍵ~ꭵĊ	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	쿾ȁ஡龡^紘Ç獖}좟Ê	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75	墠ĸ鈉øꌉĶꄍ阎Ľ鬎ʂ먎ÍԏÞ阐䈑Âø밓Ɣ똕ĥ츕ë䈛x䤝Ē猟ɢ䀣ʲ찣ŏ갤Ç숤ʨ春ʐ븥ė椧ĒꄨěสĹ뜪Ģ윪Þ㴬䠱Oⰵɝ혺ɲ츻Ĵ噀ñ끀Ī덂®䡆¶賂¦홌ʅ቎ĤÁꝒª穔R띔Ü录Ī乖ʗ፡Ĥ陣w걣ʛづŔ퍥h坧ʡ㹭ŃŁ詰ʜ䁱£㱲湲Jꍵ~	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	퇙ȁᐦ龡^Þ紘Çú獖}á좟Ê	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	퐆ȁḹ龡^Ŋ紘Çŭ獖}ő좟Ê	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	❦ȁ₺龡^Ŕ紘ÇÕ獖}ŝ⦘·ŝ좟Êh,֢	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	⪉ȁ⯟龡^ǈ紘ÇĲ獖}ǔ⦘·ǔ좟Êh,֢	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	ⴎȁ㓅龡^ȥ紘ÇƁ獖}ȳ⦘·ȳ좟Êh,֢	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	㎡ȁǥ龡^紘Ç獖}좟Ê	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	㏶ȁ͏龡^!紘Ç獖}$좟Ê	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer\advanced::hidden		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusoverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalldisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalloverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::updatesdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::uacdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusoverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalldisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalloverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::updatesdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::uacdisablenotify		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings::globaluseroffline		RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\policies\system::enablelua		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::enablefirewall		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::donotallowexceptions		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::disablenotifications		RegNtPreCreateKey
HKCU\software\apcr\1214104697::1919251317	✝	RegNtPreCreateKey
HKCU\software\apcr\1214104697::-456464662		RegNtPreCreateKey
HKCU\software\apcr\1214104697::1462786655		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75	增ĸ⬉ʾ鈉øꌉĶꄍ阎Ľ鬎ʂԏÞ阐䈑Âø밓Ɣ똕ĥ츕ë䈛x䤝Ē猟ɢ䀣ʲ찣ŏ갤Ç숤ʨ春ʐ븥ė椧ĒꄨěสĹ뜪Ģ윪Þ㴬䠱Oⰵɝ혺ɲ츻Ĵ噀ñ끀Ī덂®䡆¶賂¦홌ʅ቎ĤÁꝒª穔R띔Ü录Ī乖ʗ፡Ĥ陣w걣ʛづŔ퍥h坧ʡ㹭ŃŁ詰ʜ䁱£㱲湲J畴ʣ	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	켆ȁۂ龡^J紘Çw獖}L좟Ê	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75	墟ĸ⬉ʾ鈉øꌉĶꄍ阎Ľ鬎ʂ먎ÍԏÞ阐䈑Âø밓Ɣ똕ĥ츕ë䈛x䤝Ē猟ɢ䀣ʲ찣ŏ갤Ç숤ʨ春ʐ븥ė椧ĒꄨěสĹ뜪Ģ윪Þ㴬䠱Oⰵɝ혺ɲ츻Ĵ噀ñ끀Ī덂®䡆¶賂¦홌ʅ቎ĤÁꝒª穔R띔Ü录Ī乖ʗ፡Ĥ陣w걣ʛづŔ퍥h坧ʡ㹭ŃŁ詰ʜ䁱£㱲湲J	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	켑ȁ۰龡^L紘Ç{獖}N좟Ê	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75	桌⬉ʾ阐䈛x䠱O噀ñ傄ë횎ǜɼ鶝꾢ʊ閾ʴ淃⟋ʪߙĤᯢV鈄ĞꩠŖÉ	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	锰ȁ獖}	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75	桍⬉ʾ먎Í阐䈛x䠱O噀ñ傄ë횎ǜɼķ鶝꾢ʊ閾ʴ淃⟋ʪ䧌VߙĤᯢV⣳ġj鈄ĞꩠŖÉ	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75	桎⬉ʾ먎Í阐䈛x䠱O噀ñ魲ķ傄ë횎ǜɼķ鶝꾢ʊ閾ʴ淃⟋ʪ䧌VߙĤᯢV⣳ġj鈄ĞꩠŖÉ	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey

365 additional registry modifications are not displayed above.

Windows API Usage

Category	API
Service Control	OpenSCManager
Process Manipulation Evasion	NtUnmapViewOfSection
Process Shell Execute	CreateProcess ShellExecuteEx
Other Suspicious	AdjustTokenPrivileges SetWindowsHookEx
User Data Access	GetComputerName GetComputerNameEx GetUserDefaultLocaleName GetUserName GetUserObjectInformation
Network Winsock2	WSAConnect WSASend WSASocket WSAStartup WSAttemptAutodialName
Network Winsock	bind closesocket freeaddrinfo getaddrinfo gethostbyname getsockname inet_addr setsockopt socket
Syscall Use	ntdll.dll!NtAdjustPrivilegesToken ntdll.dll!NtAlertThreadByThreadId ntdll.dll!NtAlpcConnectPort ntdll.dll!NtAlpcConnectPortEx ntdll.dll!NtAlpcCreatePortSection ntdll.dll!NtAlpcCreateSectionView ntdll.dll!NtAlpcQueryInformation ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtApphelpCacheControl ntdll.dll!NtAssociateWaitCompletionPacket Show More ntdll.dll!NtCancelTimer2 ntdll.dll!NtCancelWaitCompletionPacket ntdll.dll!NtClearEvent ntdll.dll!NtClose ntdll.dll!NtCompareSigningLevels ntdll.dll!NtConnectPort ntdll.dll!NtCreateEvent ntdll.dll!NtCreateFile ntdll.dll!NtCreateIoCompletion ntdll.dll!NtCreateKey ntdll.dll!NtCreateMutant ntdll.dll!NtCreatePrivateNamespace ntdll.dll!NtCreateSection ntdll.dll!NtCreateSemaphore ntdll.dll!NtCreateThreadEx ntdll.dll!NtCreateTimer2 ntdll.dll!NtCreateWaitCompletionPacket ntdll.dll!NtCreateWorkerFactory ntdll.dll!NtDeviceIoControlFile ntdll.dll!NtDuplicateObject ntdll.dll!NtDuplicateToken ntdll.dll!NtEnumerateKey ntdll.dll!NtEnumerateValueKey ntdll.dll!NtFlushKey ntdll.dll!NtFlushProcessWriteBuffers ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtGetCachedSigningLevel ntdll.dll!NtGetCompleteWnfStateSubscription ntdll.dll!NtGetWriteWatch ntdll.dll!NtMapViewOfSection ntdll.dll!NtNotifyChangeKey ntdll.dll!NtOpenDirectoryObject ntdll.dll!NtOpenEvent ntdll.dll!NtOpenFile ntdll.dll!NtOpenKey ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenProcess ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenProcessTokenEx ntdll.dll!NtOpenSection ntdll.dll!NtOpenThread ntdll.dll!NtOpenThreadToken ntdll.dll!NtPowerInformation ntdll.dll!NtProtectVirtualMemory ntdll.dll!NtQueryAttributesFile ntdll.dll!NtQueryDefaultLocale ntdll.dll!NtQueryDirectoryFileEx ntdll.dll!NtQueryEvent ntdll.dll!NtQueryFullAttributesFile ntdll.dll!NtQueryInformationFile ntdll.dll!NtQueryInformationJobObject ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationThread ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQueryLicenseValue ntdll.dll!NtQueryPerformanceCounter ntdll.dll!NtQuerySecurityAttributesToken ntdll.dll!NtQuerySecurityObject ntdll.dll!NtQuerySystemInformation ntdll.dll!NtQuerySystemInformationEx ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtQueryVolumeInformationFile ntdll.dll!NtQueryWnfStateData ntdll.dll!NtQueueApcThread ntdll.dll!NtQueueApcThreadEx2 ntdll.dll!NtReadFile ntdll.dll!NtReadVirtualMemory ntdll.dll!NtReleaseMutant ntdll.dll!NtReleaseWorkerFactoryWorker ntdll.dll!NtRequestWaitReplyPort ntdll.dll!NtResetWriteWatch ntdll.dll!NtResumeThread ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationFile ntdll.dll!NtSetInformationKey ntdll.dll!NtSetInformationProcess ntdll.dll!NtSetInformationThread ntdll.dll!NtSetInformationVirtualMemory ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtSetTimer2 ntdll.dll!NtSetValueKey ntdll.dll!NtSubscribeWnfStateChange ntdll.dll!NtTestAlert ntdll.dll!NtTraceControl ntdll.dll!NtUnmapViewOfSection ntdll.dll!NtUnmapViewOfSectionEx ntdll.dll!NtUnsubscribeWnfStateChange ntdll.dll!NtWaitForAlertByThreadId 8 additional items are not displayed above.
Encryption Used	BCryptOpenAlgorithmProvider
Anti Debug	IsDebuggerPresent NtQuerySystemInformation
Network Winhttp	WinHttpOpen
Network Info Queried	GetAdaptersAddresses GetNetworkParams
Network Wininet	HttpOpenRequest HttpSendRequest InternetConnect InternetOpen InternetOpenUrl InternetReadFile

Shell Command Execution


							runas c:\users\user\downloads\._cache_a01e18ca13a80321058ff167ca34bed69cf18695_0008666624.exe


							runas C:\ProgramData\Synaptics\Synaptics.exe InjUpdate


							runas c:\users\user\downloads\._cache_3424dc54e80390ecb9b672587e8029e2f0f4958d_0005984768.exe


							runas c:\users\user\downloads\._cache_1be4d1d20faab9b44ac2ea69d7e35530ee05cd06_0003918336.exe


							runas c:\users\user\downloads\._cache_8059e06fc7667c45c37faf728ad892258cf072df_0008685568.exe


									runas c:\users\user\downloads\._cache_27b2e108f655884625fbdedbfbc8ac0c4e8f0896_0000999936.exe


									"C:\BigFishCache\Upgrade\stub\._cache_27b2e108f655884625fbdedbfbc8ac0c4e8f0896_0000999936.exe" /STUBPATH "C:\Users\user\Downloads\._cache_27b2e108f655884625fbdedbfbc8ac0c4e8f0896_0000999936.exe" /D=C:\Users\user\Downloads


									runas c:\users\user\downloads\._cache_bd33e61c3738d1cb098ebfff918c4d794c2ddbb7_0003077632.exe


									runas c:\users\user\downloads\._cache_a54fe3b892b71621ac20b0a86f579acf503da814_0002103808.exe


									runas c:\users\user\downloads\._cache_b4e5112a26f23f957cac7d79a3ff0cec93e0e11f_0004076544.exe


									C:\Users\Awkmbten\AppData\Local\Temp\7zS0B3EAD51\setup.exe --server-tracking-blob=Yzc1Yzk0OTcxZDdmYmIxNmQyNTNmNmYwNjk1MmQzYzY2NzhkNWY1OTFkYTgzNWFlMTczY2E5MDZlMTY2MTI1Mjp7ImNvdW50cnkiOiJGUiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9GUl9IVlJfV0VCXzM3MDEmZWRpdGlvbj1zdGQtMiZ1dG1fY29udGVudD0zNzAxX3MxODEwXzgwMTgmdXRtX2lkPWM2ZTU2MzIwODI2ZjQ0Y2Q4ZGZlN2FlYmRkZThhNmYwJmh0dHBfcmVmZXJyZXI9aHR0cHMlM0ElMkYlMkZ3d3cub3BlcmEuY29tJTJGZ2V0JTJGb3BlcmEtZ3glM0Z1dG1fY29udGVudCUzRDM3MDFfczE4MTBfODAxOCUyNnV0bV9zb3VyY2UlM0RQV05nYW1lcyUyNnV0bV9tZWRpdW0lM0RwYSUyNnV0bV9jYW1wYWlnbiUzRFBXTl9GUl9IVlJfV0VCXzM3MDElMjZ1dG1faWQlM0RjNmU1NjMyMDgyNmY0NGNkOGRmZTdhZWJkZGU4YTZmMCUyNmVkaXRpb24lM0RzdGQtMiZ1dG1fc2l0ZT1vcGVyYV9jb20mdXRtX2xhc3RwYWdlPW9wZXJhLmNvbSUyRmdldCUyRm9wZXJhLWd4JnV0bV9pZD1jNmU1NjMyMDgyNmY0NGNkOGRmZTdhZWJkZGU4YTZmMCZkbF90b2tlbj0zNTQ1MTA3NCIsInRpbWVzdGFtcCI6IjE3Mjg5NDg2MDYuODA3OCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjkuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInV0bSI6eyJjYW1wYWlnbiI6IlBXTl9GUl9IVlJfV0VCXzM3MDEiLCJjb250ZW50IjoiMzcwMV9zMTgxMF84MDE4IiwiaWQiOiJjNmU1NjMyMDgyNmY0NGNkOGRmZTdhZWJkZGU4YTZmMCIsImxhc3RwYWdlIjoib3BlcmEuY29tL2dldC9vcGVyYS1neCIsIm1lZGl1bSI6InBhIiwic2l0ZSI6Im9wZXJhX2NvbSIsInNvdXJjZSI6IlBXTmdhbWVzIn0sInV1aWQiOiI3ZGZlZjQ0MS04M2I2LTQwNDAtYWYyYy05NDI1MzFhOTg5NTUifQ==


									C:\Users\Awkmbten\AppData\Local\Temp\7zS0B3EAD51\setup.exe C:\Users\Awkmbten\AppData\Local\Temp\7zS0B3EAD51\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Awkmbten\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Awkmbten\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.93 --initial-client-data=0x3a4,0x3a8,0x3ac,0x3a0,0x3b0,0x73cd8c0c,0x73cd8c18,0x73cd8c24


									"C:\Users\Awkmbten\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version


									runas c:\users\user\downloads\._cache_2a580cd4b32c9fa9a39da07b74a5dce79dd33179_0006982144


									runas c:\users\user\downloads\._cache_b8ce7caaf912c3a0e1e7c0a0380c9a899279b2e0_0000973312


									runas c:\users\user\downloads\._cache_379722570e8e534e702c1b229b552a3f8a2d87f6_0008872448


									runas c:\users\user\downloads\._cache_709dc6019b49bee9069fbd6d508dad09f3db7eea_0001820160


									(NULL) C:\ProgramData\Synaptics\Synaptics.exe InjUpdate


									runas c:\users\user\downloads\._cache_d2cf7aee30a7ac95f502a14c87ff7372e5703142_0001025536


									runas c:\users\user\downloads\._cache_c2154c09618d41bc0e713f412ec29f8732141a06_0008757248


									runas c:\users\user\downloads\._cache_9ee2b6b1b88c3344b2e3b6347f892909a59cbde4_0001124352


									runas c:\users\user\downloads\._cache_3d5c0daba28b3d09180c2344a3cf428bcd244b40_0005978624


									runas c:\users\user\downloads\._cache_ac326cc4dfa745f4fdebb003bc59653269041060_0001305600


									runas c:\users\user\downloads\._cache_253691f386532d9ae556914247ce3c687e6c3677_0000777216


									runas c:\users\user\downloads\._cache_4462b02a38c717010a27866c538835af7397dd76_0002415104


									runas c:\users\user\downloads\._cache_be0086d160b8e318245d12887f8dd4d8bc496b5e_0001025536


									runas c:\users\user\downloads\._cache_3869dd17e3939015b9e33edb780e80298eb12ec0_0004798976


									runas c:\users\user\downloads\._cache_de39d0c772c321adc3ddf4d9704471cf240dbb9a_0005519360


									runas c:\users\user\downloads\._cache_d02fa6cf0fb9b2009e8032c2574296946b0f9a80_0003558912


									runas c:\users\user\downloads\._cache_583fa87ac89613ffc906800ffc9c2d1846b73b61_0007015424


									runas c:\users\user\downloads\._cache_73a4809af37577701347f769cb29512908554217_0002640384


									runas c:\users\user\downloads\._cache_d3378440fe1fbf97529289681554c0dea5771151_0001545216


									runas c:\users\user\downloads\._cache_bd8e43b2e32bd071a07b66944899eed2180f5a1b_0001866240


									runas c:\users\user\downloads\._cache_0d1fa6e9ec151a500bc2fd91cde1d777a38e7c66_0001241088


									runas c:\users\user\downloads\._cache_6c21b319a10d8ba725fbc519b4f1315b32261565_0001095680


									runas c:\users\user\downloads\._cache_2e009d816d87a31a4832c1fe2319b5491daa4963_0003333632


									runas c:\users\user\downloads\._cache_1b63c8a093ee600be7f11cb0e769c0833dc523d1_0002049536


									runas c:\users\user\downloads\._cache_91a29eeac2b0d70a88274686e9019ae30dc84fb5_0004802560


									runas c:\users\user\downloads\._cache_1f1cc778b50a7fbf7c396d523895f1ab04f7aaff_0005213696


									runas c:\users\user\downloads\._cache_9012595654d7f4048259d9dc5bdb834197eaa81e_0001356800


									runas c:\users\user\downloads\._cache_1d37c466a0474af34c4aa99bfc3a0eef12beda9d_0000804352


									runas c:\users\user\downloads\._cache_06a4c6c5d48572234b7eae15711eb7fce4712c70_0007272960


									runas c:\users\user\downloads\._cache_ae434150ca88a9059329df14972e99bfe67db972_0004800512


									runas c:\users\user\downloads\._cache_f2268a4818e2555200329ec41959e7a903fbcc1e_0009915904


									runas c:\users\user\downloads\._cache_4646b071977c78817ebc85f768f6e67842549a75_0001082368


									runas c:\users\user\downloads\._cache_8d3a637740771cb03dd0be965e3c7949d48e089d_0002480640


									runas c:\users\user\downloads\._cache_17625e4aa55605c06bb5e25d36dbf2f1c2c1ea8d_0003172864


									runas c:\users\user\downloads\._cache_1c4fcc9399a4e9c9d685d52dbcd11312841f2470_0008725504


									runas c:\users\user\downloads\._cache_36b109fb0688623e924e01d9659703f375b9ebdb_0005136896


									runas c:\users\user\downloads\._cache_28fb7bbb3a461e87c51b8239b28ff7625d8630fb_0001721344


									runas c:\users\user\downloads\._cache_e68dcd912136ed7bd60b10d87dbe51a888bff61b_0003770368


									runas c:\users\user\downloads\._cache_0666d7750f32f581ddd9037d66040578bfa1b54a_0008714240


									runas c:\users\user\downloads\._cache_0a0109c2138db62c70d25e1c2f164db81689ac20_0008744448


									runas c:\users\user\downloads\._cache_4f772192e4b737d688d368e1b262a546ee5e109b_0002566144


									runas c:\users\user\downloads\._cache_8178cd191e5a08cb29f63d736be78e9cd6ca5898_0004240384


									runas c:\users\user\downloads\._cache_44760c26a61944c5926128994d357b7d09b77416_0001868800


									runas c:\users\user\downloads\._cache_60804d62b6dcf7d23051ef1cb32ec32919ee8807_0001094144


									runas c:\users\user\downloads\._cache_9b5377a3adacd8b1d34508ee12cd4f677d2ff119_0000862720


									runas c:\users\user\downloads\._cache_850657cbba38f8ee70c002eb151949106b075ca5_0001471488


									runas c:\users\user\downloads\._cache_22c993e4e25f8c39a39994f998acc3b9c3c2fa7f_0001108992


									runas c:\users\user\downloads\._cache_d07083ccba1072b99f21aa307216edd66f15bc1c_0006017024


									runas c:\users\user\downloads\._cache_a5b86cb9c87e91d482006c347ab9ac246074c71a_0001872384


									runas c:\users\user\downloads\._cache_ecfdbc284e1ed4f6fa91f87c83a38d14a9aee57c_0003622400


									runas c:\users\user\downloads\._cache_993e253ebe5644e2435efd0f12b3cb20faa7568c_0002189312


									runas c:\users\user\downloads\._cache_45221cf1f1949ae6918b8d802cfd9b34586f97a1_0004682240


									runas c:\users\user\downloads\._cache_00854c4ab214840ccc806633b4e138feb6e903ec_0001484288


									runas c:\users\user\downloads\._cache_37b4a7947c4506172e0c755bc75649ce09fa7d0e_0001581568


									runas c:\users\user\downloads\._cache_92391d6a745b57e666cd668d8a228443dbc144e4_0001025536


									runas c:\users\user\downloads\._cache_5bb72fc8e44bd905d1f57289854f89b476d93e19_0001319936


									runas c:\users\user\downloads\._cache_a2f07bdba61026a6abea35ff0d079628b7113e74_0001447424


									runas c:\users\user\downloads\._cache_9dceca7e83134930ddf0f3f7fe70e1269a8ec2fc_0000863744


									runas c:\users\user\downloads\._cache_024becd86e04b356b9b7cffd9d2a663396a66f9e_0006247936


									runas c:\users\user\downloads\._cache_9ebf2741381728e82155fcd30e95710ccaf20eb4_0001155584


									runas c:\users\user\downloads\._cache_4b3caf3ba02d773e7254b162e9f6f7e85cb77dbb_0000783360


									runas c:\users\user\downloads\._cache_841ef8ad0782a2997a14fd73b491bcbec870a956_0004015616


									runas c:\users\user\downloads\._cache_21ee8a7c17611bb7a4a1f387255623cb69ee4bea_0000815616


									runas c:\users\user\downloads\._cache_320d0790f4d91f39b67914801343604d5b7a3ee3_0003670528


									runas c:\users\user\downloads\._cache_56863cfa09f1781da22f8b5d9eb3cb632bbe9cae_0004465152


									runas c:\users\user\downloads\._cache_cc759d2648f60046a6ea2939c668401eedafa02c_0001005056


									runas c:\users\user\downloads\._cache_76ad2721027b9d71238649731f2efae1df13cab9_0003945984


									runas c:\users\user\downloads\._cache_a23b8f1080e691b9f93bc2d803bc2742945ee11b_0001876992


									runas c:\users\user\downloads\._cache_0179328be458a1bf432127229cd7c24a4d0455f4_0008766976


									runas c:\users\user\downloads\._cache_314b356fcaf3d119d420b2192abcecb2c9fc93ae_0001030656


									runas c:\users\user\downloads\._cache_3c80f72337f8ecf8d24578b3d908960085b0502f_0000792064


									runas c:\users\user\downloads\._cache_eb0dcf7ae571e04ca92941c27f2a53ddec82f87e_0000792064


									runas c:\users\user\downloads\._cache_b311145cee08a917b54ea33cf654172a864be493_0006348288


									runas c:\users\user\downloads\._cache_8214c6d3754589e8ca9bbe08abdd320a218a9a6f_0002890752


									runas c:\users\user\downloads\._cache_4b400ceb7a7468998d8e355796ed8650a3d5cd35_0001013760


									runas c:\users\user\downloads\._cache_f9b92f01306fcf24ca45c8e73d347f634359ffc9_0001025024


									runas c:\users\user\downloads\._cache_8f2eea7ce3f86606b122b5caba2e28c769a68975_0001011200


									runas c:\users\user\downloads\._cache_04c5e856d86060af4ef08290d03abaee5f690b1f_0003607040


									runas c:\users\user\downloads\._cache_abc63323e90e688ebbfcb48a79894eb02184a39d_0008171520


									runas c:\users\user\downloads\._cache_27ae087a98d45356d6044753a3440ede65fafb29_0000862208


									runas c:\users\user\downloads\._cache_7d71383e6dc22182a5c57dc6cb5223ce115a7b80_0007814656


									runas c:\users\user\downloads\._cache_c0f3a3c002a9ac9370b4a3beb554726806cac487_0001013760


									runas c:\users\user\downloads\._cache_1162b98c98d2083c2a0104f28e86618c164d415a_0001034240


									runas c:\users\user\downloads\._cache_07ee0ad60d6df976aa04193d5a11efe5b8a8ce32_0001625600


									runas c:\users\user\downloads\._cache_848d9aec6c550f03677066004f0757acec3b3553_0001013760


									runas c:\users\user\downloads\._cache_5c163279fa0d67541519523b8935cb420803d76f_0001112064


									runas c:\users\user\downloads\._cache_f58f4733180d8abe13291d74a65e316c5541643c_0002445312


									runas c:\users\user\downloads\._cache_6dde2af927b3668ffa352ece1767c56b44e3ee26_0001866752


									runas c:\users\user\downloads\._cache_a7863f0fc7609f268ec1290bf88d4eed4a2668ca_0006849024


									runas c:\users\user\downloads\._cache_7b04ffac6a9eef7057eee1087cb60df3acf106e3_0000794624


									runas c:\users\user\downloads\._cache_dfaa99b07b6ccb7fb5500561267fc9dacac3b514_0006526464


									runas c:\users\user\downloads\._cache_72fd74ae0fb6ea3c135cd277b5f6eca4952e2218_0002103296


									runas c:\users\user\downloads\._cache_ede2d5835e59e4d9591fa67fc1914036c819f652_0001393152


									runas c:\users\user\downloads\._cache_8195b6ec7938191cdde4a6f7e5f9ff16598ac777_0001010176


									runas c:\users\user\downloads\._cache_382f84f303a95aa94a4e43363fb0bfe1a2f2d29c_0007021568


									runas c:\users\user\downloads\._cache_fadc30f1605dd22bb43345773e4542d1995446f1_0001016320


									runas c:\users\user\downloads\._cache_0d81be410a0a97bd9a4f531b86bb8433d9d7ddeb_0001011200


									runas c:\users\user\downloads\._cache_5e164a92bbdf8cc766f52b5a5cda57e6f5c1eeb1_0001011200


									runas c:\users\user\downloads\._cache_783302d26670adb56ad458f7f4c8cb5ffb6701dd_0005346304


									runas c:\users\user\downloads\._cache_dbc5a0779ccfcc596165e93bc10baca93d4646d4_0002057728

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.Hooker.C

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Similar Families

Similar Families

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

PUP.WaveMax Sound Editor

Trojan.Kryptik.JUD

Trojan.Agent.MBD

Most Viewed

Pornktube.porn

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen