Multi-License Discount Quote

Change Region

English
Threat Database Potentially Unwanted Programs PUP.MSIL.Bundler.CBA

PUP.MSIL.Bundler.CBA

By CagedTech in Potentially Unwanted Programs

Analysis Report

General information

Family Name: PUP.MSIL.Bundler.CBA
Signature status: Root Not Trusted

Known Samples

MD5: 364afe047e04534fe9df5b79b4566b5e
SHA1: 6fc4a1bf6771b5a7ae99688bf2eb51e2dd61d499
File Size: 566.58 KB, 566584 bytes
MD5: 3445ae37d046a8c8ef183cde09090992
SHA1: 78bac0e73c2efcfec20245dfe8843d819cfee064
File Size: 315.39 KB, 315392 bytes
MD5: 5cde401b097421ec60096af9c346abe5
SHA1: 523bf5b606baf01b06ad3766a316d932c443b730
File Size: 578.46 KB, 578464 bytes
MD5: eb833b0be2609870f23f5200740e1c8b
SHA1: 8fbb6076a6a8b85374016dbdb8998b5acc61e51e
SHA256: 578A17CBA784B32BC970FAF0E584DBC56739E9E138637EE105270C253FD56596
File Size: 438.49 KB, 438488 bytes
MD5: 9ea224387bfdb5d55fb7ae9eae7e18f9
SHA1: 2bac49991e08bbf9d1e210bc4794dc8da3ed5d08
SHA256: C40B0802F3B90591F63DECD843ABF657E68986250D93405A72FB42D586BC3AF5
File Size: 566.58 KB, 566584 bytes
Show More
MD5: 3c168355c5548d970524fbffc988a1a0
SHA1: 369fcb0010c67a9db812c927eb7b77745d58b6d8
SHA256: 9E731CC0DFC93A64F5CFF655B34D7D207FB4AB2F50D5E592A80B2A54BAEF70FB
File Size: 683.50 KB, 683501 bytes
MD5: f4c85ad28636969799158cc8a48817f5
SHA1: dd70f6d655f8401e97519bbba4b7765a2c86acef
SHA256: 7AC2DFC2B25D2F840045FA4B32D02130AAF6AD816154CF53C4F346E1602D48B0
File Size: 492.75 KB, 492752 bytes
MD5: 05eabd05a36ffef555880bce30d166c8
SHA1: b2293cb1fc3c457fd1bb65d2105e950f32f1112a
SHA256: 89935812340926F0D36E22A2DE96BF7B97155851997B09C6764DB4FE8743020D
File Size: 566.60 KB, 566600 bytes
MD5: 763a6380fc14d6bc97aae07938715a6e
SHA1: 36cb7968d9d9f61c3e090fc93007183bd93a063f
SHA256: C72DDDFED17D47AFC0B67DF0727F04D525687471C721CC03547131B05BADB05B
File Size: 554.16 KB, 554160 bytes
MD5: a65df2557fd255566d495afcc5217ce1
SHA1: eeedf4477f1fcbbf618ffa6668e81ebb62024730
SHA256: 066C9B8D9DA0D28E0F3DF787442EF241EAD1A414E3A7B530F2EDD6255B7649C4
File Size: 545.06 KB, 545064 bytes
MD5: 3fe0ed02aa1b6d1f233316d097868903
SHA1: a8a788e02ddc2a702ba588d973330dff2e5949ff
SHA256: 32D810459EDF5532172B8643EB6D97CB4F7FA6402DEFE862A86AD3FD4D97C616
File Size: 566.58 KB, 566584 bytes
MD5: 1e2940776bdfd5b11aad3234244f91f5
SHA1: d2ac867b433a83759955b4a6ac5f07d246c84f4b
SHA256: DD533A6FE3AFB2F76B8B77B04BD5321ABE687291A432F5571BABEB815C8F415B
File Size: 576.74 KB, 576744 bytes
MD5: 57bc2dd19baee207df442c0005c64e51
SHA1: ee3c200e01af58b09aa7bed6ac8f920bce7a292c
SHA256: 3A5FBCEC9B2E550A9EC3A33B5BB71BE236F7B790AB1EE759247BDCD678FA017D
File Size: 311.81 KB, 311808 bytes
MD5: eb730afad07fe2781b631cef31dc0bb5
SHA1: 3369b4c2ec5caa4b2c80bacc2e620fd18ca90c19
SHA256: 1C09D9EE991BE23C38CDAF0443447F305746FF0085E7A1E6F1271EBDAD81E086
File Size: 815.94 KB, 815936 bytes
MD5: 1ff90076d157eb300a1b199c03412fd3
SHA1: fc5821854aaa3d6dd6a250ae3e46087c2ef2ab95
SHA256: AAA43F5D37C47CC71FB0885416AF8F6C38B07759515A1F1608FA093716DCEA1A
File Size: 750.32 KB, 750320 bytes
MD5: 53c9e09e48d93a7aff596db4ec5813d4
SHA1: e94e8facdd3706164e0337fe887101a31ee5d8f6
SHA256: 99BD722BFC9DB08963CC90F7869E6740C82FECD87E37D8DAFEF337328E382BFE
File Size: 755.45 KB, 755448 bytes
MD5: 078ae99248383d836f51151edaa0a77d
SHA1: 0d05570b46c5a1a5cf7410f5acbb8aa53d70e04f
SHA256: 2283C27E01C7012568084B906125899FEFBCB6697108F7F2B907F0063FB200DA
File Size: 566.60 KB, 566600 bytes
MD5: 3370e65a6fa39aef962a757da38abed2
SHA1: 5dc7fe955bc4b0fce40211e96899073d32d0ff82
SHA256: 1A655AD30836FECF4EE800AF9310534B4DD40955FEE1338C558E09FB4342C79F
File Size: 755.50 KB, 755504 bytes
MD5: df45e1f260c0ab3c6342a06925ff59d6
SHA1: 6a18de4b289fda2c8edb307b0f4a0f815ded898b
SHA256: 48FEF23B7504E752BF3FD48504C6E34B9B8EC1E3E200DC1EC5312A5C7459A021
File Size: 755.51 KB, 755512 bytes
MD5: 0c42f01ca32b453a50c2732ffd4c462c
SHA1: 505041e56498acac1903af2b5e2cd346f97037a1
SHA256: 925F27593EFFFD5204AE49255FB89B6FE6E8AD10DEC8EF596170DECC2959F3CC
File Size: 750.34 KB, 750336 bytes
MD5: e500ac936d616bbb26fbc702545be88b
SHA1: d6243d9c3db2f411cb6a05fe35deec8b3e56e644
SHA256: AA46DE7212171978A35CF29F567EFFFB4A5473DA8FD976FBF4AE2CF0EBC10186
File Size: 755.52 KB, 755520 bytes
MD5: b6f0c1e9736ef72b490afe2f7bbe84ae
SHA1: 76cd3833ac6ba2881d55cfe2671d47e92609cd27
SHA256: 78AD9564C523FB31DD70EB521F3D772DDCC563CC9F5B1B3F9E32354E2DCF7BC5
File Size: 811.84 KB, 811840 bytes
MD5: f8dd5245bdce1ea4386b3c48e420f1bf
SHA1: 5bf748339614f427b6f32cc3d7c1599f70595098
SHA256: DF3728E2CA8BDF20BD96E2D5056A06B62D8401E1B5F11F77A07BC924E0A37554
File Size: 755.46 KB, 755456 bytes
MD5: 1aaa1b71114fc56f557899fe9c288b6b
SHA1: fa284917696e8d3a840e24876e1a692c4d779a1b
SHA256: FAAB4300F6E1BF170ED95177F7B4EABB2FD5952A55C764DF0AFFD3AA8571C1B0
File Size: 755.51 KB, 755512 bytes
MD5: 1775f0a77318417b1e84f9a448085343
SHA1: 5903c4d1f8c0a26b09056923040a576d180a5c23
SHA256: 4488F848CFE4EB8A9FC3D27EC4808CF975E2954980DED46654FBF8DAD96CC5F7
File Size: 750.33 KB, 750328 bytes
MD5: 5f42237caee5d40b7a5f35846541dc8a
SHA1: 69528d143c61b25c833c1cb4f3bdd31a906e2308
SHA256: 0BFCF51F2AB8CF3B8B90F38EE9CDFCE05CAD5A146390CA1A9518C71796E6EAD9
File Size: 755.44 KB, 755440 bytes
MD5: 0a91a7ccd54756820a5ae4538ef61b58
SHA1: 1998332b435d596596c7e98101e37e815f36557e
SHA256: 9D5E0129E9EE6573E238EE2090F781139FEF11EBD553AF32987333139F4C9899
File Size: 811.84 KB, 811840 bytes
MD5: eb84b62e09f747f9e1ef6ef1aba7a4d6
SHA1: 178514c9f737070d91eb34c03fe74babcf6bc734
SHA256: BA27E48BF308C0B12B50449C82E8B877F1F5B3B1ABA75C0FC7890A813BB130FE
File Size: 755.46 KB, 755456 bytes
MD5: 87ac0320b79bfa1e5a00a814a81d571c
SHA1: cfac351b5b12a6503ebc23567c83754d7757942c
SHA256: F7F9CD2D42D5AC73BE56D456001B5C778B2555D4629BFA623B4C2DA75AAF08AF
File Size: 755.46 KB, 755456 bytes
MD5: 1e5da19f1c3084af7cf83034cec2542c
SHA1: af8c85dfe2c806e540ae5fe8630091c4d3b1b30d
SHA256: C643ADFC073CD66011AA63E56973152E8BEE653C3991D533A5210EE4FE2018B3
File Size: 811.84 KB, 811840 bytes
MD5: f44005b4c70ad5c8e6ff81c879bb03ac
SHA1: a30a92626bb729b81ee408bbf0f9c96d5494d163
SHA256: FAECB71CC74D326450B9C19A2716D4F1ABC38D60689A7848D65A49641253F4CB
File Size: 755.46 KB, 755456 bytes
MD5: a385266a248aa9e842c62716a39a9e46
SHA1: 07724318ac3c893e4e5dcffd77f2c8231395de6e
SHA256: E4806B2132F6DE835C4D21007196D619DA23FC975DC50858020BABDB87B75BB0
File Size: 811.84 KB, 811840 bytes
MD5: 8a19dbfc9cf462e8b53380fa509e38d5
SHA1: a1887421fe11ed63c1b3bb3b05425ff2aa52d8e0
SHA256: 7E0E47B0F6C7533D98FC329F8672C822D317A0BFCBA0AEE884EDC8414F2E600E
File Size: 566.58 KB, 566584 bytes
MD5: f674f65bd9a1d259c27b11c22779e0a2
SHA1: 15797f157283242ec16c293a37d8e714541438d3
SHA256: 13F13CCEA966F2D8D3BEF918E38EA7C27C6DE81434176AC65B34C0E40743C1C4
File Size: 755.46 KB, 755456 bytes
MD5: a02438a9e0f97fb6235ef0c0bc5f4efd
SHA1: 633fd90c276a5888b857090d7ef1425de9ded852
SHA256: BBC07E9DFECF16E5803969ACCEEF8B54191C3B506E3CA9D687053143A001A1D0
File Size: 755.46 KB, 755456 bytes
MD5: c8da064fc7b9892041c889d972285f75
SHA1: 3fdbb3c99a189c2a047eb2429aeb54f941f7fbef
SHA256: ABDDAA32AC2AEA0B21D180AA2E090DBADDFEF57AC7C45062C80D72BBFDADAFA1
File Size: 811.82 KB, 811824 bytes
MD5: b3374dca77a19a1b89d3c21d16fcb80f
SHA1: fae78932a512895e196212cf9c90c28791b2a080
SHA256: 889298961D98BA975DE8F4F36F7B06170F45006CFFEB22FF847F31B0BD3C0479
File Size: 555.03 KB, 555032 bytes
MD5: aa9460da6cfd9506c589d8e0c627f9b6
SHA1: 61ae448092dec2e8e94906b703effe2f72dd61fe
SHA256: 43AD734776B43EAFF37AE9B7E2ED558FC5321CE194D4B2F01A10F4E73396FEA2
File Size: 576.76 KB, 576760 bytes
MD5: 07084ba49931074beae12d8737e4740b
SHA1: bfadd713f12cabfe2abf441029e4ce7e55fe2bef
SHA256: 7CEB9F0D67EA0B840546D479ADDFCF0CEB63A2FFC018B2199BA4B6D42CFB2BCD
File Size: 815.94 KB, 815936 bytes
MD5: d26b2a281cf64a0de4eedd00bf496daa
SHA1: 64d6adc6a31d1f0b92b0705e493d5c31907323f7
SHA256: 7FE15B8BC195FF4ABC8D2F5E5048722AF99A38FE9BBA47C7ECDB18045794592A
File Size: 755.45 KB, 755448 bytes
MD5: 56c14fec068ef0c370fed508658d8091
SHA1: 5501332175f750d2a1e60b91c43d9342618b283c
SHA256: 539A732138D2B8C37AB40A1104E437F4D6BE1BB76FF59B3836F94DE1FDAB65C6
File Size: 755.46 KB, 755456 bytes
MD5: fc4409e5cf9dec15475ed00d28d452f3
SHA1: c03c78f8f5125071dcf5ebd30ff207af6f9fb32c
SHA256: 40853BEF9C85D8A7F11BD824D02E46E23940244AC5CFB714860DC0BA0C153C2B
File Size: 755.53 KB, 755528 bytes
MD5: 445c79b58b51a9ec9bcb040d61a3a83e
SHA1: 11717f91debb858ad91af9a2c8de99fbf0574c8c
SHA256: A534F24E2264B36121E6A8F40040A2DCAC3630DA92D5F7416E8D1D301DF1763A
File Size: 749.82 KB, 749824 bytes
MD5: d918fab36804a2eb696dfd70623607ad
SHA1: f9e9a4fde069597887cd13cd9cab4a873cf50060
SHA256: 16B20BEE711368C448F8E3C8176121E446AC9A450D132423EE2AE8E9BDB0226D
File Size: 791.87 KB, 791867 bytes
MD5: e8c6aa1b3280c6ca2dcdab140fb2576a
SHA1: ee901ff7da069a796c0008a71bd711651388359f
SHA256: 15D7AEFFD8DD54713EB04EF1C6F959702B6EBE2BB404A72F3675321EAD153A56
File Size: 755.46 KB, 755456 bytes
MD5: 8976bbe44680a7e6742f20b6b49acd16
SHA1: 56ef80130c0a080325d4ad22c643efe200e010e5
SHA256: 62867F9852334DF3CD28FFB2129AB24CA2CBE5849D73A500E028A1C7A1CA7FEC
File Size: 755.53 KB, 755528 bytes
MD5: fe3682f28de9395de75a954402d5bf0f
SHA1: cbf5da788bfaeb76e35c3b4bfd04645be2daf365
SHA256: 818AC225822BC8407D3CBD3037EF45FD4E0C3EC2BA5632CF45D65009D2CDE445
File Size: 755.52 KB, 755520 bytes
MD5: 648e6b3554bd3093130ba8d504febf16
SHA1: 2d3a392f4cb44173e0cc27c288c6252d7fa3a1be
SHA256: 79E901403A82C379364C8D421A69585A50A5ED42234F936867B929C9328A24E4
File Size: 755.46 KB, 755456 bytes
MD5: c6d8e8717003d77276203be457a34bfe
SHA1: 4a9766b52b30e15dcd1eb636216502e2fa5cee33
SHA256: 7F55434FD119F535DBCFB324C62F3A286D580761F6D668FC0F39E9261B861079
File Size: 755.45 KB, 755448 bytes
MD5: 0b08d0d56dba61f740c5076b1a003d4a
SHA1: 5d71def60dce96f93b8f84d6845c6ee0f035ce19
SHA256: A92398C6124B8B40A1281FF9B20F7814F0CC9050B6C7A5225E646653EBCB348A
File Size: 1.57 MB, 1573888 bytes
MD5: bb8e9602148c265c5c5db2b39749540c
SHA1: 8949c4bd3826c9a67b712a8c15cda40fdd9bac96
SHA256: 9AC0B52EDCFDC8EA8A3BF79DD8740765D148480F2EFC3313CD8598C4831ACC95
File Size: 755.51 KB, 755512 bytes
MD5: 50949a49f8252161dc571190349bc54d
SHA1: 8e34d5b8877bff78cae93940e3e489b1bbb841c6
SHA256: AC9A6CE632895374C781DBE248934928EB438FEBEB96CBD6824D62D6A4916E9A
File Size: 755.46 KB, 755456 bytes
MD5: 180dc3562d68791c5407f078202431aa
SHA1: af813aa970ca5193c55fd481429d1c64d913e02a
SHA256: D4214E0CC27558D2D8707027DE934494CAE1C03F8A7F02F03A08679AB7C75D37
File Size: 750.34 KB, 750336 bytes
MD5: 4204d55eafd39a9af18bbb2fad2812e6
SHA1: 69d656c7c1ec2efceae2c3f3078cb778a691017d
SHA256: 9051B548A70710DD10EBAC527AFCA7683FE845B5D5C6422CF31255DFF032D3DE
File Size: 755.46 KB, 755456 bytes
MD5: eba76b13f40bfd2fae913a432cde9360
SHA1: cbadcbb33628ad43eda4e595ad4eb1628a25506b
SHA256: 9987014A154AD9ED90D38E4A122544440CFEF8D4CDC88C73B91D78F8FF627060
File Size: 755.46 KB, 755456 bytes
MD5: e7550907d2bf16a11427cd8a5b8c162e
SHA1: f5e211e52d1bbd5620307548a119c76f10eb2b44
SHA256: 8601A4E4FD21BD6E86D1A8C1F325F7548AF2DE1143710905A0B2BA1852A05592
File Size: 755.53 KB, 755528 bytes
MD5: 18b96dcfabce995e7b4a847923997587
SHA1: e900ff6c50a8056ff50229a38db9b8d14dc30814
SHA256: 4533E6CEAFE6D09A1593484246648D2263ADFFCAB7D48EB87AB1941E594409C8
File Size: 454.14 KB, 454144 bytes
MD5: fa023c42fd55d3ea2e929f9de0289d6d
SHA1: 1eca2410527042bcdac346352d7ddcf1e49d97b9
SHA256: 24577DB3DE006E1DC08996963216F4EC7914B23CADD29EBD39E3BE3776C9E3F4
File Size: 566.60 KB, 566600 bytes
MD5: 1d5a5ef29878b2bf28afe1cf02c180f8
SHA1: 7a9ad325c9589aec3afe8113f704a94f13559e44
SHA256: E9D9191934316AD0CD9492BDC5A9A2D2D9154A53906D0E1A3657F8CB7DD808E0
File Size: 755.46 KB, 755456 bytes
MD5: 8442caada1221448180a4c4c36ca6e02
SHA1: 9e484b8b505fcd8953d868888905ae80ace23af5
SHA256: F8BF10E0DB0D81C3C10E80B10833ACB026F443D986500074647B4E7FDC28B559
File Size: 755.46 KB, 755456 bytes
MD5: 79dadb91d4e1739bc343b1dfa3d23fb4
SHA1: 855add33954b0a100971c10984488b22a3c2cb99
SHA256: A193221EA4DB31DA5A16150898DAAB09D0E11A3BE819EEC044EC35C63CE94C53
File Size: 1.31 MB, 1307136 bytes
MD5: fa9188deeb1c79a274fa0cffb3672ca2
SHA1: 364633b00c4be021483595f9563a5c69a319bc0a
SHA256: 7CAD76CF8A1FB5B10CD7D2665D15CB8F762DF3819E885710B81992A9BB2C8972
File Size: 566.58 KB, 566576 bytes
MD5: 7d084b53f426e017c63ca873c4aea0d5
SHA1: 77c8466574d6d1c05bb51c9b2e653dc59732962d
SHA256: 4DEA4D99D201023C2C3A1F732CF6AC36BFBD14BEF7FB3CA86CA72FC1A78B9155
File Size: 755.46 KB, 755456 bytes
MD5: d5eda4d2339965f527a373a5c58ef0fe
SHA1: 7b136b27fe5d5a6aee6fe7ac378cab04f005fbcb
SHA256: 57E2D6C1B5A0E5AD0B019DFFCCAFA8532E0338E293E5061B98FB45548C428B13
File Size: 755.46 KB, 755456 bytes
MD5: f258c017c1ce8d79e158df499ff2da5b
SHA1: 6597f6a1d3e7c8283c74561adac51860378c6c36
SHA256: 282036DFD3D0A3F7678AD486212FFDDB6E7910373D65683614EE6F89FDD386FE
File Size: 755.52 KB, 755520 bytes
MD5: eb59afbb717eef09693a1095a8d409af
SHA1: 8d4798f1f0d6fffe0f185b57a9dea2d14526cfce
SHA256: F2440139B80006D829851C850674DB6BDA6FE8402E23009557948FC0FB97F3F0
File Size: 755.50 KB, 755504 bytes
MD5: 9d13731c4e03f24c2b3b81c4da8300b3
SHA1: b2b5253c1765df4e6d26cdfbe75e572b39845a6d
SHA256: 7C5EE97AE507EB20F70CDBA8584A85A697C29BF50DE57F8CEF0B1BF11CE56DDD
File Size: 755.52 KB, 755520 bytes
MD5: daeb01141642dfc950e37251626d7c74
SHA1: 5d16adfa67a00441880f149f4edf33d005f0f936
SHA256: 4EFDD949412FA43D1C2297756693B41664AAD6341B62613D7AB5B8DF65643E0F
File Size: 755.46 KB, 755456 bytes
MD5: 8cb401000c7f00c6964fcf4695d234df
SHA1: 1c23565cd87a9f33d330fa143b220153c808bf49
SHA256: A4BB90E9B6CE5CB15059852075D596852C26579F7D996DA6DEAD27524BF4C8F8
File Size: 811.83 KB, 811832 bytes
MD5: c73e35c317e67cd7e77d15477bbd9b33
SHA1: dfa5713920a9666b8a1bf922de72c117ad3b48c2
SHA256: 17A4E441236A3A8887A04801FE872637F7B3A29D324CE7BE425D34BDAD8ADD7B
File Size: 545.06 KB, 545056 bytes
MD5: 1c3db5f0244abaa599f2e771319c991e
SHA1: aadc7188d1230136dda4df47cd477d383c0c068a
SHA256: 8DBC2F905AD5048171F25BFBFCD71622F3DF27CFDACC5AF82DF1B2A67B283C24
File Size: 755.46 KB, 755456 bytes
MD5: 1d5fc610af00a96bc4f673ff11589fa4
SHA1: c1ca00c5d21a7b19f558d55dc501195afe775271
SHA256: 3A4C3AE4708CD400A10EDFA06EBFEFFED6D76B8BD8B297A9ECBB110B4D17DCA1
File Size: 750.34 KB, 750336 bytes
MD5: 11d4f904d37a62a10ca6f894790834d0
SHA1: ac31991a3834d01a438accd084fa521c64fb0ebe
SHA256: 6BCAD2D954460686FD219ACF947118D39DA9250504654FF77CF84D6302CF354F
File Size: 755.52 KB, 755520 bytes
MD5: 2da353ed96742b2e35bb802119b341b0
SHA1: 240c5e53d6827c5e9dfc32f53c547d9def50b8b7
SHA256: 0CF18F8BD8D5414F63EF5E9B5D6E0CB56ADCA4D4FB1B451115A90FB1702F9E03
File Size: 755.45 KB, 755448 bytes
MD5: 0fed3d2bc6c595f088a4b748dfc1264e
SHA1: 67b992e90c02e86510cfaa35cbeae04b633f50c3
SHA256: 3234BA277370235EE328E27E5624BC459654BB5A30442B52064580829839D333
File Size: 815.94 KB, 815936 bytes
MD5: 209f3fd1532cf7e4344cc02c5bb616c0
SHA1: 78ca0d0f2bf0170499753496892657abed6bdeb3
SHA256: 1AE09882C32D421D5738DF8F4A5F9DAA62830DE7303160B12D27961426C4A9BC
File Size: 755.46 KB, 755456 bytes
MD5: 2cf3c6d199fc03359c23541ed3d6b38e
SHA1: f030dc1bb6205ed59ab3ca3dd1a5d40a7fd4d5d0
SHA256: 95E11187B073564CDDE9199A3AA58EA35EB49ADB6E0532F49C0C0D8E1BB91165
File Size: 755.45 KB, 755448 bytes
MD5: f0973ccb5d7cdd063ec1cd5592e08adc
SHA1: 0d84e92c5339904cf858f9b44ba71c4a5a0cc6ec
SHA256: 006BA89D2625EB7B7CCB743E3686EC94D4E2B2EE5C680CF47E7426E3FF1CABD0
File Size: 755.45 KB, 755448 bytes
MD5: 271af0a34a5fd001b25b396dbc1b86d6
SHA1: 44dd12fd111e3f4cff13ac44660c1f3da1a2bd20
SHA256: 2C00CB6A996D751485D0F4C53ED440911B952D2E857D992D753ADC1F38C86C0A
File Size: 755.45 KB, 755448 bytes
MD5: 7442f3af60e4d5ddde875792632220a1
SHA1: 17cce6b09eca760633aaad8301ac160bc51f9159
SHA256: DCDD713DB6085D107AE399BE5EA900FFFDA834859FB5E496E49EEC5D51A6491C
File Size: 755.53 KB, 755528 bytes
MD5: 9b31e54314046cbf055aa3c5fc077f3f
SHA1: 12d1b8c796ecb5a1dde2ca00bb63ce8be11dba6f
SHA256: 1F439B56A45D50289F71FB5C60A2A4B4788B4EAEEB24EDFA40E0781628D9D14D
File Size: 755.46 KB, 755456 bytes
MD5: 24ac78d6ce5b01462106ae170e58355f
SHA1: ebe07f6b4411edf204e66ed7bdcb52d2bfae4a22
SHA256: D8FFB6DF6BA0248B7D424D45D21F327582F5A9189ECD4C4A6A3A6CF0E039327F
File Size: 1.57 MB, 1573888 bytes
MD5: db500ab01515b317fd1eeb60dc1abc87
SHA1: 0982636e8270214cb1719716dc0c2257b7595da1
SHA256: D489C808D3D5BF8067AFE340C5BABFA111F37FA0C60299120BCC21D1A2A44338
File Size: 815.94 KB, 815936 bytes
MD5: e5809a4aef041694b280d7dd8319e027
SHA1: 30c3fd0a1e1235fcc86f0160ddf184025ff80662
SHA256: ED901A8413DE7288F21A1472177C340D17F72DEF4669F1FB6CD5C14B5D1288AE
File Size: 755.52 KB, 755520 bytes
MD5: 8588c1b1f246fdc1aaa7d0bf594e0c65
SHA1: 81cf6d4d5fb86d233629387c278c37c42bcb12ca
SHA256: DBA949907352DD24B940421CBAE16AEC84DEA89AF48966F98B8C91751C5C64A6
File Size: 755.46 KB, 755456 bytes
MD5: 7d092f2c3e122b3955e9c4bcbd3940ac
SHA1: 1e9ab5c4aa87d0b9874023ac951f8539df8491fa
SHA256: 20B4ECBD2652F5DB5876EA742AAF55E7D1920B388D233FA0A7B74EB4BC0E59E4
File Size: 578.46 KB, 578456 bytes
MD5: ccbc380d1004ffa065856efc3937a250
SHA1: 090059c63caecb9c16acd5d772005a1dc0656c8e
SHA256: FC318ADCB09826B21D033FE17A8AB2782B80CB219C06F54EA04B6BFB13A6A542
File Size: 755.53 KB, 755528 bytes
MD5: 8a72abe4e1f66d8b426e816ee3692753
SHA1: fb6ed1f8a3327ffcc35000fd798db250354eb0d3
SHA256: 7EA8808505629BF9B3F56E4ED1251E63D8FE05257D9842F4F0785F0BFB51ECC0
File Size: 579.97 KB, 579968 bytes
MD5: d25463710d835322ae8b92d951b9b6cc
SHA1: 23b273df363cf7826a8f02160a5e44911d71568c
SHA256: 672399FDEC29B64117FB48A75B2F7CEDAE1364690C8B5A0638B0EF999FD03982
File Size: 791.92 KB, 791922 bytes
MD5: 07ee73a5b3c78a62e7a6d80ac942c081
SHA1: e882966b2c85706ab95dc1f5f22fc130f2912f6c
SHA256: A006CE456CEC8E2F23590CDC3195654E28EEEE2024B923D0F485B390FBBFAED0
File Size: 1.52 MB, 1517568 bytes
MD5: 9aa9bdcf45aaad6173a09394a2a6903a
SHA1: ac23357c759076e04907e952b65db36f2c194851
SHA256: 8983030E3DD3F0A669D2D958A09C1BBD130DE9CE0C7670395CAE98A8C7F86DE5
File Size: 755.46 KB, 755456 bytes
MD5: 0dc1e6d2077c1b7a4ef16e1fd9b8bdb7
SHA1: ebe84c33939f9234168980ddbe737231aea800ed
SHA256: 71508181AE642CC636B1078FB2869F8808DC6A5D4264A3EB0499BD5E1F8E315A
File Size: 750.34 KB, 750336 bytes
MD5: 4a7545d5a40d2052eda4d04bfccad0c8
SHA1: bbd297df631a084875199d60b6d1ce23cd7b05a8
SHA256: 4FE12E9546D299DBF81120B34A9277A50E4A9B412F9D4E151FA96E8107FCCCBE
File Size: 791.98 KB, 791983 bytes
MD5: d96e32ea6bbec6ec0468d703c76a4163
SHA1: 2886c1ffd1f2ccba95b25b1c6777a6ec15d99b08
SHA256: F51140A7F3AB598F762698553FF18941AACDA7F75C8A608CB2D627A1C6B8E199
File Size: 576.71 KB, 576712 bytes
MD5: 463ada87a3fb5798a10b06dc928fa8b3
SHA1: 718efa9a9ae7ab4d6a881f9b9e0283adc4ea39da
SHA256: 03FF45741FB2B9E5229D170766F91B5A44A05086B0BB351AD1561FDBCC232872
File Size: 467.15 KB, 467152 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has TLS information
  • File is .NET application
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
Show More
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Assembly Version
  • 14.901.1.6297
  • 14.900.0.62322
  • 13.905.8.57580
  • 13.905.6.54284
  • 13.905.3.41964
  • 13.905.1.41404
  • 12.1.4.1003
  • 8.9.0.389
  • 8.9.0.371
  • 4.2.1840.3460
Show More
  • 4.0.1769.3321
Comments Web Companion protects you against malicious websites and dangerous links found online
Company Name
  • Lavasoft
  • Microsoft
File Description
  • Web Companion
  • Web Companion Installer
File Version
  • 14.901.1.6297
  • 14.900.0.62322
  • 13.905.8.57580
  • 13.905.6.54284
  • 13.905.3.41964
  • 13.905.1.41404
  • 12.901.4.1003
  • 12.1.4.1003
  • 11.908.5.907
  • 11.907.0.802
Show More
  • 11.904.0.689
  • 10.901.2.519
  • 8.908.0.351
  • 8.9.0.389
  • 8.9.0.371
  • 8.7.1.343
  • 4.2.1840.3460
  • 4.0.1769.3321
  • 1.00
Internal Name
  • Installer.exe
  • TJprojMain
  • WebCompanion.exe
  • Win
Legal Copyright
  • c Lavasoft Limited. All Rights Reserved.
  • © Lavasoft Limited. All Rights Reserved.
Legal Trademarks (R) Lavasoft
Original Filename
  • Installer.exe
  • TJprojMain.exe
  • WebCompanion.exe
  • Win.exe
Product Name
  • Project1
  • Web Companion
  • Web Companion Installer
  • Win
Product Version
  • 14.901.1.6297
  • 14.900.0.62322
  • 13.905.8.57580
  • 13.905.6.54284
  • 13.905.3.41964
  • 13.905.1.41404
  • 12.901.4.1003
  • 12.1.4.1003
  • 11.908.5.907
  • 11.907.0.802
Show More
  • 11.904.0.689
  • 10.901.2.519
  • 8.908.0.351
  • 8.9.0.389
  • 8.9.0.371
  • 8.7.1.343
  • 4.2.1840.3460
  • 4.0.1769.3321
  • 1.00

Digital Signatures

Signer Root Status
Lavasoft Software Canada Inc. Entrust Root Certification Authority - G2 Root Not Trusted

File Traits

  • .NET
  • dll
  • HighEntropy
  • msil.krypt
  • x86

Block Information

Total Blocks: 852
Potentially Malicious Blocks: 321
Whitelisted Blocks: 530
Unknown Blocks: 1

Visual Map

x x x x 0 x x x x x x x x x x 0 x x x x x 0 0 0 x 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 0 0 x x x x 0 0 x 0 0 x 0 x 0 x x x 0 x x x x x x x x x x 0 0 0 0 0 0 0 0 x 0 x x 0 x 0 x x 0 x x x x x x x 0 0 x x x x x x x x x x x x x x x x x x x x 0 x x x 0 x x 0 x x 0 0 0 0 0 0 0 0 0 0 x x x x 0 0 x x x x 0 0 x x x 0 0 0 0 0 0 x x x 0 x x x 0 0 x 0 0 0 x x x 0 x 0 x 0 x x x x x x x 0 x x x x x x x 0 0 0 0 x 0 0 0 0 x x 0 0 0 x 0 0 0 0 x x 0 0 0 x x x x 0 0 x x x x x x x x x x 0 x x x x x x x x x x x 0 x 0 x 0 0 x 0 0 x x x 0 0 0 0 0 0 0 0 0 0 x x x x 0 0 x x x x x x x 0 0 x 0 0 0 ? 0 0 0 x 0 0 0 x 0 x x 0 x x x x x 0 0 x x 0 x 0 0 0 x 0 0 0 x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 x x 0 0 0 0 x 0 0 0 0 x 0 0 0 0 x 0 0 x 0 0 x 0 0 0 x 0 x 0 x 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x 0 x x 0 x 0 0 x 0 0 x 0 0 x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 x x 0 0 0 x 0 0 0 x x 0 0 0 0 0 0 0 0 x x x x 0 x x x x 0 x x x x 0 x x x 0 x 0 0 0 x x x x x x x 0 0 0 0 0 0 x x x x 0 0 0 0 0 0 0 0 x x x x 0 x 0 x x x x x 0 x x 0 0 0 0 x x 0 0 0 0 0 x 0 x 0 x 0 0 0 x 0 0 x x x x x x 0 x x x x 0 x x x x x x x 0 0 0 0 x x x x 0 0 0 0 0 0 0 x 0 0 0 x x x x x x x 0 0 0 0 x 0 x x x x x 0 0 x x 0 x x x x x x x x 0 0 0 x x x 0 0 x 0 0 x 0 x 0 0 0 0 0 0 0 x 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • MSIL.Bundler.CBA

Files Modified

File Attributes
\device\namedpipe Generic Read,Write Attributes
\device\namedpipe Generic Write,Read Attributes
c:\programdata\lavasoft\web companion\options\statistics.txt Generic Write,Read Attributes
c:\programdata\synaptics Synchronize,Write Attributes
c:\programdata\synaptics\rcxa21b.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\rcxc410.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\synaptics\synaptics.exe Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\programdata\synaptics\synaptics.exe Synchronize,Write Attributes
c:\programdata\synaptics\synaptics.exe Synchronize,Write Data
c:\users\user\appdata\local\temp\7zs00b27e69\de-de Generic Write,Read Attributes
Show More
c:\users\user\appdata\local\temp\7zs00b27e69\de-de Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\de-de\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\de-de\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\en-us Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\en-us Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\en-us\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\en-us\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\es-es Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\es-es Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\es-es\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\es-es\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\fr-ca Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\fr-ca Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\fr-ca\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\fr-ca\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\icsharpcode.sharpziplib.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\icsharpcode.sharpziplib.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\it-it Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\it-it Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\it-it\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\it-it\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\ja-jp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\ja-jp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\ja-jp\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\ja-jp\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\newtonsoft.json.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\newtonsoft.json.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\pt-br Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\pt-br Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\pt-br\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\pt-br\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\ru-ru Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\ru-ru Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\ru-ru\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\ru-ru\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\tr-tr Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\tr-tr Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\tr-tr\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\tr-tr\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\webcompanioninstaller.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\webcompanioninstaller.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\webcompanioninstaller.exe.config Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\webcompanioninstaller.exe.config Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\zh-chs Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\zh-chs Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\zh-chs\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs00b27e69\zh-chs\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\de-de Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\de-de Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\de-de\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\de-de\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\en-us Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\en-us Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\en-us\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\en-us\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\es-es Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\es-es Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\es-es\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\es-es\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\fr-ca Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\fr-ca Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\fr-ca\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\fr-ca\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\icsharpcode.sharpziplib.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\icsharpcode.sharpziplib.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\it-it Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\it-it Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\it-it\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\it-it\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\ja-jp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\ja-jp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\ja-jp\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\ja-jp\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\newtonsoft.json.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\newtonsoft.json.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\pt-br Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\pt-br Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\pt-br\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\pt-br\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\ru-ru Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\ru-ru Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\ru-ru\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\ru-ru\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\tr-tr Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\tr-tr Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\tr-tr\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\tr-tr\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\webcompanioninstaller.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\webcompanioninstaller.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\webcompanioninstaller.exe.config Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\webcompanioninstaller.exe.config Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\zh-chs Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\zh-chs Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs02a78125\zh-chs\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs02a78125\zh-chs\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\de-de Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\de-de Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\de-de\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\de-de\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\en-us Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\en-us Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\en-us\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\en-us\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\es-es Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\es-es Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\es-es\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\es-es\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\fr-ca Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\fr-ca Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\fr-ca\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\fr-ca\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\icsharpcode.sharpziplib.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\icsharpcode.sharpziplib.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\it-it Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\it-it Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\it-it\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\it-it\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\ja-jp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\ja-jp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\ja-jp\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\ja-jp\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\newtonsoft.json.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\newtonsoft.json.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\pt-br Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\pt-br Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\pt-br\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\pt-br\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\ru-ru Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\ru-ru Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\ru-ru\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\ru-ru\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\tr-tr Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\tr-tr Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\tr-tr\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\tr-tr\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\webcompanioninstaller.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\webcompanioninstaller.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\webcompanioninstaller.exe.config Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\webcompanioninstaller.exe.config Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\zh-chs Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\zh-chs Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\zh-chs\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0bc98dcb\zh-chs\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\de-de Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\de-de Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\de-de\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\de-de\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\en-us Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\en-us Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\en-us\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\en-us\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\es-es Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\es-es Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\es-es\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\es-es\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\fr-ca Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\fr-ca Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\fr-ca\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\fr-ca\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\icsharpcode.sharpziplib.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\icsharpcode.sharpziplib.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\it-it Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\it-it Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\it-it\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\it-it\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\ja-jp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\ja-jp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\ja-jp\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\ja-jp\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\newtonsoft.json.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\newtonsoft.json.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\pt-br Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\pt-br Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\pt-br\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\pt-br\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\ru-ru Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\ru-ru Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\ru-ru\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\ru-ru\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\tr-tr Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\tr-tr Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\tr-tr\webcompanioninstaller.resources.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\tr-tr\webcompanioninstaller.resources.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\webcompanioninstaller.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\webcompanioninstaller.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\webcompanioninstaller.exe.config Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\webcompanioninstaller.exe.config Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\zh-chs Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\zh-chs Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zs0ca644b3\zh-chs\webcompanioninstaller.resources.dll Generic Write,Read Attributes

694 additional files are not displayed above.

Registry Modifications

Key::Value Data API Name
HKLM\software\microsoft\systemcertificates\authroot\certificates\ddfb16cd4931c973a2037d3fc83a4d7d775d05e4::blob RegNtPreCreateKey
HKLM\software\microsoft\systemcertificates\authroot\certificates\0563b8630d62d75abbc8ab1e4bdfb5a899b24d43::blob 캇笋สI壡魱꠷犓쩭큛켍༜瀲퍙뉴ꚜ엣ꘊS@㸰ἰआ虠ňﶆɬ、〒ؐ⬊ĆĄ㞂ļ́ダ؛朅ಁ́ሰူਆثЁ舁㰷āȃ쀀 4㈰ࠆثԁ܅ȃࠆثԁ܅̃ࠆثԁ܅Ѓࠆثԁ܅ăࠆثԁ܅ࠃb 逾떙币䢏lᆝ﨡㖺襚槟Ṗ옽尲 RegNtPreCreateKey
HKLM\software\microsoft\systemcertificates\authroot\certificates\0563b8630d62d75abbc8ab1e4bdfb5a899b24d43::blob RegNtPreCreateKey
HKLM\software\microsoft\systemcertificates\authroot\certificates\8cf427fd790c3ad166068de81e57efbb932272d4::blob RegNtPreCreateKey
HKLM\software\microsoft\systemcertificates\authroot\certificates\8cf427fd790c3ad166068de81e57efbb932272d4::blob RegNtPreCreateKey
HKLM\software\microsoft\systemcertificates\authroot\certificates\ddfb16cd4931c973a2037d3fc83a4d7d775d05e4::blob RegNtPreCreateKey
HKLM\software\microsoft\systemcertificates\authroot\certificates\ddfb16cd4931c973a2037d3fc83a4d7d775d05e4::blob RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing::enableconsoletracing RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::enablefiletracing RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::enableautofiletracing RegNtPreCreateKey
Show More
HKLM\software\wow6432node\microsoft\tracing\rasapi32::enableconsoletracing RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::filetracingmask ￿ RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::consoletracingmask ￿ RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::maxfilesize  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::filedirectory %windir%\tracing RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasmancs::enablefiletracing RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasmancs::enableautofiletracing RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasmancs::enableconsoletracing RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasmancs::filetracingmask ￿ RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasmancs::consoletracingmask ￿ RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasmancs::maxfilesize  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasmancs::filedirectory %windir%\tracing RegNtPreCreateKey
HKLM\software\wow6432node\lavasoft\web companion::machineid 268ddfeb-393b-01ab-2937-4e66db5d0964 RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe 鍑ꘇ暖ǜ RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe ᗭⰹ汻ǜ RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe 쓭㌨渖ǜ RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe 䜄濶ǜ RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe 鞣닿瀭ǜ RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe ܗ䦝畯ǜ RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\run::synaptics pointing device driver C:\ProgramData\Synaptics\Synaptics.exe RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475 鲫ȁ ਪˣ鈯ˣ遙̃豤̃অˣ炑̃龡^濖̃賬̃獖}偫~엦1਷ˣ邯̃뫯ʃeꙥž¶iꙥžr֢vꙥž RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475 RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe ꌿ矍銫ǜ RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe ﮹㾛늾ǜ RegNtPreCreateKey

Windows API Usage

Category API
Process Shell Execute
  • CreateProcess
  • ShellExecuteEx
  • WriteConsole
Encryption Used
  • BCryptOpenAlgorithmProvider
  • CryptAcquireContext
User Data Access
  • GetComputerName
  • GetComputerNameEx
  • GetUserDefaultLocaleName
  • GetUserObjectInformation
Anti Debug
  • IsDebuggerPresent
  • NtQuerySystemInformation
  • OutputDebugString
Other Suspicious
  • AdjustTokenPrivileges
  • SetWindowsHookEx
Process Manipulation Evasion
  • NtUnmapViewOfSection
Network Winsock2
  • WSAConnect
  • WSASocket
  • WSAStartup
  • WSAttemptAutodialName
Network Winsock
  • bind
  • closesocket
  • freeaddrinfo
  • getaddrinfo
  • gethostbyname
  • getsockname
  • recv
  • send
  • setsockopt
  • socket
Network Winhttp
  • WinHttpOpen
Network Info Queried
  • GetAdaptersAddresses
  • GetNetworkParams
Syscall Use
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClearEvent
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
Show More
  • ntdll.dll!NtCreateSemaphore
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtEnumerateValueKey
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWorkerFactoryWorkerReady
  • ntdll.dll!NtWriteFile
  • UNKNOWN
Service Control
  • OpenSCManager
Network Wininet
  • InternetOpen
  • InternetOpenUrl
  • InternetReadFile

Shell Command Execution

.\WebCompanionInstaller.exe --savename=Setup.exe --partner=IN231001 --nonadmin --direct --tych --campaign=19897137492 --version=10.901.2.519
C:\WINDOWS\system32\fondue.exe "C:\WINDOWS\system32\fondue.exe" /enable-feature:NetFx3 /caller-name:mscoreei.dll
.\WebCompanion-Installer.exe --savename=Setup_WebCompanion.exe --partner=IN230403 --nonadmin --direct --tych --campaign=19954005342 --version=11.907.0.802
.\WebCompanionInstaller.exe --savename=Setup_WebCompanion.exe --partner=IN230401 --nonadmin --direct --campaign=16075236377 --version=10.901.2.519
.\WebCompanionInstaller.exe --savename=Setup_WebCompanion.exe --partner=IN230401 --nonadmin --direct --tyff --campaign=20290905988 --version=10.901.2.519
Show More
.\WebCompanionInstaller.exe --prod
.\WebCompanion-Installer.exe --savename=Setup.exe --partner=IN231001 --nonadmin --direct --tyed --campaign=19904337827 --version=12.901.4.1003
.\WebCompanionInstaller.exe --savename=Setup.exe --partner=IN220101 --nonadmin --direct --tyff --campaign=20286318653 --version=10.901.2.519
.\WebCompanionInstaller.exe --savename=WcInstaller.exe --partner=IN220101 --nonadmin --direct --tych --campaign=20307634210 --version=11.904.0.689
"C:\Users\Wvmfrpfm\AppData\Local\Temp\WC.bat"
C:\WINDOWS\system32\tasklist.exe tasklist /FI "PID eq 8496" /fo csv
C:\WINDOWS\system32\find.exe find /I "8496"
C:\WINDOWS\system32\timeout.exe timeout 5
WriteConsole: Waiting for 5
WriteConsole: seconds, press
.\WebCompanionInstaller.exe --savename=Setup_WebCompanion.exe --partner=IN230402 --nonadmin --direct --tych --campaign=18022583703 --version=10.901.2.519
"C:\Users\Czlridxy\AppData\Local\Temp\WC.bat"
C:\WINDOWS\system32\tasklist.exe tasklist /FI "PID eq 6136" /fo csv
C:\WINDOWS\system32\find.exe find /I "6136"
"C:\Users\Emgcvmbk\AppData\Local\Temp\WC.bat"
C:\WINDOWS\system32\tasklist.exe tasklist /FI "PID eq 9060" /fo csv
C:\WINDOWS\system32\find.exe find /I "9060"
WriteConsole: 0834
WriteConsole: 0833
"C:\Users\Arkwqmke\AppData\Local\Temp\WC.bat"
C:\WINDOWS\system32\tasklist.exe tasklist /FI "PID eq 3304" /fo csv
C:\WINDOWS\system32\find.exe find /I "3304"
.\WebCompanionInstaller.exe --savename=Setup.exe --partner=IN230901 --nonadmin --direct --tych --campaign=17923320442 --version=10.901.2.519
"C:\Users\Wdvcxcnw\AppData\Local\Temp\WC.bat"
C:\WINDOWS\system32\tasklist.exe tasklist /FI "PID eq 4164" /fo csv
C:\WINDOWS\system32\find.exe find /I "4164"
.\WebCompanionInstaller.exe --savename=Setup_WebCompanion.exe --partner=IN220101 --nonadmin --direct --tyed --campaign=19746138190 --version=11.904.0.689
"C:\Users\Koqusvug\AppData\Local\Temp\WC.bat"
C:\WINDOWS\system32\tasklist.exe tasklist /FI "PID eq 4648" /fo csv
C:\WINDOWS\system32\find.exe find /I "4648"
runas c:\users\user\downloads\._cache_5d71def60dce96f93b8f84d6845c6ee0f035ce19_0001573888
runas C:\ProgramData\Synaptics\Synaptics.exe InjUpdate
.\WebCompanionInstaller.exe --savename=Setup_WebCompanion.exe --partner=IN220101 --nonadmin --direct --tych --campaign=19733658126 --version=10.901.2.519
runas c:\users\user\downloads\._cache_855add33954b0a100971c10984488b22a3c2cb99_0001307136
.\WebCompanionInstaller.exe --savename=Setup.exe --partner=IN220101 --nonadmin --direct --campaign=19746138190 --version=10.901.2.519
"C:\Users\Zhuquxrq\AppData\Local\Temp\WC.bat"
C:\WINDOWS\system32\tasklist.exe tasklist /FI "PID eq 5808" /fo csv
C:\WINDOWS\system32\find.exe find /I "5808"
.\WebCompanion-Installer.exe --savename=Setup.exe --partner=IN230901 --nonadmin --direct --campaign=20541619131 --version=12.901.4.1003
"C:\Users\Hzxznevn\AppData\Local\Temp\WC.bat"
C:\WINDOWS\system32\tasklist.exe tasklist /FI "PID eq 5820" /fo csv
.\WebCompanion-Installer.exe --savename=Setup.exe --partner=IN230403 --nonadmin --direct --tyff --campaign=20286318653 --version=11.907.0.802
.\WebCompanion-Installer.exe --savename=Setup.exe --partner=IN220101 --nonadmin --direct --tych --campaign=21007111631 --version=11.908.5.907
.\WebCompanionInstaller.exe --partner=IN220101 --nonadmin --direct --tych --campaign=20303113172 --version=11.904.0.689

Trending

Most Viewed

Loading...