Trojan.ClipBanker.GC

By CagedTech in Trojans

Threat Scorecard

Popularity Rank:	3,855
Threat Level:	80 % (High)
Infected Computers:	505

First Seen:	April 14, 2012
Last Seen:	April 23, 2026
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Trojan.ClipBanker.GC
Signature status:	Hash Mismatch

Known Samples

MD5: c229de058c651ef5d44bed114d67ed0e

SHA1: 3d71f482bac3c609b8ff2bdfa69142d91c85fd8c

File Size: 203.14 KB, 203143 bytes

MD5: bbf54b545020061815660aa6b3c1691c

SHA1: a81c032b44dcc01a36c1813895bbbdce2bd592d4

File Size: 202.41 KB, 202407 bytes

MD5: 08fa198304360b9321b8b62123fb784f

SHA1: 381ac062d5d68325a6ab25f863e3c1d1b91fe251

File Size: 251.27 KB, 251271 bytes

MD5: c9ea7fcb3a8fe27553a1fdab9be8ba17

SHA1: b4ef281adcbff2e9b482b481c551a88939aec24e

File Size: 159.37 KB, 159367 bytes

MD5: 58c5df7dbf095b51bc8895a9fa658660

SHA1: 6965012dd90db364a0f5efe34a6e575f0b8b60bd

File Size: 215.27 KB, 215271 bytes

MD5: 35b8ea306b5ea99579862f7c0cd1c5fa

SHA1: 5d682095d04e568a07baea4f2d37ddfeb7ec315f

File Size: 215.90 KB, 215895 bytes

MD5: 8bed8613d250caf08e61d986b8f4d0df

SHA1: 447c11ea204e8f6b6bfa91190afab8e742e712b4

File Size: 151.06 KB, 151055 bytes

MD5: 348de978ea75d31db2ddd45a1a7f58fd

SHA1: 506f96d3c47ae414eea9151c417ddde8ba09ad08

File Size: 143.47 KB, 143471 bytes

MD5: 5ac183fbfedd9d02cd0e49c61a29dccc

SHA1: ae18cae2f981c3637d4ac0f9a8eccc8d8b3f5b69

File Size: 240.36 KB, 240359 bytes

MD5: 92cc23db989bf8aff3c39412e9e4a7ed

SHA1: 1a02c21e36a87d9fa68659286cf54696454ca18b

File Size: 183.10 KB, 183103 bytes

MD5: 62846cbac74d478a937dc7a518e4aa5b

SHA1: f7e3b96826755ad62dc1508a302068565b0b1abd

File Size: 384.85 KB, 384847 bytes

MD5: 89f7a5cf0fb41a669bfbfc2ece858428

SHA1: 77f46d0d0c1f9a07b21f6e7a1f36c36e1ace79fd

File Size: 174.34 KB, 174335 bytes

MD5: 671dbae28f9ed866c2ee2d41e5454a60

SHA1: ea49cac568f83464ecfd0ff12743d96b7c32ee4a

SHA256: 826BBBCC1376C529EE0EA65B5D04764BB9F709054B3449468877E93409E22E38

File Size: 211.96 KB, 211959 bytes

MD5: 153f368fe28ac00482890499a6302b65

SHA1: 833d10d44ed5837aaf1d4748d371efbbd9ae8346

SHA256: 2BCC931F6C65B549119E59B94CF6B2C0A22D67D9E6D3B0297FE8FBE5F427ABBF

File Size: 139.56 KB, 139559 bytes

MD5: 6d13d9edf4959f9ffd7b62b75a1c2184

SHA1: 354734a037ecf33a8f8d4095f4e18ca0d1702c5e

SHA256: F8D149D1561FA613DB13E05F3F5D10FCBC414426847396E637CEFCC3650A708A

File Size: 251.32 KB, 251319 bytes

MD5: 9a3136b30aa9b54e5f0f795524cb6bc1

SHA1: 644cb860acfdd7b9a58b843af7a57ebd3c9c6420

SHA256: 30F2C9844828CC99163D08D68B33F707273E13EF0F3805486B4568080C52EE56

File Size: 252.80 KB, 252799 bytes

MD5: b6fc7861a25b55fab52218f659fb8474

SHA1: ad735418c77e49ad01c3b6f2b8b771efb5b9cf7f

SHA256: A5670D0480CA56476F9D5088E63E71292637FE0EB80DD7076320EF857107B8C4

File Size: 251.27 KB, 251271 bytes

MD5: 8e5629e27026beb0a1d8b0e1c474b5dd

SHA1: 7e8e3b0370539a03f5f3575592287f7ea12193df

SHA256: EAE991934DD137907E1CC26D3F4E9582687C15D12E6503F3F0D7BF9FCA9D2BE4

File Size: 245.72 KB, 245719 bytes

MD5: ed1e9afbcbd7d97bbd7625d4811f5222

SHA1: 0a64b896c1ee340f87238cab3c17339cc25974e1

SHA256: 60A060F55053E106434BF7FB33F9A9489E926DDB277E5DF8F25105E091138921

File Size: 168.73 KB, 168727 bytes

MD5: c1c2eea87137beeadd57a8439e7c4e23

SHA1: 692b393b11cd6d9e93433267d079671882fd8bc2

SHA256: 358A5BB86D719227670B3FE8F9E4AF8A44146F4DEBD67919CC6D91D7AD6674A9

File Size: 145.25 KB, 145255 bytes

MD5: 648cc0d1f23d5c6c04af4b85bb09eb2f

SHA1: 6666627a196aa4de95df0eb9877acf5f7adb8cbf

SHA256: D4334A49760A70DB27B328F6DAB6F7C4005051688CA7BF0F4901A96AE0A3E8CC

File Size: 246.78 KB, 246783 bytes

MD5: b9b5d2ab41e6bfbd132bba917991a912

SHA1: fbef0234e4dd573fd4182042213068d0142aad7b

SHA256: 556DB77AB853970AAEB3A104E9FD8CD6EF27FE8F6FBD2CA82158370961FD8D70

File Size: 203.14 KB, 203143 bytes

MD5: bb2d40c1bccee2b8c3dd4389a920c35a

SHA1: 321c6667cbaf5114e16b5858a7bf5f6c312c06cf

SHA256: B2EC47ADA737D6695379955EAE0078B7349DBD78E470EBCD7A600E0DDB744F68

File Size: 244.59 KB, 244591 bytes

MD5: 7275cbc8dde76cc421192c264e04b320

SHA1: d13575a7b1f08f50dce9f2f51edfe0d8c6275012

SHA256: 5B06697F82A46B78D6F4A0A64FA8CD3BE8D5FF99F58EC56A845C2EF87A747FBD

File Size: 159.37 KB, 159367 bytes

MD5: 6a25b9ed65e6d88cb1f0aa46bacfae7a

SHA1: 10d462a7f76176b69cc163c215d957ea91c42061

SHA256: 0982435F4541E7A24BE66B385D375D890E09C6094BBA8939FAD91D711990C10D

File Size: 252.80 KB, 252799 bytes

MD5: 4320d593e30476dce1fd9492a8270146

SHA1: 5932d3cdb18b46fe48718dca4770613659459dd2

SHA256: 4B3C41DFA70DFF750CAC3C396E60E6E8282A8063C710158763EF7C796733CEAD

File Size: 246.74 KB, 246743 bytes

MD5: e208937eebece060b41c35f6022bd56b

SHA1: 75035feb529ce86f85024aa817c637a8e564c8cd

SHA256: ABD0CD61D31923CFA240CCBB20D5CEF66CB3647931B221D55D34BE6FD857B97F

File Size: 216.81 KB, 216815 bytes

MD5: 1d54d3ca0d26bc05ab0d9000b232bf5a

SHA1: a896f3c20e790620928d2d18f84734e9ff845162

SHA256: 650CE74DA0470B7D8537840D8D41B1611A0E2716C2BE77FAD66650B528D8442D

File Size: 252.80 KB, 252799 bytes

MD5: 2beebc8ea8836d70ac42c71a7254762f

SHA1: 86be24d4454f924ae0a5aede662804dfa6ec5eb1

SHA256: 7128226F677AEE4029CE46267C7C4C31CB2CFDF4B0C5E311CA7404C3A6F06C0F

File Size: 165.90 KB, 165895 bytes

MD5: b57c36bc97f11fc7e1834fb23f09602a

SHA1: 8da4e67468324ec6f1dde61ba0100d107858b4b8

SHA256: FF468B6D1CD8483782F1668FE9278CF841AF8C378D3020A8D03270A4A212FDF8

File Size: 194.72 KB, 194719 bytes

MD5: 61b8bb2a2236ab0ab33f8b595fb2a938

SHA1: f9c88b7018a87cf579818f1e8c31645cc663e9b0

SHA256: 31AC1D150D766B333A5ACCAC0D3D3F80BF1EA16922FF35031E102474FA7AFE9F

File Size: 251.27 KB, 251271 bytes

MD5: 7d596c7b4ed9ffa3221a93b3637e74bc

SHA1: 94e5662bb7122a33d07220b15fe464285c708d87

SHA256: 7D7CB005A3F128D1051DE91A300C17205045AB7E57DA328F8C15574F08B432E8

File Size: 249.43 KB, 249431 bytes

MD5: 9c5988c33a6d81e0fe9214f7a7a0e186

SHA1: 92bef4fbda6fa7a3daec042360d3abf19c383a42

SHA256: 1261C3946661F938B6CCF26B8FEAEDD7B4576E34A4F4E4D12776CF9279EA02AC

File Size: 249.76 KB, 249759 bytes

MD5: 8bd665a1608596430dac2c85b85358d0

SHA1: 0a756565ef2038fbb9370bf399159524ee4523dd

SHA256: 996224EBC511C9D2618FE21F278CED50240AAE22CCC60CEDF2EA4B3C5702792A

File Size: 249.76 KB, 249759 bytes

MD5: 6061a980a7d5895661cee26c4b38b318

SHA1: 7e1a32b589204056c69c5c93971edc67448a094c

SHA256: 94C5C10D99CD57373AF470C132BF0030E7BF41EC754C8085255BBB8478EB3D09

File Size: 160.92 KB, 160919 bytes

MD5: 8ae637546fd3e9b415fff8a558c51031

SHA1: 26a64d8b0fe3cf1c82cec4cf43af4967ed26eb20

SHA256: 4F8E0DDF47C38F8712319DD7101B555965090970C64E3AF3EAF2324E4AF2E770

File Size: 244.78 KB, 244783 bytes

MD5: 86e534a987ca5aa3745907c522245c5b

SHA1: 7ea5413aabba61ccc702f79edb0b3ca9eafaf45e

SHA256: 51759B1885C5729C29092FEBF9EDE8818D8F351B9A468B43481F4245D8E1CB91

File Size: 253.25 KB, 253255 bytes

MD5: ad748f240e6e9c1406f299349d7ff10f

SHA1: 3c0780e8653c27c605dc908bcab634ab4d0084cb

SHA256: 54863A3E99D78325601AE3FAF045D8F3A8A148E968B088F4621678945869CBA2

File Size: 149.85 KB, 149855 bytes

MD5: a25bae7fc0761419f02b5220ce9c729a

SHA1: c50adaeef8bbd1f67bce6fc35191f7f22feb52cc

SHA256: B9DC721B2FEF7C8BCBA6955E44D28BA009ED394F060FE32AAB884AF6D1FBDC06

File Size: 243.40 KB, 243399 bytes

MD5: aa861a3054a97aa59cd24cf10f4b0b74

SHA1: 05474755f34d4f0781db8c51c600acb324c63d47

SHA256: 2D722117695C935A83C9B7344E3EA4759CA9E492AE8A09452CD368DA7AC14827

File Size: 159.12 KB, 159119 bytes

MD5: 94bc7191ab1454d395c802b2a19aa8e0

SHA1: 59b3ea337ab7ac6eb1e80d36fee0ad35ecf4a30b

SHA256: 3F02C5B79D210B5330964405D160096C84CD4EC70FFC17A6D5E5E56491D100C3

File Size: 223.53 KB, 223527 bytes

MD5: 7a3187732e305d7a69e4d808e0390441

SHA1: 25819b3ef327d999370c171681f0d7ac37280018

SHA256: 4D732AAD6AF763C7D1D3B453710CE71D8F36493EF94AF5473750375B1AFB0CA3

File Size: 252.80 KB, 252799 bytes

MD5: 1ca8ab1302e68ff6d29948be161aa802

SHA1: 37048e12fd2c81ddb8c3185a31e35c338354de0d

SHA256: 408FBCFE2ABA0ECEB4A627F57318487632D2F0EADBD71A1613BEC5C67AC0E91A

File Size: 183.56 KB, 183559 bytes

MD5: 14479a0bf6aab6b62c0f35b749ae6921

SHA1: 2b01cc3c007307159960db858f16a210321a400c

SHA256: 66927B981DEEAB485563B16488A8EFD24B001939E2AD363813593D7961E00D40

File Size: 157.84 KB, 157839 bytes

MD5: ed02e7e659a5fca5c9d27ca76c386d1e

SHA1: 0e51fad311d9dbb1a9b1377ae9e1712f9a6a9850

SHA256: C63B4860EA632BFA92982487686E85E7C25AFB31B2EC85FBD8D4F2E3101AB666

File Size: 212.01 KB, 212015 bytes

MD5: 2fbd26d3d8e391a390683ff4fbf14555

SHA1: 07dc08ad955f82c7e11e91a72b15e9e1998864ec

SHA256: 05C194FA40F8B76FF91F158C379DDA305E44AF32986384B066DECCCC72F4C404

File Size: 251.32 KB, 251319 bytes

MD5: 13378f9d7f61651fabc36e0d7101b7e7

SHA1: 1431e6107d52ece2cfbbd2c647dd3f74872cbe46

SHA256: 1BA81AFCF760915FAAADA1E7D0241DC31011F77AD534E2E383D07F3598075443

File Size: 252.86 KB, 252863 bytes

MD5: 045e77607d1655d1e54dfffb4497d3e5

SHA1: 28d4041329f16957429d0555f76ebc960aa49bee

SHA256: A462CC71796563AF1B4B12F9CA533B5EFC91562A420E0A546AC1460C8612C8D5

File Size: 251.27 KB, 251271 bytes

MD5: 7539584ac5a39b7c07bcb7f6e2f58fc4

SHA1: bc6c11db8df5d8be54e26f9f10dd175c2ca33c14

SHA256: 7506CBB6650AF0B9CC92D0E05422998852EC9983D1524BDFB428D11CD0FA2C44

File Size: 252.86 KB, 252863 bytes

MD5: fdddc6abcc653e66311bd7f27c834579

SHA1: 5a208886a8e9ad1e897ceb2ce5ab20189e95ae2b

SHA256: CF1A444B062794663C9ABBB8870642021477F995F4158F9486ADD89AD430DE5E

File Size: 160.92 KB, 160919 bytes

MD5: 7f2baff64407ece2ae20130396966bb8

SHA1: 6fd5c388cea8c29c02d48eed2e6f9179ab7e4cfe

SHA256: C8FF0ECBCB47B9B85A43C9F9CC28736101519BD0757258072EE5ECE06E90603E

File Size: 253.25 KB, 253247 bytes

MD5: 295f1fc6574cfb7d2d964a2da029543d

SHA1: 4fee5bb5e0e0738cd20a81b7a0c07f0efc0522b9

SHA256: C8AC0E10525C7BFE5C932C953EC5C76D19B032C93DBDD908242B608C9A3233B0

File Size: 231.45 KB, 231447 bytes

MD5: a19fc7ce73684de21cec950002a1bce1

SHA1: 437097e21637242a674f444436f328c364a5441b

SHA256: 0E0916322C21B2A5C1C7200B723A7962C75DB838CB87416A6EDDDBED8AEF60BB

File Size: 249.76 KB, 249759 bytes

MD5: 68493d41f48eed43382e463c3cd07ff0

SHA1: be68781a7d245809b38127073dfdec35cafd6971

SHA256: 0AD2542B5A21D66ABC7C23984D98C1E7267E1FDE8CA1D80E9ABECF7A7CB8B759

File Size: 240.36 KB, 240359 bytes

MD5: 39049ca53777cc725aa0d7f023044169

SHA1: 7090bf495fed87210868ff43127766f638a73d71

SHA256: B55D5C3E2398FE88C10DDE3E4437BCEA16B0AC8707913E18A06F9571FDEBDC99

File Size: 252.86 KB, 252863 bytes

MD5: caab10ddfbcefd0ed00c198e8a4202de

SHA1: 5d58f2c62ab9c1d3f3ac42eae9cbedc78184b674

SHA256: 17961DB45D19FE095BD4F286107CAE486C080939FE756A0AB3B32CF3180196D0

File Size: 250.90 KB, 250901 bytes

MD5: 52cda43f734e5ae59c4c5cf0b7a76521

SHA1: 2f4c0bd2fbf0b67f4407223b6c9821468826bc36

SHA256: BB88E93E1A558ADDFE64F9A6000C1E68CEB3B31D633C2507824814B8CAFD587A

File Size: 160.92 KB, 160919 bytes

MD5: 0631fb4b88f7c53f8d8387393f20d0fb

SHA1: b1ac16da5322141e760b2e8228cfd49778480cc0

SHA256: 069518FC419AE44E73402420276D16ACD60BB461E8F3B6A62146E5F8F7CDF5A6

File Size: 125.63 KB, 125631 bytes

MD5: 77d73e3c18fcc988019c26dc5b2a546d

SHA1: e54bd09dd3595cd05c97d2de4c790c2fc46df1c7

SHA256: 2399218B1E29C2BFE0DD007C7944A370C3321762C91C0E2EE75993F713EEF429

File Size: 245.78 KB, 245783 bytes

MD5: ed1aedea068d88c02523811e943d0ebf

SHA1: d9f52941ac2fee6097c5101b803ac36566ebdd84

SHA256: D8D1F5B527F5AA71C0717D9ECE1A077ED1CB72825DA2FD11C4658DF8B17CDEAE

File Size: 240.36 KB, 240359 bytes

MD5: 38cc8a8aa7e3f0d1b9a5f2d4457d65c3

SHA1: d78ba25c763a25308c91a45e8ff8729ceb90204f

SHA256: E514CDE1C3C43475CC957EE0E4E5303C2CE2EF8B68622787ACC05BB8D24616B3

File Size: 169.80 KB, 169799 bytes

MD5: ed0893801accd16cee0c1ceb69d86e65

SHA1: bbff9f6aaee6ea2e889892783908bcd25cc07e0a

SHA256: 02985BA0BF537E01089A5EB21FE7897F4FDECB39FD02424C6AF88324444CFF65

File Size: 159.06 KB, 159063 bytes

MD5: f4c4bea218458aeb91ee2c76bcdfec4f

SHA1: 65b72ff4bd0186f18c3c151c67baf8e513a6fc37

SHA256: 1661858DE68F2BFD7C617AE3A77E1600C87C493895C21773364B852B9F690C5A

File Size: 225.97 KB, 225975 bytes

MD5: 86af84c874089c5a8d2e68d6fbf1cf05

SHA1: ffc0db6e1613e84658d4fd66bb0c359eab9f5fdc

SHA256: 3E75B546BE3AFE50F771063046C42CF1D13BD295FE58FF3982BA17E5A4AA74DC

File Size: 151.06 KB, 151055 bytes

MD5: cfe10afc9fda22268c9616feb398ea01

SHA1: 7cbc3132c358b0bac4bc9032828f2ea9c0746da1

SHA256: D67C3C6472169C57378AD5A540DD8400E1847386B72DD7DD6DC50051B33B7184

File Size: 245.72 KB, 245719 bytes

MD5: 5eb7fc4d53d1f46522788789c8522c82

SHA1: 0c6e2f33e509c5a330f2780525974e2c58e8bc3e

SHA256: 83625F8992E39A506F1A6E427F9CF69AA91E3668234ADCE53CECBEA32A87BE95

File Size: 251.32 KB, 251319 bytes

MD5: cdc7468bb2b89b78918a5e1efd591b0c

SHA1: 484e15092adb49811119e0f0e153c77851567936

SHA256: 78BB4BDEE5795C66DB1D0E1E956881771BA9BD73FD131852146CA9D2F35B2E3F

File Size: 231.45 KB, 231447 bytes

MD5: 0f2f6f67f2d23446f5c9f9288a689955

SHA1: fdbb8196628bbb8326fa28f50cae6b0c1aa892f7

SHA256: 9FADFF7806D213D5FCEBDE91B76AE7229D040306F807D4DE0B67D1552E2555AB

File Size: 252.86 KB, 252863 bytes

MD5: 4ab51da0dd61267483b249bb31800fd8

SHA1: 3367948310c4f698723806f8273330a74fd7d04d

SHA256: F1925F96156B464A57DCCED759CEC2F240B71DFD2C35FAE164E0A6485C0E387B

File Size: 149.27 KB, 149271 bytes

MD5: 76b0f085d16baf92b6ff3cd8cf81e974

SHA1: 4744f393a93a7827e1cc55cb5cf01bf44458a73b

SHA256: 19EE257AB972877DCA65DA2A3DB1F1B71AD96B83DD82C8068C273065766091E6

File Size: 112.95 KB, 112951 bytes

MD5: 59055196360a5d778f373516747bc70b

SHA1: fbe58df1119bca37bffb4d7749e776f535d8f0f8

SHA256: FEF35F6F4988609D3335324E6521A221A0605BE352894F119C75D6D9F0B5E104

File Size: 251.32 KB, 251319 bytes

MD5: a0864e30c14a81fb46268180963a0856

SHA1: 4dbabc1b31d1e7cc40cbbce2a5c7182ad28b8c68

SHA256: 239FA9229FEBC0D0C9AFEBE2AD5B15A283B1D977DA3DEC95C6C909CF9E7FB097

File Size: 251.32 KB, 251319 bytes

MD5: cae68966f9cf54b654330d6bb2f25a17

SHA1: 370db3abdee5295470e7a0f2f77291981e83bcb8

SHA256: 45068DB48FB4C523F61370D0D98FFEDEC1B721DA029CCF1771352793EB4B176F

File Size: 245.78 KB, 245783 bytes

MD5: 3cb4c254736f2ea46045580cf0f77103

SHA1: 0eef8c74298b96ad41199c83090d71d8c7ccd54e

SHA256: 8DA776C907886EC8593416F88566967F5E59AC41F7507B616632CC3B65977C81

File Size: 252.80 KB, 252799 bytes

MD5: 310fed0369fe69260f7067a71a9160f1

SHA1: bc710fe92a0911221f5e302c041adfa6d9abb5d5

SHA256: 664D81991E38CCDC32B668B7E3029A7DF49D2C4602CE352E162231674C801082

File Size: 150.43 KB, 150431 bytes

MD5: eb8c9ceb7eee5f1c92609621f92c9b92

SHA1: be302a504b1e867b1d31ad1200e279d3424c0a79

SHA256: 7A7D629BCBD42426DB8EB75DF76E1833C0995F5E2C8F92130B1B67E3F2A35328

File Size: 252.86 KB, 252863 bytes

MD5: adff08093529a4fd7672461e853bb2f5

SHA1: 904b89ac9ec14a7604d0fed2d558bedc26f7a170

SHA256: 0B3EB81E241A55D3D7E1A7E26891271ED50C5B9AF06425B03869A435F517FCCA

File Size: 245.78 KB, 245783 bytes

MD5: 2bf211520fc18ee64d7d43cffb4755e1

SHA1: 388a14fa4442a8ecb65a2ef12bfc07942d23d60d

SHA256: 9BF647F318BEFDF79994951B550912D5FC939B83AB4711FF2D3B8F53D142E3C9

File Size: 173.79 KB, 173791 bytes

MD5: 0697faf9a354f8ab9b124d14345db65d

SHA1: 5dcfb3e140abef2740a49a135a9b7e885599efd0

SHA256: 5A087BB43BCAFD23F162C1E5A92517D68DB6833BD4B28B77D285F5684930E389

File Size: 192.30 KB, 192303 bytes

MD5: dfead5bc41eb570539d73f45e49bd1df

SHA1: f84cb670c8b9c4d4832b6ca49bd41b994fe59672

SHA256: 54C614591C2C8913F5BCA33CA591CB2DD11681A1002CC31DE9182DBF09948FD1

File Size: 252.86 KB, 252863 bytes

MD5: 593309e01824374049e839a60a46db23

SHA1: f68cf18f7bb26dff4cda6083144c4aea27b97188

SHA256: CE761499700FFD092522A822D4C1CE50D5BE0F7F16F5430357F730B5E24C416E

File Size: 252.86 KB, 252863 bytes

MD5: 8a730b915dd9fa7208dfd5d169ae5a12

SHA1: ecb4fc0f69d2beb12fff786ddd78db5763675df7

SHA256: 4EC187DD0D1A91DCC3F526B16B3A36B3DBFBF50F5CF6DDEDD142C0DB8EB8163C

File Size: 160.92 KB, 160919 bytes

MD5: cfec305e0e9de0d5b0dd8b86b8ea2929

SHA1: 56853952e30eef3d38a6629a7537f4ce34c07832

SHA256: F2D8CC313CCB7C4C033F06A284A4F25834AEE091AC9701D2F65F75D94B9B24CB

File Size: 245.78 KB, 245783 bytes

MD5: b3c064438ffd39637a8329b918ab1e94

SHA1: a89f09977af0d40ad63b8080179f2239358fd60e

SHA256: 7A5957BE5707DFDB705F624EBA7320F0592D43D321EB6EE2FC7ED91E74C35B22

File Size: 201.78 KB, 201775 bytes

MD5: d7f05c8684e81af857cada1cc2be4ae1

SHA1: c78ceeaea4195272eb67e96206af92fe360d4f60

SHA256: CF0F9A9DFA3409D201C43292D988347148315931D4404C8889D095795A029AE4

File Size: 223.66 KB, 223655 bytes

MD5: 9822bac9607ce81935200795b692bee5

SHA1: a5663b47ed66c3b03e6c68d00236a6208ad69595

SHA256: 15DC4C150001477E2C9F1E6A69894E26CD2866E998A0EFC0EC0A173982FF72EA

File Size: 167.53 KB, 167527 bytes

MD5: 5513ea75bcce383dad6450586801e3ff

SHA1: 715103ab13062d52e6cb9cec9b98c20e56f53db2

SHA256: 3931242DD32606AE89FA61A47852658A0E851814133EA301A6E5D553CBCEFB49

File Size: 212.59 KB, 212591 bytes

MD5: 856b6de4ad056212571597121ac409e1

SHA1: 0d0ea47ab0dca89a6e45e8ebb59646e26ebed69e

SHA256: 86CE517E1B3CD82FF543211245281E878C442A03C2B7E9F2C6F04BDFA4DD8ADD

File Size: 196.59 KB, 196591 bytes

MD5: c1d336f495297140876e07b8058de081

SHA1: a9e83987662504db03f2562d46845dda22a7469a

SHA256: A85C0F9FA9BECEDDA7AED12E2CD265E4DE8BF3F6CDBFB00001475F67DB425C8F

File Size: 252.80 KB, 252799 bytes

MD5: 4d1104cb0fc6205e0639f721b94e10e7

SHA1: f5f98d4f9147c1c2a599b24e3690aaf05a73d3d1

SHA256: 4846EC9CAECD05F962E70D0D68440F2581DF0B4F0617BD43524965FC8089AD31

File Size: 221.77 KB, 221767 bytes

MD5: 78253824a5bfad702d542cc5d8d3c063

SHA1: 37545adc6337ce674ed3f4783ea971db23fdb5c3

SHA256: 33C9A1F78DEEDFAB41E74AFD14279B9C12D1C2BAAC7D2212AED8E3079BDDDC3C

File Size: 245.78 KB, 245783 bytes

MD5: f5b9af18eafe4d05d93c746150a39121

SHA1: 4d152a65403c78e5e1275f962853e3ee01cbcb71

SHA256: 6A45481F3AC13449ADD6824656AD02D9C5D69D86CB7C64832F09A9D6CF9EB93E

File Size: 225.74 KB, 225735 bytes

MD5: c083de95b6dffb17b88efa742d753ff4

SHA1: 3e18c57de5ce38c9abc7d62e661d4c0c2a9f5414

SHA256: 0BFC58FF6701325F2E78A89B2297E8CFAF8AC6BFD18A47EEEDFA246C999C16F6

File Size: 180.24 KB, 180240 bytes

MD5: b88e2e363d3ea616078cc7964a328777

SHA1: f6fc2457d2c0e4ec4e7f184497d6fb231a3412ed

SHA256: 6BE1885D2CA7F82E3781DAB3DC1F407C0618C7DB40FE36F104F4C3C17FBF43FA

File Size: 165.10 KB, 165103 bytes

MD5: 80522fedb56b6e6e25fe8dab61c64388

SHA1: d44fd03b989e2022928e820040d6eba788609156

SHA256: 232585BB2B0A847DF7CA5707118468FC20536C8E381E626FB0188FAB6EC5B4F2

File Size: 162.63 KB, 162633 bytes

MD5: 58ba483a038f192679751e8c0b5fe243

SHA1: be0f672db0d916dc8b169d22729361e0b2a30260

SHA256: 49C5031C0F1A0EBFF2C3163AE311D28AC72FF2386CB6C0C54C6E2EC5083B2DE6

File Size: 208.94 KB, 208943 bytes

MD5: 3ca2ac7f60de6d6882345e19dde6f85e

SHA1: ef6d88bd3f262baa238aa0ed19f516062b453de6

SHA256: 9A1F003201419D5DA47810F945F4F17370FA5A13AB6A196600685B4C64A6ABBB

File Size: 252.86 KB, 252863 bytes

MD5: 409006326697e6bc08ca2b02c38f96c9

SHA1: 0a90afd002d46aa66266d4360dbfaf2553424b03

SHA256: 00D98B2BBE00732E40EBE9407418F6D905E2720C3F380B52F0C2979BE9B1FF23

File Size: 253.90 KB, 253895 bytes

MD5: 1792d1a13865010516f0e3705a9666b6

SHA1: ec98e3bfa71da85353d58277767fa904c878b9eb

SHA256: CDE6D358B6703D5BA62DD6833B929DBA95E5964BD7CBF7E1D619457FE00DDF8B

File Size: 160.20 KB, 160199 bytes

MD5: 705341c6a7f20539479dcd4356179353

SHA1: 8e4ac67ad80abc92530b1120f2262d2a5c497a97

SHA256: 5C314D5894FA67620794F80ADA92B7F033AD4B6241FAF3FBB4BD21C507C93077

File Size: 160.92 KB, 160919 bytes

MD5: 153a040aa652cd20f89384c913ef8c14

SHA1: 4de3a3048720e182abe7c24d4f24af4b39447b6c

SHA256: D865D4DF7F73D8F1495BF0C5B1C6215C2625DEADA849844B83B6089B18B8275A

File Size: 252.86 KB, 252863 bytes

MD5: 68f468cae46c5b74e1d11b83591d84e4

SHA1: dd1c42638ab1379293e154a75fe6af5d1c16d1a6

SHA256: 616DBC0243C08E1A949F924A126AFEE3C348700956586C65EF0EA25FC06660A2

File Size: 162.94 KB, 162944 bytes

MD5: 00ca228e46d111bc5b71bc02e76b3e24

SHA1: 17bad174d10955e1d2da48ff449d3a3e9383c1f6

SHA256: CFCCECC94D58D8D8101197435933C89450AEC07E9529E71B0636C7DEF35CDF1A

File Size: 252.80 KB, 252799 bytes

MD5: b9eb878424b01659b6cee17899894bca

SHA1: 28d002731595e134ce1008bcc730cfc67cbd256a

SHA256: A20046322485E5545951638643C50307770CC6513A5EA20BC05C934DB204B62F

File Size: 252.86 KB, 252863 bytes

MD5: 67a4f0a8f2ca0a3909b34f4fa04367ba

SHA1: d76a80412c6b15f08bd6a27b9d35346dbf59bd04

SHA256: 0824486F1577482F6FD92261222EC53F5214F1B9ECF71FE07954A37783C4149A

File Size: 210.40 KB, 210399 bytes

MD5: 314ef8b104aff81fe718e28777527017

SHA1: 5fa9cfd66f64553dbb86a6867cfe02bc5f5679e3

SHA256: E0B85AE5843E5487DEBEF52E416190E10882BE8A16CFCC1225972DE5218934C9

File Size: 196.59 KB, 196591 bytes

MD5: 8c0437826c76b523052282a12e39bbe6

SHA1: 26776be5314c91e8cfab945b4cd2dd6db7c07f3f

SHA256: 30856ACD9F253E758AE054EF8D167ED5E0AF43B36DD584222878EDAD0E23A91E

File Size: 245.78 KB, 245783 bytes

MD5: 22139f7d08db4293b85c8e3fde95933f

SHA1: 34d76ca93d86554c5ea4835c03c411fc2dd377a0

SHA256: E685632392655BD27CA29919FE89266B0E4F671603593910DA84BAF41C969D97

File Size: 196.59 KB, 196591 bytes

MD5: 441d253674c46f7be93875b5ed6b316b

SHA1: 027194d6ac2c18ee019a69a326a3280098117807

SHA256: 67E783215644EBC56F8FAC648FB9D8F105D08221DCC4AD2B72B1678262A88576

File Size: 155.13 KB, 155135 bytes

MD5: e20c135eb23dbb4f2b649e75392fef52

SHA1: 0d8c9434abf9cb7ca078293144d274c8393220f8

SHA256: D969F485A365F296A2145443B7E450B03CCA271171E1843D7CAA6A8E89426033

File Size: 253.24 KB, 253239 bytes

MD5: 0896c869ae0200adc8c77017bd2a13ee

SHA1: c3f1c77b1be0689afc6ca26657a759056994adaf

SHA256: 3B8A7E95D850F471E07E91EED8D1371290E639C0162B7227CF11BC56D0D9F384

File Size: 143.47 KB, 143471 bytes

MD5: 716fc9e5fe94009686cf6c9873f1d87e

SHA1: 21fac45418e2c25946d63f19f5938241ae0c1c42

SHA256: 95564969AAE07A46A826042B15F7792C1B81847F42EE9A33EEE5DD8FB0C2B0DE

File Size: 179.08 KB, 179079 bytes

MD5: 3cdce8675e806905f442628e683ac9b3

SHA1: cdb1f8eade394a6021896ca041a9d44d8a685fa6

SHA256: E2D0F987568AF6C30813F7A91BB54AEAF8E79C2E3DB533336F1BB9BE0753CFF6

File Size: 113.97 KB, 113975 bytes

MD5: 0ee25d9fd0c4afdb99a716f97f8f1813

SHA1: ae8f52a055b6b733d197d9a8b6b43ec9b10e2d8c

SHA256: 944860178E83ECF870255334E7E3798BE6635E8B3614313A9CB0592E2C064189

File Size: 223.06 KB, 223063 bytes

MD5: bd6843ef5ccae0514a27c4cf94996f69

SHA1: 9a7fa669300f6d2c069aca0f7caf668d7915d89c

SHA256: 6357EE01E77F150685F1E87C00B79E0B0A7A258220063B4A64DDF5DB35999839

File Size: 252.05 KB, 252053 bytes

MD5: 117d73ff453575e45b4d916aa9744ca1

SHA1: 759ff078bae584be36650c96d06b89eeedf3336f

SHA256: 557F6DF684C3996FDBB4F4E27065C780A3EB8BD068A5340F43BCA46F9A7006D5

File Size: 215.37 KB, 215367 bytes

MD5: f60959deecd74a7618218cf5ee0888ba

SHA1: 014d078ab0a28aefc8ed878f6b40c6b82715a757

SHA256: A855F7B61E1E3B9EF7466EA79FF9DEF62F9A3D7D3EB8086ED7479FC52BB96A56

File Size: 209.86 KB, 209863 bytes

MD5: 0c806d4213d29155ac36330b8ee08769

SHA1: 4d93a0fd4a5d99a1cec9bba0859afa4336bb0d23

SHA256: 4F0C9EB8D9CDD50F461718D70C49C4738A57F33EBBDA0722B0F0C481A0BF6F63

File Size: 229.67 KB, 229671 bytes

MD5: 9743dfc0425a797c09da87bb8f831896

SHA1: b573ffffc0bf5b1ac51b29016089ed073291068e

SHA256: 6B8409747E3F38D209EB487C03CFCA518B8DEB8435B845C41BB477CB2F849227

File Size: 217.54 KB, 217543 bytes

MD5: 45800f373c8ea5e317f48821a148811f

SHA1: 6ccc29c0fc4a009f50f96e0c535d14aa06a26fa8

SHA256: 52A18F13C9D1644F6E3CC0FC0E0C64E6BBACAF1AE9E6EF7AD37143CD7918F893

File Size: 134.37 KB, 134367 bytes

MD5: 5e5fb61ab0105e14fce4cd02e55825b4

SHA1: ff3e6b2e7c1dd11ca257d9e2a5ef0926280b56ca

SHA256: 99C093E5630D0EF4B1B4248BB0F9F87DFBA6BF9B9E5DE57D5766F5A4AE1915F2

File Size: 233.20 KB, 233199 bytes

MD5: 2231b67be1e9cf7de45fb9ebf5a09dab

SHA1: 4e1f2443e3fd83042668a816dcc2a8cb98ecb1de

SHA256: 821BF0D3CEE571788039A59053417E854A8B1E259AEF59808DA74932D3F36ACE

File Size: 240.36 KB, 240359 bytes

MD5: 918582a681f70227981a263527fe22e9

SHA1: 6ac0c838cb42e84c64c8ac6bf72ce5df7b37021e

SHA256: B80583A62C498BAC84F0D2FF59B4197ABB4C919BCD1E630E92FDB8B3ED15BFF1

File Size: 195.83 KB, 195831 bytes

MD5: 7752a4c6e2f88a84bb1f51d3b457cf7f

SHA1: f8c452c40fb42c7c084fdceb3a6ddc872a1af9e7

SHA256: 9F7956F5E42D44288B026D125C61FA58DF08B1E506B9070C3330E5C6801A2FCC

File Size: 118.33 KB, 118327 bytes

MD5: 335c0e1c65b0ab933bc25437801de707

SHA1: 3e1a9f8adcf98e48a66b96a460877a47739ec747

SHA256: 19B9D5DB238D3E8A8B9DFEE51CD918D745A1559BC45F765590092546EA17331D

File Size: 265.99 KB, 265991 bytes

MD5: f6bc8471842ece02a16912a46c10a7c9

SHA1: e0b03aca01298bfb693c803a9c3d2de9c25d00b7

SHA256: ABD3D93248B72493E1D5ECFDA83651CF9F5BBDD054924C670A83055B39A6C0EC

File Size: 140.97 KB, 140967 bytes

MD5: 266f1f6850c3c273c265253449ea36aa

SHA1: 88346bfb7628d64a5d819e1f65841b7e29c64eec

SHA256: E2F2F5F8E9DDE5EE5B5E9023035F06AAEF9A7B73A0246B074FA4D5714BBD8178

File Size: 231.45 KB, 231447 bytes

MD5: 188f82199d36b0f79ac34802ca4dfa6c

SHA1: 994f9a8e63ad6f955910e002bc3a7101d7e774c5

SHA256: 597EAA00BD808FFB4CDA3816AFF77344047D7A38B6AB447B708539AF852C3F2C

File Size: 169.80 KB, 169799 bytes

MD5: a843077258014e9478f8e2a8579b03b2

SHA1: 49c44343b28201f8b457ab3d9458616738920a47

SHA256: 96E40C6B7D08AAA19AC186429E9347B917441B619A2ADED9F98E3B8C50C5A5CD

File Size: 183.22 KB, 183223 bytes

MD5: d3955353d500f5be0d6b729a98d71181

SHA1: 21106bf92aa707a8477bd4cba0e6d492812e429f

SHA256: 1CBD054420834DC5D5C05411ECB028BF831FD611A0017ECF61AF7E345505A71C

File Size: 115.36 KB, 115359 bytes

MD5: 5009f1ec9d7a0ecdb93a431be2703631

SHA1: 245979ec5d71402d63b28b8caa86605fd1556694

SHA256: 2E571E02BBD83766A653CE9ABAE89A183557571AA86E146976E752CA6FE3BDD3

File Size: 162.26 KB, 162263 bytes

MD5: f6d60df0c3361664315ef6c8981c0850

SHA1: 66699c0363fc293c3b078ac9231d37ffc5c3c58c

SHA256: 00AAA942D338A4E79126C6313DFEC1B33D45071AE6EDFB5A78330473477AF7B2

File Size: 251.27 KB, 251271 bytes

MD5: e204bd5ea812c16661cd526470b9169a

SHA1: ebb1e0edef9e342e2c152a099e87e85e2588d5eb

SHA256: C7E34C18DE5517082211AB9E8CBACB4A53FAEAEB55C51AC2E65C4B0A508A1B0D

File Size: 243.62 KB, 243615 bytes

MD5: de009a04bd2ef126c33abcc427656ee0

SHA1: 32c4dee6e1a21e4286edefe3751e91e910f31b8b

SHA256: 35BB394B172E82F2780EB86AA7A0010ADF6454DE72E9317A93968B64DCC60DF4

File Size: 252.87 KB, 252871 bytes

MD5: 01e717047373b3ef4644b71a6b84a45f

SHA1: 6a51d25c52642ae18e4b585de288fe9f50b6acc1

SHA256: 98208E792CAAD8E9A669B84D6F615A538F872D93A78EA8D4CEC33F2B05976EDF

File Size: 178.57 KB, 178567 bytes

MD5: ee2cd48889ba05a68b5914660ee2ec5e

SHA1: afa836202b47d371ff4dcf32045ea758bebca09c

SHA256: 2E6ACD58C51D256642F05C56701F01035D1AB243E758C84CE0E4ED634B8AAE5A

File Size: 245.78 KB, 245783 bytes

MD5: 30a9fa428e4127b4a76111d30aead5a2

SHA1: 58af1cf4dcee873f622eb35ca106125e0a71b6a1

SHA256: 9584C665816329CFEEA942C8EAE43A487EFC38FB3AB49A6693C4F76EFBDAD79A

File Size: 203.14 KB, 203143 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have resources
File doesn't have security information
File has been packed
File has exports table
File has TLS information
File is 32-bit executable

File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Assembly Version	25.3.24.7
Comments	Design by Realtek DSA Update Service Please visit http://www.internetdownloadmanager.com PotPlayer Tool for elevating applications on the command line Volume related element
Company Name	Adobe Inc. Adobe Systems Incorporated Apple Inc. ASUSTeK Computer Inc. BraveSoftware Inc. CANON INC. CometNetwork Corel Corporation CyberLink Corp. Daum Communications Show More Elaborate Bytes AG Google Inc Google Inc. Google LLC Greatis Software, LLC Hewlett-Packard Hewlett-Packard Company Hewlett-Packard Development Company, L.P. InstallShield Software Corporation Intel Intel Corporation Johannes Passing Lectra MediaTek Micro-Star Int'l Co., Ltd. Microsoft Corporation NirSoft Pioneer DJ Corporation. Pointstone Software, LLC QUALCOMM, Inc. Realtek Research In Motion Limited SEIKO EPSON CORPORATION Smadav Software (Smadsoft) Sony Corporation Tonec Inc. TOSHIBA CORPORATION VP Inc. Yandex „Google Inc.“ 川田テクノシステム株式会社
File Description	Acrobat Update Service Adobe Acrobat 32BitMAPIBroker Adobe Acrobat SpeedLauncher Adobe Acrobat Update Service Apple Installer (Elevated) ASUS Update ASUS_FRQ Control Auto Print Application BitComet toasts notifier for Windows 10 BraveSoftware Update Show More Canon IJ Scan Utility SETEVENT ClidManagerModule CyberLink YouCam Tray DDJ-SZ_AutoSetup Delayed launcher DellOSDService for R&T DSAUpdateService ECM Certificate Manager Elevate El instalador de Google Epson USB Display Ver.1.63 EXE For Driver Installation Google-asennusohjelma Google alat za instalaciju Google Installer Google instalēšanas programma Google telepítő Google uppsetningarforrit Google Yükleyici Google इंस्टॉलर Google इन्स्टॉलर Google ইনস্টলার Google ઇન્સ્ટોલર Google ସଂସ୍ଥାପକ Google நிறுவி Google ఇన్స్టాలర్ Google ഇന്‍സ്റ്റാളര്‍ Google ጫኝ Google インストーラ Google 安装程序 Google 安裝程式 Google 설치 프로그램 HiSuite Update Service HP QuickWeb Utilities hpwuSchd Application Instalador do Google Instalační program Google Installasjonsprogram for Google InstallShield (R) Setup Launcher Intel(R) Dynamic Application Loader Host Interface Internet Download Manager installer Inštalačný program Google IT Security Manager for Toshiba Stack Kisakinishi cha Google Launch Agent Service Lectra Service Microsoft Office 2010 component MSI Central Service Office Push Notifications Utility Assembly Pemasang Google PIcon startup utility PMB Portable PotPlayer Programme d'installation de Google qcmtusvc qtBridge exe Run a program with different settings that you choose. Setup Downloader Smadav Updater Assistance StopUpdates10 Service System Cleaner Installer uacsdk Application V-nasClair設定初期化ツール Virtual CloneDrive Daemon Volume related element VPWalletService for payment WifiAutoInstall Установщик Google مثبِّت Google نصب کننده Google گوگل انسٹالر „Google“ diegimo programa
File Version	80, 1, 1, 0 25.3.24.7 24.4.4.9118 24.0.1.260 19.1.0.0 16.0.19029.20136 15.0.0.0 14.0.4756.1000 12.13.9.1 12.13.7.1 Show More 11.0.0.1163 9.2.0.124 9.0.0.2008061200 8.1.30.1348 8.0.0.0 7, 0, 9722, 1 6.5.6.130 6.1.7600.16385 (win7_rtm.090713-1255) 6, 40, 9, 1 6, 31, 100, 1190 6, 5, 10, 1 5.5.1.0 5, 7, 0, 139 4.2.0.14 4.0.0.3423 3, 1, 0, 9742 2.29.0.0 2.1.1.2 2.0.0.9 2, 0, 0, 42 1.824.460.1120 1.824.460.1110 1.824.460.1108 1.824.460.1102 1.824.460.1091 1.824.460.1067 1.824.460.1053 1.824.460.1052 1.824.460.1047 1.824.42.0176 1.824.31.1644 1.824.21.4663 1.824.20.7559 1.801.10.4720 1.210.000.000 1.51 1.12.44.1 1.5.0.11835 1.3.361.151 1.3.361.135 1.3.361.133 1.3.361.131 1.3.361.113 1.3.107.31 1.3.36.371 1.3.36.311 1.3.36.151 1.3.34.11 1.3.33.17 1.3.00.08190 1.1.0.0 1.0.0.49 1.0.0.1 1.0.0.0 1, 7, 0, 0 1, 6, 8, 0 1, 6, 3, 0 1, 0, 1, 20 1, 0, 0, 2894 1,0,0,44 1, 0, 0, 3 1, 0, 0, 2 1, 0, 0, 1 1,0,0,0 1, 0, 0, 0 0.1.0.32 0, 0, 0, 0
Internal Name	AdvancedRun ALectraS.exe AlexInitTool.exe armsvc.exe ASUS Update ASUS_FRQ_Control.exe AutoPrnt BCSSync BraveSoftware Update CERTMGR.EXE Show More clidmgr Daum 팟플레이어 DCSHOST DDJ-SZ_AutoSetup DellOSDService for R&T DesktopT.exe download DSAUpdateService.dll Elevate Epson USB Display Google Update hpqwutils.exe hpwuSchd ItSecMng LaunchDelay MSI Central Service.exe opushutil.exe PIconStartup PMBP_Win.exe qcmtusvc qtBridge RIMBBLaunchAgent SETEVENT.exe Setup SETUP SetupAdmin SmadavSecondaryUpdater StopUpdates10Guard uacsdk Uninstall VCDDaemon VolumeControl.exe VPWalletService.exe WifiAutoInstall YouCamTray.exe
Legal Copyright	All rights reserved. Autoriõigustega kaitstud. 2007-2010 Google Inc. Autoriõigustega kaitstud. 2018 Google LLC Autoriõigustega kaitstud. 2019 ASUSTeK Computer Inc. Autorska prava 2007-2010 Google Inc. Autorska prava 2018 Google LLC Autorska prava 2019 ASUSTeK Computer Inc. Autortiesības 2007–2010 Google Inc. Autortiesības 2007–2010 Google LLC Autortiesības 2019 ASUSTeK Computer Inc. Show More Bản quyền 2007-2010 Google Inc. Bản quyền 2018 Google LLC Bản quyền 2019 ASUSTeK Computer Inc. Copyright (C) 1990-2001 InstallShield Software Corporation Copyright (C) 2001-2015 Copyright (C) 2004-2017 Realtek Semiconductor Corp. All rights reserved. Copyright (C) 2007 Copyright(c) 2007, Corel Corporation. All rights reserved. Copyright (C) 2008 Copyright (c) 2010 Hewlett-Packard Development Company, L.P. Copyright (C) 2011 KAWADA TECHNOSYSTEM Co., Ltd. Copyright (C) 2012 Copyright (C) 2015 Yandex LLC Copyright (C) 2016 Copyright (C) 2018 ASUSTeK Computer Inc. Copyright (C) 2019 Copyright (C) 2020 <VP Inc>. All rights reserved. Copyright (C) 2021 AlphaTheta Corporation. Copyright (c) CyberLink Corporation. All rights reserved. Copyright (C) Hewlett-Packard 2007 Copyright (C) QUALCOMM, Inc. Copyright(C) SEIKO EPSON CORPORATION 2006 - 2014 All rights reserved. Copyright 1984-2008 Adobe Systems Incorporated and its licensors. All rights reserved. Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved. Copyright 1984-2017 Adobe Systems Incorporated and its licensors. All rights reserved. Copyright 2007 - 2010 Google Inc. Copyright 2007 - 2010 Google LLC Copyright 2007, 2008, 2009 Sony Corporation Copyright 2007-2010 Google Inc. Copyright 2007-2010 Google Inc.‎ Copyright 2007–2010 Google Inc. Copyright 2007–2010 Google LLC Copyright 2010 Research In Motion Limited Copyright 2011, Intel Corporation Copyright 2018 Google LLC Copyright 2018 Google LLC‎ Copyright 2019 ASUSTeK Computer Inc. Copyright 2019 ASUSTeK Computer Inc.‎ Copyright Adobe Systems Incorporated 2004 Copyright ASUSTeK Computer Inc. 2019 Copyright c 2007 - 2009 TOSHIBA CORPORATION Copyright CANON INC. 2012-2018 Copyright Google Inc. 2007-2010 Copyright Google LLC 2018 Copyright © 2001 - 2020 Elaborate Bytes AG Copyright © 2007-2010 Google Inc. Copyright © 2007-2015, Intel Corporation. All rights reserved. Copyright © 2010-2011, Intel Corporation. All rights reserved. Copyright © 2011 Adobe Systems Incorporated. All rights reserved. Copyright © 2013 Adobe Systems Incorporated. All rights reserved. Copyright © 2015 - 2022 Nir Sofer Copyright © 2018 Google LLC Copyright © 2019 ASUSTeK Computer Inc. Copyright © 2019 Micro-Star INT'L CO., LTD. Copyright © 2020 Adobe Inc. All rights reserved. Copyright © 2023 Adobe Inc. All rights reserved. Copyright © 20018 Copyright © Intel Corporation Copyright © Lectra S.A. 2005-2016. All rights reserved. Copyright © Pointstone Software, LLC Derechos de autor 2007-2010 Google Inc. Derechos de autor 2018 Google LLC Derechos de autor 2019 ASUSTeK Computer Inc. Hak Cipta 2007-2010 Google Inc. Hak cipta 2007-2010 Google Inc. Hak cipta 2018 Google LLC Hak Cipta 2018 Google LLC Hak Cipta 2019 ASUSTeK Computer Inc. Hak cipta 2019 ASUSTeK Computer Inc. Höfundarréttur 2007-2010 Google Inc. Höfundarréttur 2018 Google LLC Höfundarréttur 2019 ASUSTeK Computer Inc. Telif Hakkı 2007-2010 Google Inc. Telif Hakkı 2018 Google LLC Telif Hakkı 2019 ASUSTeK Computer Inc. © 1999-2022. Tonec FZE. All rights reserved. © 2007-2010 Google Inc. © 2010 Microsoft Corporation. All rights reserved. © 2018 Google LLC © 2019 ASUSTeK Computer Inc. © Apple Inc. All Rights Reserved. © ASUSTeK Computer Inc., 2019 гг. © Copyright 2008-2009 Hewlett-Packard Development Company, L.P. © Google Inc., 2007–2010 гг. © Google LLC, 2018 гг. © Microsoft Corporation. All rights reserved. © „ASUSTeK Computer Inc.“, 2019 m. © „Google Inc.“, 2007–2010 m. Πνευματικά δικαιώματα 2007-2010 Google Inc. Πνευματικά δικαιώματα 2018 Google LLC 47 additional items are not displayed above.
Legal Trademarks	Corel Corporation, QT Bridge is registered trademarks of Corel Corporation, Inc. elby, CloneCD, CloneDVD and Elaborate Bytes are trademarks of Elaborate Bytes AG Intel Corporation Internet Download Manager (IDM) Realtek, WifiAutoInstall System Cleaner is a registered trademark of Pointstone Software, LLC
Legal Trademarks1	Microsoft® is a registered trademark of Microsoft Corporation.
Legal Trademarks2	Windows® is a registered trademark of Microsoft Corporation.
Original Filename	32BitMAPIBroker.exe AcroSpeedLaunch.exe AdvancedRun.exe ALectraS.exe AlexInitTool.exe armsvc.exe AsusUpdate.exe ASUS_FRQ_Control.exe AutoPrnt.exe BCSSync.exe Show More BraveUpdate.exe CERTMGR.EXE clidmgr.exe DDJ-SZ_AutoSetup.exe DellOSDService DesktopT.exe downloader.exe DSAUpdateService.dll Elevate.exe EMP_UDSA.EXE GoogleUpdate.exe HiSuiteOuc.EXE HP Quick Launch Buttons hpqwutils.exe hpwuSchd.exe ItSecMng.exe jhi_service.exe LaunchDelay.exe MSI Central Service.exe opushutil.exe PIconStartup.exe PMBP_Win.exe PotPlayer qcmtusvc.exe qtBridge32.exe RIMBBLaunchAgent.exe SETEVENT.exe SETUP.EXE Setup.exe SetupAdmin.exe SmadavSecondaryUpdater.exe SU10Guard.exe uacsdk.exe Uninstall.exe VCDDaemon.exe VPWalletService.exe WifiAutoInstall YouCamTray.exe
Private Build	No R&T
Product Name	Acrobat Update Service Adobe Acrobat Adobe Acrobat 32BitMAPIBroker Adobe Acrobat Update Service AdvancedRun ALectraS.exe ASUS Update ASUS_FRQ_Control AutoPrnt BitComet Show More Bluetooth Stack for Windows by Toshiba BraveSoftware Update Canon IJ Scan Utility SETEVENT ClidManagerModule CyberLink YouCam Tray DDJ-SZ_AutoSetup Delayed launcher DellOSDService for R&T Elevate Application Epson USB Display Google'i uuendus Google-oppdatering Google atjauninājums Google ažuriranje Google frissítés Google Güncelleme Google Päivitä Google Update Google uppfærsla Google Актуализация Google ажурирање Google تازہ کاری کریں Google अद्यतन Google अपडेट Google আধুনিকীকরণ Google અઘતન Google ଅଦ୍ୟତନ Google புதுப்பி Google నవీకరణ Google ಮಾರ್ಪಡಿಸಿ Google കാലാനുസൃതമാക്കുക Google ዝመና Google“ naujinimas Google 更新 Google 업데이트 HiSuiteOuc HP Quick Launch Buttons HP QuickWeb hpwuSchd Application InstallShield (R) Intel(R) Dynamic Application Loader Host Interface Intel(R) PIconStartup Intel Driver & Support Assistant Internet Download Manager installer Kemas Kini Google MediaTek Log Installer Microsoft Office 2010 Microsoft® Windows® Operating System MSI Central Service Office Push Notifications Utility PMB Portable Posodobitve za Google PotPlayer QUALCOMM qcmtusvc QuickTime Bridge RIMBBLaunchAgent Setup.exe SetupAdmin Setup Downloader SmadavSecondaryUpdater StopUpdates10 System Cleaner uacsdk Application V-nasClair設定初期化ツール Virtual CloneDrive VP Inc. WifiAutoInstall Оновлення Google עדכון Google بروزرسانی Google ข่าวอัพเดต Google
Product Version	80, 1, 1, 0 25.3.24.7 24.4.4.9118 24.0 19.1.0.0 16.0.19029.20136 15.0.0.0 14.0.4756.1000 12.13.9.1 12.13.7.1 Show More 11.0.0.1163 9.2.0.124 9.0.0.2008061200 8.1.30.1348 8.0.0.0 7, 0, 0, 0 6.1.7600.16385 6, 40, 9, 1 6, 31 6, 5, 10, 1 5.5.1.0 5.0.00.08190 5, 7, 0, 139 4.2.0.14 4.0.0.3423 3, 1, 0, 9742 2.29.0.0 2.1.1.2 2.0.0.9 2, 0, 0, 42 1.824.460.1120 1.824.460.1110 1.824.460.1108 1.824.460.1102 1.824.460.1091 1.824.460.1067 1.824.460.1053 1.824.460.1052 1.824.460.1047 1.824.42.0176 1.824.31.1644 1.824.21.4663 1.824.20.7559 1.801.10.4720 1.210.000.000 1.68 1.61.0.0 1.51 1.5.0.11835 1.3.361.151 1.3.361.135 1.3.361.133 1.3.361.131 1.3.361.113 1.3.107.31 1.3.36.371 1.3.36.311 1.3.36.151 1.3.34.11 1.3.33.17 1.0.0.49 1.0.0.1 1.0.0.0 1, 7, 0, 0 1, 6, 3, 0 1, 0, 1, 20 1, 0, 0, 2894 1,0,0,44 1, 0, 0, 3 1, 0, 0, 2 1, 0, 0, 1 1,0,0,0 1, 0, 0, 0 0.1.0.32 0, 0, 0, 0
Special Build	Daum Communications

Digital Signatures

Signer	Root	Status
Intel Corporation - Embedded Subsystems and IP Blocks Group	AddTrust External CA Root	Hash Mismatch
Aviata, Inc.	COMODO RSA Extended Validation Code Signing CA	Hash Mismatch
Huawei Software Technologies Co., LTD.	Certification Authority of WoSign	Hash Mismatch
Xing Wang	Certum Trusted Network CA 2	Hash Mismatch
CircleSoft LLC	CircleSoft LLC	Hash Mismatch

Intel Corporation	Class 3 Public Primary Certification Authority	Hash Mismatch
Sony Corporation	Class 3 Public Primary Certification Authority	Hash Mismatch
Google LLC	DigiCert Assured ID Code Signing CA-1	Hash Mismatch
Tonec Inc.	DigiCert Assured ID Code Signing CA-1	Hash Mismatch
ASUSTeK Computer Inc.	DigiCert EV Code Signing CA (SHA2)	Hash Mismatch
Adobe Inc.	DigiCert EV Code Signing CA (SHA2)	Hash Mismatch
Adobe Systems, Incorporated	DigiCert EV Code Signing CA (SHA2)	Hash Mismatch
OBS Project, LLC	DigiCert Global G3 Code Signing ECC SHA384 2021 CA1	Hash Mismatch
Realtek Semiconductor Corp.	DigiCert High Assurance EV Root CA	Hash Mismatch
Brave Software, Inc.	DigiCert SHA2 Assured ID Code Signing CA	Hash Mismatch
Google LLC	DigiCert SHA2 Assured ID Code Signing CA	Hash Mismatch
Tonec Inc.	DigiCert SHA2 Assured ID Code Signing CA	Hash Mismatch
ASUSTeK COMPUTER INC.	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
Adobe Inc.	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
Apple Inc.	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
Brave Software, Inc.	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
CHENGDU YIWO Tech Development Co., Ltd.	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
Connectwise, LLC	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
Google LLC	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
Lenovo	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
Shandong ZTop Microelectronics Co., Ltd.	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
Apple Inc.	DigiCert Trusted Root G4	Hash Mismatch
Brave Software, Inc.	DigiCert Trusted Root G4	Hash Mismatch
Electronic Arts, Inc.	DigiCert Trusted Root G4	Hash Mismatch
Hugh Bailey	DigiCert Trusted Root G4	Hash Mismatch
KAWADA TECHNOSYSTEM CO.,LTD.	DigiCert Trusted Root G4	Hash Mismatch
VP Inc.	DigiCert Trusted Root G4	Hash Mismatch
北京小米智能科技有限公司	DigiCert Trusted Root G4	Hash Mismatch
Intel Corporation - Intel® Management Engine Firmware	Equifax Secure Certificate Authority	Hash Mismatch
CRYPTO-PRO LLC	GlobalSign Code Signing Root R45	Hash Mismatch
YANDEX LLC	GlobalSign CodeSigning CA - G2	Hash Mismatch
YANDEX LLC	GlobalSign CodeSigning CA - SHA256 - G2	Hash Mismatch
ASUSTEK COMPUTER INCORPORATION	GlobalSign Extended Validation CodeSigning CA - SHA256 - G3	Hash Mismatch
Elaborate Bytes AG	GlobalSign Extended Validation CodeSigning CA - SHA256 - G3	Hash Mismatch
MICRO-STAR INTERNATIONAL CO., LTD.	GlobalSign Extended Validation CodeSigning CA - SHA256 - G3	Hash Mismatch
Telegram FZ-LLC	GlobalSign GCC R45 EV CodeSigning CA 2020	Hash Mismatch
Microsoft Corporation	Microsoft Code Signing PCA	Hash Mismatch
Microsoft Corporation	Microsoft Windows Code Signing PCA 2024	Hash Mismatch
Research In Motion	Research In Motion	Hash Mismatch
Intel Corporation	Sectigo Public Code Signing Root R46	Hash Mismatch
Zainuddin Nafarin	Sectigo Public Code Signing Root R46	Hash Mismatch
Nir Sofer	Sectigo RSA Code Signing CA	Hash Mismatch
Adobe Systems, Incorporated	Symantec Class 3 Extended Validation Code Signing CA	Hash Mismatch
Adobe Systems, Incorporated	Symantec Class 3 Extended Validation Code Signing CA - G2	Hash Mismatch
Canon Inc.	Symantec Class 3 SHA256 Code Signing CA	Hash Mismatch
Corel Corporation	Symantec Class 3 SHA256 Code Signing CA	Hash Mismatch
Google Inc	Symantec Class 3 SHA256 Code Signing CA	Hash Mismatch
Greatis Software LLC	Symantec Class 3 SHA256 Code Signing CA	Hash Mismatch
Jiangsu Qinheng Co., Ltd.	Symantec Class 3 SHA256 Code Signing CA	Hash Mismatch
Lectra S.A.	Symantec Class 3 SHA256 Code Signing CA	Hash Mismatch
Google Inc	Thawte Code Signing CA - G2	Hash Mismatch
Dewmobile USA, Inc.	USERTrust RSA Certification Authority	Hash Mismatch
Pointstone Software, LLC	UTN-USERFirst-Object	Hash Mismatch
Adobe Systems, Incorporated	VeriSign Class 3 Code Signing 2004 CA	Hash Mismatch
Hewlett-Packard Company	VeriSign Class 3 Code Signing 2004 CA	Hash Mismatch
TOSHIBA CORPORATION	VeriSign Class 3 Code Signing 2009-2 CA	Hash Mismatch
Hewlett-Packard Company	VeriSign Class 3 Code Signing 2010 CA	Hash Mismatch
Adobe Systems, Incorporated	VeriSign Class 3 Public Primary Certification Authority - G5	Hash Mismatch
AlphaTheta Corporation	VeriSign Class 3 Public Primary Certification Authority - G5	Hash Mismatch
CyberLink	VeriSign Class 3 Public Primary Certification Authority - G5	Hash Mismatch
Daum Communications Corp.	VeriSign Class 3 Public Primary Certification Authority - G5	Hash Mismatch
SEIKO EPSON CORPORATION	VeriSign Class 3 Public Primary Certification Authority - G5	Hash Mismatch
Lexmark International, Inc.	thawte Primary Root CA	Hash Mismatch

File Traits

2+ executable sections
Badsig nsis
big overlay
HighEntropy
Installer Manifest
Installer Version
nosig nsis
No Version Info
ntdll
Nullsoft Installer

packed
SusSec
upx
UPX!
vb6
WriteProcessMemory
x86

Block Information

Total Blocks:	490
Potentially Malicious Blocks:	13
Whitelisted Blocks:	455
Unknown Blocks:	22

Visual Map

0 0 0 ? ? x ? ? ? ? ? ? ? 0 ? ? 0 ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 x x x 0 0 0 x x x 0 0 0 0 ? ? ? ? x 0 ? ? x x ? x x x 2 0 1 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 2 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 2 1 0 1 1 1 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Agent.ANH
Agent.GDFA
Agent.GSC
Agent.JFI
Agent.MBD

Agent.OFGI
Cerbu.HA
DarkKomet.GL
Darkkomet.I
Darkkomet.RB
Expiro.DA
Expiro.IC
Expiro.KA
Expiro.P
Farfli.DE
Farfli.PC
Floxif.E
GameHack.LPE
Havoc.M
Kryptik.ATAS
Kryptik.CBS
Murphy.B
Spy.Agent.FG
TinyNuke.AA
Trojan.Agent.Gen.BWK
Trojan.Agent.Gen.PT
Trojan.Agent.Gen.RI
Trojan.Kryptik.Gen.EGU
Trojan.Kryptik.Gen.EHO

Files Modified

File	Attributes
c:\program files (x86)\microsoft\edgeupdate\1.3.215.9\msedgeupdate.dll	Synchronize,Write Attributes
c:\program files (x86)\microsoft\edgeupdate\1.3.215.9\msedgeupdate.dll	Synchronize,Write Data
c:\program files (x86)\microsoft\edgeupdate\1.3.215.9\msedgeupdate.dll.dat	Synchronize,Write Data
c:\program files (x86)\microsoft\edgeupdate\1.3.215.9\msedgeupdate.dll.tmp	Generic Write,Read Attributes
c:\program files\common files\system\symsrv.dll	Generic Write,Read Attributes
c:\program files\common files\system\symsrv.dll.000	Generic Write,Read Attributes
c:\programdata\hisuiteouc\log\dcshost_xludnich.log	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\sandbox_live\injected-win32.dll	Synchronize,Write Attributes
c:\sandbox_live\injected-win32.dll	Synchronize,Write Data
c:\sandbox_live\injected-win32.dll.dat	Synchronize,Write Data

c:\sandbox_live\injected-win32.dll.tmp	Generic Write,Read Attributes
c:\sandbox_live\shsandbox32.exe	Synchronize,Write Attributes
c:\sandbox_live\shsandbox32.exe	Synchronize,Write Data
c:\sandbox_live\shsandbox32.exe.dat	Synchronize,Write Data
c:\sandbox_live\shsandbox32.exe.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\59b3ea337ab7ac6eb1e80d36fee0ad35ecf4a30b_0000223527150c.log	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7f4987fb1a6e43d69e3e94b29eb75926\downloader.5080.log	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a1d26e2\37215b4448.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a1d26e2\bc0115181388.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a1d26e2\bc3f1d8815b4.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a1d26e2\bd597701514.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a1d26e2\bda71bf84f4.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a1d26e2\bf6cf145c0.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\c78ceeaea4195272eb67e96206af92fe360d4f60_00002236552a4.log	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\delme1.bat	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsbbd5b.tmp\langdll.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\~df0617dc3fe9d50637.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\~nsu.tmp\au_.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\users\user\downloads\447c11ea204e8f6b6bfa91190afab8e742e712b4_0000151055.log	Generic Write,Read Attributes

Registry Modifications

Key::Value	Data	API Name
HKLM\software\wow6432node\microsoft\windows nt\currentversion\windows::appinit_dlls	C:\PROGRA~1\COMMON~1\System\symsrv.dll	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows nt\currentversion\windows::loadappinit_dlls		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows nt\currentversion\windows::requiresignedappinit_dlls		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix	Cookie:	RegNtPreCreateKey

HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix	Visited:	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\direct3d\mostrecentapplication::name	715103ab13062d52e6cb9cec9b98c20e56f53db2_0000212591	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations	1\??\C:\Windows\SystemTemp\MicrosoftEdgeUpdate.exe.old5af521\??\C:\Windows\SystemTemp\CopilotUpdate.exe.old5af62*1\??\C:\P	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475	鲡ȁ ਪˣ鈯ˣ遙̃豤̃অˣ炑̃ 龡^濖̃賬̃(獖}偫~엦1਷ˣ邯̃뫯ʃ	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer\advanced::hidden		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusoverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalldisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalloverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::updatesdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::uacdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusoverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalldisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalloverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::updatesdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::uacdisablenotify		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings::globaluseroffline		RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\policies\system::enablelua		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::enablefirewall		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::donotallowexceptions		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::disablenotifications		RegNtPreCreateKey
HKCU\software\apcr\1214104697::1919251317	扱	RegNtPreCreateKey
HKCU\software\apcr\1214104697::-456464662		RegNtPreCreateKey
HKCU\software\apcr\1214104697::1462786655		RegNtPreCreateKey
HKCU\software\apcr\1214104697::-912929324	#	RegNtPreCreateKey
HKCU\software\apcr\1214104697::1006321993	Č	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::failed_count		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::state		RegNtPreCreateKey
HKCU\software\microsoft\edge\thirdparty::statuscodes	(NULL)	RegNtPreCreateKey
HKCU\software\microsoft\edge\thirdparty::statuscodes		RegNtPreCreateKey
HKCU\software\microsoft\edge\elfbeacon::version	143.0.3650.96	RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::failed_count		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::state		RegNtPreCreateKey

Windows API Usage

Category	API
Service Control	OpenSCManager StartServiceCtrlDispatcher
Process Shell Execute	CreateProcess ShellExecute WinExec
Other Suspicious	AdjustTokenPrivileges
Anti Debug	IsDebuggerPresent OutputDebugString
User Data Access	GetUserName GetUserObjectInformation
Cert Store Read	CertEnumCertificatesInStore CertOpenStore
Process Manipulation Evasion	NtUnmapViewOfSection ReadProcessMemory
Syscall Use	ntdll.dll!NtAccessCheck ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtApphelpCacheControl ntdll.dll!NtAssociateWaitCompletionPacket ntdll.dll!NtClose ntdll.dll!NtCreateFile ntdll.dll!NtCreateMutant ntdll.dll!NtCreateSection ntdll.dll!NtCreateSemaphore ntdll.dll!NtDeleteValueKey Show More ntdll.dll!NtDuplicateToken ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtMapViewOfSection ntdll.dll!NtOpenFile ntdll.dll!NtOpenKey ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenProcessTokenEx ntdll.dll!NtOpenSection ntdll.dll!NtOpenThreadTokenEx ntdll.dll!NtPowerInformation ntdll.dll!NtProtectVirtualMemory ntdll.dll!NtQueryAttributesFile ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationThread ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQueryLicenseValue ntdll.dll!NtQueryPerformanceCounter ntdll.dll!NtQuerySecurityObject ntdll.dll!NtQuerySystemInformation ntdll.dll!NtQuerySystemInformationEx ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtReadRequestData ntdll.dll!NtReleaseMutant ntdll.dll!NtReleaseWorkerFactoryWorker ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationVirtualMemory ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtSetValueKey ntdll.dll!NtTestAlert ntdll.dll!NtWaitForSingleObject ntdll.dll!NtWaitForWorkViaWorkerFactory ntdll.dll!NtWriteFile UNKNOWN

Shell Command Execution


							open schtasks.exe /delete /tn "SmadavSecondaryUpdater" /f


							"c:\users\user\downloads\PrivacyIconClient.exe" -startup


							"C:\Users\Nwviyzpv\AppData\Local\Temp\~nsu.tmp\Au_.exe"  _?=c:\users\user\downloads\


							command.com /C C:\Users\Ccrevsae\AppData\Local\Temp\delme1.bat


							"C:\Users\Ccvpskwq\AppData\Local\Temp\~nsu.tmp\Au_.exe"  _?=c:\users\user\downloads\


									open http://support.d-imaging.sony.co.jp/download/PMBP/PMBP_Installer01/?OS=win&LOCALE=en_US


									"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-skip-compat-layer-relaunch --single-argument http://support.d-imaging.sony.co.jp/download/PMBP/PMBP_Installer01/?OS=win&LOCALE=en_US


									c:\users\user\downloads\DRVSETUP64\DRVSETUP64.EXE

Trojan.ClipBanker.GC

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

Digital Signatures

Digital Signatures

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

Most Viewed