Trojan.MSIL.Agent.FDA
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 7,160 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 5,543 |
| First Seen: | July 10, 2023 |
| Last Seen: | April 21, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.MSIL.Agent.FDA |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
811822f12de6d041e11c46bff216dbc5
SHA1:
0d31dfda10002274ec0ecd44f55600aab25684c2
File Size:
132.61 KB, 132608 bytes
|
|
MD5:
da4064275c62b67e091e444cc10c5586
SHA1:
d15665aba40170cbc69b47b79061e4fff638faf0
SHA256:
096A589C5520F1086E183F6B02DB3693C4D983AAF40D81AA58C7464352AD2F19
File Size:
276.48 KB, 276480 bytes
|
|
MD5:
4fb4a1ea2d5ba292a45b2fa768f1e2a4
SHA1:
04c84a52d3c37d23a1f66f3d02836284cf6ed200
SHA256:
6013DF00166CF6C1628E9DF87E41AC30BCDF2AD0F5571D863D333298D632D4A5
File Size:
266.24 KB, 266240 bytes
|
|
MD5:
528e4e6c792623815dbaaecc5f64c4e1
SHA1:
27381ad663e0c03919ffb44476f965dee416b42e
SHA256:
26483E78801C197CA7292EFAFE1018A706B1A01E122CA1BB86B1500CE8F29BB9
File Size:
278.53 KB, 278528 bytes
|
|
MD5:
ccfd222bbc2342f4646bbcbc5dbd1682
SHA1:
86060ec549a26fd0b715660c708c8f081f3cadb5
SHA256:
351FC29B70234AEA62709A1DB55A1467F54ABFB3DDBDBC01E2A6FFE40D6E2488
File Size:
207.36 KB, 207360 bytes
|
Show More
|
MD5:
0b8c89857c5ff44dc36a6fbb8caeb546
SHA1:
bdf0dd7bbbe461940cd892af4df31d4543139862
SHA256:
9AF3982F20104A1440641084CFDF67C56F6FFC6FE3CC577370593672E0BE7EB3
File Size:
143.36 KB, 143360 bytes
|
|
MD5:
fb1cc0df7a48bab438d4aa7b4b519fe5
SHA1:
519db83decfdc690756fdee788ce1703057ab259
SHA256:
5DD4800D673D5F6312A4A5C6EBB5CCB2A117055CD961D95D34A66D5E38A0D038
File Size:
152.06 KB, 152064 bytes
|
|
MD5:
2432e38a9001c26d0b0bf097f0282c16
SHA1:
f6d4f4b05429b59ec2b6dff0d6ea965a9ddf66ad
SHA256:
1155E4840D550528E40B934967F54D4C16CD43A19D718E6D16EC3F083E3F1CA3
File Size:
145.92 KB, 145920 bytes
|
|
MD5:
6d5b4b6f463a32ee17fd71705973c115
SHA1:
62f6e0b5e6137a72c11cb230ecb750425a70f43f
SHA256:
C5D13483BF1F44B9376E8A5515B05EAB7D62AE0349D873DFD50E9C28839ED381
File Size:
194.05 KB, 194048 bytes
|
|
MD5:
19f62b4ec9d1377108df7936c3d01b08
SHA1:
db86d4bb49943d95389742685227dbbbafd9e038
SHA256:
DE4B23BA4E16B5F8AE959978CC4740EF2DF39EB63C8B29C030D7075944E8D576
File Size:
147.97 KB, 147968 bytes
|
|
MD5:
392ae30a4275cc0bfa998c87ab3de997
SHA1:
102c8c83fd54a7d188cc1ee0b16f61160ce9038b
SHA256:
D635D4A7836BDEE9853DAC9FBBBE0762542D140C1AE79BCCE5F4394B3E190E5A
File Size:
217.09 KB, 217088 bytes
|
|
MD5:
cbcffa53f3f901a07fd3563b921eb720
SHA1:
41d648198e6dab7dd41f7c2d0775dbcfe7567fd5
SHA256:
894A916E86DD450B7D8188963E931842D34B8A14A20EBEA21F18836EC2610374
File Size:
178.18 KB, 178176 bytes
|
|
MD5:
ab690d3fbc74d88ede84427869ca5465
SHA1:
ab3f0b5114282a497f4c67c8e263a5c500d38866
SHA256:
5E6E685D8ED9F549662282D3D95D6D2098281B9F253AF26449BB9D9DC8A11C05
File Size:
208.90 KB, 208896 bytes
|
|
MD5:
fae413728f2f3602d90841efffcbc0e9
SHA1:
09c3d9e8e4603ecc3c656c134cc1edbb36bec31d
SHA256:
F388B79462F2171A0145AEB25359C2F8D07661F4744592532ED789191734F97D
File Size:
132.61 KB, 132608 bytes
|
|
MD5:
de0019b09a4c16dc3ba321f1896a370f
SHA1:
8a35151d1fa0d77bfe0c9cbcd6a2d7e92fffe5b2
SHA256:
0601D9AF3209ECA44E8111CD6D5A56EC43A8623DBC07A37A5D08095CF34215EB
File Size:
263.68 KB, 263680 bytes
|
|
MD5:
5e9717ac7ffe21cad99fc166661ebc7e
SHA1:
a4fb8f7de54deea685a8e28f89a624b4e7beb133
SHA256:
BFA68480D2676B7874C95C40235A5E46A02E4BDFB0D8B3855252F42FAA0C1A79
File Size:
129.02 KB, 129024 bytes
|
|
MD5:
6dc068d15d1ee7be504ff53111343abe
SHA1:
da831c9f6910249ca88a34b88c67993a8189dda2
SHA256:
C080C556B1E6349CD4808EB201A7D703CD2E709D68FCE5F56F35FE42123CDA65
File Size:
151.04 KB, 151040 bytes
|
|
MD5:
4adf897eaae1342716bf9bd64c8a84aa
SHA1:
d9b3f8de922d101a9b47223b4d59434eca1fdc3e
SHA256:
AE4C998A3A728ACA7C835BC13B09FFFAA89DA25D808FDC2E30CF36E0A857E935
File Size:
135.17 KB, 135168 bytes
|
|
MD5:
23861a15da616be4d629810c765a5b58
SHA1:
18f8dc4ddc010003ccabe4121df4491e36f0952f
SHA256:
02C982CF686DB4572434BF4811E6717C339AFC6E22B8F3A30484DDAE7D0BB330
File Size:
143.36 KB, 143360 bytes
|
|
MD5:
b12cccfe2c457116b4729c59806665a7
SHA1:
865672023262044f4d41838c96031f9e412a0b2a
SHA256:
1EF68E610ADD4C0F153D5A336E157E53A0590393A15E9493E3D938B9C05224ED
File Size:
147.46 KB, 147456 bytes
|
|
MD5:
c51b87a997963000dc796babd8f87f1e
SHA1:
c78267c5d8510a8567c1aeb22aed074cef177893
SHA256:
6B587A262992ACD76682A9307DC3C5A775AFCC4644A4511B97E42183183C3989
File Size:
207.36 KB, 207360 bytes
|
|
MD5:
da1f9364a66b6e8eb74c5cb0ecbc273d
SHA1:
47059fdd2d18959f7f21f0b935a4ada4c2d6f621
SHA256:
F253F891F990598C1E2F6A076CDE8FA16F3746573C297D8F710CC6AE6F399D16
File Size:
290.82 KB, 290816 bytes
|
|
MD5:
76b6b6dca5c826bad7cba49dbc16912a
SHA1:
f3e5a9a418563794c6bdcda4e3f0a671c2200ea4
SHA256:
7FDB48A77A521B9546FDF577D4C2253A26CA8965E2044E83EE10055BF052DABA
File Size:
248.83 KB, 248832 bytes
|
|
MD5:
49736e8fa3bbb3e5b92a77ae0762b6b0
SHA1:
48821814da316226a4ef6b6c04526f8288338f70
SHA256:
A74D6CAE58F7C278D9D7D290039E113E3886252ED1339C29813B12C84E606B96
File Size:
269.82 KB, 269824 bytes
|
|
MD5:
dae9d2a6d5b5ebbe7df6c0aadd8c9e23
SHA1:
31c1bebfda13935d483aa7b480b899dda44f17d9
SHA256:
03790DB0034A9011BE57E0AD73E93B05DE7FDC6D5D81B04789E15095B3D045FB
File Size:
282.62 KB, 282624 bytes
|
|
MD5:
a01e015d9d05fa39ed42802fe9ca6dbe
SHA1:
bded9c7e734c5d4122493a25097ca9716181a4bb
SHA256:
862722B507A2C793329B01E86B05B39A9D2613001F3BA7A139DD1C15CA7A5E68
File Size:
194.56 KB, 194560 bytes
|
|
MD5:
157f246095011971f3240c9822981802
SHA1:
dc569e0a5d4d846faf38a738d96dcef5f9ae00a3
SHA256:
2511F386B69C74C2FD1D6A15DE02747818DD1BB931F075581D6EDF47CC6FD4A2
File Size:
224.26 KB, 224256 bytes
|
|
MD5:
7a9757c081d488be73639c5b259b9951
SHA1:
208d91280040affa3d6ecb51e65a2025cfabfa9c
SHA256:
1BD0DDA8B638275FCFAFB46405D206CEEF6C7E2324AC857C19F9513095B71AA6
File Size:
147.46 KB, 147456 bytes
|
|
MD5:
7b11142f0493a80c682a2dd2c2cc744e
SHA1:
e7ff4ce1516d64db108ff3b9a8bb50810a2362ca
SHA256:
20B6EFA40B4DBD779BD5B3821AF4EF83B01D42C4835CEF7D059DA7984E638BA9
File Size:
144.38 KB, 144384 bytes
|
|
MD5:
32b2979754dd920967aee7eda44c1953
SHA1:
bab000c1f65b88b47c1e544e384ca099a0798e0e
SHA256:
ECF04A6ED1E3F39EB699A7F9583B28345ACE049EC018A1D98B36C3C17B199944
File Size:
151.55 KB, 151552 bytes
|
|
MD5:
08eacf52bd66d6006738422603ebf9cf
SHA1:
23908baa132118c081542953f1f2b2becee80740
SHA256:
CE4D89D960DD1A99ABEE99240B7941919F15AB6FD976946BC0218AF4501F7D24
File Size:
253.95 KB, 253952 bytes
|
|
MD5:
fe89595d3d36ebd4b443879155a4930e
SHA1:
89de6126514cdf2c41c3b715be9a516cb873cc76
SHA256:
E052C44517D14D9407FA9C2DCFCEF96F530EACF363874A96A5DB4F7D2590C00B
File Size:
265.22 KB, 265216 bytes
|
|
MD5:
9fdd30cc2ca4a550d5a25bee67ebc7de
SHA1:
0c98f71ae1d038a0de720221ce5127a6ac145c25
SHA256:
885F4592965A99ADC486E404F8D2BC4EDE7256F6892737FD40917DB464459AAE
File Size:
272.38 KB, 272384 bytes
|
|
MD5:
59548d0a7748ab127113216868d3f43c
SHA1:
a488b56a43a98e5c7235a9dd8dba4866f7e45e33
SHA256:
5F8CF42229BEEF14D589B7450746D72645D5028C22B86104C473583887B89F7B
File Size:
154.11 KB, 154112 bytes
|
|
MD5:
2cfde00604d8530c8949f99a4281ff83
SHA1:
cb540fcf3aeed306dd1317420f26097c2ca3a1a1
SHA256:
F734E27DAB636DA3931AB91CA944EC8D4AE76632DEEC1213868A487AB6DDBD75
File Size:
216.58 KB, 216576 bytes
|
|
MD5:
dfdb6cfb5ee382b9d40c4720861d6a4d
SHA1:
da7d37a1526a1497bf533b9bdea131aed2a145ea
SHA256:
BE9F5556BB3272287BA486AB8EA5CFC1C1BFEED78C94C3B7B8A206F249209556
File Size:
176.13 KB, 176128 bytes
|
|
MD5:
34a9d29c49aa44439a2f97b5cfb32c87
SHA1:
c1f0d8137619bbec6860a3aa10db0a6bc117d6db
SHA256:
F37425164BA51BF5D8F3043E42F721CB9E2302AC081490FB82DEA1DC8C93F538
File Size:
140.80 KB, 140800 bytes
|
|
MD5:
9735c58e0b8f9bee791c9a68c6277e82
SHA1:
ae80599f3d746e646d990c7ff0e58c21ac0e9e8a
SHA256:
E69DF1109595C5B24B8EA612738E3A5872DE18A440428DE456CE2EBE69DAAFCA
File Size:
253.95 KB, 253952 bytes
|
|
MD5:
55ccde1306ff7b0e0e2481bbb30575db
SHA1:
ef08585a3862eb32399caa541d1dce28b8897608
SHA256:
E2490F82288EB57CE5617528047D631F0BACD86DD63BBF79835DB652928F4F06
File Size:
274.43 KB, 274432 bytes
|
|
MD5:
09daf8ef99a35f88eb77e7dd46cee42a
SHA1:
171630701a63f020af9e4977fb217596faef946f
SHA256:
030827525D753744605A8475DDE478A57C596A3AA22DF292D29F1553515B9B28
File Size:
146.43 KB, 146432 bytes
|
|
MD5:
83d2348e1f662e57226344c018af8674
SHA1:
2e9d113b87e8a354375c7bd309b778412e4f9d27
SHA256:
6543DB8C4ABA1E5AA576EC959D2D4CE24F08DB4362D58B96964E2FC426B37951
File Size:
136.70 KB, 136704 bytes
|
|
MD5:
a7d51cf4b11522c518e82651a23e5bac
SHA1:
a76bd1c41fbbf3a238763c955782b8607c09a30c
SHA256:
E143F64E7F713F7F2A6A906DBAE487B806D164485C50F41DFDAFA48491C80181
File Size:
128.00 KB, 128000 bytes
|
|
MD5:
dc297eaabaf6cbcac3a187d6a3fe17ec
SHA1:
ae2f0c87360c25bf87321e4676e89f1da3360aaf
SHA256:
5EDC769A8F22FF053AC1A94620A196E1DC4DF88F9DD220360B64C29AAB8E210D
File Size:
139.26 KB, 139264 bytes
|
|
MD5:
04fdc6d60c7e52ab03f17406962785d1
SHA1:
9c5aa6db7eadf518d13d5260b2c93cc1e4bb9e6f
SHA256:
32E5D60C7E5A74A73685FF4392AC8725D3E3C52BA1F0DF7769AF7F2F76D12AC4
File Size:
286.72 KB, 286720 bytes
|
|
MD5:
6bd0333e2cd136daa37e070a30453e5c
SHA1:
46a1376c9767362c7ab53e501c89efa2ce8b2478
SHA256:
FF6D73DEFFD6D6A6CF06D530F3212CAA999D155F912A4EA3D648CA97A3BA6827
File Size:
252.42 KB, 252416 bytes
|
|
MD5:
18f45dc2f917ff7528b422a47c97f019
SHA1:
f82b980f9a119523492d079eb26e4d36e5b135b5
SHA256:
015C8236DA6BC7390212C45C44F516CB7D9D06C6CB16709BA16734D2C91F48E1
File Size:
137.73 KB, 137728 bytes
|
|
MD5:
753d059f337a30f72d59944f41efb320
SHA1:
067dc89971b66bd7ed0c6997b763901843f5b0f1
SHA256:
6C20CCB28D1740689B1DA4BE658E994190C4F04CC953A16B2A3605F3E1FC7645
File Size:
263.68 KB, 263680 bytes
|
|
MD5:
3be87fc7bcdc2bb12ce421724ccdf94e
SHA1:
aca502a656c53ed10085252dcbc084d0b5064eea
SHA256:
D69FD30A16FB9D1C9C7350ADA9A80EFB60C993EA3680E794596708C62A77EAA1
File Size:
203.78 KB, 203776 bytes
|
|
MD5:
6dc1ec264e4a21971b2db3bf6ff4828b
SHA1:
26c1ebb891d1b0641adb9bddb396efa9885c664a
SHA256:
9E329505C013C580090A92AA5DF747B48C3637D3F2A241505D3E11CD1415400B
File Size:
262.14 KB, 262144 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have security information
- File has exports table
- File is .NET application
- File is 32-bit executable
- File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
- File is either console or GUI application
- File is not packed
Show More
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| Assembly Version | 0.0.0.0 |
| File Version | 0.0.0.0 |
| Internal Name |
Show More
|
| Original Filename |
Show More
|
| Product Version | 0.0.0.0 |
File Traits
- .NET
- dll
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 44 |
|---|---|
| Potentially Malicious Blocks: | 1 |
| Whitelisted Blocks: | 0 |
| Unknown Blocks: | 43 |
Visual Map
? - Unknown Block
x - Potentially Malicious Block
Similar Families
Similar Families
This section lists other families that share similarities with this family, based on EnigmaSoft’s analysis. Many malware families are created from the same malware toolkits and use the same packing and encryption techniques but uniquely extend functionality. Similar families may also share source code, attributes, icons, subcomponents, compromised and/or invalid digital signatures, and network characteristics. Researchers leverage these similarities to rapidly and effectively triage file samples and extend malware detection rules.- MSIL.Krypt.DDC
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Syscall Use |
Show More
|
| Process Shell Execute |
|
| Anti Debug |
|
| Process Manipulation Evasion |
|
Shell Command Execution
Shell Command Execution
This section lists Windows shell commands that are run by the samples in this family. Windows Shell commands are often leveraged by malware for nefarious purposes and can be used to elevate security privileges, download and launch other malware, exploit vulnerabilities, collect and exfiltrate data, and hide malicious activity.
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\0d31dfda10002274ec0ecd44f55600aab25684c2_0000132608.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\d15665aba40170cbc69b47b79061e4fff638faf0_0000276480.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\04c84a52d3c37d23a1f66f3d02836284cf6ed200_0000266240.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\27381ad663e0c03919ffb44476f965dee416b42e_0000278528.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\86060ec549a26fd0b715660c708c8f081f3cadb5_0000207360.,LiQMAxHB
|
Show More
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\bdf0dd7bbbe461940cd892af4df31d4543139862_0000143360.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\519db83decfdc690756fdee788ce1703057ab259_0000152064.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\f6d4f4b05429b59ec2b6dff0d6ea965a9ddf66ad_0000145920.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\62f6e0b5e6137a72c11cb230ecb750425a70f43f_0000194048.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\db86d4bb49943d95389742685227dbbbafd9e038_0000147968.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\102c8c83fd54a7d188cc1ee0b16f61160ce9038b_0000217088.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\41d648198e6dab7dd41f7c2d0775dbcfe7567fd5_0000178176.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\ab3f0b5114282a497f4c67c8e263a5c500d38866_0000208896.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\09c3d9e8e4603ecc3c656c134cc1edbb36bec31d_0000132608.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\8a35151d1fa0d77bfe0c9cbcd6a2d7e92fffe5b2_0000263680.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\a4fb8f7de54deea685a8e28f89a624b4e7beb133_0000129024.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\da831c9f6910249ca88a34b88c67993a8189dda2_0000151040.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\d9b3f8de922d101a9b47223b4d59434eca1fdc3e_0000135168.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\18f8dc4ddc010003ccabe4121df4491e36f0952f_0000143360.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\865672023262044f4d41838c96031f9e412a0b2a_0000147456.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\c78267c5d8510a8567c1aeb22aed074cef177893_0000207360.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\47059fdd2d18959f7f21f0b935a4ada4c2d6f621_0000290816.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\f3e5a9a418563794c6bdcda4e3f0a671c2200ea4_0000248832.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\48821814da316226a4ef6b6c04526f8288338f70_0000269824.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\31c1bebfda13935d483aa7b480b899dda44f17d9_0000282624.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\bded9c7e734c5d4122493a25097ca9716181a4bb_0000194560.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\dc569e0a5d4d846faf38a738d96dcef5f9ae00a3_0000224256.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\208d91280040affa3d6ecb51e65a2025cfabfa9c_0000147456.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\e7ff4ce1516d64db108ff3b9a8bb50810a2362ca_0000144384.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\bab000c1f65b88b47c1e544e384ca099a0798e0e_0000151552.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\23908baa132118c081542953f1f2b2becee80740_0000253952.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\89de6126514cdf2c41c3b715be9a516cb873cc76_0000265216.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\0c98f71ae1d038a0de720221ce5127a6ac145c25_0000272384.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\a488b56a43a98e5c7235a9dd8dba4866f7e45e33_0000154112.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\cb540fcf3aeed306dd1317420f26097c2ca3a1a1_0000216576.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\da7d37a1526a1497bf533b9bdea131aed2a145ea_0000176128.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\c1f0d8137619bbec6860a3aa10db0a6bc117d6db_0000140800.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\ae80599f3d746e646d990c7ff0e58c21ac0e9e8a_0000253952.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\ef08585a3862eb32399caa541d1dce28b8897608_0000274432.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\171630701a63f020af9e4977fb217596faef946f_0000146432.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\2e9d113b87e8a354375c7bd309b778412e4f9d27_0000136704.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\a76bd1c41fbbf3a238763c955782b8607c09a30c_0000128000.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\ae2f0c87360c25bf87321e4676e89f1da3360aaf_0000139264.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\9c5aa6db7eadf518d13d5260b2c93cc1e4bb9e6f_0000286720.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\46a1376c9767362c7ab53e501c89efa2ce8b2478_0000252416.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\f82b980f9a119523492d079eb26e4d36e5b135b5_0000137728.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\067dc89971b66bd7ed0c6997b763901843f5b0f1_0000263680.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\aca502a656c53ed10085252dcbc084d0b5064eea_0000203776.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\26c1ebb891d1b0641adb9bddb396efa9885c664a_0000262144.,LiQMAxHB
|