Trojan.Parite.FA

By CagedTech in Trojans

Table of Contents

Analysis Report

General information

Family Name:	Trojan.Parite.FA
Signature status:	No Signature

Known Samples

MD5: f1977e945d4336ed360da35e7ac0e4a9

SHA1: 03015a8e6fcf13639d465c4d5aa6d3bbd51da171

SHA256: 79D084DC93BB205AC79833D01310875D9C77DBB1D0962375E82AD01F38C0935B

File Size: 1.07 MB, 1073120 bytes

MD5: dabb5479bc995c4413ae157ba73e7484

SHA1: 49a7ad7ec6db1a307c18f73735a4500c95af24f0

SHA256: 64A3D4D21C6C00ADFF67CFE468CA2F0D5DB7BB320F37A4D0273CF782AD4EFE6B

File Size: 373.78 KB, 373784 bytes

MD5: bd52d0855f703b72872fa1b729429fb5

SHA1: 19d5d521d405c03b2e79fb2126ad897984c9dbbd

SHA256: B4A7B47ACF0F4FB93BA47499FD4A801AFDC59CD1D898A2F8460B2BBBD44593D3

File Size: 376.71 KB, 376712 bytes

MD5: 600be80a0a3166b5a82a37cd6ca96419

SHA1: c04f3c925210716d20da8f848f75cf76f745d55b

SHA256: AB185117E460B5AECC2EF598A04B5EE2B8F78DD717F0C91F61354C7CFA58BC66

File Size: 370.66 KB, 370656 bytes

MD5: a863aeee69811981aeede16db886ab4a

SHA1: dc9d8a01b68064527bc57fcbcb5148c5e46f61cb

SHA256: 0ED975D0790C65DC455F16894AF987CBC0B04E754BFC54E9112DFC9FED7C2F8F

File Size: 2.63 MB, 2632824 bytes

MD5: 5e43529c36de81da42afb9c16fc482c9

SHA1: 86acfbce0354c72aef7bdb41b3dd5226ba1e5e97

SHA256: F0F90595FF318EE6CA0FFF2A7B166C175A69C656028282DD7787E0DF85963231

File Size: 405.29 KB, 405288 bytes

MD5: 921bf4e6e53b6d209ed413694ae32e74

SHA1: b6b805f10f58444748ab8af210b48751008fe9af

SHA256: 5E43CC4D90A3992A45316602DCB480919BF4DC6253A9D8A717F2517C4810DE36

File Size: 628.58 KB, 628584 bytes

MD5: ed57483cd01de1107c8ea7dab81be9c1

SHA1: f3ef22810172d67be5ff4dc367d454e2484cda42

SHA256: 34693391392486984C04B9A81FE88E0B9B134B99E79156F144CE4E84D3E02A22

File Size: 730.10 KB, 730096 bytes

MD5: b3558eb15b071e8289796ce05fc014ac

SHA1: 55cd76ad12c2e40145520349adb96a2625418d7a

SHA256: BC4F2B7F1C3FCC79280BE0E8B35948F6C55D26A3F044EDB08A26DC6A35A7B1A7

File Size: 3.62 MB, 3620856 bytes

MD5: d9adca8c99e176e1306c298bb8a6369e

SHA1: 28084b546f364b3f23c77bd7f5e3d542663a4375

SHA256: C62547B2F828E722BC5C391361C6505876F9FF9E4105324B239ACF17163DED41

File Size: 665.88 KB, 665880 bytes

MD5: a5037308d7d77f100fce8ec703b6ea4a

SHA1: 67e8987cffa47467cd2b48e57f1d7a4a874d9ec4

SHA256: 383FAC768ABAE6FE94DC933D0077DB4FA91368958BD4F1F977B709CA925F5A33

File Size: 979.97 KB, 979968 bytes

MD5: c6609ee9666e055414386d7ecb9d0e58

SHA1: 8528bf12e71f085195aadda4208e3f02870c6aca

SHA256: DBFC4A9FBE966778CEC9FF45F41C52214FF9CC8DC2B4BA6C5B82ACC028DCF8C5

File Size: 1.97 MB, 1967384 bytes

MD5: 6151828a33dfa9033dfeccbd57e250e4

SHA1: 22a00272bac5c65782e376dc5d428aa4274e9706

SHA256: 2A6880FABC5109005D2B9A3C9BCB7244E348B03F0523DF46D278EC0CCB03489B

File Size: 345.22 KB, 345224 bytes

MD5: b0c3792a7fc9f430eb4b89cbb81ceaeb

SHA1: f49229bd1d599013e61323105ea48e9c47bc7c8f

SHA256: D578C69CA3FE004019FC4BB87B7BB90EF94A62A8CDFB1A3A26AFA72FD70FB2C4

File Size: 396.45 KB, 396448 bytes

MD5: 5d7fe52e5866c0d527262215b2e44288

SHA1: 253ea2cc5ec4484f67dc45b017fb098bf1cb8004

SHA256: 3F48EA7C609404FF85E2785ADBB626D5388EC8FB3F57FCAD19F5363B8CFDCD26

File Size: 569.86 KB, 569856 bytes

MD5: d18f772663a740b23b62fa84a8552b36

SHA1: dda63014ec48b6d4d3d2d88247bbb8cb1c70bbed

SHA256: 8C9774B4589E56F2696170DB9030A05640F2929DE7F2B086C51C9F0CE3C1A7A2

File Size: 531.33 KB, 531328 bytes

MD5: 420273394eb4d01d236e2ca7e2f81016

SHA1: 50d3f8771d3f355f6889a7594a313ac16add30ce

SHA256: 51DBFE1E56DDFA00D62EC0D012D44A0C3616AA02E6B816EFA92E005BEA22F13D

File Size: 1.56 MB, 1562856 bytes

MD5: 1480a622468b3235b91c72fbc70a4207

SHA1: cfeac955c044dda62d54bb82474570605e834332

SHA256: A97280C7B9021AB733D622AF6368FBF5BBC39075848671C29F41726D47EB30DB

File Size: 426.65 KB, 426648 bytes

MD5: 4a0b9a0de1489c15b38d5d113e63ac2a

SHA1: c5dd297455f3a45fd6a279e497a5615b7fe9db2e

SHA256: 656842AED22FA66EEAE75CCE539DC70B5683D904EB096D17C2EF7BF3E075F019

File Size: 627.20 KB, 627200 bytes

MD5: 19229548c57563505af98562554fa64e

SHA1: 851141b715d0cc6213a9fb5d83cc23033d671372

SHA256: 6EBB8904026C11F88A96A158E146D057B34D69C1DEFC6A2A4A890CC27C1A465A

File Size: 2.29 MB, 2294488 bytes

MD5: 6e9310aaca45733c1440f0e0e2aebaa5

SHA1: 98de93ff0ffacf376faf572f9deb16282e3993fb

SHA256: 35265E6F3DCB6965D9B82CEC7B2B02594B8F6DA9554D0395DC787AFDE459B4DC

File Size: 339.38 KB, 339376 bytes

MD5: 2a7750ed5b56a79b0fb368e16fb11279

SHA1: cae8e29bac8196c08d9b92fa533705220425af6e

SHA256: EDED9D0FD762685FA4FD5DF8234F3C0778BB6433C8AB975413C8720B4D0C15BC

File Size: 659.16 KB, 659160 bytes

MD5: e2b329d4c69ff0f5eb0931a9cc139c65

SHA1: 1d2026f6219e730ae8631cdbc92f8a9f08466519

SHA256: 7EB2FDDFF7A8F632DADC642FDF1477F7F17C9B92B1619F595C9DD278C1783EF9

File Size: 549.78 KB, 549784 bytes

MD5: 136d71f7c7bfd87c67a132874ebe4293

SHA1: 316f4d9db064d04aa45cd07b32a9f5831644afe6

SHA256: 3FA9F8FE97D933B52BD77AAC4453E4F77E5A5238B4A0454DF64F085D8B082F43

File Size: 971.51 KB, 971512 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed

IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

34 additional icons are not displayed above.

Windows PE Version Information

Name	Value
Assembly Version	5.0.22212.2 4.5.6129.5257 4.5.0.4 2.8.5.0 1.80.0.0 1.1.1.0
Coder	By BlueLife
Comments	CCCInstall Tool Driver Installer http://www.poweriso.com Third-Party App Updater This installation was built with Inno Setup. Update Windows Update Blocker v1.6
Company Name	Adobe Inc. Advanced Micro Devices Inc. BlueStack Systems, Inc. CANON INC. DucFabulous Co,ltd GitHub Glarysoft Ltd IObit LucasArts Microsoft Corporation Show More NetEase, Inc. Patch My PC, LLC Power Software Ltd Sogou.com Valve Corporation www.sordum.org
File Description	Adobe Crash Reporter Service BlueStacks Helper Canon Solution Menu EX CCCInstall Driver Installer Dropbox Glary Utilities AutoUpdate InstlRunner Build 146199 Microsoft Visual C++ v14 Redistributable (x86) - 14.50.35719 Microsoft Windows Desktop Runtime - 9.0.14 (x86) Show More MuMu Player Installer Patch My PC PowerISO Virtual Drive Manager Setup/Uninstall steam_monitor.exe SWTFU2 Setup Update Windows Update Blocker v1.6 搜狗输入法更新工具
File Version	51.52.0.0 15.9.0.2558 14.50.35719.0 13.2.0.71 12.0.0 10.0.1.3 9.0.14.35819 6.06.0087 5.0.22212.2 5, 6, 0, 0 Show More 5, 0, 0, 8 4.5.6129.5257 4.5.0.4 2.8.5.0 2.7.0.3 1.80 1.6.0.0 1.3.0.1 1.1.1.0 1.0.0.0 1, 0, 0, 1
Internal Name	adunit.exe BlueStacksHelper.exe CCCInstall.exe CNSEMAIN.exe CRWindowsClientService.exe DpInstX InstlRunner launcher PatchMyPC.exe PowerISO Virtual Drive Manager Show More setup SogouPY steam_monitor.exe UltraViewer_Desktop Update.exe
Legal Copyright	2002-2015 Copyright (c) 2003-2014 Glarysoft Ltd Copyright (C) 2004-2013 Copyright (C) 2012 Copyright (C) 2016 Valve Corporation Copyright (C) 2021 Copyright (C) 2025 Kristjan Skutta Copyright (c) Microsoft Corporation. All rights reserved. Copyright 2011 BlueStack Systems, Inc. All Rights Reserved. Copyright 2023 Adobe.All Rights Reserved. Show More Copyright CANON INC. 2012-2017 Copyright © 2016-2020 www.sordum.org All Rights Reserved. Copyright © 2022 Copyright © GitHub 2013-2015 Copyright © Patch My PC, LLC ©2010 LucasArts LLC © 2025 Sogou.com. All rights reserved. © IObit. All rights reserved.
Legal Trademarks	IObit
Original Filename	adunit.exe BlueStacksHelper.exe CCCInstall.exe CNSEMAIN.exe CRWindowsClientService.exe DpInstX32.exe InstlRunner.rc launcher.exe PatchMyPC.exe PWRISOVM.EXE Show More SGDownload.exe steam_monitor.exe UltraViewer_Desktop.exe Update.exe VC_redist.x86.exe windowsdesktop-runtime-9.0.14-win-x86.exe Wub.exe
Private Build	Build 146199
Product Name	Adobe Crash Reporter Service BlueStacks Canon Solution Menu EX Catalyst� Control Center Driver Booster Dropbox Glary Utilities InstlRunner 10.0.1.3 Microsoft Visual C++ v14 Redistributable (x86) - 14.50.35719 Microsoft Windows Desktop Runtime - 9.0.14 (x86) Show More MuMu Player Installer Patch My PC PowerISO Virtual Drive Manager Steam SWTFU2 Setup UltraViewer Update Wallpaper Engine Launcher 搜狗输入法
Product Version	15.9.0.2558 14.50.35719.0 13.2 12.0.0.202303271433_3c2ff10 10.0.1.3 9.0.14.35819 6.06.0087 5.0.22212.2 5.0.0.1 5, 6, 0, 0 Show More 4.5.6129.5257 2.8.5.0 2.7.0.3 1.80 1.6.0.0 1.3.0.1 1.1.1.0 1.0.0.0 1, 0, 0, 1 0.0.0.1
Source Control I D	8563863

File Traits

2+ executable sections
big overlay
HighEntropy
Inno
InnoSetup Installer
Installer Manifest
Installer Version
No Version Info
x86

Block Information

Total Blocks:	284
Potentially Malicious Blocks:	104
Whitelisted Blocks:	162
Unknown Blocks:	18

Visual Map

0 0 0 0 0 0 0 0 0 ? ? ? x x x x x x x x x x 0 x x x x 0 x 0 x x 0 x x x 0 0 0 0 x 0 x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x x 0 0 x 0 0 x 0 x x 0 0 x x x x x x 0 x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 0 x 0 0 0 x 0 0 0 0 0 x x x 0 0 x x 0 x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x x 0 0 0 0 0 0 x 0 0 x x x x x 0 0 x 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Jeefo.A
Parite.F
Parite.FA
Parite.W

Files Modified

File	Attributes
\device\namedpipe\gmdasllogger	Generic Write,Read Attributes
\device\namedpipe\sgdownloadpipenew2	Generic Read,Write Data,Write Attributes,Write extended,Append data,LEFT 786432
c:\program files (x86)\common files\microsoft shared\msinfo\msinfo32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\electronic arts\ea desktop\logs\igoproxy_f49229bd1d599013e61323105ea48e9c47bc7c8f_0000396448.log	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\00790b9c_rar\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\00790b9c_rar\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\users\user\appdata\local\temp\00790bab_rar\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\00790bab_rar\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\users\user\appdata\local\temp\00790c96_rar\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\00790c96_rar\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144

c:\users\user\appdata\local\temp\00790d61_rar\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\00790d61_rar\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\users\user\appdata\local\temp\00790e3c_rar\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\00790e3c_rar\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\users\user\appdata\local\temp\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\users\user\appdata\local\temp\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\3582-490\c5dd297455f3a45fd6a279e497a5615b7fe9db2e_0000627200	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-lsn1o.tmp\8528bf12e71f085195aadda4208e3f02870c6aca_0001967384.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-ugnrv.tmp\_isetup\_regdll.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-ugnrv.tmp\_isetup\_setup64.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-ugnrv.tmp\_isetup\_shfoldr.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-ugnrv.tmp\firewallinstallhelper.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nemux-downloader-39fc59e8-ec09-4806-9a38-1582e5479b62.log	Generic Write,Read Attributes
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\698460a0b6e60f2f602361424d832905_8bb23d43de574e82f2bee0df0ec47eeb	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\8ec9b1d0abbd7f98b401d425828828ce_0f573fcd857350c13752ea188f27d043	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\c8e534ee129f27d55460ce17fd628216_1130d9b25898b0db0d4f04dc5b93f141	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\698460a0b6e60f2f602361424d832905_8bb23d43de574e82f2bee0df0ec47eeb	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\8ec9b1d0abbd7f98b401d425828828ce_0f573fcd857350c13752ea188f27d043	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\c8e534ee129f27d55460ce17fd628216_1130d9b25898b0db0d4f04dc5b93f141	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\03015a8e6fcf13639d465c4d5aa6d3bbd51da171_0001073120	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\03015a8e6fcf13639d465c4d5aa6d3bbd51da171_0001073120	Generic Write,Read Attributes
c:\users\user\downloads\03015a8e6fcf13639d465c4d5aa6d3bbd51da171_0001073120	Synchronize,Write Attributes
c:\users\user\downloads\19d5d521d405c03b2e79fb2126ad897984c9dbbd_0000376712	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\19d5d521d405c03b2e79fb2126ad897984c9dbbd_0000376712	Generic Write,Read Attributes
c:\users\user\downloads\19d5d521d405c03b2e79fb2126ad897984c9dbbd_0000376712	Synchronize,Write Attributes
c:\users\user\downloads\1d2026f6219e730ae8631cdbc92f8a9f08466519_0000549784	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\1d2026f6219e730ae8631cdbc92f8a9f08466519_0000549784	Generic Write,Read Attributes
c:\users\user\downloads\1d2026f6219e730ae8631cdbc92f8a9f08466519_0000549784	Synchronize,Write Attributes
c:\users\user\downloads\22a00272bac5c65782e376dc5d428aa4274e9706_0000345224	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\22a00272bac5c65782e376dc5d428aa4274e9706_0000345224	Generic Write,Read Attributes
c:\users\user\downloads\22a00272bac5c65782e376dc5d428aa4274e9706_0000345224	Synchronize,Write Attributes
c:\users\user\downloads\253ea2cc5ec4484f67dc45b017fb098bf1cb8004_0000569856	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\253ea2cc5ec4484f67dc45b017fb098bf1cb8004_0000569856	Generic Write,Read Attributes
c:\users\user\downloads\253ea2cc5ec4484f67dc45b017fb098bf1cb8004_0000569856	Synchronize,Write Attributes
c:\users\user\downloads\28084b546f364b3f23c77bd7f5e3d542663a4375_0000665880	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\28084b546f364b3f23c77bd7f5e3d542663a4375_0000665880	Generic Write,Read Attributes
c:\users\user\downloads\28084b546f364b3f23c77bd7f5e3d542663a4375_0000665880	Synchronize,Write Attributes
c:\users\user\downloads\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Generic Write,Read Attributes
c:\users\user\downloads\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512	Synchronize,Write Attributes
c:\users\user\downloads\49a7ad7ec6db1a307c18f73735a4500c95af24f0_0000373784	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\49a7ad7ec6db1a307c18f73735a4500c95af24f0_0000373784	Generic Write,Read Attributes
c:\users\user\downloads\49a7ad7ec6db1a307c18f73735a4500c95af24f0_0000373784	Synchronize,Write Attributes
c:\users\user\downloads\50d3f8771d3f355f6889a7594a313ac16add30ce_0001562856	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\50d3f8771d3f355f6889a7594a313ac16add30ce_0001562856	Generic Write,Read Attributes
c:\users\user\downloads\50d3f8771d3f355f6889a7594a313ac16add30ce_0001562856	Synchronize,Write Attributes
c:\users\user\downloads\55cd76ad12c2e40145520349adb96a2625418d7a_0003620856	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\55cd76ad12c2e40145520349adb96a2625418d7a_0003620856	Generic Write,Read Attributes
c:\users\user\downloads\55cd76ad12c2e40145520349adb96a2625418d7a_0003620856	Synchronize,Write Attributes
c:\users\user\downloads\67e8987cffa47467cd2b48e57f1d7a4a874d9ec4_0000979968	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\67e8987cffa47467cd2b48e57f1d7a4a874d9ec4_0000979968	Generic Write,Read Attributes
c:\users\user\downloads\67e8987cffa47467cd2b48e57f1d7a4a874d9ec4_0000979968	Synchronize,Write Attributes
c:\users\user\downloads\851141b715d0cc6213a9fb5d83cc23033d671372_0002294488	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\851141b715d0cc6213a9fb5d83cc23033d671372_0002294488	Generic Write,Read Attributes
c:\users\user\downloads\851141b715d0cc6213a9fb5d83cc23033d671372_0002294488	Synchronize,Write Attributes
c:\users\user\downloads\8528bf12e71f085195aadda4208e3f02870c6aca_0001967384	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\8528bf12e71f085195aadda4208e3f02870c6aca_0001967384	Generic Write,Read Attributes
c:\users\user\downloads\8528bf12e71f085195aadda4208e3f02870c6aca_0001967384	Synchronize,Write Attributes
c:\users\user\downloads\86acfbce0354c72aef7bdb41b3dd5226ba1e5e97_0000405288	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\86acfbce0354c72aef7bdb41b3dd5226ba1e5e97_0000405288	Generic Write,Read Attributes
c:\users\user\downloads\86acfbce0354c72aef7bdb41b3dd5226ba1e5e97_0000405288	Synchronize,Write Attributes
c:\users\user\downloads\98de93ff0ffacf376faf572f9deb16282e3993fb_0000339376	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\98de93ff0ffacf376faf572f9deb16282e3993fb_0000339376	Generic Write,Read Attributes
c:\users\user\downloads\98de93ff0ffacf376faf572f9deb16282e3993fb_0000339376	Synchronize,Write Attributes
c:\users\user\downloads\b6b805f10f58444748ab8af210b48751008fe9af_0000628584	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\b6b805f10f58444748ab8af210b48751008fe9af_0000628584	Generic Write,Read Attributes
c:\users\user\downloads\b6b805f10f58444748ab8af210b48751008fe9af_0000628584	Synchronize,Write Attributes
c:\users\user\downloads\c04f3c925210716d20da8f848f75cf76f745d55b_0000370656	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\c04f3c925210716d20da8f848f75cf76f745d55b_0000370656	Generic Write,Read Attributes
c:\users\user\downloads\c04f3c925210716d20da8f848f75cf76f745d55b_0000370656	Synchronize,Write Attributes
c:\users\user\downloads\c5dd297455f3a45fd6a279e497a5615b7fe9db2e_0000627200	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\c5dd297455f3a45fd6a279e497a5615b7fe9db2e_0000627200	Generic Write,Read Attributes
c:\users\user\downloads\c5dd297455f3a45fd6a279e497a5615b7fe9db2e_0000627200	Synchronize,Write Attributes
c:\users\user\downloads\cae8e29bac8196c08d9b92fa533705220425af6e_0000659160	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\cae8e29bac8196c08d9b92fa533705220425af6e_0000659160	Generic Write,Read Attributes
c:\users\user\downloads\cae8e29bac8196c08d9b92fa533705220425af6e_0000659160	Synchronize,Write Attributes
c:\users\user\downloads\cfeac955c044dda62d54bb82474570605e834332_0000426648	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\cfeac955c044dda62d54bb82474570605e834332_0000426648	Generic Write,Read Attributes
c:\users\user\downloads\cfeac955c044dda62d54bb82474570605e834332_0000426648	Synchronize,Write Attributes
c:\users\user\downloads\dc9d8a01b68064527bc57fcbcb5148c5e46f61cb_0002632824	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\dc9d8a01b68064527bc57fcbcb5148c5e46f61cb_0002632824	Generic Write,Read Attributes
c:\users\user\downloads\dc9d8a01b68064527bc57fcbcb5148c5e46f61cb_0002632824	Synchronize,Write Attributes
c:\users\user\downloads\dda63014ec48b6d4d3d2d88247bbb8cb1c70bbed_0000531328	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\dda63014ec48b6d4d3d2d88247bbb8cb1c70bbed_0000531328	Generic Write,Read Attributes
c:\users\user\downloads\dda63014ec48b6d4d3d2d88247bbb8cb1c70bbed_0000531328	Synchronize,Write Attributes
c:\users\user\downloads\f3ef22810172d67be5ff4dc367d454e2484cda42_0000730096	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\f3ef22810172d67be5ff4dc367d454e2484cda42_0000730096	Generic Write,Read Attributes
c:\users\user\downloads\f3ef22810172d67be5ff4dc367d454e2484cda42_0000730096	Synchronize,Write Attributes
c:\users\user\downloads\f49229bd1d599013e61323105ea48e9c47bc7c8f_0000396448	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\f49229bd1d599013e61323105ea48e9c47bc7c8f_0000396448	Generic Write,Read Attributes
c:\users\user\downloads\f49229bd1d599013e61323105ea48e9c47bc7c8f_0000396448	Synchronize,Write Attributes
c:\users\user\downloads\log.txt	Generic Write,Read Attributes
c:\users\user\downloads\squirrelsetup.log	Generic Write,Read Attributes
c:\users\user\downloads\steam_monitor.exe.log	Generic Write,Read Attributes
c:\windows\appcompat\programs\amcache.hve	Read Data,Read Control,Write Data
c:\windows\appcompat\programs\amcache.hve	Write Attributes
c:\windows\svchost.com	Generic Write,Read Attributes
c:\windows\svchost.exe	Generic Write,Read Attributes
c:\windows\system.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data

Registry Modifications

Key::Value	Data	API Name
HKLM\software\wow6432node\nemuserver::uuid	34f98ab6-9a54-4c41-8be1-53566a0b0538	RegNtPreCreateKey
HKLM\software\wow6432node\nemuserver::channel	nochannel	RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	౱ꣵǜ	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect		RegNtPreCreateKey
HKLM\software\classes\exefile\shell\open\command::	C:\WINDOWS\svchost.com "%1" %*	RegNtPreCreateKey
HKLM\software\microsoft\systemcertificates\authroot\certificates\ddfb16cd4931c973a2037d3fc83a4d7d775d05e4::blob		RegNtPreCreateKey
HKLM\software\microsoft\systemcertificates\authroot\certificates\ddfb16cd4931c973a2037d3fc83a4d7d775d05e4::blob		RegNtPreCreateKey

HKLM\system\software\microsoft\tip\aggregateresults::data	馐ʊ耀ŚT쎫ʝ耀誙꣗ߦ÷ⳛ˼耀塉¹ⳛ˼耀塉ⳛ˼䀀ᯙ鏾隞̃儁耀꧌ޫŴ䮑̛༺䮩̛耀ѷ꛵	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer\advanced::hidden		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusoverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalldisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalloverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::updatesdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::uacdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusoverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalldisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalloverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::updatesdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::uacdisablenotify		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings::globaluseroffline		RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\policies\system::enablelua		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::enablefirewall		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::donotallowexceptions		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::disablenotifications		RegNtPreCreateKey
HKCU\software\apcr\1214104697::1919251317		RegNtPreCreateKey
HKCU\software\apcr\1214104697::-456464662		RegNtPreCreateKey
HKCU\software\apcr\1214104697::1462786655		RegNtPreCreateKey
HKCU\software\apcr\1214104697::-912929324	#	RegNtPreCreateKey
HKCU\software\apcr\1214104697::1006321993	ǜ	RegNtPreCreateKey
HKCU\software\apcr\1214104697::-1369393986	http://www.ledyazilim.com/logo.gifhttp://ksandrafashion.com/l	RegNtPreCreateKey
HKCU\software\apcr\1214104697::549857331		RegNtPreCreateKey
HKCU\software\apcr::u1_0	䡴⬋	RegNtPreCreateKey
HKCU\software\apcr::u2_0	ᩣ	RegNtPreCreateKey
HKCU\software\apcr::u3_0	権ă	RegNtPreCreateKey
HKCU\software\apcr::u4_0		RegNtPreCreateKey

Windows API Usage

Category	API
Process Manipulation Evasion	NtUnmapViewOfSection ReadProcessMemory
Process Shell Execute	CreateProcess ShellExecute
Service Control	StartServiceCtrlDispatcher
Other Suspicious	SetWindowsHookEx
Anti Debug	IsDebuggerPresent NtQuerySystemInformation OutputDebugString
User Data Access	GetComputerNameEx GetUserDefaultLocaleName GetUserObjectInformation
Syscall Use	ntdll.dll!NtAccessCheck ntdll.dll!NtAdjustPrivilegesToken ntdll.dll!NtAlertThreadByThreadId ntdll.dll!NtAlpcConnectPort ntdll.dll!NtAlpcConnectPortEx ntdll.dll!NtAlpcCreateResourceReserve ntdll.dll!NtAlpcCreateSecurityContext ntdll.dll!NtAlpcDeleteSecurityContext ntdll.dll!NtAlpcDisconnectPort ntdll.dll!NtAlpcQueryInformation Show More ntdll.dll!NtAlpcQueryInformationMessage ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtAlpcSetInformation ntdll.dll!NtApphelpCacheControl ntdll.dll!NtAssociateWaitCompletionPacket ntdll.dll!NtCancelWaitCompletionPacket ntdll.dll!NtClearEvent ntdll.dll!NtClose ntdll.dll!NtConnectPort ntdll.dll!NtCreateEvent ntdll.dll!NtCreateFile ntdll.dll!NtCreateIoCompletion ntdll.dll!NtCreateKey ntdll.dll!NtCreateMutant ntdll.dll!NtCreatePrivateNamespace ntdll.dll!NtCreateSection ntdll.dll!NtCreateSemaphore ntdll.dll!NtCreateThreadEx ntdll.dll!NtCreateTimer2 ntdll.dll!NtCreateWaitCompletionPacket ntdll.dll!NtCreateWorkerFactory ntdll.dll!NtDelayExecution ntdll.dll!NtDeleteValueKey ntdll.dll!NtDeviceIoControlFile ntdll.dll!NtDuplicateObject ntdll.dll!NtDuplicateToken ntdll.dll!NtEnumerateKey ntdll.dll!NtEnumerateValueKey ntdll.dll!NtFlushProcessWriteBuffers ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtFsControlFile ntdll.dll!NtGetCompleteWnfStateSubscription ntdll.dll!NtLoadKeyEx ntdll.dll!NtMapViewOfSection ntdll.dll!NtNotifyChangeKey ntdll.dll!NtOpenDirectoryObject ntdll.dll!NtOpenEvent ntdll.dll!NtOpenFile ntdll.dll!NtOpenKey ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenMutant ntdll.dll!NtOpenProcess ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenProcessTokenEx ntdll.dll!NtOpenSection ntdll.dll!NtOpenSemaphore ntdll.dll!NtOpenSymbolicLinkObject ntdll.dll!NtOpenThread ntdll.dll!NtOpenThreadToken ntdll.dll!NtOpenThreadTokenEx ntdll.dll!NtProtectVirtualMemory ntdll.dll!NtQueryAttributesFile ntdll.dll!NtQueryDefaultLocale ntdll.dll!NtQueryDirectoryFileEx ntdll.dll!NtQueryEvent ntdll.dll!NtQueryFullAttributesFile ntdll.dll!NtQueryInformationFile ntdll.dll!NtQueryInformationJobObject ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationThread ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQueryLicenseValue ntdll.dll!NtQueryObject ntdll.dll!NtQueryPerformanceCounter ntdll.dll!NtQuerySecurityAttributesToken ntdll.dll!NtQuerySecurityObject ntdll.dll!NtQuerySymbolicLinkObject ntdll.dll!NtQuerySystemInformation ntdll.dll!NtQuerySystemInformationEx ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtQueryVolumeInformationFile ntdll.dll!NtQueryWnfStateData ntdll.dll!NtReadFile ntdll.dll!NtReadVirtualMemory ntdll.dll!NtReleaseMutant ntdll.dll!NtReleaseSemaphore ntdll.dll!NtReleaseWorkerFactoryWorker ntdll.dll!NtRequestWaitReplyPort ntdll.dll!NtResumeThread ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationFile ntdll.dll!NtSetInformationKey ntdll.dll!NtSetInformationObject ntdll.dll!NtSetInformationProcess ntdll.dll!NtSetInformationThread ntdll.dll!NtSetInformationVirtualMemory ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtSetSecurityObject 17 additional items are not displayed above.
Network Winhttp	WinHttpConnect WinHttpOpen WinHttpOpenRequest WinHttpQueryHeaders WinHttpReceiveResponse WinHttpSendRequest WinHttpWriteData
Encryption Used	BCryptOpenAlgorithmProvider
Process Terminate	TerminateProcess

Shell Command Execution


							"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\03015a8e6fcf13639d465c4d5aa6d3bbd51da171_0001073120"


							"c:\users\user\downloads\03015a8e6fcf13639d465c4d5aa6d3bbd51da171_0001073120"


							"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\49a7ad7ec6db1a307c18f73735a4500c95af24f0_0000373784"


							"c:\users\user\downloads\49a7ad7ec6db1a307c18f73735a4500c95af24f0_0000373784"


							"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\19d5d521d405c03b2e79fb2126ad897984c9dbbd_0000376712"


									"c:\users\user\downloads\19d5d521d405c03b2e79fb2126ad897984c9dbbd_0000376712"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\c04f3c925210716d20da8f848f75cf76f745d55b_0000370656"


									"c:\users\user\downloads\c04f3c925210716d20da8f848f75cf76f745d55b_0000370656"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\dc9d8a01b68064527bc57fcbcb5148c5e46f61cb_0002632824"


									"c:\users\user\downloads\dc9d8a01b68064527bc57fcbcb5148c5e46f61cb_0002632824"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\86acfbce0354c72aef7bdb41b3dd5226ba1e5e97_0000405288"


									"c:\users\user\downloads\86acfbce0354c72aef7bdb41b3dd5226ba1e5e97_0000405288"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\b6b805f10f58444748ab8af210b48751008fe9af_0000628584"


									"c:\users\user\downloads\b6b805f10f58444748ab8af210b48751008fe9af_0000628584"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\f3ef22810172d67be5ff4dc367d454e2484cda42_0000730096"


									"c:\users\user\downloads\f3ef22810172d67be5ff4dc367d454e2484cda42_0000730096"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\55cd76ad12c2e40145520349adb96a2625418d7a_0003620856"


									"c:\users\user\downloads\55cd76ad12c2e40145520349adb96a2625418d7a_0003620856"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\28084b546f364b3f23c77bd7f5e3d542663a4375_0000665880"


									"c:\users\user\downloads\28084b546f364b3f23c77bd7f5e3d542663a4375_0000665880"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\67e8987cffa47467cd2b48e57f1d7a4a874d9ec4_0000979968"


									"c:\users\user\downloads\67e8987cffa47467cd2b48e57f1d7a4a874d9ec4_0000979968"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\8528bf12e71f085195aadda4208e3f02870c6aca_0001967384"


									"c:\users\user\downloads\8528bf12e71f085195aadda4208e3f02870c6aca_0001967384"


									"C:\Users\Ttpiluew\AppData\Local\Temp\is-LSN1O.tmp\8528bf12e71f085195aadda4208e3f02870c6aca_0001967384.tmp" /SL5="$30328,262144,0,c:\users\user\downloads\8528bf12e71f085195aadda4208e3f02870c6aca_0001967384"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\22a00272bac5c65782e376dc5d428aa4274e9706_0000345224"


									"c:\users\user\downloads\22a00272bac5c65782e376dc5d428aa4274e9706_0000345224"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\f49229bd1d599013e61323105ea48e9c47bc7c8f_0000396448"


									"c:\users\user\downloads\f49229bd1d599013e61323105ea48e9c47bc7c8f_0000396448"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\253ea2cc5ec4484f67dc45b017fb098bf1cb8004_0000569856"


									"c:\users\user\downloads\253ea2cc5ec4484f67dc45b017fb098bf1cb8004_0000569856"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\dda63014ec48b6d4d3d2d88247bbb8cb1c70bbed_0000531328"


									"c:\users\user\downloads\dda63014ec48b6d4d3d2d88247bbb8cb1c70bbed_0000531328"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\50d3f8771d3f355f6889a7594a313ac16add30ce_0001562856"


									"c:\users\user\downloads\50d3f8771d3f355f6889a7594a313ac16add30ce_0001562856"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\cfeac955c044dda62d54bb82474570605e834332_0000426648"


									"c:\users\user\downloads\cfeac955c044dda62d54bb82474570605e834332_0000426648"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\c5dd297455f3a45fd6a279e497a5615b7fe9db2e_0000627200"


									"c:\users\user\downloads\c5dd297455f3a45fd6a279e497a5615b7fe9db2e_0000627200"


									open C:\Users\Nltarkdz\AppData\Local\Temp\3582-490\c5dd297455f3a45fd6a279e497a5615b7fe9db2e_0000627200


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\851141b715d0cc6213a9fb5d83cc23033d671372_0002294488"


									"c:\users\user\downloads\851141b715d0cc6213a9fb5d83cc23033d671372_0002294488"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\98de93ff0ffacf376faf572f9deb16282e3993fb_0000339376"


									"c:\users\user\downloads\98de93ff0ffacf376faf572f9deb16282e3993fb_0000339376"


									C:\Windows\Microsoft.NET\Framework64\v2.0.50727\\dw20.exe dw20.exe -x -s 1680


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\cae8e29bac8196c08d9b92fa533705220425af6e_0000659160"


									"c:\users\user\downloads\cae8e29bac8196c08d9b92fa533705220425af6e_0000659160"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\1d2026f6219e730ae8631cdbc92f8a9f08466519_0000549784"


									"c:\users\user\downloads\1d2026f6219e730ae8631cdbc92f8a9f08466519_0000549784"


									"C:\WINDOWS\svchost.exe" "c:\users\user\downloads\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512"


									"c:\users\user\downloads\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512"


									"C:\Users\Iharpumz\AppData\Local\Temp\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512"


									"C:\WINDOWS\svchost.exe" "C:\Users\Iharpumz\AppData\Local\Temp\316f4d9db064d04aa45cd07b32a9f5831644afe6_0000971512"

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.Parite.FA

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

PUP.WaveMax Sound Editor

Trojan.Kryptik.JUD

Trojan.Agent.MBD

Most Viewed

Pornktube.porn

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen