Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Renamer.A

Trojan.Renamer.A

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 1,787
Threat Level: 80 % (High)
Infected Computers: 16,887
First Seen: January 19, 2011
Last Seen: April 22, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Renamer.A
Signature status: No Signature

Known Samples

MD5: 6540ac65b86abf95aa7e60aa7a7f72d8
SHA1: 9a75e23dcafa7e3c18860737d1543ff69d1da22c
File Size: 534.02 KB, 534016 bytes
MD5: ed1fee5641a5b577284b7c3d905ff428
SHA1: 2a3920897a6445bccca4b1080c08e9cf02597e73
File Size: 534.02 KB, 534016 bytes
MD5: 84c1a7859be5c66f8dd1fd96834bdc08
SHA1: c4b36ca9eb123efb620ac40060f9d9d569904b5a
File Size: 534.02 KB, 534016 bytes
MD5: ab07700154c49b01f88b9feac6128744
SHA1: 8252c097e5618e5d76a5d73cf0b9ad06df411185
File Size: 534.02 KB, 534016 bytes
MD5: d6716fa8eeea09590807600f123b1d03
SHA1: 9c6ca2c2a01cd9ecabde386d0341f93eb4873c01
File Size: 534.02 KB, 534016 bytes
Show More
MD5: 88f228fda697e38d2a02da240f453a0f
SHA1: f0f48aa41b59864d3b3dd5b5097f92f27cedd0db
File Size: 534.02 KB, 534016 bytes
MD5: 4bf7d5843d6bc622b03ffd5dc863980c
SHA1: 4cb42c2689df799450822b348e779cddc888fc7b
File Size: 534.02 KB, 534016 bytes
MD5: a4b55e05b2e0d093a8013a8b831d3699
SHA1: 2dfda1569defaf7a805214b74b4898fe3ce61639
File Size: 534.02 KB, 534016 bytes
MD5: 62b446fcad8a42dbcd654aa493d681ab
SHA1: 9cf35b75c3c67af0647460a40519bc80d0806ae9
File Size: 534.02 KB, 534016 bytes
MD5: 13038bb8bc1938bc156797028e14855f
SHA1: 1bb37fa43128b2e15cd48c25a09bf211a438e89f
File Size: 534.02 KB, 534016 bytes
MD5: 5caca063680145a16027dafab9403a7b
SHA1: adee7dfd172f1fa4a259b9519607b9841d23f2bb
File Size: 534.02 KB, 534016 bytes
MD5: b6cfebc7b534298ff3d1cb9a88a51709
SHA1: e441f8b6050b4b12d86bb720e0786ac6bbbf99ff
File Size: 533.50 KB, 533504 bytes
MD5: edabbde8dcfda50f4ae77ab62b35bd6f
SHA1: 24b8a44a5870ef8c2cde2bb785935a6697c08a32
File Size: 534.02 KB, 534016 bytes
MD5: e1bf304ce0859df124a01f3562f23694
SHA1: a563bea994efbd1e172445344015b2fbe94b1695
File Size: 534.02 KB, 534016 bytes
MD5: 4969be7a5a1bc62ea492df17bf34fbf6
SHA1: dfd5d010dac1cf29c8d6a7a954473d7a48380e7f
File Size: 534.02 KB, 534016 bytes
MD5: 59e5030f9d28abd382427ce35728705b
SHA1: 9d274ccd73af819757f03abe568c9acbdf1b6e38
File Size: 534.02 KB, 534016 bytes
MD5: 5233e445ebe0ce9b0595043f2bdc3b72
SHA1: 4e5a1874be43841a1f7baac52caa16d0c4a7b1a4
File Size: 534.02 KB, 534016 bytes
MD5: 1ddc92759bfe6202d0fc4bbbe1c22b43
SHA1: 391d5c32a20cf0b79ca2492ca796d041778f10cf
File Size: 534.02 KB, 534016 bytes
MD5: c2d9493bf2fdbac7dcc7ba88c2f03f05
SHA1: 274f02e8998f89d4d595b8f2e4b73125be88030f
File Size: 534.02 KB, 534016 bytes
MD5: 5c537854fddfb404c9276d97174d03b8
SHA1: c028d0868925e0d9a895219ae0975547f2c94675
File Size: 640.51 KB, 640512 bytes
MD5: 23238739e0e81d9de3a794eb1a62470a
SHA1: 2042fa74e65eb163b4b16f801f18afd623b33806
SHA256: 220A9CFC0542D26E1D710D4FA5A48B48A15ADAE68D0A0C0569428AD012C4AC5D
File Size: 536.06 KB, 536064 bytes
MD5: 4780c3ee663bbf783e4e2ce91d3a2bda
SHA1: 7e5b3b165987dfcc97f7f5ccd2cf609dd0f1a979
SHA256: D1574CD3AF0518AEE6DA6EF57AC4B2BFB07100FBE2EBD9F16D3A733A496A4867
File Size: 534.02 KB, 534016 bytes
MD5: bc2cd2f0659b5efc6b7b5d47cc7d6e38
SHA1: 2d07b5b62ed2058768bab4eb496418f46a2c778b
SHA256: F76272B674C60B2E43583C7B4F3A170EC93AB778A14AFD4F0F7AA69E7C6D3E3F
File Size: 534.02 KB, 534016 bytes
MD5: 73b00c7a6b586c1e9b5ba947d666af0a
SHA1: d10dc5191859598c734ffa5a60b1901fd1bd4905
SHA256: D7E2F71C97501F8DF5B3ADDE5DE0E11B36BA2FBB2EB8148E188CFA1C66F78D31
File Size: 533.50 KB, 533504 bytes
MD5: 6447c321deff70222e136fa9b19d9364
SHA1: b66b7dd1c0f41be116ec7dfc04cf9cf9f82cf27d
SHA256: 343A6DF38741F79130789590E51021AEBB07ED533BE1DC6E45D1015284F8C38D
File Size: 534.02 KB, 534016 bytes
MD5: 32beba16d6d1bfd10b7b434cb32664f4
SHA1: 3fe5a37726c8913c9acc0165bddce2bf60eb4cf8
SHA256: 684B23495C2A6A82E963759FD894E678E2CA33A8279743CC77A1BCBB51522215
File Size: 534.02 KB, 534016 bytes
MD5: 35697bac5f3dd02d0ef6f1ad3524a274
SHA1: a8bdd2139eb9571402a2eaa4300851f9001f4e7f
SHA256: 958B5382E94C170B1050B0B7B54DC0FC3F17D81A61BFF765440E1813B3ABE068
File Size: 533.50 KB, 533504 bytes
MD5: 4a085804bca12ad4fd03fd314a929829
SHA1: 5a99243bd7d7ee5edd91a6bd0d3955375440ada8
SHA256: DD97A80135A5A2E686E8324BD71EE93FF70E9F6061CD077CC753D3F5A4839C68
File Size: 534.02 KB, 534016 bytes
MD5: 59716411ef773fd2e05680f7656bb123
SHA1: 39de9289af6c23d2ca81452a6ab3b610e2000b59
SHA256: 2241D84B9115DD81C8D84C8A1CFD887DFE084277FAB402FB1C78E5963D9B7121
File Size: 534.02 KB, 534016 bytes
MD5: 06492cedd9d7be977027a4494c0a92de
SHA1: 66ef4fea8822198c29ab9d56f1a4894d4cfaf4fa
SHA256: 7023B7A76DFEA2BCCE0BE169E032AF3FD323D52062426D1F468C32A9AE6E4D67
File Size: 534.02 KB, 534016 bytes
MD5: 8f8f42eccd13b0f8a3fda866c7a3a775
SHA1: e115d18746cf3326f3fe52020d2c42bfccfb2804
SHA256: EE018A002B5FEF746A067C7E6E0A01911B03A75D1FBEA008D178C4163A324834
File Size: 534.02 KB, 534016 bytes
MD5: dfb52314e5f554d73460955ace6c45e6
SHA1: 3dad1496b01173e03b38120c8eb4413b2c638683
SHA256: DA6A921C71FC98D2D88543A0C1375A2507FEF6843DEA2A244D893EB1D9A1D96C
File Size: 534.02 KB, 534016 bytes
MD5: a40d33dd2726b23c70469f2211ba4bc7
SHA1: 953769f33c053804854354ac1c2f5abeb274739a
SHA256: F89BB786DC3BE7ACD28D5B7FA071D43E5D66D3128DB0E8BB8AFFCFD376A0E2C8
File Size: 745.91 KB, 745910 bytes
MD5: f6ff97125fa30d5e54f3c22e01e38e2c
SHA1: e49fad0c7b7d2df75a0abee55b7c3beb87eb6256
SHA256: 16F44BD0F9E1157F7EBA151A3A664CE4EE34AF63181CCDD485BE33FF9A520291
File Size: 534.02 KB, 534016 bytes
MD5: 626bd307f028ef7cbb98a3d66f10d851
SHA1: ef925fde23537f5234d8b42ec6ed36991c3ad58a
SHA256: D8354FD0D20F2848E6E0383CCBB3D2EBA915819D44057121075B50435E8B7CCD
File Size: 533.50 KB, 533504 bytes
MD5: f9efb9f3c56e84ba78918eea347947ee
SHA1: b28e0e9c37dde106dd082828502a61ae53d22651
SHA256: 5334B6586E487BC0D7358E3EAA3F9E4B8EF1045C8510C53897336A02581E0CDE
File Size: 533.50 KB, 533504 bytes
MD5: a424e9e5bcbffa925c81708edbc7af98
SHA1: 8dd8a7ec5482570882fb5d578229fe724562e3cb
SHA256: 0463F9A235B182611AD4638ED87B1B6009091DA79DC04A24E69346089FC7C163
File Size: 534.02 KB, 534016 bytes
MD5: 5deb81fcad7aa8e6ec9e0e4f0e7d3d0e
SHA1: d39434f1862b44ab1a33db46c5db1a1a43d7146d
SHA256: 043A35DF80D663A0B0453F25DD384A11ED4705E5CAB3ED682FD915403FF1DA50
File Size: 534.02 KB, 534016 bytes
MD5: ef8b89aa01e93f01d2a3b96960aaf315
SHA1: 034a78b142f37056942596653778443f02a8beb0
SHA256: BF96A42EBB310136FC4AF9F9080B4399011BBE85C7F6FB794942B24EC5C86946
File Size: 534.02 KB, 534016 bytes
MD5: 7e5109e50f81a290a58d7595153985ea
SHA1: 298ef832e869567212727152fbf025a839ee5ccc
SHA256: 8066B624D4846952B2A79547AB066A39347A18B6F71AC74CAD8FE2FDEEB008A8
File Size: 534.02 KB, 534016 bytes
MD5: a386bf590d6334eb6b0ed49b738dffc6
SHA1: 82f4854f3d529d222bc40831e3610b7c4c3469ca
SHA256: 1B376AD0016EF0DBBE3EF20BFEFC408B6AA2167CCFEB4A20163FEAE560F0827E
File Size: 534.02 KB, 534016 bytes
MD5: 64c61411b98f149a448c6ef29ac42d44
SHA1: ba2b8db12c049018b43b96492e03023a57dc48f1
SHA256: AD072F3AEEFBC6B0D6F4DDC8996C87791862D35B17B233503E1C909C74CCC9E3
File Size: 534.02 KB, 534016 bytes
MD5: f4a7e6daa5e1c830cf75385c3dc5e74e
SHA1: 89dbef56d8725b97ea584e6ae3c6ab0d91d57929
SHA256: CE3769A2466112882CABEF33A020518C565F59CDDF174A4C02D96E7D552818C7
File Size: 534.02 KB, 534016 bytes
MD5: 3137a4e44c9c1aa0e95d1efd803f0a3f
SHA1: a23afa2131c490d70f6d7651090d03a024fd3e04
SHA256: DAEFE953D5C44D1AD8647023D26F9597F0CE4C33020FFADA037F534F5C9DC570
File Size: 534.02 KB, 534016 bytes
MD5: 5fb457934408f34ccc7c44b8671f2a2a
SHA1: 5edd4c973014e6cf92dcb22ff89be42e3522224d
SHA256: F99D8DBF97EC22D151E590261615EBAE4D9510B19B205141EBFA623072F273AC
File Size: 534.02 KB, 534016 bytes
MD5: 976bc142410b2f16df50f78f0966ecb7
SHA1: 83286cdf2e602a6100f1c0d8ac5af48d3438884b
SHA256: FAE951F474D98CAA6B5770C8A30BB6AB63FA1A113037FCF6F380715A7CADDB3A
File Size: 534.02 KB, 534016 bytes
MD5: 4b2d48cc202fec5f6125e8b23c3dda92
SHA1: 2a6ea6416dd6f6fa88747863b2cb3fa4f27abcac
SHA256: 3AD998C9AB25BA2D907A8B53CCDC0391A127712BD1AD09B72A87E5C2CB66F574
File Size: 534.02 KB, 534016 bytes
MD5: daa4a81a0493c6283083c4743bb6557e
SHA1: bd2bfbd8326c14121b6e0a799c09e2d7dbd6c11b
SHA256: 19ECA0CC2659652921F1E27E29B5307B3F74575F74D3411C6A4E62E5A8DCA966
File Size: 534.02 KB, 534016 bytes
MD5: 7a9100f28fe8cf5bae1184e8653b7cae
SHA1: e9811c15f607f70741e27c605829d0467b08c960
SHA256: 3D7133299EB21FD4253ADD4D2B8C6087C625078F01A91A7705D3C0369108ACB5
File Size: 534.02 KB, 534016 bytes
MD5: f829426f5b24171efba428ac528798e6
SHA1: 3fe58a08419bf8a86bfd0538c910ebea6b36f60f
SHA256: 45FF76817F57BFA528128E0C5451B158B1111244719AEDCB8B2778F0F6564213
File Size: 533.50 KB, 533504 bytes
MD5: ad2eb7b6abbb0cd2f5f03b6588f3923a
SHA1: 740609c98ac1d4668362a078224bcfb9dbbc973d
SHA256: C82A942D433CEBAC7F802AE0A9CEA57EE898011C793479CE66197FB5BF0A377E
File Size: 534.02 KB, 534016 bytes
MD5: 9601c940d2a924592fb91e34f05f252e
SHA1: e321e279429df5d8854f642e15d7b120f184decb
SHA256: F99C28D4581E8958A5501196133D41DEA00EDFDEF5935AE88FED36D2737DE274
File Size: 534.02 KB, 534016 bytes
MD5: 83903d9c26f4a75a2723bb26a0f36d9d
SHA1: 5f87e6007a9413fc60f49b3adc83e9a0c6ccacd2
SHA256: 7D7B236CC39C18A21E6C6F8EFE28351590A1E3894100645945F177138B51C81F
File Size: 534.02 KB, 534016 bytes
MD5: 92e6cc1c96891dc3b37b63994f148530
SHA1: 6f80ec762227cb24c0b968021bd31ce455404e22
SHA256: 48D9743EEE39736BA57D72E8FC9B42846CA57C875A403004F1765DAF2658F305
File Size: 534.02 KB, 534016 bytes
MD5: dea642833b8ff4f93e51ffdf83221b3a
SHA1: af07c5885f2302923ed0e66e395cebcbd03f9179
SHA256: 5BB5C872ED46E35A7B1B01C6C0A84422E5182C82C9902D84361E8EFF6B6FA3B0
File Size: 534.02 KB, 534016 bytes
MD5: 7cb9aff7430885a1d5d068bc115caa4b
SHA1: 8efcde51ebba2013641de3721affda4f6869341c
SHA256: A2F38D3F5983CB2B53DA2BFC30A704CCDA386D47BB686AA77795B74A923105B0
File Size: 534.02 KB, 534016 bytes
MD5: 0d7a931884baed0f33f78b4e3ccd0018
SHA1: 5cb8cd95bfe1cd27717f742242ab9fe79ccaf5a8
SHA256: 6494E96A2D96FE564ED9199176E1B68115AED887885BEEA32F002F7CF8193A79
File Size: 534.02 KB, 534016 bytes
MD5: 88aa2bf26257dc4fd056eca518aa375d
SHA1: 1a79c35d2c957fc53a45220150876891e2c44180
SHA256: 180B405799FE9837E0B59BFF46A45356ECEF4CCE4A289CE4ED84F61324507D2E
File Size: 534.02 KB, 534016 bytes
MD5: 3ac7bb4eb642d5c06e3d6e3c241e759b
SHA1: dd8cf907d32f655bbd68197f68c41d8e72b899f6
SHA256: 03378F6ABD74C04BCA1201BA4B6E4D7360BBCFBE87255BB5FDEB12C953128B3C
File Size: 534.02 KB, 534016 bytes
MD5: c3947ff3d18949938a851dcf14190142
SHA1: 20a4eedb8472d097c44c42870a5c5de85e17d3a3
SHA256: 92F8DB0D311701445E541FC7D7A800DFA051AB8E7735A02606B2F4E6DCDB34B3
File Size: 534.02 KB, 534016 bytes
MD5: 05dd447b9505e9afe907031e79d4d356
SHA1: 65badcfe6717b3eb435b910ad2d8117ba14e5f38
SHA256: 828DDF1DDAC0F88AC6DA2E668D7556DFB99664636045EE9979FB9435D2A959E0
File Size: 534.02 KB, 534016 bytes
MD5: 50348a1737fcc463d64dfaa0483bad8b
SHA1: 7785bb3703ea65849f9295dc4e5d7d62749c23bd
SHA256: CEF21389C4F4FA7FF4CF34BB7EFE787D4485EA0CB6C1FEE65D0BBCA5D7EF5E42
File Size: 534.02 KB, 534016 bytes
MD5: 6ab791ff6188b5c78a4a5833d6040163
SHA1: 0ac564f5579ba16cfae37533697277f6d553b350
SHA256: DB2BCDF862E72215A26B9388881030E2FB43BC37AFB6009C08DCA4ED7EAD6F21
File Size: 534.02 KB, 534016 bytes
MD5: b0006ddd20eba36ca4a83d054bb3bd6d
SHA1: 6c5f18a793a3b3ded74ebba3e88eacc0c2de6e3a
SHA256: 317562F02AEEE53F9974D206CC7FA235EFBBE5EF10463D9734C284FD702135A2
File Size: 531.97 KB, 531968 bytes
MD5: ad459fa338e661368484df6e0879bfb9
SHA1: cef5031e6cbf69513a16c1e7fbbb83c34513b0d7
SHA256: 9834BE88F7F4814BFA6E29132913E8B25C63D578E247B68A4C145454BAEA71AF
File Size: 534.02 KB, 534016 bytes
MD5: 8ddeef2e4beb3ede63044de8378c6ebc
SHA1: c8ebd311e3889cbc0c3f85121febb477f11754bc
SHA256: 7992593956F1D6A18C4AA1D65C0EDAA7183FD18B0A9EE827BA6FDD5EA6D72DE8
File Size: 534.02 KB, 534016 bytes
MD5: 9503859fe781909c0a914ebd8048b8c2
SHA1: 2ec2851c15111c70ee9749cf9f9c212be89c8b58
SHA256: FC4CBC18DD0422ABD537089498C76A1F6C2A91FEB35E9FAC9213F81469F91136
File Size: 534.02 KB, 534016 bytes
MD5: e8a33b02c53f3db716796a556013295a
SHA1: 96d173bff42b46bd0de21159668832cb42f67795
SHA256: 35047B93D4903D558C19DB926ADDF5F2A6FE6054B9C02E6DDFB9182AA9BFFF1C
File Size: 638.98 KB, 638976 bytes
MD5: e96ef44d4c5f8c566e373c66693e482f
SHA1: bd19e3d239da554ca0719d539b83c518fb260ce5
SHA256: BB9EDB13413A0A10A7FE6903F4C68BE5764B0E6E3851C4971D66412D0428BE4C
File Size: 534.02 KB, 534016 bytes
MD5: 27479083696e2982629b3d1df6ef887a
SHA1: a29bf3a439ef19d9639744f9b0e2466dc2cf07c5
SHA256: 1B348030581B591E70E8566174DA2F14B3D5F25C37089B8050627BAA511110CD
File Size: 539.34 KB, 539336 bytes
MD5: ac729a3583c4836833193dc1d8f8241c
SHA1: ce00998b19908c39c0884fda061b2a3bcbe6b19d
SHA256: D67356D64436461E98335C1D6FF92860107397D5C74BFB40C58B999D321F0AD8
File Size: 534.02 KB, 534016 bytes
MD5: 558e27097b4e7a66625cad3af8833e01
SHA1: 6a8be52ff6f528231cb7cfc14c3168e8a25d2287
SHA256: C2DE336377675FE2CFA13346C19A6BCF6B71D7737505A5CBD4CDDE5BCF56364A
File Size: 534.02 KB, 534016 bytes
MD5: 847015ad8c6ab8b0a2a9717fd89933d0
SHA1: c8c5fbb72b8b1b5896c87488f8d665781723ed1f
SHA256: 28C1D29526FBB3933AB6264F1FF447586814A29BCB9E3981EE15438BB149594C
File Size: 534.02 KB, 534016 bytes
MD5: d77c534ac832f26dc44ff3141272eddd
SHA1: 58a5f32b3d27c13f1aafe067bf0e903bfd87314d
SHA256: E8C1C63911D24110C264727DC94E7DA2B6D309742FCD08711017137AC1166403
File Size: 534.02 KB, 534016 bytes
MD5: 9a7a360661428bd907908c00b3cf723a
SHA1: 1f43b7076af8a6260ac482a92dd2e7e2c9c4dceb
SHA256: 45D2CBB097D5B061DEC43F5AFCE46066F8447FBCE8D5F08521D61D6BD800CD86
File Size: 539.34 KB, 539336 bytes
MD5: 19cf2711f7c3bdc0fe7492921065f6ac
SHA1: fdcc49ef6b84c8076a059852cca4c52e48e8413e
SHA256: 4C9142A2A183028B6E1EE4680B92637D5B1C366585E05FE0BA7D59C5DB738866
File Size: 533.50 KB, 533504 bytes
MD5: 9165f9fc7325d95f7172a166005b0855
SHA1: 406134bd05ef3da897739ecf7070a43e9a6fdef6
SHA256: 1F3CF742D099325FB8F1DCC2A5994F5353EC47E2EBCDB09D60667F9B194BA2DD
File Size: 533.50 KB, 533504 bytes
MD5: c19acf3d0261ff557a0ddbea406e14d8
SHA1: 8955f1a37197ab3e4bc6edfb757af8738fdf3e2f
SHA256: DF651131D96237DB5071D580362E1A898B4A5CC94543761C4D0532FF76E54A7E
File Size: 672.51 KB, 672506 bytes
MD5: b0e488f37ff30da14dd659f0eeb791c5
SHA1: 1f54ba551062f3268c062674a1945a9e2bb705f4
SHA256: 2A5BBAB306B259F1E3F376BEDA517A5E50929D66EDE415DD696DD882E4EC5AFB
File Size: 550.91 KB, 550912 bytes
MD5: d6241254c8e7386ef8bd788f43f7260d
SHA1: b83dbd8b0e15bd1cdab2bc502c14ee456e7199ba
SHA256: 4F84D827AFDADB1F6061782466F7E7FDDB1154DB0F5B0EFC937D487630361B8E
File Size: 534.02 KB, 534016 bytes
MD5: a0b27ff9ce81afab11eaf2fc992121cb
SHA1: f5025312bf46b619eafebc946ae79f72991f78a1
SHA256: 7120C1B60692E6EDFC6DACB4CCBC1D57D7477631F9FBC1AC8E217D6F04A9DA83
File Size: 815.08 KB, 815075 bytes
MD5: e400bee93b0fb346471526029560f336
SHA1: a9820d92557939e36bbb4c7ce587d522e655e403
SHA256: CCDAEAD7C3044B3CE0C8077EADDEE7B24235757EEECD50302A4BDE15309180FA
File Size: 534.02 KB, 534016 bytes
MD5: 4d08bee040c598f9dd07b3489e50c69b
SHA1: eb53dab0808e1614522b59c39d4aee3adb99e6a4
SHA256: 1A06CBEA8E204F0FC4CB2A77B083BC5EA72EA428542E7AA8DF07B4AE957A7C71
File Size: 534.02 KB, 534016 bytes
MD5: 4bbb31149fe35f8731f35ff122eb0dc1
SHA1: 094f7dc62532cc8ea93e7b5b314ece03a5855f24
SHA256: D35C7E2CB39D3B25D0225BFDC7AC7F3E33F6487EAC6AA07CE40BAE04DC083300
File Size: 534.02 KB, 534016 bytes
MD5: 21b89a969f3f26b47f8012c9d131cd5d
SHA1: 8d47c28941915a2fd81c8217bf508db0f93377e0
SHA256: 13BC49CE57D5F8588D7B7FBB6127879B259FF76ED1EE32BAFA8C73BD90A4708D
File Size: 534.02 KB, 534016 bytes
MD5: 747aa6cc1268c370d46f8f6c978952d7
SHA1: 6effc759e39f85a47d977785336358d7501936d8
SHA256: C9045C2AB5406D5AC0EC4634D8AE5782CB705A0024D6538A166B0037B8539253
File Size: 534.02 KB, 534016 bytes
MD5: 0f4ad0b857b9cdd697287723e3a017fa
SHA1: d60166e937e6213679ec14b6256315ea3d39f812
SHA256: 28C87997BFABB0884C9F251A8ED15A9637A590712BD38FF0D396A37E650C486B
File Size: 534.02 KB, 534016 bytes
MD5: 74564da5411f0f98988e86eb036151a5
SHA1: 00e7f702adeaf37bf005d1d1a23dc52926afc283
SHA256: 20DAB34527F9499349E437A67A730EB2EA91C8C555F272466FB890006F4CD90C
File Size: 534.02 KB, 534016 bytes
MD5: 16095596e46643a3858f21aa32fea47c
SHA1: cf690948568100782879e5f179588b8b975d6f45
SHA256: 9894D88AD0AEF6586BB2AC237F07B78E9F6E4FF8BCE63E9CDC18DD91764A8626
File Size: 534.02 KB, 534016 bytes
MD5: fc5abc0a7715b5f3ddaad285ee72e0f0
SHA1: b3b462f6d0fb0952e3195d826a959ef97bec805b
SHA256: AC75764E4A131EE52D3FCFDD305BF8E9D8424A195CCF9878B809EB020BBB26F1
File Size: 534.02 KB, 534016 bytes
MD5: dec943004a44244faf399bfd188bf4ac
SHA1: 5324ddf4905c976d1d4ea526d06306fb883b7d8a
SHA256: 4291C3D1C05E1814F89725F00867FF8392A157E29B5311C46A58976F2FBDC6DA
File Size: 534.02 KB, 534016 bytes
MD5: e43a7a545682c0b85c5ef6120162ed8b
SHA1: a95764e6af33760c9ce096e5b268a01b186b6bc2
SHA256: 41451FE0868F72B0D56B4CAC2D64AD29194A8923896C686C258570ED2F52ED9A
File Size: 534.02 KB, 534016 bytes
MD5: fefcd3e61f202636382b9b8aed7e9fc9
SHA1: df200c5c3e5474fb1245ee4802b4131502ff27ab
SHA256: A2B1BE8F7109F1EAFA852047E3E57C67A38208F699621990DB521BC6B4B46F7C
File Size: 534.02 KB, 534016 bytes
MD5: 369291290b251a89ccc6645b1557526b
SHA1: 88acc57332ada5ec954ac29c0cb1ba3e58924e6f
SHA256: B3915281DF501A14CC216B1486C48BC8819E404E324019AC1AA187805B07621C
File Size: 534.02 KB, 534016 bytes
MD5: 15576d22703f100287fb4e7e2966c06a
SHA1: fa873341c5dbe53fb223f3e5ec8fbcb3af50cac2
SHA256: 4CC7B41B5B54F1B288CFA8915B9F9BB35D0CA58DF95B929F5A4F798153D8E271
File Size: 534.02 KB, 534016 bytes
MD5: 009e23b947d3da47054609520f4eb3e6
SHA1: 20b4d5be5f1696c124b456a76f754ee9057fa8e1
SHA256: 8B63813A5C94BE79ABD883A9DD38E0EB7A6BAFEA7F4E9D4BC0B97B59E839F968
File Size: 534.02 KB, 534016 bytes
MD5: beb491ea485de4c722717d49aaaaea12
SHA1: 3697b6a988fa1212c654e13d76e67d8ced424ee6
SHA256: B55A2BD20B1770CEE95B955AE4D1F1A56664E9980A3ED9A3266BF5AA81CFA3D9
File Size: 534.02 KB, 534016 bytes
MD5: 14d63c82f1e2676a71b58437a6ee28c7
SHA1: c740353650171a150a2a2dd9ca4a248bcad7541a
SHA256: 90F28C87DE4815BF790D6CA937F958E4988703D0B9DCD430B5DBEFF735F9BE49
File Size: 534.02 KB, 534016 bytes
MD5: 58b23dbe06bfa1dd434396646f122bf7
SHA1: b87a3c0f7a4c1ebfa11cff6da95a09054029521e
SHA256: E7B18B885C1094D747055406434ABE257019B79C5AE33B1346075B199BC11467
File Size: 534.02 KB, 534016 bytes
MD5: 259e15efb6d1245148cbc1c56673a541
SHA1: 3ceedf3c9c33eaeb332e39901abde47a44e535ea
SHA256: 4491C92C530694F581AF53C77764422F1C44DD552D5AB9C603AE9096394AC50B
File Size: 534.02 KB, 534016 bytes
MD5: 057a15b3f27f20902431c5a46954004c
SHA1: 7db8a806ce0212c1e1d1bd3e537c8c0796c56655
SHA256: 1E427585060619A926F899D886D73077D5BE65C6BF16713A9741D153D6B11F5F
File Size: 534.02 KB, 534016 bytes
MD5: b16da045e473cf069a5332836eaf287f
SHA1: 699d986ee4d932d47b3d331e77fe4ca6e0695d24
SHA256: 54B319C1CDACF2360903EF6022F5A52391E63795C7A38CCB849884F3A3EE75EF
File Size: 534.02 KB, 534016 bytes
MD5: e10397d90628fdf7e43a35261d1642fe
SHA1: 8692d11e9596b1b97ab011dd66cbadf44657fce9
SHA256: 69B887869A4147107A378060000208AB01C214A007DF6651ED12D9CC350F0E1A
File Size: 534.02 KB, 534016 bytes
MD5: ed346769d0b4ed4f254af271eff42080
SHA1: 36aaf32b22e4727086016709713c5b32f7ea6689
SHA256: 881A43BE82280B3F40EA4B2669D2371D6D860A2B000BF9B39752E551E2B89672
File Size: 533.50 KB, 533504 bytes
MD5: 9a4b84a34dfc456f65f485006b6748a7
SHA1: 8437256318e5ec3585949d3df442ecbf21ef5148
SHA256: 4850D772832F2646EB100FD5EC529DA20166955D758FA99FF1869307FFAE9327
File Size: 534.02 KB, 534016 bytes
MD5: bc393fd6df7e4045171ea4cf1bd45c13
SHA1: 748fc476a1829c2adcb80c849f5a4f15c3f33e82
SHA256: 3F2AF16B8705FF19D73D1EE501AA17F37F35D02C2C7E561DAF6C71EC3D629BE7
File Size: 534.02 KB, 534016 bytes
MD5: dc2de7ce0a037895d9de382f2f7a72a7
SHA1: c41d0725d2e3527078545f25a009c3f8d1e969c4
SHA256: EE329B238607FCD8358C30A58FB192ED32C5D46F28543D087226DC1F1A7D0AF5
File Size: 534.02 KB, 534016 bytes
MD5: c23feadb20286c77a0e74d978974d25b
SHA1: 5b9a415a66fdf1496ab5ce864c8acab06cafca68
SHA256: 47FB636650B0E9DBA46457B3B14BD5026C410631790A34151B61E68A1AF53B6A
File Size: 534.02 KB, 534016 bytes
MD5: ac66c3f71d49790b7bac67dcdc3da543
SHA1: be4714518495f9dbb3eaaa4f261934768db9005d
SHA256: 1828311142C1599DA06CDCFD40DDBCE3BF789E41D6E863D16A0D0BB572745702
File Size: 534.02 KB, 534016 bytes
MD5: 9acf59e29debdf7f13a716406f5988bb
SHA1: c6dbcd4fba137a3cf4312ddcbcf437fd72df7556
SHA256: C3293ECE5DEB8B0A9911F2BD683D43EA9A2C9A6E94B7A14D48FC6E1426702DEA
File Size: 534.02 KB, 534016 bytes
MD5: 4295655c16dfd90cc6c130e22f9e61ec
SHA1: 6fbccea723259d6ca6cc167f4ee16b2f2674dc2d
SHA256: 30BCD64A94B308A56A21DC18F4DA11D5FA224EB213055671AD74A80654645B8B
File Size: 534.02 KB, 534016 bytes
MD5: 0cab0227a80d3a4e7d5262abb3b7614e
SHA1: f3d3c649b0271c51f3fe43f72d3f3bb123e76501
SHA256: B6CEE924A1B92D70B92C194B04400587FABC932D166D1E869F234690F3CA7DF9
File Size: 534.02 KB, 534016 bytes
MD5: c33ff263e7c833b49893e7a4ae7f7ebc
SHA1: 364fe5aef7ce37547f4a83fd6259a06826746f40
SHA256: ADCDAE34B14190CC54B1D40C486D9A70DE25699F78DDC8A03F0DAD4942415170
File Size: 534.02 KB, 534016 bytes
MD5: 10789a2d75d7729ea10eba04f5e60dec
SHA1: 79181a951a9e8a98d0ae97837f14513987c40344
SHA256: 8D5CC7125322FC497A92D943B5EB8B8D594EB2208EAA6715EB7CFAA43A853957
File Size: 534.02 KB, 534016 bytes
MD5: 37251c8a01e1b5f1e6035e26227fb85d
SHA1: 3a627131c4ebc4fc88a6f192ee3739a2c1b57f21
SHA256: 219AC9D29AB15032EB0DC2E4E779E31A7930A9B02C9B441A525DF4E386E4954A
File Size: 534.02 KB, 534016 bytes
MD5: 0227c9af0bbb0840f3b676a3dc5f1bd0
SHA1: 2a3a7a4b958c3d897bb91e220809106ed2561fc4
SHA256: AB2694FA50D692F8019417E8B52A9EB6AA8865FB122C8986C7DD4686683C5189
File Size: 534.02 KB, 534016 bytes
MD5: 451aea1ee7946667d90892dc49d6e717
SHA1: 6105a606f759bf273704827561611198fa23d5ed
SHA256: B40BAA6D8807058961CC7BFB3FF309EFFEA1805425A07E040DD495CD5E53177F
File Size: 533.50 KB, 533504 bytes
MD5: 58ad7b42424005152ef53f5f45e5cc71
SHA1: ca5cfa49774faa25491b94db659b50e97945e924
SHA256: 1138A4A987D08E518E1631CC6F2EB3CF1030E612E008687B8717E365A135EF3C
File Size: 539.34 KB, 539336 bytes
MD5: 04e0cd31fd00899833b8bdf8f14a70fa
SHA1: 5aba1c65db715733320441b54b18734f642a2b23
SHA256: AA7A4AB6EDE7F213B0E7642091D13575F25CB80B3916658097437D62B1AB798C
File Size: 534.02 KB, 534016 bytes
MD5: 3c966bea126ebd6bc0146905b330bdfd
SHA1: a01ef904c2b82a136c32e6f7f7cd606c5f6515d3
SHA256: F44173EB898A453E26B6493D22E358E05102172427691D7CA6CEC8DCE46D3879
File Size: 534.02 KB, 534016 bytes
MD5: 23186387e49dc81e9b44b60dcae997fe
SHA1: e40e2b3668f05095e540d88ab4186c15a2346d51
SHA256: 67D30E4F7ED03925CDF3B401317E9D89820DA0647E6654E609BF87560643943A
File Size: 534.02 KB, 534016 bytes
MD5: 7624cb971f8dbbc39d01c14b8c9e8c96
SHA1: d0cdd6a96e3cee9253b4776d10707c12d03a3090
SHA256: 71A72D433B31E6E17858F24C0D3AD08748FDBFA37A9D7AE04F5748E4DB514EE1
File Size: 534.02 KB, 534016 bytes
MD5: 03c0330909950d4fb2877df03726d1d1
SHA1: c8f0f215310325877f489e50a9f0edc36dcd8270
SHA256: 9E63846D662A099720CA8108EEC79066C2AAE6E6D3C345E276122DA498221752
File Size: 533.50 KB, 533504 bytes
MD5: 54c6e15e416a42a3fe0d9c46b02aeeaf
SHA1: 05aeb1c98b16251d001b6ed63aa4f1b4b0dbe55a
SHA256: A845BC84528CA40E442BE7F7F4BD497039C1E7D296826150F701B0B9802A44E1
File Size: 534.02 KB, 534016 bytes
MD5: ed8c8fb9ad059a27afa4db8fbd75aa85
SHA1: a6e7bc0b2fc2c14fafba2c542894e6bca72efe5d
SHA256: ED4C7104CE95945EB45680CF15D4B8AC7B948CB955DF25742982774C1CBFE65F
File Size: 534.02 KB, 534016 bytes
MD5: fcd310dd231d32667c2d6f7beb0c6418
SHA1: f919fddf432f81c1dae02811f62b41edfef35b0b
SHA256: 8FE77B4054907D9DA06BE9137818A81474CE08ACBF4BD693DC2A1F103947888A
File Size: 534.02 KB, 534016 bytes
MD5: 578633adee681ed6053d438ed5032290
SHA1: 934bb18cf577ba7c12bcf757a3de4beada239348
SHA256: 6E10824B358A50874241F6B61F1DB8620EDDEE64F6A2B857E7A1B4522D3EE966
File Size: 534.02 KB, 534016 bytes
MD5: 30d2d017ea9eaa8dfdc8eadf7f989832
SHA1: 15f52f347aa151e3a38d10c0f5230ee185056243
SHA256: 656B0405DDF2CB08264CA630D8360028D7213DE9B6F808E7C3736C358BE7DDB6
File Size: 534.02 KB, 534016 bytes
MD5: 7b4f4dea6d9b519e26bd10f8249ce486
SHA1: f608913c5afbd9a0b52e203c140043b34934149e
SHA256: BB7C5488D4D92C75EE073E4A82F533685E68E4A4AE676FECC66D324F06405DE9
File Size: 534.02 KB, 534016 bytes
MD5: 464f654d7ad78fbc90011fe7fad709c7
SHA1: b3d40794259b575b7dd940e34a81cf6105d18994
SHA256: 72CAB5EFB3F4A00DEE20B56F94E9598727E715FEC6C6FBBE539CB07DE2EF3115
File Size: 534.02 KB, 534016 bytes
MD5: ee7fe65cb8a18c2f7986fffc81e29b98
SHA1: 344bb2a8f27f99b9209e53a8b9bf38ff025bf37a
SHA256: 284AF03D530CA120EA0ED6E13D352A83C9AED4DEC7D28974DAF12F8CF5F52102
File Size: 534.02 KB, 534016 bytes
MD5: 2b9405aca57bc7e0d6427fda559b81bf
SHA1: 48958f5919222e7a991dea54769345f024246646
SHA256: C2F45B749D70E7C2660C05207D545A70CA9817BE7661678D8C6BE67B4383F230
File Size: 534.02 KB, 534016 bytes
MD5: ef1b5d637ecf847461195407ef3d2b99
SHA1: c3ecde9e0e59c59a06b6587de0cfcd4702a77744
SHA256: 673DD58BE44BD591EAD37FA6EE1E2D0AB1936EB93970BDB09952A45B9BDFADF4
File Size: 534.02 KB, 534016 bytes
MD5: b86811dbbf478b50608e9b93ae03fd86
SHA1: 39ad7a12b4936ff81608dfc2cd1bfa828e6e640a
SHA256: 4D70FFD859BEA79DEDE3EF01712AE71EE55E70137397238B1E3C5CF290F6FBE9
File Size: 534.02 KB, 534016 bytes
MD5: 77c18fa85324c3dfd9f5cf2501cee031
SHA1: cd881c654ec64f5bc11835db10a732e24f1a8719
SHA256: E7A4EDB7AD94586E2428F13C591B1A27F72F5E2A2AB13EBF47B17616D0B7C28A
File Size: 534.02 KB, 534016 bytes
MD5: 4a8b37d745fde669d79373a765f27cf3
SHA1: 9b4aa717c8400001867d60576e0103654efcb6d5
SHA256: E020590F81DB0BC464D183720187A068650CDF3DB0462D35877B7C0B36A43A08
File Size: 534.02 KB, 534016 bytes
MD5: b7788ca808833fe700f17fd0e66698b5
SHA1: dec21d208ac68c629a850038177909466856d74a
SHA256: 3539A491B02B44D293B86884326E852E4771811B7BF6DFB465BCAACBABD352BE
File Size: 534.02 KB, 534016 bytes
MD5: 8279be283ad2882a470abf473f0321bc
SHA1: 65760dbe99d7be41f9bc253706de668b36e4d05f
SHA256: 28F34CBDB69D438D4263668246AC7F3FBF50A1C2D6C0F35C40CF9D415332EC76
File Size: 534.02 KB, 534016 bytes
MD5: bd460915e6d8127e892ab5d572eead41
SHA1: da55e1a22ce41c7ff7564b4fc3b8411e3eef40c7
SHA256: 555F6E0765CF08A9D6D276ADB71618D12B24C4A13D7483FA35E55727FCF5704A
File Size: 533.50 KB, 533504 bytes
MD5: 51087d3d892c4298d57f894e202b3ceb
SHA1: 376fd28b6edd064f6080bc62c20c67e7d7c79883
SHA256: 2DA569242ABC3E8FD5BD5A719B88728DB28A67577CCF7029231F8FD4ADF21CA3
File Size: 534.02 KB, 534016 bytes
MD5: ea90015d4741199356d27c7c305a4528
SHA1: 9690efef358e4b6e9d4b60bef2dbf7b6a588dbeb
SHA256: 40E48B1EB103C5E9BD575BF11601117B83C5596ADB79F171666ABBFE7F83E46F
File Size: 533.50 KB, 533504 bytes
MD5: 8dda40430947bf5c696f8bfd96f62eee
SHA1: 74778ec1e30b4bd4233018ef4bd83cccc1c1ad37
SHA256: 036F9CCA3A44424C5DD7640CFAB423AEFE2FB5E57A61A0FED27573F49938CAA0
File Size: 534.02 KB, 534016 bytes
MD5: 1a604f3fdd7e0eb3a8e6b3ea3dcf54f9
SHA1: dd2f3e8237ebab8ef6925fd3300496ac2babde90
SHA256: 8ED590D0C330876C92AA42B7D1D155932B6CFD930F0A232DFCDF491FA4889929
File Size: 534.02 KB, 534016 bytes
MD5: 99cda7a16baddbbf751d3e74fcf5599f
SHA1: 46674f27103d4dfb057c42c3189c3eb73a44561a
SHA256: B00C05E07C80F48E4DB6B779505414B23E597A8236FCC51DFBF38467ADBFD821
File Size: 534.02 KB, 534016 bytes
MD5: 57337f2abb6259519a9f106400bb05a4
SHA1: e7c27301d2c95f41217eb97d4aed2d7045ee2e21
SHA256: E6CA8ABC68B1A2B05CBB2CFA3007F61612957CA502EBAE23738C5EBF5032813B
File Size: 534.02 KB, 534016 bytes
MD5: 0d470dbb128ee705c2670f481979cd42
SHA1: 25aa1e4918b5932bab9aade3b0d5efec18004bdb
SHA256: F17571A58EE19AFA62E2F265E0CAA909A75B971B0009F90FDC4D5600B451888A
File Size: 534.02 KB, 534016 bytes
MD5: 4750a0addbd4517a0b91b87020cfd53b
SHA1: 50d77fd5e47be3c07304117afb424bec55854f75
SHA256: 995B7AC441C7F66A31973D22EF50A6A3DF2B5FD92C9620DFFB88E778B57F4EEA
File Size: 534.02 KB, 534016 bytes
MD5: 05574f8f768662d65f51aa4bdccfa16e
SHA1: b4e92c06a180d23d62680c19767de62468cccce3
SHA256: 3CFB889D85DA4CE1DD804A5381B36A32A98534C90927FCDF56AE58E6BA14BEAC
File Size: 534.02 KB, 534016 bytes
MD5: be62030eed5e4ba19aa3f59b2319afbf
SHA1: 487dc2f079f5205d60c8754066194bba18b55bbe
SHA256: D15FBC0A05E15E42F9494D923E034EB91FA7178AEDCBE956A8ADC3B73CD56895
File Size: 534.02 KB, 534016 bytes
MD5: 38369fb1d9f7853a161570ff2c876d69
SHA1: 30e17b95d30f6a90ea25d03e8a409b67571bc29d
SHA256: 0BD433E03E9C8E3EB3742191A9B086BCFAE028BCFA98AB893733CACA5FF9F7AE
File Size: 533.50 KB, 533504 bytes
MD5: 3af44880a8060580d6c1172f80569a77
SHA1: 2676b15662eb33896ee4a2e0f17477a228083b1b
SHA256: 29328C77D9D7573E9B0AA2F38400F60ED37E714580FB6CA2A58398A514B726AC
File Size: 534.02 KB, 534016 bytes
MD5: 8a9234f9a524d49e9264e3a3738457f3
SHA1: 7ef136186aab611e39593e43bc7435ac22f1f35e
SHA256: 44AAA4FB04391611F0C4F424D0F049E119636F3AAAA6BC119F764E1DD46B182A
File Size: 534.02 KB, 534016 bytes
MD5: 607ec0aab6cce4c3157d69a0a63b0210
SHA1: ba9b9aa62dc110c31ee2f1b1e803618004d16492
SHA256: 551CEDE6DA8D9FFDF4B6A0BCABC07CB3A1600084E7B5DA811CAC2EA1F96B86CC
File Size: 535.55 KB, 535552 bytes
MD5: 55b865fe4789b22b83db30d323b79014
SHA1: c2fa15e274884f06502714e62bb03d5c758e744a
SHA256: 209B5E4A09FE29E3D466E4ADDB01ECA82220DD8BB992660A6661A73283CF0CBF
File Size: 534.02 KB, 534016 bytes
MD5: 43ed185ce5aca8645960f09a34473927
SHA1: 57fe5a0caff121d9620e8e12734abce2ede4ab0c
SHA256: 10D5DBFCFA88CC6AF31B5AC60201F5667BF5F1D22C300B1F9F1534C852BE2C94
File Size: 534.02 KB, 534016 bytes
MD5: 5d65c3f88ea6da15ab014691458b8206
SHA1: 0863b6a92dbfa9b4668469997f0543c2f42e10cc
SHA256: 1D59074DCD0BBA846C4BDC3E8A32E8C81656A059704AFC948304B2F906573793
File Size: 534.02 KB, 534016 bytes
MD5: 8958172f8707aab6c6467a332c6ecdc3
SHA1: 960492ee59144d5329c967a83d3013bc67cd17c1
SHA256: E7CD447D769281EF7651D3EA625261117ACD01F67728EE518EB555FD4F3231B9
File Size: 534.02 KB, 534016 bytes
MD5: 1911f721f19237f02808d8ef172d8bb5
SHA1: f78bc75b382997bc93df334ac4759336c8a0cea7
SHA256: 93C0DEB30EE25C540B6C96ECED53A7AA6C6971716A9EF6DEF431F48D6FB522C0
File Size: 533.50 KB, 533504 bytes
MD5: 6858c32dae52509fe1b787c338e34a7a
SHA1: 8b5ef49c31e0a443e5a78f0b1794187fcc335120
SHA256: 4111D7258E49C83573B34DB2A862A30570AAD23C4203D3DE8EFDEE2FBEE92EB5
File Size: 534.02 KB, 534016 bytes
MD5: 75916b38a5d4e0cf0b6292dbfb26bb46
SHA1: dcabd45321e933a2f5bd23a1ce448bd77c01d26d
SHA256: A9EFBCD0A0908822127879F992C45B2303798088D2A75772B5EF15E59FCD0DF3
File Size: 534.02 KB, 534016 bytes
MD5: 6af59fba1622836be62d4b5faf6444da
SHA1: 35a9ebc8d8132d6511d9042a4a662ca9d80386c5
SHA256: 4F3C07D5488DE9F42BA6F1A7650D9111D99B489751666D1C4AEE8F673AD6A6C6
File Size: 534.02 KB, 534016 bytes
MD5: f807a460a2aa872555aebddbc3f1e3de
SHA1: 69185352b4e5f33364c81408d236258de42cf4e7
SHA256: 007B621D417A14847C93BE3A9CD2329B310A44E6F3F43179C2E322D21C309A5E
File Size: 550.91 KB, 550912 bytes
MD5: 8727303062a429bf3f522eecefe7e7a9
SHA1: 2ea715b37c201420d0cb34fb641d5707016197bf
SHA256: F47FF752DFD1BCD18D2B2E22A40C9A1DA8D188C759DFDD2827BD16C3E00A3E64
File Size: 534.02 KB, 534016 bytes
MD5: bbaa961d66ca8cdc655a1091e7acf4ed
SHA1: 11a448be63e2285f4f6f2d5fea9c5f77ce2f7548
SHA256: 40C01D5486C1C97C7B148881911949E4DD303DE7DB90928C458F2410DE0E9F68
File Size: 534.02 KB, 534016 bytes
MD5: c8756e6836ac472af6fb6c08dcae9843
SHA1: 6ce77724db3ff8daf43140562c8584ace64ceb52
SHA256: 5012326A272D50E529F1C6E250F3DF3AC86E5F0FC4E014300C065C1F9463309F
File Size: 534.02 KB, 534016 bytes
MD5: dad6782465f292c5f4985c9803d542d9
SHA1: 8609175328ad1e78c05ed971e9365f6c037900c3
SHA256: 5D776D8D1C274CF8B58DD3ADED87C23CB13F53793691637C5741EBEC32A8B1AF
File Size: 534.02 KB, 534016 bytes
MD5: e30270d044968632aaaa0a0d54a8c052
SHA1: 97ca31c5296f8ca1cedd30fdd4a25546d47c4045
SHA256: 52C07D4F5C79F046057B6A2427BFEDB8FC43E8097CFA6807F68FA51D13156D10
File Size: 534.02 KB, 534016 bytes
MD5: a00babc0a969574f5ee4f3c9247aa037
SHA1: bf2478672870b12d7eb833036478f334bdfde2ab
SHA256: 9E6A98485FDB9698F10380BECDCA5C5DE2309B54A760D2F44663995B1888D865
File Size: 534.02 KB, 534016 bytes
MD5: 3fdfa68f7c1b89a0b5cf5bd89a24b439
SHA1: 56a8bed465d99b64f39a1be35d15391650800fe0
SHA256: 401EA13F07BB41F04085B7B0322CC84ED76E43622A4BB1610AF9D447C586E020
File Size: 533.50 KB, 533504 bytes
MD5: df8a06867bba04439e7dcaf418342310
SHA1: 24e1a5d8988f0d16a688008c19bc6543c67c5e88
SHA256: A49D2CC4A5C7D9DF8E0409C7906354705CF3238803B10C092E3F8C0DBD2C80EA
File Size: 533.50 KB, 533504 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
Show More
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Show More

62 additional icons are not displayed above.

Windows PE Version Information

Name Value
Company Name Microsoft
File Version 1.00
Internal Name
  • TJprojMain
  • Win
Original Filename
  • TJprojMain.exe
  • Win.exe
Product Name
  • Project1
  • Win
Product Version 1.00

File Traits

  • 2+ executable sections
  • HighEntropy
  • No Version Info
  • virut
  • x86

Block Information

Total Blocks: 2,311
Potentially Malicious Blocks: 30
Whitelisted Blocks: 2,281
Unknown Blocks: 0

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x 0 x 0 0 x 0 x 0 x 0 x x 0 x 0 x 0 0 0 x 0 0 x 0 x 0 0 x x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Babar.W
  • BadJoke.XA
  • Banker.G
  • Banker.GF
  • ConvertAd.RA
Show More
  • Injector.KPP
  • Keylogger.DF
  • Lamer.B
  • Lumma.NB
  • Malat.A
  • Poison.X
  • SchwarzeSonneRAT.A
  • Swisyn.B
  • Talsab.A

Files Modified

File Attributes
\\ Generic Read,Write Data,Write Attributes,Write extended,Append data
\\ Synchronize,Write Attributes
c:\program files\cuassistant\culauncher.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\cuassistant\culauncher.exe Synchronize,Write Attributes
c:\program files\microsoft update health tools\expediteupdater.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\microsoft update health tools\expediteupdater.exe Synchronize,Write Attributes
c:\program files\microsoft update health tools\uhssvc.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\microsoft update health tools\uhssvc.exe Synchronize,Write Attributes
c:\program files\ruxim\dtudriver.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\ruxim\dtudriver.exe Synchronize,Write Attributes
Show More
c:\program files\ruxim\plugscheduler.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\ruxim\plugscheduler.exe Synchronize,Write Attributes
c:\program files\ruxim\ruximics.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\ruxim\ruximics.exe Synchronize,Write Attributes
c:\program files\ruxim\ruximih.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\ruxim\ruximih.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\classification\sensece.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\classification\sensece.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\mssense.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\mssense.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\senseap.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\senseap.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\senseaptoast.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\senseaptoast.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\sensecm.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\sensecm.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\sensedlpprocessor.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\sensedlpprocessor.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\sensegpparser.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\sensegpparser.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\senseidentity.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\senseidentity.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\senseimdscollector.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\senseimdscollector.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\senseir.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\senseir.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\sensendr.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\sensendr.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\sensesampleuploader.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\sensesampleuploader.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\sensetracer.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\sensetracer.exe Synchronize,Write Attributes
c:\program files\windows defender advanced threat protection\sensetvm.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender advanced threat protection\sensetvm.exe Synchronize,Write Attributes
c:\program files\windows defender\configsecuritypolicy.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender\configsecuritypolicy.exe Synchronize,Write Attributes
c:\program files\windows defender\mpcmdrun.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender\mpcmdrun.exe Synchronize,Write Attributes
c:\program files\windows defender\msmpeng.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender\msmpeng.exe Synchronize,Write Attributes
c:\program files\windows defender\nissrv.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender\nissrv.exe Synchronize,Write Attributes
c:\program files\windows defender\offline\offlinescannershell.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows defender\offline\offlinescannershell.exe Synchronize,Write Attributes
c:\program files\windows mail\wab.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows mail\wab.exe Synchronize,Write Attributes
c:\program files\windows mail\wabmig.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows mail\wabmig.exe Synchronize,Write Attributes
c:\program files\windows photo viewer\imagingdevices.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows photo viewer\imagingdevices.exe Synchronize,Write Attributes
c:\program files\windows security\browsercore\browsercore.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windows security\browsercore\browsercore.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.3dbuilder_10.0.0.0_x64__8wekyb3d8bbwe\builder3d.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.3dbuilder_10.0.0.0_x64__8wekyb3d8bbwe\builder3d.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.549981c3f5f10_4.2308.1005.0_x64__8wekyb3d8bbwe\cortana.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.549981c3f5f10_4.2308.1005.0_x64__8wekyb3d8bbwe\cortana.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.bingfinance_4.3.193.0_x86__8wekyb3d8bbwe\microsoft.msn.money.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.bingfinance_4.3.193.0_x86__8wekyb3d8bbwe\microsoft.msn.money.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.bingnews_4.3.193.0_x86__8wekyb3d8bbwe\microsoft.msn.news.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.bingnews_4.3.193.0_x86__8wekyb3d8bbwe\microsoft.msn.news.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.bingsports_4.3.193.0_x86__8wekyb3d8bbwe\microsoft.msn.sports.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.bingsports_4.3.193.0_x86__8wekyb3d8bbwe\microsoft.msn.sports.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.bingweather_4.25.20211.0_x64__8wekyb3d8bbwe\microsoft.msn.weather.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.bingweather_4.25.20211.0_x64__8wekyb3d8bbwe\microsoft.msn.weather.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\appinstaller.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\appinstaller.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\appinstallerpythonredirector.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\appinstallerpythonredirector.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\authenticationmanager.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\authenticationmanager.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\dotnet\configurationremotingserver.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\dotnet\configurationremotingserver.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\dotnet\createdump.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\dotnet\createdump.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\dotnet\wingetmcpserver.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\dotnet\wingetmcpserver.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\windowspackagemanagerserver.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\windowspackagemanagerserver.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\winget.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.desktopappinstaller_1.27.350.0_x64__8wekyb3d8bbwe\winget.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.gethelp_10.2409.33293.0_x64__8wekyb3d8bbwe\createdump.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.gethelp_10.2409.33293.0_x64__8wekyb3d8bbwe\createdump.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.gethelp_10.2409.33293.0_x64__8wekyb3d8bbwe\gethelp.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.gethelp_10.2409.33293.0_x64__8wekyb3d8bbwe\gethelp.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\fmui\fmui.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\fmui\fmui.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\whatsnew.store.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\whatsnew.store.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.microsoft3dviewer_6.1908.2042.0_x64__8wekyb3d8bbwe\3dviewer.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.microsoft3dviewer_6.1908.2042.0_x64__8wekyb3d8bbwe\3dviewer.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.microsoft3dviewer_6.1908.2042.0_x64__8wekyb3d8bbwe\view3d.resourceresolver.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.microsoft3dviewer_6.1908.2042.0_x64__8wekyb3d8bbwe\view3d.resourceresolver.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.microsoftofficehub_18.1903.1152.0_x64__8wekyb3d8bbwe\localbridge.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.microsoftofficehub_18.1903.1152.0_x64__8wekyb3d8bbwe\localbridge.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.microsoftsolitairecollection_4.4.8204.0_x64__8wekyb3d8bbwe\microsoft.microsoftsolitairecollection.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.microsoftsolitairecollection_4.4.8204.0_x64__8wekyb3d8bbwe\microsoft.microsoftsolitairecollection.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.microsoftsolitairecollection_4.4.8204.0_x64__8wekyb3d8bbwe\solitaire.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.microsoftsolitairecollection_4.4.8204.0_x64__8wekyb3d8bbwe\solitaire.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.microsoftstickynotes_3.6.73.0_x64__8wekyb3d8bbwe\microsoft.notes.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.microsoftstickynotes_3.6.73.0_x64__8wekyb3d8bbwe\microsoft.notes.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.mixedreality.portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\mixedrealityportal.brokered.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.mixedreality.portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\mixedrealityportal.brokered.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.mixedreality.portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\mixedrealityportal.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.mixedreality.portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\mixedrealityportal.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.mspaint_6.1907.29027.0_x64__8wekyb3d8bbwe\paintstudio.view.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.mspaint_6.1907.29027.0_x64__8wekyb3d8bbwe\paintstudio.view.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.office.onenote_16001.12026.20112.0_x64__8wekyb3d8bbwe\onenoteim.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.office.onenote_16001.12026.20112.0_x64__8wekyb3d8bbwe\onenoteim.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.office.onenote_16001.12026.20112.0_x64__8wekyb3d8bbwe\onenoteshare.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.office.onenote_16001.12026.20112.0_x64__8wekyb3d8bbwe\onenoteshare.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.people_10.2202.100.0_x64__8wekyb3d8bbwe\peopleapp.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.people_10.2202.100.0_x64__8wekyb3d8bbwe\peopleapp.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.screensketch_10.1907.2471.0_x64__8wekyb3d8bbwe\screensketch.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.screensketch_10.1907.2471.0_x64__8wekyb3d8bbwe\screensketch.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.skypeapp_14.53.77.0_x64__kzf8qxf38zg5c\skypeapp.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.skypeapp_14.53.77.0_x64__kzf8qxf38zg5c\skypeapp.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.skypeapp_14.53.77.0_x64__kzf8qxf38zg5c\skypebackgroundhost.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.skypeapp_14.53.77.0_x64__kzf8qxf38zg5c\skypebackgroundhost.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.skypeapp_14.53.77.0_x64__kzf8qxf38zg5c\skypebridge\skypebridge.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.skypeapp_14.53.77.0_x64__kzf8qxf38zg5c\skypebridge\skypebridge.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.storepurchaseapp_22510.1401.2.0_x64__8wekyb3d8bbwe\storeexperiencehost.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.storepurchaseapp_22510.1401.2.0_x64__8wekyb3d8bbwe\storeexperiencehost.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.wallet_2.4.18324.0_x64__8wekyb3d8bbwe\microsoft.wallet.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.wallet_2.4.18324.0_x64__8wekyb3d8bbwe\microsoft.wallet.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.webmediaextensions_1.0.20875.0_x64__8wekyb3d8bbwe\microsoft.webmediaextensions.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.webmediaextensions_1.0.20875.0_x64__8wekyb3d8bbwe\microsoft.webmediaextensions.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windows.devhome_0.2100.858.0_x64__8wekyb3d8bbwe\windowsadvancedsettings.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windows.devhome_0.2100.858.0_x64__8wekyb3d8bbwe\windowsadvancedsettings.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windows.devhome_0.2100.858.0_x64__8wekyb3d8bbwe\windowsadvancedsettingsstub\windowsadvancedsettings.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windows.devhome_0.2100.858.0_x64__8wekyb3d8bbwe\windowsadvancedsettingsstub\windowsadvancedsettings.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windows.photos_2025.11110.18001.0_x64__8wekyb3d8bbwe\photos.autoplay.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windows.photos_2025.11110.18001.0_x64__8wekyb3d8bbwe\photos.autoplay.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windows.photos_2025.11110.18001.0_x64__8wekyb3d8bbwe\photos.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windows.photos_2025.11110.18001.0_x64__8wekyb3d8bbwe\photos.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsalarms_11.2510.4.0_x64__8wekyb3d8bbwe\clockwidgets\clockwidgets.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsalarms_11.2510.4.0_x64__8wekyb3d8bbwe\clockwidgets\clockwidgets.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsalarms_11.2510.4.0_x64__8wekyb3d8bbwe\time.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsalarms_11.2510.4.0_x64__8wekyb3d8bbwe\time.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.3_3000.934.1904.0_x86__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.3_3000.934.1904.0_x86__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.3_3000.934.1904.0_x86__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.3_3000.934.1904.0_x86__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1049.117.0_x64__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1049.117.0_x64__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1049.117.0_x64__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1049.117.0_x64__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1309.2056.0_x64__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1309.2056.0_x64__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1309.2056.0_x64__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1309.2056.0_x64__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1309.2056.0_x86__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1309.2056.0_x86__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1309.2056.0_x86__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.4_4000.1309.2056.0_x86__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.275.500.0_x64__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.275.500.0_x64__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.275.500.0_x64__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.275.500.0_x64__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.373.1736.0_x86__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.373.1736.0_x86__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.373.1736.0_x86__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.5_5001.373.1736.0_x86__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.457.2140.0_x64__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.457.2140.0_x64__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.457.2140.0_x64__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.457.2140.0_x64__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.486.517.0_x64__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.486.517.0_x64__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.486.517.0_x64__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.486.517.0_x64__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.519.329.0_x64__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.519.329.0_x64__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.519.329.0_x64__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.519.329.0_x64__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.519.329.0_x86__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.519.329.0_x86__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.519.329.0_x86__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.6_6000.519.329.0_x86__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.7_7000.522.1444.0_x64__8wekyb3d8bbwe\deploymentagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.7_7000.522.1444.0_x64__8wekyb3d8bbwe\deploymentagent.exe Synchronize,Write Attributes
c:\program files\windowsapps\microsoft.windowsappruntime.1.7_7000.522.1444.0_x64__8wekyb3d8bbwe\restartagent.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files\windowsapps\microsoft.windowsappruntime.1.7_7000.522.1444.0_x64__8wekyb3d8bbwe\restartagent.exe Synchronize,Write Attributes

51 additional files are not displayed above.

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\explorer\advanced::hidden  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusoverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalldisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalloverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::updatesdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::uacdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusoverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalldisablenotify  RegNtPreCreateKey
Show More
HKLM\software\wow6432node\microsoft\security center\svc::firewalloverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::updatesdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::uacdisablenotify  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings::globaluseroffline RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\policies\system::enablelua RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::enablefirewall RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::donotallowexceptions RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::disablenotifications  RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list::c:\users\user\downloads\96d173bff42b46bd0de21159668832cb42f67795_0000638976 c:\users\user\downloads\96d173bff42b46bd0de21159668832cb42f67795_0000638976:*:enabled:@shell32.dll,-1 RegNtPreCreateKey
HKCU\software\apcr\1214104697::1919251317  RegNtPreCreateKey
HKCU\software\apcr\1214104697::-456464662 RegNtPreCreateKey
HKCU\software\apcr\1214104697::1462786655 RegNtPreCreateKey
HKCU\software\apcr\1214104697::-912929324 # RegNtPreCreateKey
HKCU\software\apcr\1214104697::1006321993 ė RegNtPreCreateKey
HKCU\software\apcr\1214104697::-1369393986 http://202.143.159.135/images/logo.gifhttp://bem.dk/images/lo RegNtPreCreateKey
HKCU\software\apcr\1214104697::549857331 RegNtPreCreateKey
HKCU\software\apcr::u1_0 衙Ⱔ RegNtPreCreateKey
HKCU\software\apcr::u2_0 RegNtPreCreateKey
HKCU\software\apcr::u3_0 権ă RegNtPreCreateKey
HKCU\software\apcr::u4_0 RegNtPreCreateKey

Windows API Usage

Category API
Other Suspicious
  • SetWindowsHookEx
Process Manipulation Evasion
  • NtUnmapViewOfSection
Network Urlomon
  • URLDownloadToFile
Process Shell Execute
  • WinExec

Shell Command Execution

C:\Users\Dondbayq\AppData\Local\Temp\4F9724D3.exe
C:\Users\Dondbayq\AppData\Local\Temp\4B7D70CA.exe

Trending

Most Viewed

Loading...