Virus.Expiro.O

By CagedTech in Viruses

Threat Scorecard

Popularity Rank:	1,052
Threat Level:	80 % (High)
Infected Computers:	5,944

First Seen:	May 31, 2023
Last Seen:	April 14, 2026
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Virus.Expiro.O
Signature status:	No Signature

Known Samples

MD5: 572653c6d449b6383ed6829f419da982

SHA1: 455adcf69084e4c993402227a5b5aef2ded70086

File Size: 68.61 KB, 68608 bytes

MD5: 29f2ab9daa66292cf941a00c02aa4933

SHA1: bc1ed0f8052fa12f0504e5353e61b03be698068f

File Size: 1.27 MB, 1266181 bytes

MD5: 72ea69f60f93fbd5c920c725bd857fb7

SHA1: 0388d17cc1357bde10fbf960e6b1070331891a7a

File Size: 5.29 MB, 5290496 bytes

MD5: d4ef0d2ae5b45f0c3add40a768dfcd50

SHA1: 86dd5928fbea7c3be0e2ee137b94524598253d4a

File Size: 1.02 MB, 1019904 bytes

MD5: cec0703c3fa9a963b9e39a4799f7323e

SHA1: f73bb4bd133670d9819fe6bcc3741898ffdd0dd1

File Size: 5.45 MB, 5453824 bytes

MD5: d7b47f50b6d45c844972d3ec63f8b50f

SHA1: 9b7035243cab65dfab6edffc45d1901e913471fc

File Size: 1.65 MB, 1648640 bytes

MD5: 49b05464a5335a1975b4c47625dbd78f

SHA1: 976dbbc6b2e6d26044ad3ec828dcb68f57eab1d8

File Size: 1.41 MB, 1405440 bytes

MD5: f4bb88837bf7d312d09638791bf30a84

SHA1: 7d36fe55318604086b630800b79cf55f0ca299bb

File Size: 680.96 KB, 680960 bytes

MD5: 0109903f19b81470128847f4d9a36c56

SHA1: 001bbc82740ea029ac3b9ce495e748f965a1506b

File Size: 206.42 KB, 206416 bytes

MD5: 0a2d6f682c0b382bf8787e58e3106af9

SHA1: bd9bae6464a95561dcce4ea57762fda3a960dae0

File Size: 1.72 MB, 1723392 bytes

MD5: 0d6030e476336505f37c37cf630d9eb2

SHA1: 50aeed239dcdcc2b294d289c8f310f16a2f91167

File Size: 4.97 MB, 4969477 bytes

MD5: 990692189265b487a028188fed6596ca

SHA1: f9c693ee99d6955612426c48d98e3f2f395982db

SHA256: E40B95F3E1774634B904C3AA17499546E13C10F41AFFF32B2B499D8F1F5085BF

File Size: 1.51 MB, 1511367 bytes

MD5: 25d3f4e2e1d45e92033e3d52b12cc9bb

SHA1: 8677ac6c0e63fd7343c84ebc4f9ee1f51b25e747

SHA256: 7E667ED157A02297DA6C10D7D831F34E6A3D54CAC8FB93150806EF8796CD644A

File Size: 647.69 KB, 647688 bytes

MD5: 19077a14353c49355d3b9e2ec1cb4fe9

SHA1: 8e3950bccde719224e5909d10ad89ef74943c0a7

SHA256: 4B4867BCC723E586DEC9B6F2ED7286368D836F65A80FEFDD60BF97EECB9E1131

File Size: 565.25 KB, 565248 bytes

MD5: eaeb71385cf89ceca85628de37ea73b2

SHA1: 19c9d458d911d8818dc531dbe1c9d7a08e21cc6c

SHA256: 2F734FA6BDBD518B856FFFDF2E5CEDF92BFFAFE0F65C41A511445575B6890363

File Size: 1.36 MB, 1358848 bytes

MD5: 727862164b63465a1b3d69c5d25fb72b

SHA1: d3e6180f71b6ab44bffd1e8781afc05ec5c3bc78

SHA256: 2096956D776C33E14CD5D6205FEFBA4A32890F119D8BDBFE58016478FCB6FF2F

File Size: 792.53 KB, 792535 bytes

MD5: 0c4b6b6d115bf901060c4500411f8278

SHA1: 75ae4771d4197ca40c6cbd63b672dc6373aefbf5

SHA256: 949944A4862ED812155DC3F297A4FC3492CA7AD668654A17319876EFC2E37B13

File Size: 1.26 MB, 1256448 bytes

MD5: 7f4545796bece48f02d38b829c07835f

SHA1: 0a9dfb5733be32b35ac278a94589e746b6550bd7

SHA256: FD1433B028BF08DE2DBC3317C000ED0FCC7368C2017C4112CF318115D315C7AF

File Size: 1.22 MB, 1216512 bytes

MD5: 2f9a9fc5e4cdfc9a0aa6bc64291ed695

SHA1: bab4b6b8407339614b68e25215895b46d3a4e6d6

SHA256: 56C7E56CF9CC13B84C345E4FBC60538BCE3AD9492436D05900CD3073B91CC746

File Size: 768.00 KB, 768000 bytes

MD5: 9c1d4abb09b09b90a6b26bd958e4f219

SHA1: db7fd832bfe96457b67268344ebac9d62cfd7820

SHA256: 49C4B85EC4B6F35F0492FA080DD4217C3CBF6DB0FA9289EEABC68FF9F198B824

File Size: 711.52 KB, 711521 bytes

MD5: dbf6300d0bf43ce6d7898886676c8c51

SHA1: fe2d7461e4146d96dfbc636c5a9de09448184785

SHA256: EFD176A1E7B39500252B0C4E14C16C3D259420784DC7E5D111A69BAB3A8169BB

File Size: 157.64 KB, 157639 bytes

MD5: 914cb3e05b68cee456b7f1f8cbd2a4b2

SHA1: 0e096ce451180a7319a61601c21cd34dca0fac47

SHA256: C298AF22D874C12CC5FBD1B770142471B7EB2D7AD21FFEC67A8C7A1C344FF9F3

File Size: 2.29 MB, 2294733 bytes

MD5: 01ec2304af75c1effe3a173b877b9442

SHA1: 7c38ffd93529cb1cfdcd65080159a8c0937d04a5

SHA256: BC4E261AAE378DD8B2D92FE3B87D6AE3605AE142882A321B936ACAC29BDC22C7

File Size: 94.82 KB, 94824 bytes

MD5: 49fcd440588abe8596f4a85ff3084cf3

SHA1: e82451871c3e5de8e5baa3cf96c2d94dfda295ba

SHA256: 517D4E7057FA2F6559B96F9B4E3A2F5F50735BCA91F9B347A3A01F27D515DF0C

File Size: 222.72 KB, 222720 bytes

MD5: 50e0c2ef8d37b6c40aaa2e7e417861c8

SHA1: a80f4360f6c0ab84e47aae9aa2090f9b993137a6

SHA256: 2E5646EC8565C4AC913797AE85A63D1D49694322272D1F56CF8C04AB9840F0B8

File Size: 9.88 MB, 9876472 bytes

MD5: e2b4068c20731b9a59145917a61d9569

SHA1: ed4e9d02ec2bd1505df4d65a086167707a85b147

SHA256: 860E3D3D274FCC032DA279E4FB3AAFF7F7EA2E6D6849C2713234CE91F4CC09BF

File Size: 1.31 MB, 1311744 bytes

MD5: adec06ceaa36008477533c381558ee3f

SHA1: ed8591cad33ef2f405e9d1b6333b8ffd1ef51009

SHA256: E68266B95615AB44930DE1A092FFB83B9DA41E5381388E635FA7CF30FE84C1F3

File Size: 543.74 KB, 543744 bytes

MD5: 108d8d90beae58e14fbb1e7303db465a

SHA1: f6767a2fceaac6d281f46df3e9cf465633ca4355

SHA256: 5441A59731FD4EFC3C148E5CF0411DC2316B13532991EABAF1167291249B8A5C

File Size: 84.48 KB, 84480 bytes

MD5: 1ad85030f0d866456c2e8044c87981c2

SHA1: 62b60e028f785f9bfa0176d505563dae81b3f327

SHA256: 396B05757D75FC589E5FB1FDED79209C30AAF1E9EDC647D2BA94BE2656AE9096

File Size: 131.07 KB, 131072 bytes

MD5: 31d2a1debafabec55a2b2a248336278f

SHA1: cdf742fde11e9212d3643787ff9dd0eb8c32d06f

SHA256: 7250FC78DDF09E7830A87609BD00CAD48A589D766A000FCF2DDC930FC812DD0F

File Size: 1.41 MB, 1409024 bytes

MD5: aa32cd7bbaab5e094ac466b613bf1211

SHA1: 71c02acd7412fd915911791f9a9c912964264014

SHA256: DC47D64B105B295E2AD00CE5866D915DDE2FA710D25C10CB9567CDEE13852709

File Size: 112.64 KB, 112640 bytes

MD5: 981e42dab082717489eba15c75760fc9

SHA1: b16848ea85048f07d74eb61d9b645d451ea83bdf

SHA256: EBB7753A2B7198AFF5BF847E5040DA017DE87A52DC97B00ABA9B7ACE16F74692

File Size: 771.59 KB, 771589 bytes

MD5: dec697ce507d644700e812618e1d2e96

SHA1: f461e66e9935a43c146f72033bf3dd126320c2e7

SHA256: A3F7DE229A07DD99E66F605DF4C556C43CAB47AFECF398DDE4A8B3C4661569C0

File Size: 948.06 KB, 948064 bytes

MD5: 28fec5729d933d1b4e0da70cf996354a

SHA1: 39fab33a0e6d30c47ba05f2375ffd82fe96290c2

SHA256: F4530BDC3FE5046146EADA0021BC75D82AED9A39119340404C699AB8128FE75A

File Size: 6.42 MB, 6424064 bytes

MD5: 4bd3fc5812a72534aa9691cbc3ccbe66

SHA1: 9d850fadf19af401faafedfa4822614095f2e528

SHA256: 2A678C516C8E11274278FC1F688E75F8DBD400E3F4365E495C8B26BBD4294E5E

File Size: 9.71 MB, 9711616 bytes

MD5: 6b4821ac9111997ac8d1c0f34b7603c4

SHA1: 6cdc30425e7c7ed6a6bea4543a3c60ee0c945f78

SHA256: 3AEE664A53A92D95CB1DAE7C714EEDCC6B91137B29CDBDB9054566D8126E4768

File Size: 157.32 KB, 157320 bytes

MD5: c42bd0926a465501c5c99522f7b4c655

SHA1: 9068e485737ed8b67d7912b12893e8cf3726b65e

SHA256: 7073BBC1C37702B0B773FAC3ADD422FB810941D6AEE9BD03306486C5E2FA26D6

File Size: 5.31 MB, 5309440 bytes

MD5: c31f32822d340466a91b81a46049a9d2

SHA1: e1529058dd3e95b83726b4203a88eff87d999ee5

SHA256: 0534BC21720A474BAA4A65FB3C583FAF795211BF3E1C0069AF2CB4DE852125FA

File Size: 1.45 MB, 1452071 bytes

MD5: 5280c59cd7942be85a0557568ec2e469

SHA1: 6cea1e97e1d47c53d5004901df1d414e337ccd88

SHA256: 0ED4031E24D4C9D591E189FC43C77BE86D7D5C7BF4EB91355AB030E35376CC74

File Size: 359.41 KB, 359408 bytes

MD5: 39a03278b2d4aac83c17682facc57198

SHA1: 0fcd38851c7fd3c0ad067e27b1f6ecea4cc775ec

SHA256: D61C6275A3878F6EC91CCA1341C84591BB25597D19A054125C5CA68A57361AC0

File Size: 7.84 MB, 7843328 bytes

MD5: 7852a15231c2f6efd67fc7cf23b5fc32

SHA1: 2dcd581350278c7304b41a0fd107539d4bddfaf1

SHA256: 37D0C7CCDCCC9CF3E979AF11C46B6D9429CDE20AE2DBBC347269A16306934467

File Size: 1.79 MB, 1788416 bytes

MD5: ffbab03c5c8179daf2c32ccb5946d1f0

SHA1: db55409648663509423d64403f317ab54630d13c

SHA256: 8281743544A7D5C4C51079C4CA61426BC18CDAD6480074BF691AC6B6C2D6BDC3

File Size: 5.63 MB, 5634560 bytes

MD5: 1dbc055af0ac794838afe3f54844a9a1

SHA1: 7c489a97a201a7c6b7906aec58f7c2eb25955048

SHA256: E6B9C089CDD29B7BDAA532A0E4CC7A0FA24F64D35B52B28253896DE32A737F83

File Size: 519.58 KB, 519584 bytes

MD5: 74f87aec7f43e215d118f71bb7aab01c

SHA1: df826ae7e1c6f42d2059b2d36b30914f30de3653

SHA256: 236370625977F8F48BBAF145F86D4898E986047302AF1CED70674C32FD65B0B7

File Size: 81.92 KB, 81920 bytes

MD5: b9c5b62549a04e72985e4712cc2d8c59

SHA1: dc7cf02c9bd49875b28414cf494fc7301d6b8415

SHA256: 492363171A1304581715022A715AFF77A02A1D6E029010531F16FE41F4AD419E

File Size: 106.86 KB, 106856 bytes

MD5: ee9b0044d331b46cd7d3804b96ef7954

SHA1: a6360e5b022aaba94c5d43e56e130b296b11b347

SHA256: 70A2D523048B3BD12CD1A4E3153EA2371E6177278BE9953F79D593D4F1EE6B22

File Size: 970.76 KB, 970757 bytes

MD5: 23eb613545b2210689402dc6849e2d00

SHA1: 3487ceb9c9c9c46ca46bc5ce30c720843587d423

SHA256: BDD7948161D4F293B2AE44C5B799C67F60ABF211DBBC69A684D7602EFF9FF4EC

File Size: 5.08 MB, 5080069 bytes

MD5: bd40c52cc38f4afd84b9d98987520bfd

SHA1: a8d1e0f9414f8ddcdb318d2e678bf18417c8c4f8

SHA256: A192E6B2550DC8887AE118791FE1489035E7E182B8D2287438A26027A297F701

File Size: 1.25 MB, 1247232 bytes

MD5: 4fde403f7093b016929eeddb8c0d7aaf

SHA1: 844fc68d7f78bf19870154b4382f5ede8334f2a6

SHA256: B7EDAFD464F3127CF47E7E8FB82A4B2AFC9936D8802EF3FFE83C7D5594558AAA

File Size: 1.28 MB, 1281024 bytes

MD5: cd2ff61510fcbdbddaf9a217a9bbe280

SHA1: e209bf3743fd3223c537a96809553b50b26fddd2

SHA256: 632DAEBC6909A035E966408B01323D58E3427633885E9A777D03F31F655000E9

File Size: 3.66 MB, 3662336 bytes

MD5: efddd63b1fb3518cb81518f814e7e6c3

SHA1: 213bb4c20f3c6312380cb03a5b84e3d918495d2d

SHA256: E2964C0D6E779B80703FB02FBA3E1B2F4C16912EABCD3BC4CB7C05EEAADD88BA

File Size: 5.81 MB, 5807047 bytes

MD5: 0c9d9614fa81acc04bf82c481f9b3682

SHA1: da2d5abbef8e634bb982ad589126f8c6b936725b

SHA256: D241418A0234527A37CBB07056283F047BBC43D9DF65345EF34F80B01E9D13AA

File Size: 416.26 KB, 416256 bytes

MD5: 13207acef05739040fdc421a8db49351

SHA1: 953e9fe3b0c20dd5695476d2c97a876248696800

SHA256: E44BD693734ADCB49D57546AFFA4F2940FDADDBEF50AA7C7120579E034130AF2

File Size: 3.72 MB, 3721733 bytes

MD5: 382a85306640bfc6bd26383b39b6131e

SHA1: 88856ab24b3adcc97fee0f9f4502d3aaa29d3c7e

SHA256: FBC8AF1E7E1D5296FA414AB042D1500E7DE360A2627330700D6B0E70D1D32B74

File Size: 92.98 KB, 92976 bytes

MD5: 9d5a17f86482ac38258857c8e1c44081

SHA1: 14d64e60090d58bd56639c8db3c8d0ad216d2a3f

SHA256: 3059C4A413DA528AAD4134767C058AB0AF44DEAC4C8C30947D44A0F0C2D67D6D

File Size: 443.39 KB, 443392 bytes

MD5: cf2b0108790e749d1a0f45be0225b81b

SHA1: 8dc46fbce171a92e4bd75931e1f552de70085a9e

SHA256: 526BD8881543B62CB9C748E61D4A60375B74E30E6DD9167BED1BB6337A6237AF

File Size: 1.26 MB, 1257984 bytes

MD5: a103ee1386295510cf7b19a77d5f6b46

SHA1: fd29773652f1549d3a0010dba206c11f102a00f9

SHA256: AD0CFBF9A8949EEF3293861884899B3079071BCD05C4829DF861BDB0BB25C682

File Size: 1.11 MB, 1110528 bytes

MD5: 51fbc69357fde64061270eb8adb0de20

SHA1: 7e1e42863c43dcc7b9148afc72b325aa447b81f0

SHA256: 0872B720FB79AE0CD568A9F0882C0FA5308EA744C3D5F4FA5672345B6528BD26

File Size: 1.38 MB, 1376256 bytes

MD5: 54fbc740d43dcee93e40462fc2ad5a3a

SHA1: 497d7bb298709cce0f5d86da301361e63507a4f0

SHA256: E35A63BA408BD951327435C6827B010F62458FD1AF7524659CA038DEBA3C7500

File Size: 509.94 KB, 509936 bytes

MD5: 5f51513e46e7cbc63301f2be84189607

SHA1: 09f006fc805d1576390c8118a2897b4121d35f78

SHA256: 86357732A06658F589535E76621CFD413CF02E5108A983B3C90F22456273A73F

File Size: 2.10 MB, 2096344 bytes

MD5: 312f80e4f2a7c0f28492f47d7cd01316

SHA1: 2880961e80aca5f86a00aa5bb85b9a8882c0297c

SHA256: 6EB74D0BC997A4D77B5B03BADEE59C6C4BC6D3756696E5FB1870F526AE51C0DF

File Size: 443.39 KB, 443392 bytes

MD5: 420d8c52ab019b641197286a4755431b

SHA1: 99f8856575acceeff479cebfad190480ae29c5fb

SHA256: F94BCF4290F630381EDC97099F3B5E25FF5A341CF210F957D8CFE267BE1B50B1

File Size: 3.12 MB, 3120043 bytes

MD5: 320c8f3d8bc7c505909eb89f17462b17

SHA1: f66e9d118ef203c4eb34ae4a9eb4e2db9d37659a

SHA256: A5A38F56DB3E6188540C9DCE0118AB0580694DB470239B12B51018040ED936DF

File Size: 35.33 KB, 35328 bytes

MD5: d6ce7b3353e7de697ebd23ba3d09e4d3

SHA1: c896cd776c8d760d9a9c3c0fa620b6a1e0733a5a

SHA256: DD09B246CD31645A2541C665E59B640DD644BA70EFFAAD7A2F3A6B2ADB6D9DA0

File Size: 2.55 MB, 2551808 bytes

MD5: 2a32bf474e1547f1f8d7d001b36fb4f9

SHA1: fcb52674fd94b53021d8664c5154d64d66783fa8

SHA256: 915C37D76C32B975567B2501EE2AD19B1B127D569510796C964F564618C2BF68

File Size: 109.57 KB, 109568 bytes

MD5: 110ba80036ac6f12b9646f6a854a103c

SHA1: e18089024bd03d70fe1bc4949c063d314459f176

SHA256: 85D359979D725CC067E205A2D0BB5FF670E0FE058AB046EE76D8C0D1297277C3

File Size: 1.44 MB, 1441280 bytes

MD5: 987bb896101b1f582230fceace97c33b

SHA1: ca0b860e2fa2250a83aba112564fe882557eac56

SHA256: FB4CB780DDCBFCBF39D5B96B9B920EFABBC08C0F780B3D249006F1F852616746

File Size: 5.27 MB, 5269504 bytes

MD5: 8241b6f8e3997f44fd08795cfe953ac0

SHA1: 06bfb3d66a429c77ef95c6e010ed20db312d4471

SHA256: A90AD87D8400C1B066672F00E6D515A13E652D69F86E1EE0E3526C884D64E0AF

File Size: 332.80 KB, 332800 bytes

MD5: b2013f7f29ee6fb9c3f8be8d8fe1027c

SHA1: 50f523f91375c33764b50079971b92a3cfb563a5

SHA256: 17B6E8D34DE2F93B6094B5D69EB8DA0F26387F58AB3DA0DABE57B77106ED647F

File Size: 52.22 KB, 52224 bytes

MD5: 3612d7008e2e5fecb1d757842ab2e1e9

SHA1: 89197249d1edc398abfacb515c075818288a811d

SHA256: 883ADEFD823DF622FF25A96CBD40AC363A95D4E43CD10B6AC65F4CC14F502EEE

File Size: 1.37 MB, 1373184 bytes

MD5: 1ffa2895e29c2fe7d5ab2b93e27a43be

SHA1: 365146f71a72be2be8a58429ba053c573a1e426b

SHA256: 1CD750FA4A2E1864FE08F6D07E6C7B75F3D4E90EAD8BDDEED085CD6CAFEDA1BF

File Size: 1.65 MB, 1650176 bytes

MD5: e4a2d462c1a422780e9d8bae63706dee

SHA1: af3e3493eb82ea4f64db2f11078d5f570e3b7c24

SHA256: 37375141D70CA547A9C37657610F1D31B133B7970BC19E6B8EF835C6408D724D

File Size: 1.31 MB, 1306624 bytes

MD5: 31b0f923f7c005e8cee52542c004ca60

SHA1: 9dbafccc091f5e30a7f1d56e1c8d4db61627a367

SHA256: C7C2C37A9CEA226E7974C4A0BB84040C5BB1CF1D2A92A50567D22319740D05B7

File Size: 3.29 MB, 3291288 bytes

MD5: e96bb669b7b46ea984b7dca241db552d

SHA1: 53868921113cf0a9c3bfe9e9af3e95fd1787a908

SHA256: 86BB976E556A4FF7AADAD68E414DDE1A0A5D64A86E4491E85EEEA9ABAAD95B78

File Size: 2.97 MB, 2968576 bytes

MD5: 34fd93aa50eb7383011b3250f528c439

SHA1: e0da6e1d9a140bee5a9fa4539bfb8a9d12593bf5

SHA256: FD6F392BAEBB74C5BFDDF643C5EB53BA9AD7A3D5CE06A73E9037900E3B7C7D3D

File Size: 1.27 MB, 1274368 bytes

MD5: adbf897378b6136a746c8bd51c8d2525

SHA1: b82e584e43061595840a3e8533195d270fe28c3c

SHA256: C30344F62C9EF30681EFB2386A391AE5A3A1669157FD4B4091BA9CA9D73BE25A

File Size: 305.99 KB, 305992 bytes

MD5: 37e865102d188650060b7f3a045e8675

SHA1: fe71cd9c02a2f4b4140d25d3aaf1d4332aa39caf

SHA256: 0B015732171378AA7A5726DD3E9A1FC3134CB3C63C336FE8BBD5F6768B132DD7

File Size: 1.72 MB, 1716229 bytes

MD5: 28827072bfdb6e483cb3e6cec7e20c55

SHA1: 2f69dbfdc7dac87e79e332295d3c1831f07f231c

SHA256: B9670B61C68EAA19EF6EA64352CA151D65AC403E39BE5736F81CFABE6139D7A6

File Size: 429.14 KB, 429136 bytes

MD5: cb1ecaa226eff9cc26f383d213d0b056

SHA1: 9b4766a7b1a78949f6d7b8c4a51c4a7396c9fc20

SHA256: 75D319525EF02EE0E750141B672421EBDA2403850D40D1FA7972A697FBEA45FB

File Size: 57.34 KB, 57344 bytes

MD5: 9fd727ad7b8d2ac8b773420ca7695204

SHA1: 976de1dfa05d0b99d7621fe65df44202834980ee

SHA256: 6924F31BEE3B366523CAF01901D723C7DE46D9552335D9928FD6D4D9D354FE74

File Size: 3.80 MB, 3803376 bytes

MD5: 5f510ad564ccfbf2c9c8faee003502ab

SHA1: ce088c24dc7cf52e3214f1b7bcb48003e06f5a81

SHA256: 6FB62F7E850D0ADEB5AF594D70AB26708423ABF8F7BD8AF84E2DAA639A7D5A48

File Size: 3.58 MB, 3581783 bytes

MD5: bff6d0eb32e3de47a727288675f4501e

SHA1: 34824dd6b24a78542fb999fc4b94b95058e4beec

SHA256: 6028EB74D201FDD3828DB6769148D5221842691E971B41C8771D49CDD9753619

File Size: 1.56 MB, 1561600 bytes

MD5: 9f635cb7ec645ba0b8af227e7eb34e50

SHA1: c2a4f8b3a68d5ad42673d4bef9bcf8b68a8c767a

SHA256: 742746FEC3B06331C4853610A023F2D70848CAD7C371F3584A9145A94E32242D

File Size: 4.00 MB, 3999808 bytes

MD5: 06317b44ff4c12fe6f27e6abe0278da3

SHA1: f889b9558646cc503208712fcac86baf1efe6fe3

SHA256: 864C3CE2B967410321794980998B824D931E2567DDDDAD9DEA97247F5E31AFA8

File Size: 2.28 MB, 2284032 bytes

MD5: 18580d72e72b24bab90b9508cb986fe6

SHA1: fe8acc3f97748319d264a7831689d1ac4c680fb3

SHA256: 7A94A33DD89A47D22EAB3F779BDED74EF1E9DBFD128184ABBB2BDB336D03D727

File Size: 1.63 MB, 1633792 bytes

MD5: 0dc5401f5cdafa0bbd9c10671403c1ac

SHA1: 02bb7dc2666243b288d190539b663553d99ecb31

SHA256: 1FE881528744389AA4CE15C97B0DE00FC0BE62C8485640E698A833DCD611B7ED

File Size: 649.98 KB, 649976 bytes

MD5: 0d54489b53513fa0f13e648c2f59646d

SHA1: 283ee2d3cb52b606b3fb1c6a15b7b3097f7fedf0

SHA256: C18EEC77C1E57EA8700303803C95EABBE5DD522597B1D96531249547CBD37AAF

File Size: 7.37 MB, 7372763 bytes

MD5: 472aa01eff24e6c06af4005d31036255

SHA1: a91841dda00b58c31fd648217ba443aa7a047a0b

SHA256: 661E3576A8A5BA4235C50220FB092CB8F2338740D33E6DAD79402E5618530753

File Size: 169.98 KB, 169984 bytes

MD5: d650198d9678fd9d61da526c8e8383f5

SHA1: eafc317a05b077e107efec8868d8e6dda3dfc7fe

SHA256: 748961F0135172D8F2638E51896CECD86CA88FA851BC2A30BB8211BC3CE23593

File Size: 8.14 MB, 8139024 bytes

MD5: 0d73e65b9cdef52b5c36e3fc21ab89df

SHA1: a56861757ba5fe0c6d9f3b3152c579dd1d25376b

SHA256: 60F649A88FD300B0A026EEF02541DFFA37C6BBDD0D9B0B18ECEB183A1A79E799

File Size: 1.58 MB, 1575936 bytes

MD5: 43586b698a92a008f06c5de8431a7116

SHA1: 55b3e59c228ff901ba332d9d41670dc6b3455326

SHA256: AA185C58A62B581C6820A1C7E3F39494352E57623A3B4372B4E3E574E33FF991

File Size: 3.15 MB, 3146752 bytes

MD5: 25cedf26a249957f9e67235f3bd1647f

SHA1: a68d9b3525b6c17f4117bcd80f77e46ef313cf5c

SHA256: 1564130854F00112736F055BF82D0E81F5658E8C3CC24411EDAA34A61E66283E

File Size: 708.54 KB, 708536 bytes

MD5: f14e5ff6dac11e520ef3b5ec004570ff

SHA1: 9ed168eea6b0603b15452f8493b07170b24ac61a

SHA256: 038CBF04CF8E576AE67319795353902173399624E529BB724031A17D118029AC

File Size: 1.71 MB, 1709573 bytes

MD5: bc7200b84df820ca0510da285b2dbb39

SHA1: cea6f396d7b320367eebfbeccf8bb19546b0b025

SHA256: 9C15ACF885870756591D0698DC5A08D4DBB0D57107F16712BF3C6F19ADADB532

File Size: 716.80 KB, 716800 bytes

MD5: cb6284f6d40b65a5b15a6da38993847d

SHA1: b4ef7b7d185c3daf0b5177754bbf8cf2de94ae02

SHA256: CAB4302631C7CFA93F6EF1F9DFE81FC2D02829B92D05996176A6AF3CD9252EA2

File Size: 586.26 KB, 586264 bytes

MD5: ee719657dcbf725398bd9f090b69ea2c

SHA1: 2c5fba4b80d2249428d9f6c21e3713fbd68e2116

SHA256: 3562697C5D9E1D264C66AB07651E1914EAD0BCE0A76CE506980FEEFC1F812ED4

File Size: 6.56 MB, 6563328 bytes

MD5: 1b55cc441da9132435d3ac69a8b39ae8

SHA1: 5ecd243715b00dffeed027a8ec1e3d7957652a92

SHA256: 5E230D0EBB637DCCC3F705E4EEEAE540E6C327C9360E5DCECC94E5087FED8A46

File Size: 1.95 MB, 1951232 bytes

MD5: b292b339276cc619cb4f961a73c848e2

SHA1: 58ab32b4f24d8829309778a917548494aeaea0a7

SHA256: FF6B8A60D27D846FC18C8FFAB488C5859369570E47097CC8760FEA4FB5FF6259

File Size: 1.60 MB, 1603608 bytes

MD5: eefbd31c758ac4dc39bf6c98ba174466

SHA1: a984132b77d8443861980cede144c0fc2743d665

SHA256: 2DFBD1FFAD8495B60E4AE805ADD6D94974D13B2AA4BB8DB0E94F747E1C548741

File Size: 1.58 MB, 1583111 bytes

MD5: 0af0d485821c2803c5a1e1449b2c3d15

SHA1: 92bb4d8fd7175a866339f96ccd251db6c28eabe9

SHA256: 9CF441CC89376FE310CC64A3EE33FC8ADBD4D2C9388B29B553B8509D34DF5FDE

File Size: 1.29 MB, 1288704 bytes

MD5: 5184590805c830b6318c58e328ad1ce7

SHA1: 005ed99f3de77a558d4ee4ae44cb6130c5633da5

SHA256: B2DA9419C74CDF86DBB4FFA1424636A8F4D0414F6661E2A6CAD2C8AA12A4405A

File Size: 1.77 MB, 1772920 bytes

MD5: 25ac60a4b88843613be8ac02750999ed

SHA1: 2d524d5439e912cd1d6782c6cb0882102d8013d2

SHA256: AE3F50307A6A7E5411ACC4F25EEF944615003227CD774EDDC94DE4C2D96758FE

File Size: 452.10 KB, 452096 bytes

MD5: 798d9d088afefeaa6310943f18913c23

SHA1: 30fd8977abb35f8e92e7089b2aac601c15afae7b

SHA256: EE5FE884BD6A0FB6A403FCC95EE95BE18C7C5606B4E3073442F7692D2BEE1584

File Size: 5.27 MB, 5269504 bytes

MD5: 16b9bfe7060c4a33d6776c8413bd0c91

SHA1: 82e1f87dff0a2e83ff92f195ec3a1a2c5f1efc37

SHA256: E657597B49896FDE777253F2C3B1D31ED8A4DE69FBE214886A9654D88579CE52

File Size: 6.60 MB, 6602240 bytes

MD5: 4fef93485cc1a9e4c2ac8bce3fcfc215

SHA1: 386ae98b635b0c0ba344b9fe2bc0067c96a03593

SHA256: 1D2E351B5A3C80C80B8B02B1F8715B31BCF5DF0105F44F3EA96DB43F87F49997

File Size: 502.78 KB, 502784 bytes

MD5: 9e19a8bedc84a7369d4eeb5f00e4dc5f

SHA1: 36b68b8b47d62bc6ba3c077f8bfd7f250b9132f9

SHA256: 788910179B5BBFC304EF7FF87147D5F027F4134428996330F85DA8EE5BEE2FEA

File Size: 1.59 MB, 1594368 bytes

MD5: 64021616ae768cbdfc37ce15d905138c

SHA1: 27fdb612f65e688fa4399ae5f25c554c5d7602f0

SHA256: 93EFA6F4E22819C66C8C040748CEB210167AB227CAD43846565731C8A9EBAD9A

File Size: 94.21 KB, 94208 bytes

MD5: b3a90a93ffaf4af8134eaefa1a4d22b1

SHA1: 619dcc45593b4d36e1a8e895560edf94faa295b8

SHA256: 7ECD7B145B00E557B22ACC15959A517CEBC2EE6263C783A8A2BA162925FDA4D4

File Size: 74.24 KB, 74240 bytes

MD5: 86ba497edd6cdbee3ad53f638134a7f6

SHA1: ea583abee883d4d69bef9ea154d18375b878cd1b

SHA256: 157690FE37525BC052CBAAE1FCBD9297D2773F287755D3886DA70C0F52596FD8

File Size: 1.81 MB, 1810120 bytes

MD5: 20b98999da59f5a577ea3915ae6b0194

SHA1: 9aa9aa10b919b49f36ce6cb26939cf41cafa8e07

SHA256: 91111CCE63D668FDA8D3A4A99D51BC9D75304C123DB92039F7C97E722D85876F

File Size: 1.62 MB, 1620997 bytes

MD5: c8a0bee02082f90b6799a7029c31ebc9

SHA1: 4e6ca397ef8221134d87c5fce463ec848c2b9b9b

SHA256: 5A79BA96337236C2DD0CAA2251E5D1C71B76B2DD348F33381FCE21438707A634

File Size: 3.33 MB, 3325440 bytes

MD5: e5b26f1c6c4433eec321f06663dd27d4

SHA1: 24d0e5eb78dba4062cd3bee52164beb5e660719a

SHA256: BF96325D9D4EFD2FD16AB75A478CCB40EA6A8AFC11A72C1B0EBF075B53FF0442

File Size: 1.50 MB, 1500160 bytes

MD5: d809b5cca33cb7d2f39dc7e73678b7f9

SHA1: 826a3d32be3606851d4dbb4ae7a32aeefee76e86

SHA256: C5B57FD5B95A850D3B42778F7AE66B16C0F794DBE4A10A0DABF29AA48F73FDE6

File Size: 1.31 MB, 1305600 bytes

MD5: 148017a0123332ca841f5a78047ee42f

SHA1: 95caf83fdae227d50ce32f572a2e018c22e19144

SHA256: 11322913024B99E5728DBDF666E97D792855E3A152E78DE50DF6A15733EFB6CA

File Size: 1.26 MB, 1257984 bytes

MD5: bd9557cc3c8471830f2c95d56438f7f2

SHA1: 26080536f558983b34bbc643d7220ad7797a2c0c

SHA256: CED095094F0CD2D6848949B7D6601B89E792D7E3994B4ED390DD16599A5D986F

File Size: 3.08 MB, 3081733 bytes

MD5: 89e263e86ba5c69079ec500bfed3482e

SHA1: c7db0937ca6210f1878109dc5e31c6da96258e29

SHA256: AFD255EC3E6027DADC6B862B312453CBF10A05AA1218CF15D0B46A45FDDE9A2C

File Size: 1.77 MB, 1772032 bytes

MD5: 5898e695ca3f13b54326a5ab1e76c071

SHA1: 1fa28f78924a99a44ce20f568da548d9cca09dbd

SHA256: 3A407AAF3419F799FB649B5A5C19924CAFA7D68B470716F8E20EF0E22ABB21CF

File Size: 650.75 KB, 650752 bytes

MD5: 770e2b77672ddfe849edb1a5ea1f7948

SHA1: abd50925c33b08b88b833402c725cb8bad811c0e

SHA256: 6C208E5E5471A66B391917351E4C88ED8ABAB5F74BAEECBA195204DC3650EF74

File Size: 7.48 MB, 7480912 bytes

MD5: b1f07674678c579ded914b3c21dcba68

SHA1: 5aee95047846ac1c68faee667c6094d21e14f5c0

SHA256: 4C1AEEEB7ECBF5F2E650864B604C28D9D4902A55B2F4EE8441BEB9DAC51FCFBD

File Size: 1.40 MB, 1403904 bytes

MD5: 17eaa7bc6f382a4facf11d1dbf08ad27

SHA1: 136396926b5cb16f497afec8da84cf9749b8d4be

SHA256: 622CFCE872442D4968FC9170371F5E5D14FB51D1918B71B093B46584BA27F587

File Size: 1.03 MB, 1025024 bytes

MD5: 39d30f3053be1c8c46365890b4409b45

SHA1: 38110d656e81ed26fb74e934aa8aaad01cdc6bc6

SHA256: 1D28951BECD39BC12FAC00E83A9D570874D9C22899BA4A10EA30F6C1E98FB7BE

File Size: 1.55 MB, 1547776 bytes

MD5: e12e67675a6b17becd0995c7f69284f8

SHA1: 2f5f74ecb2c02c7ee98f0bb5733d9b9f834cf991

SHA256: D9CB242C7F469D86F886C159768FC07253BE69B673D9EFD86DE7A2ADA20FFC48

File Size: 2.88 MB, 2883072 bytes

MD5: f5dbb3f0b78344b74267772a79470cc2

SHA1: 58d156693c661fa6a4559efe0cecdd01cfc89265

SHA256: 01122AF7B6D6C7AB2A19C991ACA2627B1D7E2F750AF408B724BCB03AE2636002

File Size: 1.73 MB, 1730208 bytes

MD5: 62fde36e1f3477a63aa018ab86c2cc78

SHA1: 18bfcfe70f4789504694422c424be89ecf125454

SHA256: EA750664D7A25D552978378C0F97EC5B1ABD46479DAC01907D5CEE87E8D9D2A5

File Size: 1.61 MB, 1606656 bytes

MD5: 85c9b6060e557011f4b4e3e47a0f8d6c

SHA1: 20451b9467c7f6d8e97a4b9b188b92f48ade9cc7

SHA256: 3C17E90ABA3AC808CE8FF29603F3D4D62010519316A3872DEA1909214D190425

File Size: 8.50 MB, 8502272 bytes

MD5: 5da1a0c88d23e6536115c9795cbeafad

SHA1: 6454bd77734078df59b71f32dc1bcbf040d3135f

SHA256: 2483A00F18EDE4AFDB858724760AB2DBD2EB04520DB9D9EB04B2A0F41870BCFD

File Size: 77.82 KB, 77824 bytes

MD5: 5c34c769065da7f7aeefa603fd598e9e

SHA1: c80af32db225c95e6f8a4017b3cf17444a1bf698

SHA256: 63E724D66B7D636B7D214D534EA62C526984D9CE4DF7266C3245060126236E20

File Size: 7.00 MB, 6995968 bytes

MD5: 1fb0c35de245ed508db4e27e52ca9532

SHA1: 0e2d9dff91d872080cbd731deb5fa5b09213d9ae

SHA256: CF0204AAD539DBAD0B0C67EFCA83C3D6CD88A801182AA3F2ACAF8F4C485B0862

File Size: 1.83 MB, 1832448 bytes

MD5: fa205098fd79970fef31a78e2a1d62f5

SHA1: 5c30380acfd52642fa292fca01b11fed9324a523

SHA256: 1DB28576BE8026B9AA1AFFC4DF426810404E065A6BE433A5F05565F75A6CBB8D

File Size: 1.43 MB, 1425920 bytes

MD5: a2587ebff7dd3e6186fafc6043a104be

SHA1: f2543b62b0067a3a64b3971081e731f7f0d7ea90

SHA256: 8311A1D2747F41C1B2BB8EC78145C6C38A1C4BFA9488F84A202B144E94F621EB

File Size: 243.20 KB, 243200 bytes

MD5: 95d9c8c7e9c1d42d638bfa644beb44a7

SHA1: 88b9215c1ed16fff0e9b7ec3a0d786af7f27460f

SHA256: 9A44CAB42BBC882ED53870A5D02529748D5BE8A4964A683D8F246AE708ADB7D3

File Size: 2.74 MB, 2743808 bytes

MD5: dcbf0447c4c8d8b26935ec4fde3f48cb

SHA1: 6d5305b4fe9cd2e4a647a170c419b5f1bf0025fe

SHA256: 9CF11F3F697D11BE23F97AA675915FF8715D06FC69BE2881275CD2E583B9D84A

File Size: 757.76 KB, 757760 bytes

MD5: 6858b5ec910b3bd2f271ef261cdbf7c2

SHA1: 07a246c898796e3d8decc20bf9612328a988b9f3

SHA256: 57F8C2DFCB87F7043D6625D1DFCDA1D63E6B9EAD54AEBCD8CD27E5B81B138FF7

File Size: 283.65 KB, 283648 bytes

MD5: e3dc8567a57d66fe0ac1eded152e143e

SHA1: f57f06ea009101675acbd5e16c63898671cb7ca7

SHA256: 2F19ED6FFFF2BFDA73AD2554F0C07A5473F79AB42268B643F4762C917CBD0790

File Size: 1.17 MB, 1168447 bytes

MD5: a557ba4966d9ac453e6fbd3c5bceb889

SHA1: 45e67c58c3f96ef6aa3b44535fe18d3086f53e29

SHA256: D60518AF0BC60D3FD756471364EA86939BDEAE46991ECB486E4CC21A779DBA38

File Size: 289.28 KB, 289280 bytes

MD5: 83746d0a506807b8d215ae8cd11e05a5

SHA1: f133d9ea737e9b78e2f181956a084eee4a310ab4

SHA256: 71C4F36899B4B65BBD0165E27BD4204C3D426E53D93775B414568463E4243CA7

File Size: 1.71 MB, 1708208 bytes

MD5: e506cd44d335f75c250f78016a80ec5f

SHA1: 0eca90c069038171942aeed50c9289a749c68512

SHA256: E8F7F1BA62C536AD94C878D40C2DD71DE47CD4D89E380B1239FFC94BBA3C0512

File Size: 2.84 MB, 2838016 bytes

MD5: f1683c567b3a1d94aff879b0e01a9f54

SHA1: cf4dd34b1e8c034d35749c61d510b5376faae78f

SHA256: 06EF8C0FDD5379110D20D9AF9894B86FC533EC432DBD011E374AE1005CA32D88

File Size: 1.52 MB, 1516544 bytes

MD5: e8bff93883017f4cfcaf7397ee2b3a36

SHA1: 577acb1946dd68194f3764cd969eebe8e065104d

SHA256: 8DAEF18F41D2C55D1E5E1CE0BB73E8CC5F3D61A64896678DD8905B8EA413E189

File Size: 1.75 MB, 1751040 bytes

MD5: 32a0763d9f89de641fe3b9e3ee02111c

SHA1: 7ea19b1e47ee76d726cb88869a37f0a885f854fa

SHA256: 256AAF2011BB0D8DB1C7BD450A7F4B5485A0DD4243EBD8372AADB38AEB156D6D

File Size: 5.13 MB, 5131264 bytes

MD5: dedf4dd29f1eb49993226b9188563331

SHA1: 36a4ef3aed8fa369507046cbd446b05c49bbf6b9

SHA256: 3719DDD5F7C301632AFCCB4E7B0CBCCFB5BA8A2863DE6A116CFD70703EA35207

File Size: 1.03 MB, 1034752 bytes

MD5: a6f343691be848762d2d086ee23cff66

SHA1: 64986a3963045b7511503f2e73ddb75c0bf43620

SHA256: 8E64B054C57D1A0A5616D32D91FB30F54FAEDE2A1A248724B386E8805A20EDFC

File Size: 1.42 MB, 1418240 bytes

MD5: 0371127b0e2a80df531a4d7ec62d9aae

SHA1: c3528152d8d8295d4a786a1a6f821b31c3aee648

SHA256: C1A1C20ED7D35C13B7C9814B52FE67A50E7F78425EF5CDAA028182E044E80BCC

File Size: 53.76 KB, 53760 bytes

MD5: c2763adcc2c2f6e4a8a13509292dbbf2

SHA1: 1f32efcc1a40a11cef6f3d8695af52c8366b729f

SHA256: 2E73FF6783C8103278A7FDCF67A44119CB0C6AC4C44EED3EE376154EA9E37D35

File Size: 1.46 MB, 1457152 bytes

MD5: 843a2715cb30239df26b29dbd3904c5f

SHA1: ffce2c2664fff21c74a98e2fd1288b68ca7412f2

SHA256: 7743AF797E8FD1691A02FEEC793BD196E0AC00FA45DE717256DDFEB876633304

File Size: 1.43 MB, 1432576 bytes

MD5: 3df0e218d5b4b03b7e6a54fd1077eb8a

SHA1: 24a9e15320f9f9ed74fb0184e76b2c61cb238d36

SHA256: 2CF46115638952F846053740CA7A8934B14034EF5535553EE70DDC4D8FB8AAE7

File Size: 1.44 MB, 1437184 bytes

MD5: b43148479e397cee6c9f5e739f8a38e3

SHA1: 0ebe1e7b7d03fbacae8da72c6f28beb5ea2a5c27

SHA256: 37CB9ED069DFFEB0B6B5846BF7A22341AF37264D1351F5FF7A53FEA06608238D

File Size: 8.74 MB, 8740864 bytes

MD5: 87e8e1aba47041d48d677ba8b2eb65f8

SHA1: d1d96546c6c60def338c044d100c5a42cf083228

SHA256: 9A8FFAF07359D66EB617183637F2108C1CAD4521297A4E19F239FF8DA548A156

File Size: 1.42 MB, 1415168 bytes

MD5: 18c5df5b17d236c98b5ac277493d8bdd

SHA1: a3e876891b90b792f12049f1543d941556108d30

SHA256: 2E9A32B354FDAED044BE81E64C3A0FDF99D1C744EEAE81619BEDE070686BECFB

File Size: 7.68 KB, 7680 bytes

MD5: 480d3c2e33e424cae057afbfb2839181

SHA1: bd60260b51649d3b426343d733545cef4b93ced0

SHA256: 5BF26FBF6D71C95D80AAD1D5C753F90F804101C0B3F640816DC1C1525D2F0BA1

File Size: 1.72 MB, 1717248 bytes

MD5: 4b6e34f9a8234aca07a4d353eafdbf61

SHA1: ece1c31b09330049c0fbb86ad5f6252a26c6ce79

SHA256: DFD89EF21D0C5A25DFC884188CFCA77DD4A7D7B6FEC6ECF627F61B3A6CFAF717

File Size: 994.82 KB, 994816 bytes

MD5: 6e35073524dd64341c837a039e9d6f79

SHA1: 092410b9523b023871ac28363495368846f7b741

SHA256: 6797EA2F3750BC40255E3FEF679AA310A6207144A9A360C30F4940DB91FDC278

File Size: 2.36 MB, 2364928 bytes

MD5: 1ebd79ef1be0fb85d7886dbb6eef3612

SHA1: 7cb4747dd474f074df5e3cb68a505d3fe15b11e8

SHA256: 4252B18FAA2FEB9EA4B7A1A0DFF477FCA6DA46DDB2373330C8D670E8FEB987F0

File Size: 592.38 KB, 592384 bytes

MD5: dc5209eb020504f9232763a10a14e5e7

SHA1: 8cf41c912f752f545e73e77dc71e9e8a078c4c6d

SHA256: F479EBD949351B42BD8AAE4A46AC4E7D2B9FAA0A427EDFF03E6FC4220B449E12

File Size: 1.91 MB, 1910784 bytes

MD5: 0c01b0b62a3432d305ae716c00c13150

SHA1: 85b71fb92525eabfb396424f0b7f530e61e3a2f6

SHA256: DB31E567BACF450E2299A1F3B17E26E86BB0BD22127577F46E2C0F8B1186D908

File Size: 2.21 MB, 2209792 bytes

MD5: 4f045a41df0eac5118d2e49a9ec89d91

SHA1: c0c422f3d5b454ee56fe6b34e346a64ce1cbb842

SHA256: BD2BFD35BD887357BB8C5874FB8685587C1D5A535046CB6046CD2D0321F88914

File Size: 1.73 MB, 1731584 bytes

MD5: 31c0ee3d0a92e8928ea06fc639bd8213

SHA1: 5c67a2f70c95daa6923bebf71ee560a19c610fe9

SHA256: 111E20B6BE0922D00F18B6784BF561249B3600A8C83160D44E463FA177E2BF1A

File Size: 1.08 MB, 1084928 bytes

MD5: c879ae6572fb7cd6570e9f2b5eafa9a3

SHA1: f214777574521a18f8c3b42fa86e136627ba5106

SHA256: 6CFB771AE855AFAD2A6B57ACB8E310AB97B552A7A6E15F0798C4F882A2EA2759

File Size: 607.23 KB, 607232 bytes

MD5: 704f7e09b9e10107fa258d80e3d57f6c

SHA1: d20a25fcb056616db032e40ef6528d14cf914b79

SHA256: 7F2AC63D6050324B1AC66CE3B85262018CACEF6787EB981AEAE07F5F8B194ADF

File Size: 1.43 MB, 1434112 bytes

MD5: 49f96bc22db29aaa25274f6af16957c0

SHA1: 9e6ff790fd9ab8b679bd0492d8afa9187c7f7e50

SHA256: EEFDDE17A34F429E8F2CA19599F3BC2EDB9A76298D8A20DCE3FE05FA2D8E322F

File Size: 1.35 MB, 1353728 bytes

MD5: bae651e4199e3d1bf8c5f7b50bf726dd

SHA1: 2d9aa3bd5fc1936643097b5524b91d291806106d

SHA256: E331BB772CC74AD432B76901411BCDA571C87CDF1C4C2528414F202D510F65ED

File Size: 2.45 MB, 2447872 bytes

MD5: 4d10c0ac74c150c78b7d125a5db205fa

SHA1: 3858f8a99bf6eb97a772971774478f0ed3adafcf

SHA256: 5FA39F347D53A85EEBCFEF7C6F72464C34C5642005F3FF52E2BE520156FF06DD

File Size: 1.75 MB, 1751040 bytes

MD5: a4de545282eafbc6af5d7d6dce6ea4c3

SHA1: b9f375de3d16cb5cadff19d42b83870f0cb0057e

SHA256: 3487C6FAFD91600D3697D7B72FD983378A82B208BC7CF7C3B51CC6E0615AE99D

File Size: 1.33 MB, 1329664 bytes

MD5: 83f8ebe9ff6ab42751ad33bad5fd04aa

SHA1: 9679e3f4b4ede6d8b69ea788cd5784c9594e7c79

SHA256: C19647290CE17D8B1ECC986ABADABDE6CC90815C951C17BC32C7076D28FC7BA8

File Size: 2.10 MB, 2099200 bytes

MD5: cba7a07103f03318d0fb2e83920a386d

SHA1: 42c927b7159a39a6b0df9fb8990ee2b6e1226b2b

SHA256: DF79099C41AAE561B3E072803DA8F7BAD620C1192D9CE0E07434892B49E5AEAB

File Size: 1.55 MB, 1548288 bytes

MD5: c038ed991576a5a2da966c68435ec33c

SHA1: 74305cdb5c00ec692dba1fda16ff9a6709ade5c1

SHA256: 691452E439D876A6C265AB3BA28CE694212CAD170C3AB969C60EC5FA8E3F344E

File Size: 60.93 KB, 60928 bytes

MD5: 02d36be49b0818aca55bb2e4c7e5f087

SHA1: 39db6b4b05aef3bb3935a66884cc7fc57aaa9684

SHA256: 3D216AD055236C775D4CD521182297DE16E94532244B72B952E3C007D893502B

File Size: 2.61 MB, 2613248 bytes

MD5: aa7d86f5931dd74a888ff171c9b45573

SHA1: 9ffc1d8fb4c30479854c257ea237478a40e30f7e

SHA256: 4D6192682DD597C737641DC482322E37D89D8FF2AEFEEF2E5699A8E2A0888516

File Size: 707.07 KB, 707072 bytes

MD5: 58a2127578f214d310803c19c11ddbe6

SHA1: 0d4e76b069e06297898322375573e87be4c4329f

SHA256: C0AAE7C6F28065CF54C0F8451C2957CA404EC9C3CEA85A328980B8404516BA81

File Size: 803.33 KB, 803328 bytes

MD5: 70ac0f2944fe6fb41ac70620930e60a2

SHA1: 6291323bde39792147bf08906cb6b72a44a3d082

SHA256: 0ADD8F04911B1166FDA0757C565213CD79CBAA7D9F6E1C549C37F41EA4888BED

File Size: 729.09 KB, 729093 bytes

MD5: a60a5c5546a316547f34fd3bb217fe45

SHA1: b281664ad5f360436764d6d7bc184ef92991b433

SHA256: 8FEA05FE9D3BCDB3BB6F36FE9FFA6500EEA0F4C95592F4D7B27737D0CC358DB7

File Size: 399.36 KB, 399360 bytes

MD5: b130aee4083a117bda32a335afa6363e

SHA1: b405be6e201032e68a3c58dfc1d309c364534e4d

SHA256: E3423353DDF4607040F77CAE5F528ED4246110C7F49169D95191A5D7568C0278

File Size: 8.19 MB, 8193024 bytes

MD5: 2a222eaa9599137eec8c46e14eb874aa

SHA1: 5bf54f3787413c9a9fa29b21dfd01997d709cdfd

SHA256: B3A623F86032CB7FA0DBEEDCB84805C8916D5B419E24C31D3955887854912A05

File Size: 2.28 MB, 2284032 bytes

MD5: 3d3fe3793fe850ca945eb6f24a019805

SHA1: 36ed2a7909ed820978294893c8d79ab6056e8a8b

SHA256: A2DDE12D64D69B02B868115CF2B4EEAE585D774FD4FFB2A69718AB9199653E2F

File Size: 4.59 MB, 4591616 bytes

MD5: 7c3fac5c6fe7e7c92ba6142193ececd9

SHA1: eceb52497969a06c2512a5b4e91d607e2c174b13

SHA256: D2E8ED178B682FB11F07D627078B824DD3C1E041FF075BCE3A481676E1D2EAB6

File Size: 2.59 MB, 2586624 bytes

MD5: 1bee4b88fc8c33da6da19bff42420628

SHA1: b97bfbf67dfdc85524a2db2293357b2758565459

SHA256: 0526799D7549B9D3603CBF654778722E8D47D059A17ECDF6361F6717E4DB33AA

File Size: 1.36 MB, 1364480 bytes

MD5: f8e637050a4aea394d8c9550bec943f2

SHA1: 3372db987e6d9179f1ae494a92ef76ab8012dfdb

SHA256: C7773B6D9D4D27693138A2A67218199012F4C0BEAF68E2E0B279078888276FA2

File Size: 1.42 MB, 1423872 bytes

MD5: f83926269a1bbf8e1917b0018d2890fb

SHA1: c7963c54d671927449ced30fcfe44d4f025d2636

SHA256: A9CFFE59481CD5DC3EDDF471D1E6EB98FA6C0580B105A04005EDFEC0B4DC6A48

File Size: 1.74 MB, 1744896 bytes

MD5: 9533484b5233ab5afc0e8d9463049b93

SHA1: 6e439904502b488ac44f17da6ea93f2c54a6d974

SHA256: 6D8DAC856033F89832C5C992932775EBBD6F75D79D8978B635E8EE28751B8EE8

File Size: 2.45 MB, 2447872 bytes

MD5: 98a6e5813d6a66572cf101656a60e5b2

SHA1: 4f5af582e05c93b67c766666f9cbf1685f56d648

SHA256: CF2F21ABD5F7FA40E1D4DBC51E477E18F9C2B14B6B19921DEDFF0802218AD6D7

File Size: 1.68 MB, 1676800 bytes

MD5: 0c872041c418d58e1e8be18c6c0a7091

SHA1: 3339118df3743f1371fa4417907ab53c77fafe94

SHA256: F3AB18CD965831EEC4A8E9AC1B6C6E3C38A484472C367DBE373DAC56B58C45FF

File Size: 1.61 MB, 1614336 bytes

MD5: 3fdab5a8b902c96a8116d3bb6380174c

SHA1: 9e5bd1a8d5ec0353ad62d5d33583b840efb074cb

SHA256: B5ABB445D28361FF989B9776E94DF71C0064104400C03A681DCBF3399F54A2AD

File Size: 1.50 MB, 1496576 bytes

MD5: e579f384e7c41eda6e86cd55019026a7

SHA1: 94acbced45a34f758e4894d2ab21feafc9e311b0

SHA256: E150F33DEEB7FAD7930004529C0A355D181530AB2B53DD807557776BFD3AD17B

File Size: 698.37 KB, 698368 bytes

MD5: 38db07d8069d87dbaa453fed1677f08b

SHA1: d5e07bb919a968443fd6b5fa7ad58a192903a078

SHA256: 6E9536B0017C2D4E215F3A78FC3B4631800137210DFF41EB14DB88E4D7E6A845

File Size: 1.89 MB, 1889280 bytes

MD5: 488618554902d0271e35c16a1beaa059

SHA1: 1390f65c88c93b62a37926e8d5675d5801ef78b7

SHA256: 8160219C9A3117BFE6179399DAEB7D679E2830B562E153FD02F47D4E193408BE

File Size: 106.50 KB, 106496 bytes

MD5: e08208c907b697d22dab32c0f453966c

SHA1: eb9c1a77f7de5fe4aec98d4ad505357b3d740a9f

SHA256: C942B14B06C6740A036B2DBB8E1CF4895168A0E27F3ADFCA0449918B0775CFD2

File Size: 1.44 MB, 1440256 bytes

MD5: a50ee4f1981c182f5fc68a9cb3837165

SHA1: 1f09c8d2691be9c5979f729edc9d44938b7fe473

SHA256: 22204EF2634E2B4BBBC3623E9BA00531C164A42A5D2330FFC9B56FB8FF00AAAF

File Size: 1.25 MB, 1247744 bytes

MD5: 638843e6eabcf6dfe09740d3ca83fb9c

SHA1: 9f794dfe60e1fd3da455610e54835f31c9aa77c3

SHA256: 2D84F301DAD7AF0002DFADE5331DEB112C53D95F61FBD7DD5B29F57371EB2E55

File Size: 1.18 MB, 1183574 bytes

MD5: 989c995f357f924fd159131605960fed

SHA1: 5cfaf2248f0eefcdf33b0aca766097ab352547e8

SHA256: 903CCF67D537B8FD8C74E27065D0DA2715245737E572265059C7912A569D96AA

File Size: 52.74 KB, 52736 bytes

MD5: 075eefe9d7f1842c20a657c74ac12181

SHA1: 77749a15b517838ae7d1a83b32ba47de1571a0b1

SHA256: 2CCF8A00DB6AFF67EB4952B70937218951A68F52295CBF092B9497BEFD61CF81

File Size: 229.38 KB, 229376 bytes

MD5: 06b06bff4a570902ff3a1689c07fe5be

SHA1: cda12cac3116b1a828dbfbe8b08c962af0873a2b

SHA256: DBD5C9775D25B14EAD698F05F160F86BA5DFE7396AB584D512F3B2E2A00D519F

File Size: 607.74 KB, 607744 bytes

MD5: 0f5a660b67e15a84e2dd530b5e1cfb1f

SHA1: 357a8f287b8de1464621961d0d1ce24e29bcfd8d

SHA256: 9D9E55887BFF5661C55ECE0639ECCEA02B1BF3B7DECBC60D9E93D80C938236C1

File Size: 1.38 MB, 1384448 bytes

MD5: 5a8cfcf61be2406ce3c682eb904adc45

SHA1: aee0c9aa30c4719b5b29fb45f95c65fa150c006f

SHA256: 2D3A37ABE6DE510FFDE45577AA37F4194CEF9A3A705B667398CBF50AB90799E1

File Size: 1.43 MB, 1433088 bytes

MD5: 09f75db8adba5ee665bf5b0c1c4bc2fb

SHA1: cc0879ff2268dc64a750a4df6f80ff64dfd116af

SHA256: 54E47B732ADE9A6BB217522CA0CBF8FCDECD6126BD7A7AD5E5828C31853D12B6

File Size: 1.36 MB, 1361408 bytes

MD5: 0fe7165ce98b07117abc0cff3515365c

SHA1: 590fadee54971033df0eae40ea6ce0f2cf9e3736

SHA256: E8741FF091F8F39A1131EFF22E4BABE189D630F7138DEA676A7D513CCB6C7FCA

File Size: 491.52 KB, 491520 bytes

MD5: 9e498f8bba54d3d9d0f2afbcbe27647d

SHA1: 7ce72ea5b035df7da21b37a8dec10eb85350e2a5

SHA256: 068D5EA22293C86AD67C1777F4505ADB50E622E68D62571BD21915CD5A612009

File Size: 2.81 MB, 2806088 bytes

MD5: 4cccefd80b9a9ed37926c6271fe5db61

SHA1: 288ed5c34e5e5d093f8aa14547e29a500a4beeec

SHA256: AD5A413A366454DCDE3B6C541B6880E2DA5874DA016E28B8754AED13227CBB03

File Size: 6.54 MB, 6540288 bytes

MD5: cdec29fdb0c185cd9a556e9d132a5584

SHA1: c12c1139b8112ef1b32864a1a9de07fd08f6c92f

SHA256: D75E1F258B8BACD333B9EBEFF681D9E5DEEB104FEAE698E2935C939C62EBD114

File Size: 218.28 KB, 218280 bytes

MD5: 0fa1f47d0b9fe296d836fa29879272e6

SHA1: 113fbba6c09e887c1de7aee1bdc6cb1205e6eb18

SHA256: 0D581EAD1DE5C4BB0CC9FEF1D712C340129BB65FC105E0BD9A013A987B54B32E

File Size: 209.48 KB, 209480 bytes

MD5: 2d327a7ab673a2d1f3c4e2eea59c584a

SHA1: ba18ff2459ae3f2cb2e61acb02bdabddb1275466

SHA256: 1B3D37A58EBA9E14E6712967FF4BCC2D05E1FCC34D8BFB7A77323CF333E51F46

File Size: 74.75 KB, 74752 bytes

95 additional samples are not displayed above.

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have resources
File doesn't have security information
File has been packed
File has exports table
File has TLS information
File is .NET application

File is 32-bit executable
File is 64-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

574 additional icons are not displayed above.

Windows PE Version Information

Name	Value
Applies To	Windows XP Service Pack 2, Windows 2003, Windows 2003 SP1
Assembly Version	1.0.0.0
Build Date	2005/05/04
Build Date	Tue Jan 14 2025 10:48:03 Wed Apr 11 2018 00:18:47 Wed Jun 29 2016 00:19:38
Build I D	20140722195627
Build Version	9.0.0.31 9.0.0.30 8.6.0.79,8.6
Comments	-x64 Autor: Alejandro Comes HP Installer http://ipmsg.org/tools/fastcopy.html http://www.internetdownloadmanager.com LegalCopyright SQL ST10Flasher TeamViewer Remote Control Application Thanks to Edin Kadribasic, Marcus Boerger, Johannes Schlueter, Moriyoshi Koizumi, Xinchen Hui
Company Name	Adobe Inc. Adobe Systems, Incorporated Adobe Systems Incorporated Alexander Roshal AnyDesk Software GmbH Apple Inc. AS Freelancing ASUS ASUS Inc. ASUSTeK COMPUTER INC. Show More Autodesk Inc. BitTorrent, Inc. BitTorrent Inc. BitTorrent Limited Bluestack Systems, Inc. Borland Software Corporation BraveSoftware Inc. Brother Industries, Ltd. ByteDance Bytedance Pte. Ltd. ByteDance Pte. Ltd. Canon Inc. Chickadee Digital, LLC Conexant Systems, Inc. Corel Corporation Crocodile Clips Ltd. Eclipse Adoptium ELAN Microelectronics Corp. Electronic Arts Inc. EnigmaSoft Limited ESRI Flexera Software LLC FTDI Ltd. GitHub, Inc. Glarysoft Ltd Google LLC Hewlett-Packard Hewlett Packard http://libusb-win32.sourceforge.net I3D Technology Inc. Igor Pavlov Inner Media, Inc. Intel(R) Corporation Intel Corporation Kaspersky LY Corporation McAfee, LLC Microsoft Microsoft Corp. Microsoft Corporation Mozilla Corporation NeatDownloadManager NVIDIA Corporation Opera Software Oracle Corporation Panasonic Corporation PC SOFT philandro Software GmbH Piriform Software Ltd QUALCOMM, Inc. RAPOO Realtek Semiconductor Realtek Semiconductor Corp. Rekenwonder Software Riot Games, Inc. SafeNet, Inc. SecuGen Secullum Secure By Design Inc. Seiko Epson Corporation Shenzhen Aidapu Network Technology Co.,Ltd. SHIROUZU Hiroaki Simon Tatham Simple Launcher User Smadav Software Smadav Software (Smadsoft) Stirling Technologies, Inc. STMicroelectronics Sun Microsystems, Inc. Symantec Corporation Synthetic Aperture TeamViewer GmbH The PHP Group The Qt Company Ltd. TODO: <Company name> Tonec Inc. TOSHIBA Tuxler Privacy Technologies, Inc. Ubisoft Entertainment Valliniello Valve Corporation VMware, Inc. voidtools y-kurimoto Zhuhai Kingsoft Office Software Co.,Ltd Zhuhai Pantum Electronics Co.,Ltd. Zhuhai Pantum Electronics Co.,Ltd. Корпорация Майкрософт „Google Inc.“
Company Short Name	Chickadee Digital, LLC Google Microsoft
File Description	7-Zip Console 7-Zip Standalone Console 32-bit Active Delivery Self Extracting Front End Acer Care Center Software Component Adobe Acrobat Update Service Adobe Creative Cloud Adobe Genuine Launch Utility Adobe Photoshop Droplet Adobe Reader and Acrobat Manager Adobe Updater Startup Utility Show More AgentService EXE Ancia Chrome Android Debug Bridge AnyDesk AppID Policy Converter Task ARCGIS daemon AsusSetup(32) A telepítőplatform modulja Authenticode(R) - signing and verifying tool Autodesk Application Manager Barre d'outils MSN® Bcdboot utility BlueStacksWeb Bonjour Service Borland Remote Debugging Server BraveSoftware Update Canon Digital Camera SDK CDPROC EXE CapCut CCleaner CCleaner emergency updater ChangeTLDSchedule v1.0 CLI CLReporter Color Finesse Command-line SSH, Telnet, and Rlogin client Command line RAR COM Surrogate Conversor de unidades Creative Cloud UI Helper CRLogTransport Application Crocclip DBInstall Application Depuración del programa de instalación de Microsoft DirectX Display Rotation Tool Monitor Driver Package Installer Elan Service El instalador de Google EnigmaSoft Installer Epson Event Manager Epson Printer Connection Checker Everything Far Cry 3 FastCopy FileToEmail Application Firefox Flahser for ST10 family embeded flash FreeGames GameSDK Glary Startup Manager Boot Service Google-asennusohjelma Google alat za instalaciju Google Installer Google instalēšanas programma Google telepítő Google Updater (x86) Google Update Setup Google uppsetningarforrit Google Yükleyici Google इंस्टॉलर Google इन्स्टॉलर Google ইনস্টলার Google ઇન્સ્ટોલર Google ସଂସ୍ଥାପକ Google நிறுவி Google ఇన్స్టాలర్ Google ഇന്‍സ്റ്റാളര്‍ Google ጫኝ Google インストーラ Google 安装程序 Google 安裝程式 Google 설치 프로그램 Häälestusplatvormi moodul IAS Migration Reader Illesztőprogram-csomag telepítője Instalador de pacote de controladores Instalador de Pacote de Driver Instalador de paquetes de controladores Instalador do Google Instalator pakietu sterowników Instalační program balíčku s ovladačem Instalační program Google Installasjonsprogram for Google Installatieprogramma voor stuurprogrammapakketten Installationsprogram för drivrutinspaket Installationsprogram til Driverpakke InstallShield (R) 64-bit Setup Engine InstallShield Deinstaller Intel(R) Chipset Device Software Intel(R) Optane(TM) Memory Service Intel(R) Rapid Storage Technology Management Service IntelCpHeciSvc Executable 147 additional items are not displayed above.
File Version	V1.10ER000 Release 0.77 2019.4.31.12409535 2007.0100.2731.023 ((Katmai_PCU_Main).090717-2350 ) 148.0.7730.0 144.0.7547.0 124.0.5705.89 123.0.5669.23 115.0.5790.171 92.0.902.55 Show More 79.0.4143.22 73.0.3856.382 70.08.08.1442 65.0.3467.78 49.0.4.0 32.0 27.0.194.0 25.243.1211.0001 23.3.12.0 23.038.0219.0001 21.3.10.391 21.07 21.0.7.0 21.0.6.0 19.5.0.1037 19.00 19.0.160 18.05 17.6.2 build-24409262 17.0.33529 16.8.3.1003 16.0.19426.20218 16.0.10730.20102 14.36.32532.0 14.28.29325.2 14.0.4755.1000 14.0.4750.1000 14.0.4730.1010 13.0 (13.0 x001) 12.13.10.3 12,2,0,21546 11.11.0.0 11.00.26100.7309 (WinBuild.160101.0800) 11.00.22621.1 (WinBuild.160101.0800) 11.00.22621.1 11.00.19041.1 (WinBuild.160101.0800) 11.0.20.1 10.3.0.100 10.1.1.42 10.0.45471.0 10.0.30319.1 built by: RTMRel 10.0.26100.7920 (WinBuild.160101.0800) 10.0.26100.7309 (WinBuild.160101.0800) 10.0.26100.4202 (WinBuild.160101.0800) 10.0.22621.2495 (WinBuild.160101.0800) 10.0.22621.1 (WinBuild.160101.0800) 10.0.22000.1 (WinBuild.160101.0800) 10.0.19041.5915 (WinBuild.160101.0800) 10.0.19041.4651 (WinBuild.160101.0800) 10.0.19041.1 (WinBuild.160101.0800) 10.0.18362.1 (WinBuild.160101.0800) 10.0.17763.1 (WinBuild.160101.0800) 10.0.16299.1747 (WinBuild.160101.0800) 10.0.14393.0 (rs1_release.160715-1616) 9\,0\,0\,31 9\,0\,0\,30 9.6.5 9.5.5.1 9, 7, 0, 0036 8.17.13.0774 8.6.0.79 8.00.7600.16385 (win7_rtm.090713-1255) 8.0.16642.0 8.0.2410.7 7.1.6 7.0.4 7, 17, 1300, 0 7, 3, 0, 4 6.9.0.2786 6.8.0.821 6.3.9600.16384 (winblue_rtm.130821-1623) 6.3.1.0 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707) 6.1.7601.17514 (win7sp1_rtm.101119-1850) 6.1.7600.16385 (win7_rtm.090713-1255) 6.0.6001.18000 (longhorn_rtm.080118-1840) 6.0.0.2 6.0.0 6, 42, 52, 2 6, 3, 0, 0 5.61.0 5.15.8.0 5.11.0.522 5.4.17 5.1.20513.0 5.0a (Build 402) 5.0.22621.3880 (WinBuild.160101.0800) 5.0.19041.4651 (WinBuild.160101.0800) 5.0.19041.2193 (WinBuild.160101.0800) 5.0.142.17 91 additional items are not displayed above.
Full Version	21.0.7+6-LTS 21.0.6+8-LTS-188 11.0.20.1+1 2.8.333.2 2.8.271.9 1.8.0_241-b07 1.5.0_09-b01
Golden Bits	True
Hash	eee44cf8d7ec611a779e6775bcd75ce5a4703445
Installation Type	Full
Installer Engine	update.exe
Installer Version	6.2.29.0
Internal Build Number	115289
Internal Name	7z 7za AcerCCAgent.exe adb AdobeARM.exe Adobe Creative Cloud.exe AdobeGCClientLauncher AgentService EXE Ancia Chrome AppIDPolicyConverter.exe Show More ARCGIS daemon armsvc.exe AsusSetup.exe atualiza bcdboot.exe BORDBG61 BraveSoftware Update BrowserHost Module BrStMonW BuringFW.exe CapCut CCUpdate CDPROC Client Application CLI SAPI CLReporter Color Finesse Command line RAR Creative Cloud UI Helper.exe CRLogTransport Crocclip CxUtilSvc DBInstaller DISC dllhost.exe DPInst Droplet Template DVDSetup.exe dwtrig20.exe dxsetup.exe EEventManager ejecu elevation_service_exe EPPCCMON.EXE ETDService.exe Everything ExtensionHelperApp.exe extexport FarCry3 FastCopy FileToEmail Firefox FreeGames.exe FTDIUNIN.EXE GameSDK.exe GitHub Desktop Google Update Google Updater (x86) Google Update Setup GUBootService.exe helper.exe IASMigReader iaStorAfsService.exe IDRotMon ieinstal.exe ielowutil.exe iexplore install-filter.exe Installer.exe installmanager.exe IntelCpHeciSvc Internet Download Manager iTunesHelper iusb3mon.exe jaccesswalker java Java Update Checker Java Update Scheduler jconsole Kernel LineUpdater locator.exe LogTransport2 MainV.exe mDNSResponder.exe Microsoft Edge Update Microsoft OneDrive Microsoft Update Health Service midisrv.exe mm MRTStub MSHTA.EXE msiexec NBA LIVE 2005 NeatDownloadManager Ninite NvContainer NVIDIA nodejs launcher NvOAWrapperCache.exe OfficeSvcMgr 52 additional items are not displayed above.
Internal Version	3.5.13040.0
K B Article Number	935695
Language Id	en sr-Cyrl-RS
Last Change	2f31ea24c029d582f5472682b25153751b8021b3 7e38df31c02dfcf89afe77c0c3bcc5d360516d78-refs/branch-heads/7730@{#1} 43ff84ab4732e1864649c417ca17b1c2149d1179-refs/branch-heads/7547@{#1} cf9067bf10d8f798c24643029af1d24e275646d6-refs/branch-heads/5790@{#1924}
Legal Copyright	(C) 2011 - 2014 Intel Corporation (C) 2012 NVIDIA Corporation. All rights reserved. (C) 2016 philandro Software GmbH (C) 2016-2025 NVIDIA Corporation. All rights reserved. (C) 2020 NVIDIA Corporation. All rights reserved. (C) 2021 AnyDesk Software GmbH (C) 2022 AnyDesk Software GmbH (C) 2024 NVIDIA Corporation. All rights reserved. (C) 2025 AnyDesk Software GmbH (c) <RAPOO>. All rights reserved. Show More (C) I3D Technology Inc. (c) LY Corp. All Rights Reserved (C) Panasonic Corporation 2014 (C) Seiko Epson Corporation 2021-2023. All rights reserved. (С) Корпорация Майкрософт. Все права защищены. 2001 Alejandro Comes 2002-2009 S. Meyer; 2010 T. Robinson 2019 (c) Realtek Semiconductor. All rights reserved. 2023 (c) Realtek Semiconductor. All rights reserved. 2024 (c) Realtek Semiconductor. All rights reserved. @STMicroelectronics 2002 Autoriõigustega kaitstud. 2018 Google LLC Autorska prava 2018 Google LLC Autortiesības 2007–2010 Google LLC Bản quyền 2018 Google LLC Copyright (C), Intel Corporation. All rights reserved. Copyright (C), Intel Corporation. All rights reserved. Copyright (c) 1999-2018 Igor Pavlov Copyright (c) 1999-2021 Igor Pavlov Copyright (c) 2001 FTDI Ltd. Copyright (c) 2002-2004 FTDI Ltd. Copyright (c) 2003-2015 Apple Inc. Copyright (c) 2003-2023 Glarysoft Ltd Copyright (C) 2004 Brother Industries, Ltd. Copyright (C) 2004 Canon Inc. Copyright (C) 2004-2011 SHIROUZU Hiroaki All rights reserved. Copyright (C) 2006 Copyright (C) 2006~2008 Copyright (C) 2008 Ubisoft Entertainment Copyright (C) 2009 Secure By Design Inc Copyright (C) 2010 Hewlett-Packard. All rights reserved. Copyright (C) 2011 Intel Corporation Copyright (c) 2012 Flexera Software LLC. All Rights Reserved. Copyright (C) 2014 Valve Corporation Copyright (C) 2014. All rights reserved. Copyright (C) 2015 Zhuhai Pantum Electronics Co.,Ltd. All rights reserved. Copyright (C) 2016 Aidapu. All rights reserved. Copyright (C) 2016 Corel Corporation. All rights reserved. Copyright (C) 2017 by y-kurimoto Copyright (C) 2018 Valve Corporation Copyright (C) 2020 Copyright (C) 2020 SafeNet, Inc. Copyright (C) 2020 The Qt Company Ltd. Copyright (C) 2021 Copyright (C) 2021 Valve Corporation Copyright (C) 2022 - Javad Motallebi (NeatDownloadManager.com) Copyright (C) 2022 ByteDance Pte. Ltd. Copyright (C) 2022 The Qt Company Ltd. Copyright (C) 2025 ByteDance Copyright (C) ASUS Tek Computer Inc 2021 Copyright (c) Intel(R) Corporation. All rights reserved. Copyright (c) Microsoft Corporation. All rights reserved. Copyright (C) QUALCOMM, Inc. Copyright (c) SecuGen. All rights reserved. Copyright (C) Seiko Epson Corporation 2003-2022, All rights reserved. Copyright (C) Simple Launcher User Copyright 1999-2014 ESRI Inc. All Rights Reserved Copyright 2007 - 2010 Google LLC Copyright 2007–2010 Google LLC Copyright 2008 - 10 Adobe Systems Incorporated. All rights reserved. Copyright 2012 Adobe Systems Inc. Copyright 2013 Autodesk, Inc. All rights reserved. Copyright 2014 Adobe Systems Incorporated. All rights reserved. Copyright 2016-2024. EnigmaSoft Limited. All rights reserved. Copyright 2016-2025. EnigmaSoft Limited. All rights reserved. Copyright 2018 Google LLC Copyright 2018 Google LLC‎ Copyright 2019 Adobe.All Rights Reserved. Copyright 2023 Chickadee Digital, LLC. All rights reserved. Copyright 2025 Google LLC. All rights reserved. Copyright 2026 Google LLC. All rights reserved. Copyright Google LLC 2018 Copyright Microsoft Corporation Copyright Microsoft Corporation. All rights reserved. Copyright Opera Software 2019 Copyright Opera Software 2021 Copyright Opera Software 2025 Copyright Stirling Technologies, Inc. 1990-1995 Phone : (708) 240-9111 Copyright © 1988-1997 Microsoft Corp. Copyright © 1991-2021 Corel Corporation. All Rights Reserved. Copyright © 1995-2006 Microsoft Corp. Copyright © 1995-2009 Microsoft Corporation Copyright © 1997-2000 by Inner Media, Inc. All Rights Reserved. Copyright © 1997-2013 The PHP Group Copyright © 1997-2022 Simon Tatham. Copyright © 1998 Copyright © 1998-2008 Synthetic Aperture Copyright © 1998-2024 Broadcom. Copyright © 2004 Copyright © 2004 Electronic Arts Inc. 99 additional items are not displayed above.
Legal Trademarks	Active Delivery is a Trademark of Inner Media, Inc. Firefox is a Trademark of The Mozilla Foundation. Freeware Intel Corporation Internet Download Manager Microsoft SQL Server is a registered trademark of Microsoft Corporation. Microsoft® est une marque déposée de Microsoft Corporation. Microsoft® es una marca registrada de Microsoft Corporation. Microsoft® is a registered trademark of Microsoft Corporation. Microsoft® ist eine eingetragene Marke der Microsoft Corporation. Show More Microsoft® è un marchio registrato di Microsoft Corporation. Microsoft® é uma marca registrada da Microsoft Corporation. Microsoft® 是 Microsoft Corporation 的注册商标。 Panasonic PHP Registered trademarks and service marks are the property of their respective owners TeamViewer 刷机大师
Legal Trademarks1	All rights reserved Microsoft® is a registered trademark of Microsoft Corporation.
Legal Trademarks2	All rights reserved Windows® is a registered trademark of Microsoft Corporation.
Official Build	1
Original Filename	7z.exe 7za.exe AcerCCAgent.exe adb.exe AdobeARM.exe Adobe Creative Cloud.exe AdobeGCClientLauncher.exe AgentService.exe AnciaChrome.exe AppIDPolicyConverter.exe Show More ARCGIS.exe armsvc.exe AsusSetup.exe atualiza.exe bcdboot.exe bordbg61.exe BraveUpdate.exe BrowserHost.exe BrStMonW.exe BuringFW.exe CapCut CapCut.exe CCUpdate.exe CDPROC.EXE CLReporter.EXE Creative Cloud UI Helper.exe CRLogTransport .exe Crocclip.exe CxUtilSvc.exe dbInstaller.exe designer.exe DISC.EXE dllhost.exe DPInst.exe Droplet Template DVDSetup.exe dwtrig20.exe dxsetup.exe EEventManager.EXE ejecu.exe elevation_service.exe EPPCCMON.EXE ETDService.exe Everything.exe ExtensionHelperApp.exe extexport.exe FarCry3.exe FastCopy.exe FileSyncHelper.exe FileToEmail.EXE firefox.exe FreeGames.exe FTDIUNIN.EXE GameSDK.exe GoogleUpdate.exe GoogleUpdateSetup.exe GUBootService.exe helper.exe IASMigReader.exe iaStorAfsService.exe IDMan.exe IDRotMon.exe ieinstal.exe ielowutil.exe IEXPLORE.EXE install-filter.exe Installer.exe installmanager.exe IntelCpHeciSvc.exe ISBEW64.exe iTunesHelper.exe iusb3mon.exe jaccesswalker.exe java.exe jconsole.exe jucheck.exe jusched.exe LineUpdater.exe locator.exe LogTransport2.exe MainV.exe mDNSResponder.exe midisrv.exe mm.exe MRTStub.exe msedgeupdate.dll MSHTA.EXE msiexec.exe nba2005.exe NeatDM.exe NvContainer.exe nvnodejslauncher.exe NvOAWrapperCache.exe OfficeSvcMgr.exe OneDrive.App.exe online_wrapper-cab.exe ose.exe perfhost.exe php.exe Plink 54 additional items are not displayed above.
Package Type	update
Platform	NT INTEL X86
Private Build	2, 2, 4, 0 2.1.2.1640 Built by BTSA108 on TK1ESRVBLDA002. Built by BTSA108 on TK1ESRVBLDA123. Criado por BTSA108 em TK1ESRVBLDA060. Generado por BTSA108 en TK1BLD53. TeamViewer Remote Control Application 由 BTSA108 基于 TK1BLD53 构建。
Product Id	piriform-cc
Product Name	7-Zip 32-bit Active Delivery Self Extracting Front End 50x15 Acer Care Center Adobe Acrobat Update Service Adobe Creative Cloud AdobeGCClient Adobe Photoshop CS6 Adobe Reader and Acrobat Manager Adobe Updater Startup Utility Show More Ancia Chrome AnyDesk ARCGIS AsusSetup Atualiza Autodesk Application Manager Barre d'outils MSN® Betriebssystem Microsoft® Windows® Bluetooth Software Bonjour Borland Remote Debugging Server BraveSoftware Update Canon Digital Camera Support Library CapCut CCleaner CCleaner ChangeTLDSchedule CLReporter Color Finesse Creative Cloud UI Helper CRLogTransport Application Crocodile Physics Application DISC Display Rotation Tool Driver Package Installer (DPInst) ELAN Smart-Pad Epson Event Manager Epson Printer Connection Checker Everything Far Cry 3 FastCopy FileToEmail Application Firefox FreeGames FTDI Uninstall Program GameSDK GitHub Desktop Google'i uuendus Google-oppdatering Google atjauninājums Google ažuriranje Google frissítés Google Güncelleme Google Päivitä Google Update Google Updater (x86) Google uppfærsla Google Актуализация Google ажурирање Google تازہ کاری کریں Google अद्यतन Google अपडेट Google আধুনিকীকরণ Google અઘતન Google ଅଦ୍ୟତନ Google புதுப்பி Google నవీకరణ Google ಮಾರ್ಪಡಿಸಿ Google കാലാനുസൃതമാക്കുക Google ዝመና Google“ naujinimas Google 更新 Google 업데이트 GPU Settings DBInstall Application HP Installer Illesztőprogram-csomag telepítője (DPInst) Instalador de pacote de controladores (DPInst) Instalador de Pacote de Driver (DPInst) Instalador de paquetes de controladores (DPInst) Instalator pakietu sterowników (DPInst) Instalační program balíčku s ovladačem (DPInst) Installatieprogramma voor stuurprogrammapakketten (DPInst) Installationsprogram för drivrutinspaket (DPInst) Installationsprogram til Driverpakke (DPInst) Installer InstallShield InstallShield Deinstaller Intel(R) Chipset Device Software Intel(R) Optane(TM) Memory Service Intel(R) Rapid Storage Technology Management Service Intel(R) USB 3.0 Monitor IntelCpHeciSvc Executable Internet Download Manager (IDM) Internet Explorer iTunes Java(TM) 2 Platform Standard Edition 5.0 Update 9 Java(TM) Platform SE 21.0.6 Java Platform SE 8 U241 Java Platform SE Auto Updater Kaspersky Total Security Kemas Kini Google 119 additional items are not displayed above.
Product Short Name	GoogleUpdater Microsoft Edge OneBrowser Installer
Product Version	V7.17L13 M00 V1.00ER002 Release 0.77 OpenSSH_9.5p2 for Windows gcomp_rel 35816461 CS6 2019.4.31.12409535 148.0.7730.0 144.0.7547.0 124.0.5705.89 Show More 123.0.5669.23 115.0.5790.171 92.0.902.55 79.0.4143.22 73.0.3856.382 65.0.3467.78 51.00 49.0.4.0 32.0 27.0.194.0 25.243.1211.0001 23.3.12.0 23.038.0219.0001 21.3.10.391 21.07 21.0.7.0 21.0.6.0 19.5.0.1037 19.00 19.0 18.05 17.6.2 build-24409262 17.0.33529 16.8.3.1003 16.0.19426.20218 16.0.10730.20102 14.36.32532.0 14.28.29325.2 14.0.4755.1000 14.0.4750.1000 14.0.4730.1010 12.13.10.3 12,2,0,21546 11.11.0.0 11.00.26100.7309 11.00.22621.1 11.00.19041.1 11.0.20.1 10.3.0.100 10.1.1.42 10.0.45471.0 10.0.30319.1 10.0.26100.7920 10.0.26100.7309 10.0.26100.4202 10.0.22621.2495 10.0.22621.1 10.0.22000.1 10.0.19041.5915 10.0.19041.4651 10.0.19041.1 10.0.18362.1 10.0.17763.1 10.0.16299.1747 10.0.14393.0 10.0.10240.16384 10.0.2731.23 9.6 9.0.20.9000 9.0.0.1340 9.0.0.31 (BuildVersion: 1.0; BuildDate: BUILDDATETIME) 9.0.0.30 (BuildVersion: 1.0; BuildDate: BUILDDATETIME) 9, 7, 0, 0036 8.17.13.0774 8.6.0.79 BuildVersion: 8.6; BuildDate: Tue Jan 14 2025 10:48:03 8.00.7600.16385 8.0.2410.7 8.0 7.1 7.0 6.9.0.ffab68ba570 6.8.0.821 6.3.9600.16384 6.3.1.0 6.1.7601.24545 6.1.7601.17514 6.1.7600.16385 6.0.6001.18000 6.0.0.1 6.0.0 6, 42, 52, 2 6, 3, 0, 0 5.61.0 5.15.8.0 5.11.0.522 5.4.17 5.1.20513.0 5.0a (Build 402) 5.0.22621.3880 5.0.19041.4651 91 additional items are not displayed above.
Self- Extractor Version	SFXCAB v6.1.6.0
Source Control I D	9189086 9758325 10063667 10260034
Special Build	b/build/99ef318f-4a5e-3f26-1aec-9189e9879a9a b/build/314b5834-765a-886b-253d-a565f08ade0e uthelper utweb
Squirrel Aware Version	1
Support Link	"http://go.microsoft.com/fwlink/?LinkId=33342
U R L	http://www.php.net
Unity Version	2019.4.31f1_bd5abf232a62
Upstream Version	1.3.99.0
Version	27.0.194.0
W D Version	27.0

Digital Signatures

Signer	Root	Status
Adobe Inc.	DigiCert EV Code Signing CA (SHA2)	Hash Mismatch
Adobe Systems Incorporated	DigiCert EV Code Signing CA (SHA2)	Hash Mismatch
Opera Software AS	DigiCert EV Code Signing CA (SHA2)	Hash Mismatch
Brave Software, Inc.	DigiCert SHA2 Assured ID Code Signing CA	Hash Mismatch
philandro Software GmbH	DigiCert SHA2 Assured ID Code Signing CA	Hash Mismatch

Oracle America, Inc.	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
PIRIFORM SOFTWARE LIMITED	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
philandro Software GmbH	DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1	Hash Mismatch
EnigmaSoft Limited	DigiCert Trusted Root G4	Hash Mismatch
philandro Software GmbH	DigiCert Trusted Root G4	Hash Mismatch
Hangzhou Hikvision Digital Tech.Co.,Ltd	GlobalSign	Hash Mismatch
philandro Software GmbH	GlobalSign CodeSigning CA - SHA256 - G2	Hash Mismatch
win.rar GmbH	GlobalSign CodeSigning CA - SHA256 - G3	Hash Mismatch
Microsoft Corporation	Microsoft Code Signing PCA	Hash Mismatch
Microsoft Corporation	Microsoft Code Signing PCA 2010	Hash Mismatch
Microsoft Corporation	Microsoft Code Signing PCA 2011	Hash Mismatch
Oracle America, Inc.	Symantec Class 3 SHA256 Code Signing CA	Hash Mismatch
SecuGen Corporation	Symantec Class 3 SHA256 Code Signing CA	Hash Mismatch
Hewlett-Packard Company	VeriSign Class 3 Code Signing 2004 CA	Hash Mismatch
Symantec Corporation	VeriSign Class 3 Code Signing 2009-2 CA	Hash Mismatch
Environmental Systems Research Institute Inc.	VeriSign Class 3 Code Signing 2010 CA	Hash Mismatch
TeamViewer	VeriSign Class 3 Code Signing 2010 CA	Hash Mismatch
RENAULT SAS	thawte SHA256 Code Signing CA - G2	Hash Mismatch

File Traits

2+ executable sections
Badsig nsis
big overlay
CAB (In Overlay)
CryptUnprotectData
Default Version Info
fptable
GetConsoleWindow
HighEntropy
imgui

Installer Manifest
Installer Version
No CryptProtectData
No Version Info
ntdll
Nullsoft Installer
packed
RAR (In Overlay)
VirtualQueryEx
WinRAR SFX
Wix
WixToolset Installer
WriteProcessMemory
x64
x86

Block Information

Total Blocks:	9,711
Potentially Malicious Blocks:	78
Whitelisted Blocks:	7,077
Unknown Blocks:	2,556

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? 0 ? ? 0 0 ? 0 ? ? ? 0 0 ? ? ? ? ? ? 0 ? 0 ? 0 ? 0 ? ? ? ? ? ? ? 0 ? ? ? ? ? 0 ? ? ? 0 0 ? 0 0 ? ? ? ? 0 ? ? ? ? ? 0 ? 0 0 ? 0 0 0 ? ? ? ? ? ? ? 0 0 ? 0 ? 0 0 ? ? ? ? ? ? 0 0 0 ? ? ? ? 0 ? ? 0 ? ? ? 0 ? 0 0 ? 0 0 ? ? ? ? ? 0 ? ? ? 0 0 ? 0 0 ? ? ? ? ? ? ? ? ? 0 ? ? 0 ? 0 0 ? ? ? ? 0 0 ? ? 0 0 ? ? ? x ? ? ? 0 ? ? 0 0 ? ? 0 ? ? 0 ? 0 ? ? ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? ? ? 0 0 ? ? ? x ? 0 ? ? 0 ? 0 ? ? 0 ? ? ? ? 0 0 x ? 0 ? 0 ? ? ? ? x ? ? ? ? ? ? ? 0 0 0 0 ? 0 0 ? ? ? 0 ? ? 0 ? ? 0 0 0 ? ? 0 0 0 0 0 ? ? ? ? 0 ? ? ? ? ? ? ? 0 0 0 0 0 0 ? ? ? ? 0 ? 0 0 0 ? ? ? ? ? ? 0 ? 0 0 0 ? ? 0 ? ? ? ? 0 ? 0 ? ? ? ? ? ? ? ? ? 0 0 ? ? 0 0 ? ? ? ? ? ? ? ? 0 ? ? 0 0 ? 0 0 0 0 0 0 ? 0 ? ? ? ? 0 0 ? 0 ? ? ? ? ? ? 0 0 ? 0 0 ? ? ? ? ? ? 0 ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 ? ? ? 0 0 0 0 ? ? ? ? ? ? ? ? 0 ? ? 0 ? 0 ? ? 0 0 ? ? 0 ? ? ? ? 0 ? ? ? ? 0 ? ? ? ? 0 ? 0 ? 0 ? 0 ? ? ? ? ? ? ? ? ? 0 ? 0 0 0 0 ? ? 0 0 0 ? ? ? ? ? ? 0 ? ? ? ? 0 0 ? 0 0 0 0 ? ? 0 ? ? ? ? ? 0 0 0 ? ? 0 0 ? ? 0 ? ? 0 0 0 ? ? ? ? ? 0 0 0 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 0 ? ? 0 ? 0 ? ? ? ? 0 ? 0 x 0 0 0 0 ? 0 ? ? ? 0 ? 0 ? ? ? ? 0 ? ? 0 ? ? ? 0 0 0 0 ? 0 0 ? ? 0 0 0 ? ? ? ? ? ? 0 x 0 0 ? 0 0 ? ? ? 0 ? 0 ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 0 ? ? 0 ? 0 0 ? ? ? ? 0 0 0 0 0 ? ? 0 0 0 ? ? 0 0 0 ? ? ? ? ? ? ? ? ? 0 0 ? ? ? ? ? ? ? ? ? 0 0 0 x ? ? ? ? ? ? ? 0 ? ? ? ? 0 0 0 x 0 ? ? ? ? ? ? ? 0 0 ? ? 0 0 ? ? ? 0 0 0 0 ? ? 0 ? ? ? 0 ? ? ? ? 0 0 ? ? ? ? ? ? ? ? ? ? 0 ? 0 ? ? ? ? 0 0 0 x ? ? ? ? ? ? ? 0 ? 0 0 ? 0 ? ? 0 ? ? 0 ? 0 ? 0 ? ? 0 ? 0 ? ? 0 ? ? 0 ? ? 0 ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? 0 ? ? ? ? ? 0 0 ? ? ? 0 ? ? ? 0 0 ? ? 0 ? 0 0 ? ? ? ? ? x x ? x ? 0 ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? 0 ? ? 0 ? ? 0 ? ? ? ? ? 0 ? 0 0 ? 0 0 0 0 0 ? ? ? ? ? ? ? ? ? 0 ? 0 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 0 ? ? 0 ? 0 ? ? 0 ? ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? 0 ? ? ? 0 ? ? 0 ? ? ? 0 ? ? 0 0 ? ? ? ? ? ? 0 ? ? ? 0 ? ? ? ? ? 0 ? ? 0 ? 0 0 0 0 0 0 0 0 ? ? 0 ? 0 0 ? ? ? ? 0 0 0 ? ? ? ? ? ? 0 ? ? 0 ? ? ? 0 ? ? 0 ? ? ? ? ? ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? ? ? 0 0 0 ? ? ? ? 0 0 ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? 0 0 ? 0 0 0 0 0 ? ? ? ? 0 ? ? ? ? 0 0 ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 ? 0 0 ? ? ? ? ? ? ? ? ? x 0 ? ? ? x ? 0 0 0 ? 0 ? ? ? ? 0 0 ? ? ? ? ? ? ? 0 0 0 0 ? ? ? ? 0 ? ? 0 0 0 x ? x x 0 ? ? ? ? ? ? ? ? ? 0 0 ? 0 0 ? ? ? 0 0 ? 0 0 ? ? ? 0 0 x 0 ? ? ? ? ? ? ? ? ? ? ? 0 0 ? 0 ? 0 0 ? 0 ? ? ? ? ? ? ? 0 0 0 0 0 0 ? 0 0 ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? 0 0 ? 0 ? 0 ? 0 ? ? ? 0 ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 ? ? ? ? ? 0 ? ? ? ? ? ? ? ? 0 ? 0 0 ? ? ? ? ? ? ? ? ? 0 0 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 ? ? ? 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? 0 0 0 ? 0 0 0 ? ? 0 ? 0 x 0 ? ? 0 0 0 0 0 ? 0 0 0 0 ? ? ? 0 0 ? ? 0 0 ? ? 0 0 ? 0 0 0 0 ? 0 ? ? 0 ? 0 ? 0 ? 0 ? 0 ? 0 ? ? 0 ? ? ? 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 ? ? 0 0 ? 0 ? ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? 0 0 ? 0 ? 0 0 0 0 ? 0 0 ? 0 ? 0 0 0 0 0 0 0 0 0 0 ? 0 ? 0 0 0 ? ? ? 0 ? ? 0 0 0 0 0 0 0 ? 0 0 0 0 0 ? 0 0 0 0 0 0 ? ? ? ? ? 0 0 ? ? ? ? 0 0 0 0 ? 0 ? 0 ? 0 0 0 0 0 0 0 ? 0 x 0 0 ? ? ? ? ? ? ? 0 0 0 ? ? 0 ? ? 0 ? ? ? ? ? ? ? ? 0 0 ? ? 0 0 ? ? ? 0 ? ? ? ? 0 ? 0 ? 0 ? 0 ? ? ? 0 ? ? ? 0 ? ? 0 0 ? ? 0 ? 0 ? ? ? ? ? ? 0 0 ? ? ? ? ? 0 ? ? 0 ? 0 0 0 0 0 ? ? ? 0 ? ? ? ? ? 0 ? 0 ? 0 0 ? 0 ? ? ? 0 0 0 0 ? 0 ? 0 ? 0 ? 0 ? ? 0 0 0 0 ? ? ? ? ? ? 0 0 0 ? ? 0 ? 0 ? 0 0 ? ? 0 ? ? ? ? ? ? 0 ? 0 0 ? 0 ? 0 ? ? ? ? 0 ? 0 0 ? ? ? 0 0 ? ? 0 ? ? 0 ? 0 ? ? 0 0 ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 ? ? 0 ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 0 ? ? ? 0 ? ? ? 0 ? ? 0 0 ? ? 0 0 ? ? 0 ? 0 0 ? ? ? ? 0 ? ? 0 ? ? ? 0 0 ? ? 0 ? ? ? ? 0 ? ? 0 0 0 ? ? 0 0 0 ? ? ? 0 ? ? ? ? ? ? 0 ? ? 0 ? 0 ? ? 0 ? 0 ? ? ? 0 ? ? 0 ? 0 0 0 ? 0 0 0 ? ? 0 0 0 x ? 0 0 ? 0 ? ? 0 0 ? ? 0 ? ? ? 0 ? 0 0 0 ? 0 ? ? ? 0 ? ? ? ? ? ? 0 ? 0 ? ? ? 0 0 0 ? ? 0 ? ? ? 0 0 ? 0 ? ? ? ? 0 0 0 ? 0 0 x 0 0 ? ? ? ? 0 ? ? 0 0 ? ? ? 0 ? 0 ? ? ? ? 0 ? ? 0 0 ? 0 0 ? 0 0 0 0 0 ? 0 0 0 0 0 0 ? 0 0 ? ? ? 0 0 0 0 ? ? ? ? ? ? ? ? ? 0 0 ? ? 0 0 ? ? 0 0 ? ? 0 ? ? 0 ? 0 ? 0 0 ? ? 0 ? 0 0 ? ? 0 ? ? 0 ? ? ? 0 0 0 ? ? ? 0 0 ? 0 ? ? 0 ? ? 0 0 0 ? ? ? ? 0 0 0 0 0 0 ? ? ? ? 0 0 0 0 0 0 0 ? 0 0 0 0

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

1stBrowser.A
Agent.AG
Agent.DFGH
Agent.DSGA
Agent.ETA

Agent.FDJ
Agent.GDFA
Agent.KKB
Agent.LDE
Agent.LR
Agent.OFHA
Alma.A
BadJoke.AI
BadJoke.LO
BadJoke.XA
Banker.TK
Brute.BJ
Brute.LBB
Cain.C
Chapak.DA
Chapak.HBV
Coiner.B
Coinminer.GCLA
Coinminer.GII
Convagent.I
DarkGate.B
Davs.A
Dorkbot.VB
Downloader.Agent.EG
Downloader.FDB
Draobo.A
Dzan.A
Elex.DBA
Expiro.DA
Expiro.IE
Expiro.KA
Expiro.L
Expiro.LB
Expiro.MB
Expiro.P
Farfli.AG
Farfli.AV
Farfli.LE
Farfli.NB
Farfli.TB
Farfli.TBA
Filecoder.VBC
Floxif.G
Gamehack.AFB
GandCrab.BM
Goldrv.A
Gulpix.F
HackKMS.O
Injector.DFF
Injector.DGB
Injector.FCG
Injector.GPB
Injector.JSA
Injector.KI
Injector.KPA
Injector.KZK
Injector.XH
Injector.XI
Juched.B
KillMBR.XB
KillMBR.XE
Kraddare.KB
Kraddare.SA
Kryptik.CBS
Kryptik.DEH
Kryptik.HJDB
Kryptik.LFB
Kryptik.RAR
Kryptik.RAU
Kryptik.RJ
Kryptik.RT
KuwanBar.B
Loader.DE
Lumma.DA
Marte.W
Marte.Z
OpenSUpdater.L
PopAd.B
PornTool.B
QQPass.W
Redline.FAD
Redline.FAG
Redline.FG
Rozena.AX
Rozena.H
Rugmi.PA
STOP.GC
SecurityXploded.A
ShellcodeRunner.FN
Stealer.BPE
Stealer.BRGA
Stealer.GFA
Stealer.KF
Trickbot.BH
Trickbot.MA

7 additional families are not displayed above.

Files Modified

File	Attributes
\device\namedpipe\32b6b37a-4a7d-4e00-95f2-6f0bf3de3e001290184913thsnyavieboda	Generic Write,Read Attributes
\device\namedpipe\adprinterpipe	Generic Read,Write Data,Write Attributes,Write extended,Append data
\device\namedpipe\crashpad_1224_umewsixddmoizasi	Generic Read,Write Data,Write Attributes,Write extended,Append data
\device\namedpipe\crashpad_1224_umewsixddmoizasi	Generic Read,Write Data,Write Attributes,Write extended,Append data,LEFT 524288
\device\namedpipe\crashpad_5004_rzmlpxitjzmbsjch	Generic Read,Write Data,Write Attributes,Write extended,Append data
\device\namedpipe\crashpad_5004_rzmlpxitjzmbsjch	Generic Read,Write Data,Write Attributes,Write extended,Append data,LEFT 524288
\device\namedpipe\gmdasllogger	Generic Write,Read Attributes
\device\namedpipe\srvsvc	Generic Read,Write Data,Write Attributes,Write extended,Append data
\device\namedpipe\wkssvc	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\dbeb0860bff2ab9b085ca847\$shtdwn$.req	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete

c:\dbeb0860bff2ab9b085ca847\sp2qfe\msi.dll	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msiexec.exe	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msihnd.dll	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.ar-sa.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.bg-bg.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.ca-es.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.cs-cz.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.da-dk.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.de-de.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.el-gr.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.en-us.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.es-es.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.et-ee.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.eu-es.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.fi-fi.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.fr-fr.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.he-il.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.hr-hr.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.hu-hu.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.it-it.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.ja-jp.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.ko-kr.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.lt-lt.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.lv-lv.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.nb-no.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.nl-nl.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.pl-pl.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.pt-br.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.pt-pt.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.ro-ro.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.ru-ru.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.sk-sk.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.sl-si.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.sr-latn-cs.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.sv-se.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.th-th.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.tr-tr.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.uk-ua.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.vi-vn.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.zh-cn.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msimsg.dll.zh-tw.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\msisip.dll	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsi.dll	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsiexec.exe	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsihnd.dll	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.ar-sa.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.bg-bg.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.ca-es.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.cs-cz.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.da-dk.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.de-de.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.el-gr.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.en-us.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.es-es.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.et-ee.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.eu-es.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.fi-fi.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.fr-fr.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.he-il.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.hr-hr.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.hu-hu.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.it-it.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.ja-jp.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.ko-kr.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.lt-lt.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.lv-lv.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.nb-no.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.nl-nl.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.pl-pl.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.pt-br.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.pt-pt.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.ro-ro.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.ru-ru.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.sk-sk.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.sl-si.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.sr-latn-cs.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.sv-se.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.th-th.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.tr-tr.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.uk-ua.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.vi-vn.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.zh-cn.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsimsg.dll.zh-tw.mui	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\sp2qfe\wow\wmsisip.dll	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\spmsg.dll	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\spuninst.exe	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\update\branches.inf	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\update\eula.txt	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\update\kb942288-v3.cat	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\update\kb942288-v4.cat	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\update\spcustom.dll	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\update\update.exe	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\update\update.ver	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\update\update_sp2qfe.inf	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\update\updatebr.inf	Generic Write,Read Attributes
c:\dbeb0860bff2ab9b085ca847\update\updspapi.dll	Generic Write,Read Attributes
c:\program files\common files\system\symsrv.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\adobe\aamupdater\1.0\aamul.log	Generic Write,Read Attributes
c:\users\user\appdata\local\adobe\aamupdater\1.0\adobeupdaterprefs.dat	Generic Write,Read Attributes
c:\users\user\appdata\local\epic games\epic online services\bootstrapper\logs\eosbootstrapper.log	Generic Write,Read Attributes
c:\users\user\appdata\local\google\googleupdater\updater.log	Read Attributes,Synchronize,Append data
c:\users\user\appdata\local\google\googleupdater\updater_history.jsonl	Read Attributes,Synchronize,Append data
c:\users\user\appdata\local\microsoft\windows\explorer\iconcache_16.db	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\microsoft\windows\explorer\iconcache_idx.db	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\microsoft\windows\usrclass.dat{dba6b5ef-640a-11ed-9bcb-f677369d361c}.txr.0.regtrans-ms	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\microsoft\windows\usrclass.dat{dba6b5ef-640a-11ed-9bcb-f677369d361c}.txr.1.regtrans-ms	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\microsoft\windows\usrclass.dat{dba6b5ef-640a-11ed-9bcb-f677369d361c}.txr.2.regtrans-ms	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\nvidia corporation\nvnode\launcher.log	Read Attributes,Synchronize,Append data
c:\users\user\appdata\local\temp\000145fd_rar\0e096ce451180a7319a61601c21cd34dca0fac47_0002294733	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\000145fd_rar\0e096ce451180a7319a61601c21cd34dca0fac47_0002294733	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\users\user\appdata\local\temp\0001461c_rar\0e096ce451180a7319a61601c21cd34dca0fac47_0002294733	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\0001461c_rar\0e096ce451180a7319a61601c21cd34dca0fac47_0002294733	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\users\user\appdata\local\temp\3582-490\0e096ce451180a7319a61601c21cd34dca0fac47_0002294733	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a1d76ff97175bf79025ab7aa1ddf0a2a.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\adobearm.log	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\armui.ini	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\bassmod.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\cgslauncher.log	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\dup2patcher.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\fdvyng.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\fdvyng.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\fdvyng.exe	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\gcapi.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\gx_assistant_installer_20251208181051.log	Read Attributes,Synchronize,Append data
c:\users\user\appdata\local\temp\jds3038328.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\jds3038328.tmp\bd1ec8fe0e222083e8c921e063a64883ac3d0f33_0002066976	Synchronize,Write Data
c:\users\user\appdata\local\temp\jds3038328.tmp\jds3038328.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\jusched.log	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\pccustubinstaller\a68d9b3525b6c17f4117bcd80f77e46ef313cf5c_0000708536	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\users\user\appdata\local\temp\rcx64de.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\setup_20250807051023_failed.txt	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\setup_20251103094410_failed.txt	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\setupexe(20260401040910ee4).log	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\vsda135.tmp\install.log	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\winswmmtc.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\winswmmtc.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\winswmmtc.exe	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\winvhwcs.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\winvhwcs.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\winvhwcs.exe	Synchronize,Write Attributes
c:\users\user\appdata\local\temp\zgokr00.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\zgokr00.exe	Synchronize,Write Data
c:\users\user\appdata\locallow\oracle\java\java_install_flag	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete
c:\users\user\appdata\roaming\anydesk\ad.trace	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\service.conf	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\service.conf	Read Attributes,Synchronize,Read Control,Read extended,Write Data,Delete
c:\users\user\appdata\roaming\anydesk\service.conf	Read Attributes,Synchronize,Read Control,Read extended,Write Data,Delete,LEFT 16777216
c:\users\user\appdata\roaming\anydesk\service.conf	Synchronize,Write Data
c:\users\user\appdata\roaming\anydesk\service.conf1074-14a4-4824914e869505fe-f8f2092fed538118.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\service.conf1074-14a4-4824914e869505fe-f8f2092fed538118.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\service.conf1074-14a4-6a7e03c29b811141-91c3eb00f8c219a5.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\service.conf1074-14a4-6a7e03c29b811141-91c3eb00f8c219a5.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\service.conf~rfc4e73.tmp	Generic Write,Read Attributes,Delete
c:\users\user\appdata\roaming\anydesk\service.conf~rfc4e73.tmp	Synchronize,Write Data
c:\users\user\appdata\roaming\anydesk\service.conf~rfc4e83.tmp	Generic Write,Read Attributes,Delete
c:\users\user\appdata\roaming\anydesk\service.conf~rfc4e83.tmp	Synchronize,Write Data
c:\users\user\appdata\roaming\anydesk\system.conf	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf	Read Attributes,Synchronize,Read Control,Read extended,Write Data,Delete
c:\users\user\appdata\roaming\anydesk\system.conf	Read Attributes,Synchronize,Read Control,Read extended,Write Data,Delete,LEFT 16777216
c:\users\user\appdata\roaming\anydesk\system.conf	Synchronize,Write Data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-28857e00a2615345-cfd1f4ddccf3df5a.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-28857e00a2615345-cfd1f4ddccf3df5a.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-33b1cf7eb88a8a15-8172adef28f42d54.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-33b1cf7eb88a8a15-8172adef28f42d54.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-7cc006d6bd5721c2-7c52458e9590fdd5.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-7cc006d6bd5721c2-7c52458e9590fdd5.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-8104c5f7d7fc0eaf-6b48b9051cee06b6.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-8104c5f7d7fc0eaf-6b48b9051cee06b6.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-8669717ba8a55012-eed4208cb79013f8.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-8669717ba8a55012-eed4208cb79013f8.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-88c7255ffabe673d-a33178a00d2fcb15.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-88c7255ffabe673d-a33178a00d2fcb15.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-9e3c065a0b25c485-6912954ece24efba.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-9e3c065a0b25c485-6912954ece24efba.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-a375d1796b61c556-5ab27e7506fb92ff.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-a375d1796b61c556-5ab27e7506fb92ff.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-a52b45daecc5d14c-5ca3bf4727a829dd.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-a52b45daecc5d14c-5ca3bf4727a829dd.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-afa0e6cfa63f85c3-4bbdc72b72751fe4.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-afa0e6cfa63f85c3-4bbdc72b72751fe4.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-b5efc3bec00f9dc7-2e78cfaab4e5b0e9.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-b5efc3bec00f9dc7-2e78cfaab4e5b0e9.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-b768c1846f0fbeff-404dc3b130553775.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-b768c1846f0fbeff-404dc3b130553775.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-e44a281e6e9c4f6f-d5cbeb521960f93b.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-e44a281e6e9c4f6f-d5cbeb521960f93b.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-e5d6a97a7a87a882-c0298e0774ac219d.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\anydesk\system.conf1074-14a4-e5d6a97a7a87a882-c0298e0774ac219d.temp	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786432

180 additional files are not displayed above.

Registry Modifications

Key::Value	Data	API Name
HKLM\software\wow6432node\valve\steam::steampid	ᙄ	RegNtPreCreateKey
HKLM\software\wow6432node\valve\steam::tempappcmdline		RegNtPreCreateKey
HKLM\software\wow6432node\valve\steam::relaunchcmdline		RegNtPreCreateKey
HKLM\software\wow6432node\valve\steam::clientlaunchertype		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list::c:\users\user\downloads\bab4b6b8407339614b68e25215895b46d3a4e6d6_0000768000	c:\users\user\downloads\bab4b6b8407339614b68e25215895b46d3a4e6d6_0000768000:*:enabled:@shell32.dll,-1	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows nt\currentversion\windows::appinit_dlls	C:\PROGRA~1\COMMON~1\System\symsrv.dll	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows nt\currentversion\windows::loadappinit_dlls		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows nt\currentversion\windows::requiresignedappinit_dlls		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer\advanced::hidden		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusoverride		RegNtPreCreateKey

HKLM\software\wow6432node\microsoft\security center::antivirusdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalldisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalloverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::updatesdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::uacdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusoverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalldisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalloverride		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::updatesdisablenotify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::uacdisablenotify		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings::globaluseroffline		RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\policies\system::enablelua		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::enablefirewall		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::donotallowexceptions		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::disablenotifications		RegNtPreCreateKey
HKCU\software\jguh::u1_0	啕啕	RegNtPreCreateKey
HKCU\software\jguh::u2_0	ᖍ	RegNtPreCreateKey
HKCU\software\jguh::u3_0	権ă	RegNtPreCreateKey
HKCU\software\jguh::u4_0		RegNtPreCreateKey
HKCU\software\jguh::u1_1	䴜㱃	RegNtPreCreateKey
HKCU\software\jguh::u2_1	書牥	RegNtPreCreateKey
HKCU\software\jguh::u3_1	ᥜ獦	RegNtPreCreateKey
HKCU\software\jguh::u4_1	獵牥	RegNtPreCreateKey
HKCU\software\jguh::u1_2	ꋏꁼ	RegNtPreCreateKey
HKCU\software\jguh::u2_2		RegNtPreCreateKey
HKCU\software\jguh::u3_2	賃	RegNtPreCreateKey
HKCU\software\jguh::u4_2		RegNtPreCreateKey
HKCU\software\jguh::u1_3	婯䁹	RegNtPreCreateKey
HKCU\software\jguh::u2_3	俒地	RegNtPreCreateKey
HKCU\software\jguh::u3_3	ぶ嘳	RegNtPreCreateKey
HKCU\software\jguh::u4_3	婟地	RegNtPreCreateKey
HKCU\software\jguh::u1_4	鼭ⷤ	RegNtPreCreateKey
HKCU\software\jguh::u2_4		RegNtPreCreateKey
HKCU\software\jguh::u3_4	ꟽ좖	RegNtPreCreateKey
HKCU\software\jguh::u4_4	췔즕	RegNtPreCreateKey
HKCU\software\jguh::u1_5	綁ׂ	RegNtPreCreateKey
HKCU\software\jguh::u2_5	哄㯻	RegNtPreCreateKey
HKCU\software\jguh::u3_5	⭠㫸	RegNtPreCreateKey
HKCU\software\jguh::u4_5	䅉㯻	RegNtPreCreateKey
HKCU\software\jguh::u1_6	ⷨ𢡄	RegNtPreCreateKey
HKCU\software\jguh::u2_6	ꄳ깠	RegNtPreCreateKey
HKCU\software\jguh::u3_6		RegNtPreCreateKey
HKCU\software\jguh::u4_6	뒾깠	RegNtPreCreateKey
HKCU\software\jguh::u1_7	穠峕	RegNtPreCreateKey
HKCU\software\jguh::u2_7	㶾⃆	RegNtPreCreateKey
HKCU\software\jguh::u3_7	䈚⇅	RegNtPreCreateKey
HKCU\software\jguh::u4_7	⠳⃆	RegNtPreCreateKey
HKCU\software\jguh::u1_8	騍橎	RegNtPreCreateKey
HKCU\software\jguh::u2_8	踥錫	RegNtPreCreateKey
HKCU\software\jguh::u3_8	鈨	RegNtPreCreateKey
HKCU\software\jguh::u4_8	鮨錫	RegNtPreCreateKey
HKCU\software\jguh::u1_9	驄깽	RegNtPreCreateKey
HKCU\software\jguh::u2_9	᪐֑	RegNtPreCreateKey
HKCU\software\jguh::u3_9	攴Ғ	RegNtPreCreateKey
HKCU\software\jguh::u4_9	༝֑	RegNtPreCreateKey
HKCU\software\jguh::u1_10	옯쟌	RegNtPreCreateKey
HKCU\software\jguh::u2_10	鷺矶	RegNtPreCreateKey
HKCU\software\jguh::u3_10	盵	RegNtPreCreateKey
HKCU\software\jguh::u4_10	芒矶	RegNtPreCreateKey
HKCU\software\jguh::u1_11	䡖騅	RegNtPreCreateKey
HKCU\software\jguh::u2_11		RegNtPreCreateKey
HKCU\software\jguh::u3_11	鰮	RegNtPreCreateKey
HKCU\software\jguh::u4_11		RegNtPreCreateKey
HKCU\software\jguh::u1_12	ጱ	RegNtPreCreateKey
HKCU\software\jguh::u2_12	稠峁	RegNtPreCreateKey
HKCU\software\jguh::u3_12	͕巂	RegNtPreCreateKey
HKCU\software\jguh::u4_12	楼峁	RegNtPreCreateKey
HKCU\software\jguh::u1_13	摂	RegNtPreCreateKey
HKCU\software\jguh::u2_13	왕켦	RegNtPreCreateKey
HKCU\software\jguh::u3_13	뛘츥	RegNtPreCreateKey
HKCU\software\jguh::u4_13		RegNtPreCreateKey
HKCU\software\jguh::u1_14	ᚿ쳲	RegNtPreCreateKey
HKCU\software\jguh::u2_14	䖘䆌	RegNtPreCreateKey
HKCU\software\jguh::u3_14	㩏䂏	RegNtPreCreateKey
HKCU\software\jguh::u4_14	偦䆌	RegNtPreCreateKey
HKCU\software\jguh\1214104697::1919251317		RegNtPreCreateKey
HKCU\software\jguh\1214104697::-456464662		RegNtPreCreateKey
HKCU\software\jguh\1214104697::1462786655		RegNtPreCreateKey
HKCU\software\jguh\1214104697::-912929324		RegNtPreCreateKey
HKCU\software\jguh\1214104697::1006321993	K	RegNtPreCreateKey
HKCU\software\jguh\1214104697::-1369393986	http://padrup.com/sobaka1.gifhttp://190.120.227.91:8080/sobak	RegNtPreCreateKey
HKCU\software\jguh\1214104697::549857331		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect		RegNtPreCreateKey
HKLM\software\classes\exefile\shell\open\command::	C:\WINDOWS\svchost.com "%1" %*	RegNtPreCreateKey
HKLM\software\microsoft\systemcertificates\authroot\certificates\4eb6d578499b1ccf5f581ead56be3d9b6744a5e5::blob	់㇤㹧ৢ䗾鍗૳ᳺứ霞輫穆轙⊩㢅즔Sc愰ℰଆ虠ňŅᜇ〆〒ؐ⬊ĆĄ㞂ļ́ダ؟怉䢆蘁泽ĂሰူਆثЁ舁㰷āȃ쀀ᬰԆ腧Č〃〒ؐ⬊ĆĄ㞂ļ́翀Ā⨀　ب⬈Ćԅ̇؂⬈Ćԅ̇؃⬈Ćԅ̇؄⬈Ćԅ̇ँĀ⨀　ب⬈Ćԅ̇؂⬈Ćԅ	RegNtPreCreateKey
HKLM\software\microsoft\systemcertificates\authroot\certificates\4eb6d578499b1ccf5f581ead56be3d9b6744a5e5::blob		RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list::c:\users\user\downloads\ed8591cad33ef2f405e9d1b6333b8ffd1ef51009_0000543744	c:\users\user\downloads\ed8591cad33ef2f405e9d1b6333b8ffd1ef51009_0000543744:*:enabled:@shell32.dll,-1	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer\userassist\{cebff5cd-ace2-4f4f-9178-9926f41749ea}\count::zvpebfbsg.jvaqbjf.rkcybere		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer\userassist\{cebff5cd-ace2-4f4f-9178-9926f41749ea}\count::hrzr_pgyfrffvba	Ǯڢ뢮दMicrosoft.XboxGamingOverlay_8wekyb3d8bbwe!App	RegNtPreCreateKey
HKCU\software\jguh::u1_0	䱞Ꮞ	RegNtPreCreateKey
HKCU\software\jguh::u2_0	ׁ	RegNtPreCreateKey
HKCU\software\jguh::u1_1	㼪륔	RegNtPreCreateKey
HKCU\software\jguh::u2_1	戭牥	RegNtPreCreateKey
HKCU\software\jguh::u1_2	鳔霅	RegNtPreCreateKey
HKCU\software\jguh::u2_2		RegNtPreCreateKey
HKCU\software\jguh::u1_3	ᨊ섰	RegNtPreCreateKey
HKCU\software\jguh::u2_3	䯕地	RegNtPreCreateKey
HKCU\software\jguh::u1_4	涮㴨	RegNtPreCreateKey
HKCU\software\jguh::u2_4	튴즕	RegNtPreCreateKey
HKCU\software\jguh::u1_5	빒㗵	RegNtPreCreateKey
HKCU\software\jguh::u2_5	埖㯻	RegNtPreCreateKey
HKCU\software\jguh::u1_6		RegNtPreCreateKey
HKCU\software\jguh::u2_6	ꗃ깠	RegNtPreCreateKey
HKCU\software\jguh::u1_7	擧⪈	RegNtPreCreateKey
HKCU\software\jguh::u2_7	ぇ⃆	RegNtPreCreateKey
HKCU\software\jguh::u1_8	㓭	RegNtPreCreateKey
HKCU\software\jguh::u2_8	蔒錫	RegNtPreCreateKey
HKCU\software\jguh::u1_9	ឡ⻑	RegNtPreCreateKey
HKCU\software\jguh::u2_9	ᖞ֑	RegNtPreCreateKey
HKCU\software\jguh::u1_10	㯿ꂡ	RegNtPreCreateKey
HKCU\software\jguh::u2_10	飂矶	RegNtPreCreateKey
HKCU\software\jguh::u1_11	㶽ࡷ	RegNtPreCreateKey
HKCU\software\jguh::u2_11		RegNtPreCreateKey
HKCU\software\jguh::u1_12	ᄡ뎈	RegNtPreCreateKey
HKCU\software\jguh::u2_12	紦峁	RegNtPreCreateKey
HKCU\software\jguh::u1_13	漹ୃ	RegNtPreCreateKey
HKCU\software\jguh::u2_13	쏼켦	RegNtPreCreateKey
HKCU\software\jguh::u1_14	盘ሳ	RegNtPreCreateKey
HKCU\software\jguh::u2_14	䯱䆌	RegNtPreCreateKey
HKCU\software\jguh::u1_15	gؿI	RegNtPreCreateKey
HKCU\software\jguh::u2_15	퍟돱	RegNtPreCreateKey
HKCU\software\jguh::u3_15	꧲닲	RegNtPreCreateKey
HKCU\software\jguh::u4_15	쏛돱	RegNtPreCreateKey
HKCU\software\jguh::u1_16	ᴉ颯	RegNtPreCreateKey
HKCU\software\jguh::u2_16	⇭♗	RegNtPreCreateKey
HKCU\software\jguh::u3_16	嵹❔	RegNtPreCreateKey
HKCU\software\jguh::u4_16	㝐♗	RegNtPreCreateKey
HKCU\software\jguh::u1_17	掵컇	RegNtPreCreateKey
HKCU\software\jguh::u2_17	뻭颼	RegNtPreCreateKey
HKCU\software\jguh::u3_17	샬馿	RegNtPreCreateKey
HKCU\software\jguh::u4_17	꫅颼	RegNtPreCreateKey
HKCU\software\jguh::u1_18	贡玚	RegNtPreCreateKey
HKCU\software\jguh::u2_18	ݲଢ	RegNtPreCreateKey
HKCU\software\jguh::u3_18	琓ਡ	RegNtPreCreateKey
HKCU\software\jguh::u4_18	Ḻଢ	RegNtPreCreateKey
HKCU\software\jguh::u1_19	烷ཥ	RegNtPreCreateKey
HKCU\software\jguh::u2_19	貏綇	RegNtPreCreateKey
HKCU\software\jguh::u3_19	ﮆ粄	RegNtPreCreateKey
HKCU\software\jguh::u4_19	醯綇	RegNtPreCreateKey
HKCU\software\jguh::u1_20	뛾	RegNtPreCreateKey
HKCU\software\jguh::u2_20	Ṇ	RegNtPreCreateKey
HKCU\software\jguh::u3_20	漍	RegNtPreCreateKey
HKCU\software\jguh::u4_20	Ԥ	RegNtPreCreateKey
HKCU\software\jguh::u1_21	댧	RegNtPreCreateKey
HKCU\software\jguh::u2_21	懽扒	RegNtPreCreateKey
HKCU\software\jguh::u3_21	ኰ捑	RegNtPreCreateKey
HKCU\software\jguh::u4_21	碙扒	RegNtPreCreateKey
HKCU\software\jguh::u1_22	ꚰ횏	RegNtPreCreateKey
HKCU\software\jguh::u2_22	풷	RegNtPreCreateKey
HKCU\software\jguh::u3_22	蘧햴	RegNtPreCreateKey
HKCU\software\jguh::u4_22	풷	RegNtPreCreateKey
HKCU\software\jguh::u1_23		RegNtPreCreateKey
HKCU\software\jguh::u2_23	䤿䜝	RegNtPreCreateKey
HKCU\software\jguh::u3_23	㖪䘞	RegNtPreCreateKey
HKCU\software\jguh::u4_23	徃䜝	RegNtPreCreateKey
HKCU\software\jguh::u1_24	᢯赌	RegNtPreCreateKey
HKCU\software\jguh::u2_24	욜릂	RegNtPreCreateKey
HKCU\software\jguh::u3_24	룑뢁	RegNtPreCreateKey
HKCU\software\jguh::u4_24	틸릂	RegNtPreCreateKey
HKCU\software\jguh::u1_25	昹硵	RegNtPreCreateKey
HKCU\software\jguh::u2_25	䯛⯨	RegNtPreCreateKey
HKCU\software\jguh::u3_25	ⱄ⫫	RegNtPreCreateKey
HKCU\software\jguh::u4_25	䙭⯨	RegNtPreCreateKey
HKCU\software\jguh::u1_26	䴫勹	RegNtPreCreateKey
HKCU\software\jguh::u2_26	굸鹍	RegNtPreCreateKey
HKCU\software\jguh::u3_26	폋齎	RegNtPreCreateKey
HKCU\software\jguh::u4_26	맢鹍	RegNtPreCreateKey
HKCU\software\jguh::u1_27	䔁웾	RegNtPreCreateKey
HKCU\software\jguh::u2_27	㭼Ⴓ	RegNtPreCreateKey
HKCU\software\jguh::u3_27	䝾ᆰ	RegNtPreCreateKey
HKCU\software\jguh::u4_27	ⵗႳ	RegNtPreCreateKey
HKCU\software\jguh::u1_28		RegNtPreCreateKey
HKCU\software\jguh::u2_28	놔茘	RegNtPreCreateKey
HKCU\software\jguh::u3_28	쫥舛	RegNtPreCreateKey
HKCU\software\jguh::u4_28	ꃌ茘	RegNtPreCreateKey
HKCU\software\jguh::u1_29		RegNtPreCreateKey
HKCU\software\jguh::u2_29	മ	RegNtPreCreateKey
HKCU\software\jguh::u3_29	繨	RegNtPreCreateKey
HKCU\software\jguh::u4_29	ᑁ	RegNtPreCreateKey
HKCU\software\jguh::u1_30	훻栂	RegNtPreCreateKey
HKCU\software\jguh::u2_30	鈛柣	RegNtPreCreateKey
HKCU\software\jguh::u3_30	曠	RegNtPreCreateKey
HKCU\software\jguh::u4_30	螶柣	RegNtPreCreateKey
HKCU\software\jguh::u1_31	ӵ嘍	RegNtPreCreateKey
HKCU\software\jguh::u2_31		RegNtPreCreateKey
HKCU\software\jguh::u3_31		RegNtPreCreateKey

1005 additional registry modifications are not displayed above.

Windows API Usage

Category	API
Syscall Use	ntdll.dll!NtAccessCheck ntdll.dll!NtAccessCheckByType ntdll.dll!NtAddAtomEx ntdll.dll!NtAlertThreadByThreadId ntdll.dll!NtAllocateUuids ntdll.dll!NtAlpcAcceptConnectPort ntdll.dll!NtAlpcConnectPort ntdll.dll!NtAlpcConnectPortEx ntdll.dll!NtAlpcCreatePort ntdll.dll!NtAlpcQueryInformation Show More ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtAlpcSetInformation ntdll.dll!NtApphelpCacheControl ntdll.dll!NtAssociateWaitCompletionPacket ntdll.dll!NtClearEvent ntdll.dll!NtClose ntdll.dll!NtConnectPort ntdll.dll!NtCreateEvent ntdll.dll!NtCreateFile ntdll.dll!NtCreateIoCompletion ntdll.dll!NtCreateKey ntdll.dll!NtCreateMutant ntdll.dll!NtCreateSection ntdll.dll!NtCreateSemaphore ntdll.dll!NtCreateThreadEx ntdll.dll!NtCreateTimer ntdll.dll!NtCreateTimer2 ntdll.dll!NtCreateWaitCompletionPacket ntdll.dll!NtCreateWorkerFactory ntdll.dll!NtDelayExecution ntdll.dll!NtDeleteValueKey ntdll.dll!NtDeviceIoControlFile ntdll.dll!NtDuplicateObject ntdll.dll!NtDuplicateToken ntdll.dll!NtEnumerateKey ntdll.dll!NtEnumerateValueKey ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtImpersonateAnonymousToken ntdll.dll!NtMapViewOfSection ntdll.dll!NtNotifyChangeKey ntdll.dll!NtOpenDirectoryObject ntdll.dll!NtOpenEvent ntdll.dll!NtOpenFile ntdll.dll!NtOpenKey ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenMutant ntdll.dll!NtOpenProcess ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenProcessTokenEx ntdll.dll!NtOpenSection ntdll.dll!NtOpenSemaphore ntdll.dll!NtOpenSymbolicLinkObject ntdll.dll!NtOpenThreadToken ntdll.dll!NtOpenThreadTokenEx ntdll.dll!NtPowerInformation ntdll.dll!NtProtectVirtualMemory ntdll.dll!NtQueryAttributesFile ntdll.dll!NtQueryDirectoryFile ntdll.dll!NtQueryDirectoryFileEx ntdll.dll!NtQueryInformationFile ntdll.dll!NtQueryInformationJobObject ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationThread ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQueryLicenseValue ntdll.dll!NtQueryPerformanceCounter ntdll.dll!NtQuerySecurityAttributesToken ntdll.dll!NtQuerySecurityObject ntdll.dll!NtQuerySymbolicLinkObject ntdll.dll!NtQuerySystemInformation ntdll.dll!NtQuerySystemInformationEx ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtQueryVolumeInformationFile ntdll.dll!NtQueryWnfStateData ntdll.dll!NtQueryWnfStateNameInformation ntdll.dll!NtReadFile ntdll.dll!NtReadRequestData ntdll.dll!NtReadVirtualMemory ntdll.dll!NtReleaseMutant ntdll.dll!NtReleaseSemaphore ntdll.dll!NtReleaseWorkerFactoryWorker ntdll.dll!NtRequestWaitReplyPort ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationKey ntdll.dll!NtSetInformationProcess ntdll.dll!NtSetInformationThread ntdll.dll!NtSetInformationVirtualMemory ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtSetSecurityObject ntdll.dll!NtSetSystemInformation ntdll.dll!NtSetTimer2 ntdll.dll!NtSetTimerEx ntdll.dll!NtSetValueKey ntdll.dll!NtShutdownWorkerFactory ntdll.dll!NtSubscribeWnfStateChange ntdll.dll!NtTerminateProcess ntdll.dll!NtTestAlert ntdll.dll!NtTraceControl 41 additional items are not displayed above.
Anti Debug	IsDebuggerPresent NtQuerySystemInformation OutputDebugString
Network Winsock2	WSASocket WSAStartup
Network Winsock	bind closesocket connect freeaddrinfo getaddrinfo getsockname inet_addr send setsockopt socket
User Data Access	GetComputerName GetComputerNameEx GetUserDefaultLocaleName GetUserObjectInformation
Network Winhttp	WinHttpOpen
Other Suspicious	AdjustTokenPrivileges SetWindowsHookEx
Service Control	OpenSCManager OpenService StartServiceCtrlDispatcher
Process Shell Execute	CreateProcess ShellExecute ShellExecuteEx
Encryption Used	BCryptOpenAlgorithmProvider CryptAcquireContext
Network Wininet	HttpOpenRequest HttpQueryInfo HttpSendRequest InternetConnect InternetOpen InternetQueryOption InternetReadFile InternetSetOption
Process Manipulation Evasion	NtUnmapViewOfSection ReadProcessMemory
Process Terminate	TerminateProcess
Keyboard Access	GetKeyState
Network Info Queried	GetAdaptersAddresses GetAdaptersInfo

Shell Command Execution


							open C:\Users\Bavnbier\AppData\Local\Temp\3582-490\0e096ce451180a7319a61601c21cd34dca0fac47_0002294733


							open (NULL)


							c:\dbeb0860bff2ab9b085ca847\\UPDATE\update.exe


							c:\users\user\downloads\9dbafccc091f5e30a7f1d56e1c8d4db61627a367_0003291288 c:\users\user\downloads\9dbafccc091f5e30a7f1d56e1c8d4db61627a367_0003291288 --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Dbrunzbc\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Dbrunzbc\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x290,0x294,0x298,0x28c,0x29c,0x7057a0,0x7057b0,0x7057bc


							c:\users\user\downloads\26080536f558983b34bbc643d7220ad7797a2c0c_0003081733 c:\users\user\downloads\26080536f558983b34bbc643d7220ad7797a2c0c_0003081733 --type=crashpad-handler "--user-data-dir=C:\Users\Xeueumxk\AppData\Roaming\Opera Software\Opera GX Stable" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Xeueumxk\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Xeueumxk\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=124.0.5705.89 --initial-client-data=0x2b0,0x2b4,0x2b8,0x2ac,0x2bc,0x64fcf4,0x64fd00,0x64fd0c


									C:\Users\Ijuzyhba\AppData\Local\Temp\jds3038328.tmp\bd1ec8fe0e222083e8c921e063a64883ac3d0f33_0002066976 "C:\Users\Ijuzyhba\AppData\Local\Temp\jds3038328.tmp\bd1ec8fe0e222083e8c921e063a64883ac3d0f33_0002066976"


									"C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"

Virus.Expiro.O

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

Digital Signatures

Digital Signatures

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

Most Viewed