Analysis
-
max time kernel
2692s -
max time network
2497s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
19-01-2022 15:43
General
-
Target
https://download.cnet.com/SuperAntiSpyware-Free-Edition/3000-8022_4-10523889.html
Malware Config
Signatures
-
Registers COM server for autorun 1 TTPs
-
suricata: ET MALWARE Fake Software Download Redirect Leading to Malware M3
suricata: ET MALWARE Fake Software Download Redirect Leading to Malware M3
-
Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs
-
Downloads MZ/PE file
-
Executes dropped EXE 17 IoCs
-
Sets service image path in registry 2 TTPs
-
Checks BIOS information in registry 2 TTPs 8 IoCs
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL 64 IoCs
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Themida packer 8 IoCs
Detects Themida, an advanced Windows software protection system.
-
Adds Run key to start application 2 TTPs 2 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled 1 TTPs 4 IoCs
-
Drops file in System32 directory 1 IoCs
-
Suspicious use of NtSetInformationThreadHideFromDebugger 4 IoCs
-
Drops file in Program Files directory 23 IoCs
-
Drops file in Windows directory 3 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Office loads VBA resources, possible macro or embedded object present
-
Checks processor information in registry 2 TTPs 4 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies Internet Explorer settings 1 TTPs 64 IoCs
-
Modifies registry class 64 IoCs
-
Modifies system certificate store 2 TTPs 6 IoCs
-
NTFS ADS 1 IoCs
-
Script User-Agent 2 IoCs
Uses user-agent string associated with script host/environment.
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 4 IoCs
-
Suspicious behavior: LoadsDriver 7 IoCs
-
Suspicious use of AdjustPrivilegeToken 56 IoCs
-
Suspicious use of FindShellTrayWindow 64 IoCs
-
Suspicious use of SendNotifyMessage 64 IoCs
-
Suspicious use of SetWindowsHookEx 14 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" https://download.cnet.com/SuperAntiSpyware-Free-Edition/3000-8022_4-10523889.html1⤵
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" https://download.cnet.com/SuperAntiSpyware-Free-Edition/3000-8022_4-10523889.html2⤵
- Checks processor information in registry
- NTFS ADS
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1604.0.1563456621\2032361743" -parentBuildID 20200403170909 -prefsHandle 1208 -prefMapHandle 1200 -prefsLen 1 -prefMapSize 219799 -appdir "C:\Program Files\Mozilla Firefox\browser" - 1604 "\\.\pipe\gecko-crash-server-pipe.1604" 1308 gpu3⤵
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1604.3.1913660592\1153651376" -childID 1 -isForBrowser -prefsHandle 1112 -prefMapHandle 1124 -prefsLen 156 -prefMapSize 219799 -parentBuildID 20200403170909 -appdir "C:\Program Files\Mozilla Firefox\browser" - 1604 "\\.\pipe\gecko-crash-server-pipe.1604" 1600 tab3⤵
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1604.13.1258823574\16581583" -childID 2 -isForBrowser -prefsHandle 2620 -prefMapHandle 2616 -prefsLen 7013 -prefMapSize 219799 -parentBuildID 20200403170909 -appdir "C:\Program Files\Mozilla Firefox\browser" - 1604 "\\.\pipe\gecko-crash-server-pipe.1604" 2632 tab3⤵
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1604.20.1215669469\39679806" -childID 3 -isForBrowser -prefsHandle 3328 -prefMapHandle 3308 -prefsLen 7718 -prefMapSize 219799 -parentBuildID 20200403170909 -appdir "C:\Program Files\Mozilla Firefox\browser" - 1604 "\\.\pipe\gecko-crash-server-pipe.1604" 3340 tab3⤵
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1604.27.1499803614\1327289720" -parentBuildID 20200403170909 -prefsHandle 7608 -prefMapHandle 7612 -prefsLen 8017 -prefMapSize 219799 -appdir "C:\Program Files\Mozilla Firefox\browser" - 1604 "\\.\pipe\gecko-crash-server-pipe.1604" 7596 rdd3⤵
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1604.31.1184380266\1000434300" -childID 4 -isForBrowser -prefsHandle 6484 -prefMapHandle 6488 -prefsLen 8649 -prefMapSize 219799 -parentBuildID 20200403170909 -appdir "C:\Program Files\Mozilla Firefox\browser" - 1604 "\\.\pipe\gecko-crash-server-pipe.1604" 6504 tab3⤵
-
C:\Users\Admin\Downloads\SUPERAntiSpyware.exe"C:\Users\Admin\Downloads\SUPERAntiSpyware.exe"1⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" -install -name:!SASCORE -display:"SAS Core Service" -description:"SUPERAntiSpyware Core Service" -pipe:sascoreservicepipe2⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\REGSVR32.EXE"C:\Windows\system32\REGSVR32.EXE" /s "C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL"2⤵
- Loads dropped DLL
-
C:\Windows\system32\regsvr32.exe/s "C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL"3⤵
- Loads dropped DLL
- Modifies registry class
-
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Modifies system certificate store
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
-
C:\Program Files\SUPERAntiSpyware\SSUPDATE64.EXE"C:\Program Files\SUPERAntiSpyware\SSUPDATE64.EXE" *8.0.1052!{0D3C4F0D-1C11-47bc-AD1C-BAB98712DBFB}3⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\cacls.exe"C:\Windows\System32\cacls.exe" "C:\System Volume Information" /E /G everyone:F3⤵
-
C:\Program Files\SUPERAntiSpyware\sas_enum_cookies.exesas_enum_cookies.exe3⤵
- Executes dropped EXE
-
C:\Program Files\SUPERAntiSpyware\sas_enum_cookies.exesas_enum_cookies.exe3⤵
- Executes dropped EXE
-
C:\Windows\System32\cacls.exe"C:\Windows\System32\cacls.exe" "C:\System Volume Information" /E /R everyone3⤵
-
C:\Windows\System32\cacls.exe"C:\Windows\System32\cacls.exe" "C:\System Volume Information" /E /G everyone:F3⤵
-
C:\Windows\System32\cacls.exe"C:\Windows\System32\cacls.exe" "C:\System Volume Information" /E /R everyone3⤵
-
C:\Windows\System32\cacls.exe"C:\Windows\System32\cacls.exe" "C:\System Volume Information" /E /G everyone:F3⤵
-
C:\Program Files\SUPERAntiSpyware\sas_enum_cookies.exesas_enum_cookies.exe3⤵
- Executes dropped EXE
-
C:\Program Files\SUPERAntiSpyware\sas_enum_cookies.exesas_enum_cookies.exe3⤵
- Executes dropped EXE
-
C:\Windows\System32\cacls.exe"C:\Windows\System32\cacls.exe" "C:\System Volume Information" /E /R everyone3⤵
-
C:\Windows\System32\cacls.exe"C:\Windows\System32\cacls.exe" "C:\System Volume Information" /E /G everyone:F3⤵
-
C:\Program Files\SUPERAntiSpyware\sas_enum_cookies.exesas_enum_cookies.exe3⤵
- Executes dropped EXE
-
C:\Program Files\SUPERAntiSpyware\sas_enum_cookies.exesas_enum_cookies.exe3⤵
- Executes dropped EXE
-
C:\Windows\System32\cacls.exe"C:\Windows\System32\cacls.exe" "C:\System Volume Information" /E /R everyone3⤵
-
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"1⤵
- Executes dropped EXE
-
C:\Program Files\VideoLAN\VLC\vlc.exe"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\DisconnectRequest.3gpp"1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6224f50,0x7fef6224f60,0x7fef6224f702⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1136 /prefetch:22⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1452 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1696 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1940 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2088 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2540 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --mojo-platform-channel-handle=2896 /prefetch:22⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1368 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1132 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3152 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3068 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3272 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3108 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3120 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3080 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3304 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3332 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3064 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3116 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2176 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1308 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2764 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2012 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3488 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4068 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4012 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3608 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3384 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3608 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4080 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3416 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1332 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4572 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4456 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4512 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4092 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3988 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=788 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4428 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2236 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3048 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1136 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2108 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2560 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4408 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2016 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4236 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4188 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1872 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3716 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1372 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2792 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4632 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1372 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2328 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1564 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4244 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1016 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2540 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=692 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4556 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3092 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3524 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1012 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1252 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=496 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2028 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1136 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2252 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2288 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4608 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2780 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4588 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4596 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3788 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4476 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:82⤵
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" http://cps.letsencrypt.org/2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1772 CREDAT:275457 /prefetch:23⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5248 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1056,14771102344486563941,18205068092419142991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1360 /prefetch:82⤵
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x5501⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files\7-Zip\7zG.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Malware\fiIle__Pass__1234_active\" -spe -an -ai#7zMap19658:126:7zEvent214551⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Users\Admin\Downloads\Malware\fiIle__Pass__1234_active\fiIle__Pass__1234_active.exe"C:\Users\Admin\Downloads\Malware\fiIle__Pass__1234_active\fiIle__Pass__1234_active.exe"1⤵
- Executes dropped EXE
- Checks BIOS information in registry
- Checks whether UAC is enabled
- Suspicious use of NtSetInformationThreadHideFromDebugger
-
C:\Program Files\7-Zip\7zG.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Malware\Activate__Full__Setup\" -spe -an -ai#7zMap32224:120:7zEvent114301⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Malware\Activate__Full__Setup\Pasword is ___4695.txt1⤵
-
C:\Users\Admin\Downloads\Malware\Activate__Full__Setup\Activate__Full__Setup.exe"C:\Users\Admin\Downloads\Malware\Activate__Full__Setup\Activate__Full__Setup.exe"1⤵
- Executes dropped EXE
- Checks BIOS information in registry
- Checks whether UAC is enabled
- Suspicious use of NtSetInformationThreadHideFromDebugger
-
C:\Users\Admin\Downloads\Malware\Activate__Full__Setup\Activate__Full__Setup.exe"C:\Users\Admin\Downloads\Malware\Activate__Full__Setup\Activate__Full__Setup.exe"1⤵
- Executes dropped EXE
- Checks BIOS information in registry
- Checks whether UAC is enabled
- Suspicious use of NtSetInformationThreadHideFromDebugger
-
C:\Windows\system32\taskmgr.exe"C:\Windows\system32\taskmgr.exe" /41⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files\7-Zip\7zG.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Malware\Activate__Full__Setup\Activate__Full__Setup\" -spe -an -ai#7zMap17047:164:7zEvent200841⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files\7-Zip\7zG.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Malware\Open__Full__Setup__3456\" -spe -an -ai#7zMap31622:124:7zEvent294231⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Users\Admin\Downloads\Malware\Open__Full__Setup__3456\Open__Full__Setup__3456.exe"C:\Users\Admin\Downloads\Malware\Open__Full__Setup__3456\Open__Full__Setup__3456.exe"1⤵
- Executes dropped EXE
- Checks BIOS information in registry
- Checks whether UAC is enabled
- Suspicious use of NtSetInformationThreadHideFromDebugger
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Malware\Open__Full__Setup__3456\Password is ___3456.txt1⤵
-
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"1⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files\SUPERAntiSpyware\SSUPDATE64.EXE"C:\Program Files\SUPERAntiSpyware\SSUPDATE64.EXE" *8.0.1052!{0D3C4F0D-1C11-47bc-AD1C-BAB98712DBFB}2⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\taskmgr.exe"C:\Windows\system32\taskmgr.exe" /41⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE"C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n /f "C:\Users\Admin\Desktop\ExpandUnregister.dotm"1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\SUPERAntiSpyware\DETECT.WAVMD5
a48bbf8aa311f6fbca3d36e2fffc88e2
SHA1337af4f160bb6f9e1074b950f3b1c0a4dc956c0a
SHA256e76700b5c8cbabdefca606d90862cdb5263c1b7a4e0545f218104c2818eccfc7
SHA51248e6121639af72fdea763d7a928a9f07c02ac40c3b73e69b4ac574745dbbf84f1d7e86a77a8d5093628e9c9467a62671b2686229b7298ebe013d4e52e18bdc39
-
C:\Program Files\SUPERAntiSpyware\High Contrast Black.setMD5
a01d955e1485454b56413cc4c40f547f
SHA10fd3b96e0a92f2fda086a955249c6d3676cfff92
SHA256a5a15f0dcf648affa3f358aaefb3d82794952c10bb379741de52bf58ef1649d5
SHA512fb78d8802954129cfa42cfc102867512d13011bda3001fb571c65b924cc6f8cbc585ad1083fe62fffec9b01adc8d23e2a3f66deb35575ec8ff8edd7c88dfa98d
-
C:\Program Files\SUPERAntiSpyware\RUNSAS.EXEMD5
3497c5e00ecd5fdb728e9b5093e2b831
SHA105d8b17dcf41867a890f6de8a518ffd0036c60aa
SHA25650dd6863e9ecb2f6ea8e6f313ba533dc783322818c80d267a5dd877cdccda124
SHA5125cf417b8ed546d617f6826eb80d024bf2f51fca26c696cc2d717f939a9043f99dcd7b47839168808a7a897f2086ab51d14d8e3c4fef553e1be77739d60534ad4
-
C:\Program Files\SUPERAntiSpyware\SAS Default.setMD5
b3e9dfd17cf864d552e03445a7d3133c
SHA1d47fc807ad3e667baf9925283eda0aa9edebc463
SHA256acb0fc3c92fbab280b0da3252442d6eae96653cce0e21d59c8741035391b057d
SHA512e9f4ab646965fbd7d6fcc17a24d539e7feb06c9d1c2c9a0c1e86ca636b963ea148720a9f856c7b44bb3d789711b79257fd4afc012e981de250b2f77f1f0a31ce
-
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXEMD5
98e06cac2c508118450095e581202230
SHA12afe3280140fc56db7a7a9197520bfbc74608235
SHA2568fc6c08487f2a481a28f1e5e500b61a21b7a0d44b342f9f887017d6fae4f87f4
SHA51248667a0d00b954d8c0e89b05e6dbaeb18591e58346436385a2d33bd1f02f31e9ea5ed023cb9e377a431e9adf0c7f1aec90e6fe71386f74bc7c5ae210d38dc579
-
C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLLMD5
2640b083bb33cc6095cb0e6e2f8acc98
SHA1191ed504bc36016899fbfa3f080bd1c3b1a7cc6c
SHA256550ceae946515cf892dbbee249d72d22bf44a11af3db16b578196fdca8170b1e
SHA5127798740ff940cde4a7d677bf1366ff564c76babb5666c07aad7231ab51b050e4a5549da4c4d3bae944e1910f24d08b1660069e24fb44f8222dbe84e66a249b5b
-
C:\Program Files\SUPERAntiSpyware\SASCore64.exeMD5
98e06cac2c508118450095e581202230
SHA12afe3280140fc56db7a7a9197520bfbc74608235
SHA2568fc6c08487f2a481a28f1e5e500b61a21b7a0d44b342f9f887017d6fae4f87f4
SHA51248667a0d00b954d8c0e89b05e6dbaeb18591e58346436385a2d33bd1f02f31e9ea5ed023cb9e377a431e9adf0c7f1aec90e6fe71386f74bc7c5ae210d38dc579
-
C:\Program Files\SUPERAntiSpyware\SASCore64.exeMD5
98e06cac2c508118450095e581202230
SHA12afe3280140fc56db7a7a9197520bfbc74608235
SHA2568fc6c08487f2a481a28f1e5e500b61a21b7a0d44b342f9f887017d6fae4f87f4
SHA51248667a0d00b954d8c0e89b05e6dbaeb18591e58346436385a2d33bd1f02f31e9ea5ed023cb9e377a431e9adf0c7f1aec90e6fe71386f74bc7c5ae210d38dc579
-
C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYSMD5
3289766038db2cb14d07dc84392138d5
SHA1d04286973c48c767c8723f4094396bded792ea90
SHA256a7790b787690cc1a8b97e4532090c5295350a836a9474dea74ceb3e81cf26124
SHA51222949262df9369a7c2a9fc489f7cf518c790741a943e0fea9f05b852c2ca61c6a1f70252795d7e96ac00b9dfbcda481456b2e2b2f876365e8d2caa38b10c9933
-
C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYSMD5
58a38e75f3316a83c23df6173d41f2b5
SHA19ff00f34b5dfae4be15ed8e59e9c7a05640cbdc3
SHA256b0a8cda1d164b7534fb41ab80792861384709bf0f914f44553275cf20194f1a1
SHA512a81b979852677a04e6fd24246b6d8d96be60839f51a203027d708d39f1edd9949b262df2e715ed39ce9a7b6882e9d416e11831388158f9f740ab137f7fe18010
-
C:\Program Files\SUPERAntiSpyware\SASREPAIRS.STGMD5
efc9ea7aa080142234062f49c1ed2aa0
SHA1f82b558f985be249259584b3f5be9a63219b0f25
SHA25687f7dd02e06983dc362923f74fe880367f0ab59d9ba288099a2c538982abfa96
SHA512e205bdd961c63df227c8a239c605dbcecb4109743bdde51bd07ac2beb4312de4b21cf25b4b963dcb4e0472b0026dd9f8cf455329f630f947f9dd01ecc6c50c5e
-
C:\Program Files\SUPERAntiSpyware\SASTask.exeMD5
5302d99fb38de4318738be8eb5504695
SHA1cef60452c888842a6d59fba68c4b4c811291ec0e
SHA256d698c5790816236a743720722cc21b5a5f3e7b9ec02c6ec515908a7e1220f1f3
SHA512413fa4964b555a64a4cfb7ae75e2050267d6876a65d97b9446181f5e7d0f95578a6621b5d214fa3b02b2232441b712a5bd08537053239bb080cf3f340360d01b
-
C:\Program Files\SUPERAntiSpyware\SSUPDATE64.EXEMD5
99851aef40ccc89527358327fa3ac645
SHA14663a99ce79cfcb0a8cb5b9eee8590c50b665b0d
SHA25689861e803e5281d4ba890ce1ff997f5bf2b7e2b61e37d56af8b0cd89408d4616
SHA51241d52c8c45f0338f102b8a20232fe23dd17d008574b18a17795a3129a84d25e3615cd9cd42462376a21fff3055ac5628cc13d07cced924009c3ffdeb372031f9
-
C:\Program Files\SUPERAntiSpyware\SSUpdate64.exeMD5
99851aef40ccc89527358327fa3ac645
SHA14663a99ce79cfcb0a8cb5b9eee8590c50b665b0d
SHA25689861e803e5281d4ba890ce1ff997f5bf2b7e2b61e37d56af8b0cd89408d4616
SHA51241d52c8c45f0338f102b8a20232fe23dd17d008574b18a17795a3129a84d25e3615cd9cd42462376a21fff3055ac5628cc13d07cced924009c3ffdeb372031f9
-
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
C:\Program Files\SUPERAntiSpyware\SUPERDelete.exeMD5
35da92670c06c15cf6f5c10708788554
SHA11fb77420811528d76794b9ca5410f4d7c7583d5d
SHA2562227ce63d91490bc94f88149cc12998c5642d9716697d063901ab8b364270815
SHA512ec0d2531c638312cc9ca3852bc66c5568078129b1ebe7ecf4539fcc8c7fe105a0b464e01683d3f7bafe23a03d211f69ae4c86969becdaba9bbce5457063cf4e8
-
C:\Program Files\SUPERAntiSpyware\Uninstall.exeMD5
4d0dd97c0ab63c0d72a895b4db8b0553
SHA13a9f3a77c5f33da656cfe4647afcab7615ca7cec
SHA256a2887b7d3a95f05b3382f55f4496307b6b792e6a2d492178bcdbe22bd939733d
SHA512572417fe618ef01ed0bf23078de9e412d49bfa72871890effed6b7b3297a3b1cf86321d261d7946ac4be05bd92a003da405cc51bbba0119e45b27ff9ddee8fe4
-
C:\Program Files\SUPERAntiSpyware\sas_enum_cookies.exeMD5
981716d86ba53b87f9a4b9f837fc60c4
SHA16d5c8e0d4d1e7e1df8c420b49654d6f2f99741e8
SHA256d07cdf35aba5f4b82bee11d31d4471df06321408eb33c653bcc718a4ca568527
SHA512032f8d960c076ef8f83253c1d1908dab784f4869aff1c57db48c0ed9d3a3a4488639cd0ae9bee48b8003ec47a0b044c63fcd77ab47b84a731b859964ceb5aca7
-
C:\Program Files\SUPERAntiSpyware\sas_preconfig.db3MD5
52cbb622fb744c0db3c292805254e1a6
SHA1ef7c4007e1aeb9193e516a6c8cb926d349dcb9f6
SHA256edd0dcdf0b48e21d6a54ff5b081d01c1d83a412d31b36ccec1db7c127d921e81
SHA5127862a087a33040430dfa11d1ae091d5cae61eb264b5461cdb88ed740bb8e60007da8ddda4e3489051c75f027eda634097e0992410dc6a16ed773c3730d068aab
-
C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\Content1\MDEsU09TXzY5OVdGSF8wMSxodHRwOi8vZ28uc3VwZXJhbnRpc3B5d2FyZS5jb20vP2xpbmtpZD0xMDE0NjY=.bmpMD5
ddb54abfe78ddd03d2a9e6672358a5c0
SHA1547a89261edd40fb620a50af7be786c3a7696b15
SHA256823941ec57f84d398a9b14490a31de8abe99465a30dd1d2050a48dd6033682ec
SHA512e907673f381a5ee8bb39bec2ed19c6a5b0621479a46dc11d7ed5f0cf74e673ae805fa638c7c30b554263d20be1d1c0a6b2a067905eea6585db975cd5ed1c4cad
-
C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\Content1\MDIsU0FTX01QRkIyRk9SMTE5OTVfMDEsaHR0cDovL2dvLnN1cGVyYW50aXNweXdhcmUuY29tLz9saW5raWQ9MTAxNDU4.bmpMD5
caed279cbc1df57e97fa3eed3106953c
SHA169e622b6fa58eb655802c3473e71d7e9f013b6e3
SHA25673a9fab16c6b5facf81711b1bdba1a0e94468865e9cbec37a1c741e718f722c7
SHA5129653fb7ff0618b97185ae772212ce98f71772d76948401988c30a1f748bb25526c937d32b478d33d829b540be4b7aa474d88f58a1c3d2635dc1af1899735ed42
-
C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\PROCESSLIST.BINMD5
8c50eac319bad116793d94172401de48
SHA19a1e7caf2059f7ad9e0c31de8fb8f2cc5eed8dee
SHA256069ae753d6a69565b2dc5ead6b7ad6895a10667bc122e8f662c33e8d2e41e7b3
SHA512506f2e7358f87e98ff2d95fa28bbdcae0c5263735e5ec2483601f02ac1b35147f75a754d7f6c65382a2afb7a3824deb9edb297cbdf3e42e942f6f702d65cbd0e
-
C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\PROCESSLISTRELATED.DBMD5
125767637bea667a3521540cf39fc2cf
SHA1d2b98c91dd5d180a8be5d7f8ae016c693906c11f
SHA256966a062127146b38fbabda6d4968df9a27957ef24928f3044cc00538b242ace7
SHA512cf56b60988d359781a7334b8e5ad8d8003ec866ecb80c028a259718de8801be88e8ed7e85e627dfc2405617462f164e66a500f0534802d9d924627e3ce79a460
-
C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SetupOptions.db3MD5
c5e247343e99995dc9a6aff26f03c473
SHA1e713bcf2b51f540d2bdd8e70fa77e6cace5f5a35
SHA256f968e4e3f6323ae5071aa3ec9543a4893c7a3480abb08c1b63834b89081a5ba2
SHA512843216f6e11f17da1775d89bd390bcd1a0b88eae205abe9fa358fc0c9d1b26c1766b2e99828a4a519d8314d5a44ab01f6a551958921c7c6fff0527e0ecc4ac54
-
C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\superantispyware.db3MD5
37d1405c2a7a23f26985c1eff7288d1c
SHA150b167bb4bd930cd92c3ca91163fbe80a5238b3f
SHA256e4e5b7085af68c24d3f17ec9fbd889e5a635d9a068d3ea761f6a14ec994c09ab
SHA512bfacf1f369c8cf7b4e2a2f1a2e0b64aedf7a0c826229e5c9f13be08d25bcfcd22a23398d2231098a945000a65b53f88e58431bd5b6a0d43b64ab2921ff0f94e0
-
C:\Users\Admin\Downloads\SUPERAntiSpyware.exeMD5
cecf29885d73fff8d90d880962275454
SHA1b33a5250e5fa95fbe4d6b67cd0877d56c8dc9849
SHA256bdabbdc7ce3f5f355d67c7b2de252bb235dfbec4f1e42d6f1dcb26046f77c9fc
SHA5122a9100de60481bfdb0385f74dc6f7b712eb4d953892e91efe8146d97c2ed3c2c073d83d9c7605e0dd3bca05ae6fafce0a849a3507134fb810f07ccc1fa2c8860
-
C:\Users\Admin\Downloads\SUPERAntiSpyware.exeMD5
cecf29885d73fff8d90d880962275454
SHA1b33a5250e5fa95fbe4d6b67cd0877d56c8dc9849
SHA256bdabbdc7ce3f5f355d67c7b2de252bb235dfbec4f1e42d6f1dcb26046f77c9fc
SHA5122a9100de60481bfdb0385f74dc6f7b712eb4d953892e91efe8146d97c2ed3c2c073d83d9c7605e0dd3bca05ae6fafce0a849a3507134fb810f07ccc1fa2c8860
-
\Program Files\SUPERAntiSpyware\RUNSAS.EXEMD5
3497c5e00ecd5fdb728e9b5093e2b831
SHA105d8b17dcf41867a890f6de8a518ffd0036c60aa
SHA25650dd6863e9ecb2f6ea8e6f313ba533dc783322818c80d267a5dd877cdccda124
SHA5125cf417b8ed546d617f6826eb80d024bf2f51fca26c696cc2d717f939a9043f99dcd7b47839168808a7a897f2086ab51d14d8e3c4fef553e1be77739d60534ad4
-
\Program Files\SUPERAntiSpyware\SASCTXMN64.DLLMD5
2640b083bb33cc6095cb0e6e2f8acc98
SHA1191ed504bc36016899fbfa3f080bd1c3b1a7cc6c
SHA256550ceae946515cf892dbbee249d72d22bf44a11af3db16b578196fdca8170b1e
SHA5127798740ff940cde4a7d677bf1366ff564c76babb5666c07aad7231ab51b050e4a5549da4c4d3bae944e1910f24d08b1660069e24fb44f8222dbe84e66a249b5b
-
\Program Files\SUPERAntiSpyware\SASCTXMN64.DLLMD5
2640b083bb33cc6095cb0e6e2f8acc98
SHA1191ed504bc36016899fbfa3f080bd1c3b1a7cc6c
SHA256550ceae946515cf892dbbee249d72d22bf44a11af3db16b578196fdca8170b1e
SHA5127798740ff940cde4a7d677bf1366ff564c76babb5666c07aad7231ab51b050e4a5549da4c4d3bae944e1910f24d08b1660069e24fb44f8222dbe84e66a249b5b
-
\Program Files\SUPERAntiSpyware\SASCTXMN64.DLLMD5
2640b083bb33cc6095cb0e6e2f8acc98
SHA1191ed504bc36016899fbfa3f080bd1c3b1a7cc6c
SHA256550ceae946515cf892dbbee249d72d22bf44a11af3db16b578196fdca8170b1e
SHA5127798740ff940cde4a7d677bf1366ff564c76babb5666c07aad7231ab51b050e4a5549da4c4d3bae944e1910f24d08b1660069e24fb44f8222dbe84e66a249b5b
-
\Program Files\SUPERAntiSpyware\SASCTXMN64.DLLMD5
2640b083bb33cc6095cb0e6e2f8acc98
SHA1191ed504bc36016899fbfa3f080bd1c3b1a7cc6c
SHA256550ceae946515cf892dbbee249d72d22bf44a11af3db16b578196fdca8170b1e
SHA5127798740ff940cde4a7d677bf1366ff564c76babb5666c07aad7231ab51b050e4a5549da4c4d3bae944e1910f24d08b1660069e24fb44f8222dbe84e66a249b5b
-
\Program Files\SUPERAntiSpyware\SASCore64.exeMD5
98e06cac2c508118450095e581202230
SHA12afe3280140fc56db7a7a9197520bfbc74608235
SHA2568fc6c08487f2a481a28f1e5e500b61a21b7a0d44b342f9f887017d6fae4f87f4
SHA51248667a0d00b954d8c0e89b05e6dbaeb18591e58346436385a2d33bd1f02f31e9ea5ed023cb9e377a431e9adf0c7f1aec90e6fe71386f74bc7c5ae210d38dc579
-
\Program Files\SUPERAntiSpyware\SASCore64.exeMD5
98e06cac2c508118450095e581202230
SHA12afe3280140fc56db7a7a9197520bfbc74608235
SHA2568fc6c08487f2a481a28f1e5e500b61a21b7a0d44b342f9f887017d6fae4f87f4
SHA51248667a0d00b954d8c0e89b05e6dbaeb18591e58346436385a2d33bd1f02f31e9ea5ed023cb9e377a431e9adf0c7f1aec90e6fe71386f74bc7c5ae210d38dc579
-
\Program Files\SUPERAntiSpyware\SASCore64.exeMD5
98e06cac2c508118450095e581202230
SHA12afe3280140fc56db7a7a9197520bfbc74608235
SHA2568fc6c08487f2a481a28f1e5e500b61a21b7a0d44b342f9f887017d6fae4f87f4
SHA51248667a0d00b954d8c0e89b05e6dbaeb18591e58346436385a2d33bd1f02f31e9ea5ed023cb9e377a431e9adf0c7f1aec90e6fe71386f74bc7c5ae210d38dc579
-
\Program Files\SUPERAntiSpyware\SSUpdate64.exeMD5
99851aef40ccc89527358327fa3ac645
SHA14663a99ce79cfcb0a8cb5b9eee8590c50b665b0d
SHA25689861e803e5281d4ba890ce1ff997f5bf2b7e2b61e37d56af8b0cd89408d4616
SHA51241d52c8c45f0338f102b8a20232fe23dd17d008574b18a17795a3129a84d25e3615cd9cd42462376a21fff3055ac5628cc13d07cced924009c3ffdeb372031f9
-
\Program Files\SUPERAntiSpyware\SSUpdate64.exeMD5
99851aef40ccc89527358327fa3ac645
SHA14663a99ce79cfcb0a8cb5b9eee8590c50b665b0d
SHA25689861e803e5281d4ba890ce1ff997f5bf2b7e2b61e37d56af8b0cd89408d4616
SHA51241d52c8c45f0338f102b8a20232fe23dd17d008574b18a17795a3129a84d25e3615cd9cd42462376a21fff3055ac5628cc13d07cced924009c3ffdeb372031f9
-
\Program Files\SUPERAntiSpyware\SSUpdate64.exeMD5
99851aef40ccc89527358327fa3ac645
SHA14663a99ce79cfcb0a8cb5b9eee8590c50b665b0d
SHA25689861e803e5281d4ba890ce1ff997f5bf2b7e2b61e37d56af8b0cd89408d4616
SHA51241d52c8c45f0338f102b8a20232fe23dd17d008574b18a17795a3129a84d25e3615cd9cd42462376a21fff3055ac5628cc13d07cced924009c3ffdeb372031f9
-
\Program Files\SUPERAntiSpyware\SSUpdate64.exeMD5
99851aef40ccc89527358327fa3ac645
SHA14663a99ce79cfcb0a8cb5b9eee8590c50b665b0d
SHA25689861e803e5281d4ba890ce1ff997f5bf2b7e2b61e37d56af8b0cd89408d4616
SHA51241d52c8c45f0338f102b8a20232fe23dd17d008574b18a17795a3129a84d25e3615cd9cd42462376a21fff3055ac5628cc13d07cced924009c3ffdeb372031f9
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMD5
bb572c1a4a0963e317caf54e72f0b84c
SHA150a84e35a460f42fb20e6f4d9459c2a00886beb9
SHA256587513491d3c493bcf4e63838702659bac88cb4faca0b89164db9d0a20cb08db
SHA51214bec3672b62cb69dbd9ed7e75834f5650ffb73bd54fb6c60d22bb8affc058244837ae09593f3efb423e344d583cd62764c89658a8a2abb986e7c2976b4e231d
-
\Program Files\SUPERAntiSpyware\sasdifsv64.sysMD5
3289766038db2cb14d07dc84392138d5
SHA1d04286973c48c767c8723f4094396bded792ea90
SHA256a7790b787690cc1a8b97e4532090c5295350a836a9474dea74ceb3e81cf26124
SHA51222949262df9369a7c2a9fc489f7cf518c790741a943e0fea9f05b852c2ca61c6a1f70252795d7e96ac00b9dfbcda481456b2e2b2f876365e8d2caa38b10c9933
-
\Program Files\SUPERAntiSpyware\sasdifsv64.sysMD5
3289766038db2cb14d07dc84392138d5
SHA1d04286973c48c767c8723f4094396bded792ea90
SHA256a7790b787690cc1a8b97e4532090c5295350a836a9474dea74ceb3e81cf26124
SHA51222949262df9369a7c2a9fc489f7cf518c790741a943e0fea9f05b852c2ca61c6a1f70252795d7e96ac00b9dfbcda481456b2e2b2f876365e8d2caa38b10c9933
-
\Program Files\SUPERAntiSpyware\saskutil64.sysMD5
58a38e75f3316a83c23df6173d41f2b5
SHA19ff00f34b5dfae4be15ed8e59e9c7a05640cbdc3
SHA256b0a8cda1d164b7534fb41ab80792861384709bf0f914f44553275cf20194f1a1
SHA512a81b979852677a04e6fd24246b6d8d96be60839f51a203027d708d39f1edd9949b262df2e715ed39ce9a7b6882e9d416e11831388158f9f740ab137f7fe18010
-
\Program Files\SUPERAntiSpyware\saskutil64.sysMD5
58a38e75f3316a83c23df6173d41f2b5
SHA19ff00f34b5dfae4be15ed8e59e9c7a05640cbdc3
SHA256b0a8cda1d164b7534fb41ab80792861384709bf0f914f44553275cf20194f1a1
SHA512a81b979852677a04e6fd24246b6d8d96be60839f51a203027d708d39f1edd9949b262df2e715ed39ce9a7b6882e9d416e11831388158f9f740ab137f7fe18010
-
\Users\Admin\AppData\Local\Temp\SUPERSetup\gcapi_dll.dllMD5
cac4a48fbaf0373d0d1ca310c2615a55
SHA1bd357ed2d894e4fb84fe8f0e2f572bf5eed8b37a
SHA256b6a209242cccbb2257becd3b826d4a304631bbe9f4f842278619e42c33feb2e3
SHA512bb63176ce893942be53e3193d498ce85f67ae7fe0a0799a5e7b10a9e4ffdd55a34f4038ce14a638949d0000c726fb355872a7748504c74cee36b2ca55b2b9452
-
\Users\Admin\AppData\Local\Temp\SUPERSetup\gcapi_dll.dllMD5
cac4a48fbaf0373d0d1ca310c2615a55
SHA1bd357ed2d894e4fb84fe8f0e2f572bf5eed8b37a
SHA256b6a209242cccbb2257becd3b826d4a304631bbe9f4f842278619e42c33feb2e3
SHA512bb63176ce893942be53e3193d498ce85f67ae7fe0a0799a5e7b10a9e4ffdd55a34f4038ce14a638949d0000c726fb355872a7748504c74cee36b2ca55b2b9452
-
\Users\Admin\AppData\Local\Temp\SUPERSetup\setup.dllMD5
f21ca163b7df7daddab556b8bd242c35
SHA14cc603108e71d005363ba07db7905a2e0f40e4e7
SHA2563416cffe03c9910c0d946aa0a593c4cbc937e20a5921055af537d66d8c7ac594
SHA51254b0f3c716b9abcb385d7b57b0152deb86c0759e1cd6ab3c228ec718c6b13113a72f8e2a5d93651861e4d6b10fac403ee9344e1ac15fe7e84a7f07a8a7458c40
-
memory/932-130-0x00000000012C0000-0x0000000001915000-memory.dmpFilesize
6.3MB
-
memory/932-131-0x00000000012C0000-0x0000000001915000-memory.dmpFilesize
6.3MB
-
memory/952-136-0x0000000001360000-0x0000000001A11000-memory.dmpFilesize
6.7MB
-
memory/952-138-0x0000000001360000-0x0000000001A11000-memory.dmpFilesize
6.7MB
-
memory/1504-151-0x0000000072101000-0x0000000072104000-memory.dmpFilesize
12KB
-
memory/1504-152-0x000000006FB81000-0x000000006FB83000-memory.dmpFilesize
8KB
-
memory/1504-153-0x000000005FFF0000-0x0000000060000000-memory.dmpFilesize
64KB
-
memory/1504-155-0x000000005FFF0000-0x0000000060000000-memory.dmpFilesize
64KB
-
memory/2776-55-0x0000000075471000-0x0000000075473000-memory.dmpFilesize
8KB
-
memory/2816-137-0x0000000001360000-0x0000000001A11000-memory.dmpFilesize
6.7MB
-
memory/2816-139-0x0000000001360000-0x0000000001A11000-memory.dmpFilesize
6.7MB
-
memory/2936-71-0x000007FEFB611000-0x000007FEFB613000-memory.dmpFilesize
8KB
-
memory/3000-144-0x00000000013A0000-0x0000000001A4F000-memory.dmpFilesize
6.7MB
-
memory/3000-145-0x00000000013A0000-0x0000000001A4F000-memory.dmpFilesize
6.7MB
