31d7d798d1cde0d978be8aece150160aa2e4da4ce9e5e85972dc2e15e8c8d03b

Analysis

max time kernel
48s
max time network
41s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
06-09-2022 07:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

CLOUDFLA.exe
Size

30.9MB
MD5

edf02789603a77a4c7b42dd8091babe0
SHA1

75a4690028051f5eb8df5195a5bec283066b8420
SHA256

8f3bb770ad8cafcabe4eba9f67ba79f353ddee4caf30532e724bdeb15489df64
SHA512

c696ff8989b47a94a960154d2a26d5b93f3a7a19c5582ff649d5e67faddc746b3d7fe86adf42023bf2bc22759bf5d9af38ab5863a760f997b9288ec02d620b79
SSDEEP

786432:SQRwdPcRhvUvAtRNW0sm2CGFSXOSmL5NDBsX9LsD73e486:1RwdPcRavyu0F2zFz5De9LW7e486

Score

8^/10

evasion trojan

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
1528	thunderbird.exe

Loads dropped DLL 43 IoCs

pid	Process
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe
1528	thunderbird.exe

Checks whether UAC is enabled 1 TTPs 1 IoCs

evasion trojan

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	CLOUDFLA.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 3 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	CLOUDFLA.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier	CLOUDFLA.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	CLOUDFLA.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1612	CLOUDFLA.exe
1612	CLOUDFLA.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1612 wrote to memory of 1528	1612	CLOUDFLA.exe	26
PID 1612 wrote to memory of 1528	1612	CLOUDFLA.exe	26
PID 1612 wrote to memory of 1528	1612	CLOUDFLA.exe	26
PID 1612 wrote to memory of 1528	1612	CLOUDFLA.exe	26

C:\Users\Admin\AppData\Local\Temp\CLOUDFLA.exe
"C:\Users\Admin\AppData\Local\Temp\CLOUDFLA.exe"
1⤵
- Loads dropped DLL
- Checks whether UAC is enabled
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1612
- C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\thunderbird.exe
  "C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\thunderbird.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:1528

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\MSVCP140.dll

Filesize
439KB

MD5
5ff1fca37c466d6723ec67be93b51442

SHA1
34cc4e158092083b13d67d6d2bc9e57b798a303b

SHA256
5136a49a682ac8d7f1ce71b211de8688fce42ed57210af087a8e2dbc8a934062

SHA512
4802ef62630c521d83a1d333969593fb00c9b38f82b4d07f70fbd21f495fea9b3f67676064573d2c71c42bc6f701992989742213501b16087bb6110e337c7546

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\VCRUNTIME140.dll

Filesize
78KB

MD5
a37ee36b536409056a86f50e67777dd7

SHA1
1cafa159292aa736fc595fc04e16325b27cd6750

SHA256
8934aaeb65b6e6d253dfe72dea5d65856bd871e989d5d3a2a35edfe867bb4825

SHA512
3a7c260646315cf8c01f44b2ec60974017496bd0d80dd055c7e43b707cadba2d63aab5e0efd435670aa77886ed86368390d42c4017fc433c3c4b9d1c47d0f356

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-file-l1-2-0.dll

Filesize
17KB

MD5
79ee4a2fcbe24e9a65106de834ccda4a

SHA1
fd1ba674371af7116ea06ad42886185f98ba137b

SHA256
9f7bda59faafc8a455f98397a63a7f7d114efc4e8a41808c791256ebf33c7613

SHA512
6ef7857d856a1d23333669184a231ad402dc62c8f457a6305fe53ed5e792176ca6f9e561375a707da0d7dd27e6ea95f8c4355c5dc217e847e807000b310aa05c

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-file-l2-1-0.dll

Filesize
17KB

MD5
3f224766fe9b090333fdb43d5a22f9ea

SHA1
548d1bb707ae7a3dfccc0c2d99908561a305f57b

SHA256
ae5e73416eb64bc18249ace99f6847024eceea7ce9c343696c84196460f3a357

SHA512
c12ea6758071b332368d7ef0857479d2b43a4b27ceeab86cbb542bd6f1515f605ea526dfa3480717f8f452989c25d0ee92bf3335550b15ecec79e9b25e66a2ca

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
23bd405a6cfd1e38c74c5150eec28d0a

SHA1
1d3be98e7dfe565e297e837a7085731ecd368c7b

SHA256
a7fa48de6c06666b80184afee7e544c258e0fb11399ab3fe47d4e74667779f41

SHA512
c52d487727a34fbb601b01031300a80eca7c4a08af87567da32cb5b60f7a41eb2cae06697cd11095322f2fc8307219111ee02b60045904b5c9b1f37e48a06a21

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
18KB

MD5
95c5b49af7f2c7d3cd0bc14b1e9efacb

SHA1
c400205c81140e60dffa8811c1906ce87c58971e

SHA256
ff9b51aff7fbec8d7fe5cc478b12492a59b38b068dc2b518324173bb3179a0e1

SHA512
f320937b90068877c46d30a15440dc9ace652c3319f5d75e0c8bb83f37e78be0efb7767b2bd713be6d38943c8db3d3d4c3da44849271605324e599e1242309c3

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-synch-l1-2-0.dll

Filesize
18KB

MD5
6e704280d632c2f8f2cadefcae25ad85

SHA1
699c5a1c553d64d7ff3cf4fe57da72bb151caede

SHA256
758a2f9ef6908b51745db50d89610fe1de921d93b2dbea919bfdba813d5d8893

SHA512
ade85a6cd05128536996705fd60c73f04bab808dafb5d8a93c45b2ee6237b6b4ddb087f1a009a9d289c868c98e61be49259157f5161feccf9f572fd306b460e6

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-timezone-l1-1-0.dll

Filesize
18KB

MD5
c9a55de62e53d747c5a7fddedef874f9

SHA1
c5c5a7a873a4d686bfe8e3da6dc70f724ce41bad

SHA256
b5c725bbb475b5c06cc6cb2a2c3c70008f229659f88fba25ccd5d5c698d06a4b

SHA512
adca0360a1297e80a8d3c2e07f5fbc06d2848f572f551342ad4c9884e4ab4bd1d3b3d9919b4f2b929e2848c1a88a4e844dd38c86067cace9685f9640db100efb

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-convert-l1-1-0.dll

Filesize
21KB

MD5
9ddea3cc96e0fdd3443cc60d649931b3

SHA1
af3cb7036318a8427f20b8561079e279119dca0e

SHA256
b7c3ebc36c84630a52d23d1c0e79d61012dfa44cdebdf039af31ec9e322845a5

SHA512
1427193b31b64715f5712db9c431593bdc56ef512fe353147ddb7544c1c39ded4371cd72055d82818e965aff0441b7cbe0b811d828efb0ece28471716659e162

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-environment-l1-1-0.dll

Filesize
18KB

MD5
39325e5f023eb564c87d30f7e06dff23

SHA1
03dd79a7fbe3de1a29359b94ba2d554776bdd3fe

SHA256
56d8b7ee7619579a3c648eb130c9354ba1ba5b33a07a4f350370ee7b3653749a

SHA512
087b9dcb744ad7d330bacb9bda9c1a1df28ebb9327de0c5dc618e79929fd33d1b1ff0e1ef4c08f8b3ea8118b968a89f44fe651c66cba4ecbb3216cd4bcce3085

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
19KB

MD5
228c6bbe1bce84315e4927392a3baee5

SHA1
ba274aa567ad1ec663a2f9284af2e3cb232698fb

SHA256
ac0cec8644340125507dd0bc9a90b1853a2d194eb60a049237fb5e752d349065

SHA512
37a60cce69e81f68ef62c58bba8f2843e99e8ba1b87df9a5b561d358309e672ae5e3434a10a3dde01ae624d1638da226d42c64316f72f3d63b08015b43c56cab

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-heap-l1-1-0.dll

Filesize
18KB

MD5
1776a2b85378b27825cf5e5a3a132d9a

SHA1
626f0e7f2f18f31ec304fe7a7af1a87cbbebb1df

SHA256
675b1b82dd485cc8c8a099272db9241d0d2a7f45424901f35231b79186ec47ee

SHA512
541a5dd997fc5fec31c17b4f95f03c3a52e106d6fb590cb46bdf5adad23ed4a895853768229f3fbb9049f614d9bae031e6c43cec43fb38c89f13163721bb8348

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-locale-l1-1-0.dll

Filesize
18KB

MD5
034379bcea45eb99db8cdfeacbc5e281

SHA1
bbf93d82e7e306e827efeb9612e8eab2b760e2b7

SHA256
8b543b1bb241f5b773eb76f652dad7b12e3e4a09230f2e804cd6b0622e8baf65

SHA512
7ea6efb75b0c59d3120d5b13da139042726a06d105c924095ed252f39ac19e11e8a5c6bb1c45fa7519c0163716745d03fb9daaaca50139a115235ab2815cc256

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-math-l1-1-0.dll

Filesize
28KB

MD5
8da414c3524a869e5679c0678d1640c1

SHA1
60cf28792c68e9894878c31b323e68feb4676865

SHA256
39723e61c98703034b264b97ee0fe12e696c6560483d799020f9847d8a952672

SHA512
6ef3f81206e7d4dca5b3c1fafc9aa2328b717e61ee0acce30dfb15ad0fe3cb59b2bd61f92bf6046c0aae01445896dcb1485ad8be86629d22c3301a1b5f4f2cfa

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
22KB

MD5
fb0ca6cbfff46be87ad729a1c4fde138

SHA1
2c302d1c535d5c40f31c3a75393118b40e1b2af9

SHA256
1ee8e99190cc31b104fb75e66928b8c73138902fefedbcfb54c409df50a364df

SHA512
99144c67c33e89b8283c5b39b8bf68d55638daa6acc2715a2ac8c5dba4170dd12299d3a2dffb39ae38ef0872c2c68a64d7cdc6ceba5e660a53942761cb9eca83

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
23KB

MD5
d5166ab3034f0e1aa679bfa1907e5844

SHA1
851dd640cb34177c43b5f47b218a686c09fa6b4c

SHA256
7bcab4ca00fb1f85fea29dd3375f709317b984a6f3b9ba12b8cf1952f97beee5

SHA512
8f2d7442191de22457c1b8402faad594af2fe0c38280aaafc876c797ca79f7f4b6860e557e37c3dbe084fe7262a85c358e3eeaf91e16855a91b7535cb0ac832e

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-string-l1-1-0.dll

Filesize
23KB

MD5
ad99c2362f64cde7756b16f9a016a60f

SHA1
07c9a78ee658bfa81db61dab039cffc9145cc6cb

SHA256
73ab2161a7700835b2a15b7487045a695706cc18bcee283b114042570bb9c0aa

SHA512
9c72f239adda1de11b4ad7028f3c897c93859ef277658aeaa141f09b7ddfe788d657b9cb1e2648971ecd5d27b99166283110ccba437d461003dbb9f6885451f7

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-time-l1-1-0.dll

Filesize
20KB

MD5
9b79fda359a269c63dcac69b2c81caa4

SHA1
a38c81b7a2ec158dfcfeb72cb7c04b3eb3ccc0fb

SHA256
4d0f0ea6e8478132892f9e674e27e2bc346622fc8989c704e5b2299a18c1d138

SHA512
e69d275c5ec5eae5c95b0596f0cc681b7d287b3e2f9c78a9b5e658949e6244f754f96ad7d40214d22ed28d64e4e8bd507363cdf99999fea93cfe319078c1f541

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-utility-l1-1-0.dll

Filesize
18KB

MD5
70e9104e743069b573ca12a3cd87ec33

SHA1
4290755b6a49212b2e969200e7a088d1713b84a2

SHA256
7e6b33a4c0c84f18f2be294ec63212245af4fd8354636804ffe5ee9a0d526d95

SHA512
e979f28451d271f405b780fc2025707c8a29dcb4c28980ca42e33d4033666de0e4a4644defec6c1d5d4bdd3c73d405fafcffe3320c60134681f62805c965bfd9

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\bz2.dll

Filesize
63KB

MD5
37b38a8e9fbc70f3ed962e5720795a04

SHA1
171692daf0a136154edde6e22c791d238ae8c1d0

SHA256
f004cd4113a8d832fc4a57f0e28a9001c2fddf67b3544590dd36d0f60d0cef8c

SHA512
9d34222337bf50122c613f2132346b7dca0df51990921ff0c7372463f0be69a441eab18122c02e1a94c8fcaa71b533dd477282d74dbc769fb490f4d46aba2607

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\freetype.dll

Filesize
554KB

MD5
839c270a8ba5444eebddd293c61e6333

SHA1
0fcfab6030a91c722aebea4bfd1bcbe2138c71f9

SHA256
ac40311bc17fc9eaf16f4aaf08c07d8a256e07aa4af081c9db9b552b56119e6e

SHA512
d34c0f4fcd77c70fa131af3ca19ed82a1d991f599ef8bf69295be25618a0c94af859a67cd80d4893ce105559a432202281ea2ee67af352878c69f8438a1e48cd

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\libmec30.dll

Filesize
18KB

MD5
bea96b5dcb3121560701af2b1db1eecd

SHA1
4247cee3d591cb3c057ba13820ef2f54e68f91de

SHA256
7ba2fd9c4dd159b1cfc9c693826ee10c2fbb6922e08dab5aa7ef2caa60c1eadc

SHA512
6322cbcb9f1bcb0d5fa6dc4d4fc17db1b046ccaa39f32c7572c216967ed51cc2186b576ab1c8f0d9de6fde3357ab1e5a7e776e0f0e97b9a0c8573be0180316d5

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\libpng16.dll

Filesize
162KB

MD5
8bb4c17afdeadb4c81da2f407dcb9809

SHA1
ce2bb6eddedf31e9dee7e43d4535250da442e852

SHA256
1ceae383d27ef1b45d19f7bff2ab8fe02d553c861342ac8c2d6a32f9a6c1b825

SHA512
b944a4b1e0e9a3b5418169429810c8933910bcdfe13b87d01027d0a4786ca7ddd44b4540da07a09b9a56a196f7681d31a878b72766991fa3dddc5221bfee82bd

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\mozglue.dll

Filesize
603KB

MD5
fc4d816a5412c30fa7e5d0f7d1c60043

SHA1
3765ff30683e2e880b367ec1a8e24da13d426e9c

SHA256
e00b8b5ae5a8437186bcfb4115e2466590753f8c268609e5d62fd7f438c7faae

SHA512
2fc0c0ae355ecbc9ad0deb5246a04891761ff3476f4019075324de9df4d04c695cd1d453d6001bc05d796a99d28a7c4f032349fa198fe1542f4fde019ee50013

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\thunderbird.exe

Filesize
352KB

MD5
7238412641bb82a88845c355c363e897

SHA1
5a64f26adf8078941d7218b247e5728161864486

SHA256
e5bbc723a99815cf321ae9bf30f9fce147132c1a1410447d4e9c8da829eedd1c

SHA512
97e1304880d8137a9086b5f6d7b8834630d27a0babe552077324c3a04007de669eb314568ad9aea4e497f0910f686a740c9a5b97b5bbf768d774fa023a6f07e2

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\ucrtbase.DLL

Filesize
1.1MB

MD5
6343ff7874ba03f78bb0dfe20b45f817

SHA1
82221a9ac1c1b8006f3f5e8539e74e3308f10bcb

SHA256
6f8f05993b8a25cadf5e301e58194c4d23402e467229b12e40956e4f128588b3

SHA512
63c3d3207577d4761103daf3f9901dd0a0ae8a89694ad1128fd7e054627cdd930d1020049317c5a898411735e2f75e2103ae303e7e514b6387a3c8463a4fb994

Download Submit
C:\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\zlib1.dll

Filesize
76KB

MD5
0ac2236d42d8ced5dbd181bf19637783

SHA1
59e317e893831615b7d338f3c328de42c3a04f2d

SHA256
59281018c70bfec371d593d4bd005f8c52c8a3440d96fdf28ad4881bf3c4d78f

SHA512
3c71c2f83110e51c44a6c79efd83490bbc93f022a937d6759cfed103fc250b46a7d895df5d880247381a74642ab8eb6497463202b455f1935d28b24ae0389183

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR7A30.tmp

Filesize
99KB

MD5
2c9676a3167739f36912818acb8e9860

SHA1
cd9e5e56cc408c40c45caf49614c26fc7fde39f6

SHA256
75fc64a55afa86173947948d78ba5de98dfc35c487166a6682fe71ed5f6f877a

SHA512
a6c375511d9d339b889adcca4a95bc23df9e207f86605f6d6d04ab7e211901cdc3012860ed844a5c36737369e01dc70b212f5960d8a662fdc720ad98e1202aa1

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR7B2A.tmp

Filesize
288KB

MD5
122a3741699fb5c0950273245c9dea15

SHA1
811f9149e3310a8e6521da156f92f3aaab012145

SHA256
f675eba3b22e0a2238ec4961d99de3bacca0ab553ab26eecb49800a12a9371ab

SHA512
567c480f70fdc78769ae45bf83b6632f7ab380ebeb00689028d39ff03840c8b778149a3fafe1dab2ac77a1fd17a23b09f58774b1c5e791bfd33b99528225eccc

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR7F41.tmp

Filesize
35KB

MD5
08ad4cd2a940379f1dcdbdb9884a1375

SHA1
c302b7589ba4f05c6429e7f89ad0cb84dd9dfbac

SHA256
78827e2b1ef0aad4f8b1b42d0964064819aa22bfcd537ebaacb30d817edc06d8

SHA512
f37bd071994c31b361090a149999e8b2d4a7839f19ea63e1d4563aada1371be37f2bfcc474e24de95ff77ca4124a39580c9f711e2fbe54265713ab76f631835a

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR7FBE.tmp

Filesize
169KB

MD5
cf2d7b4de923b25955d96d2e65ce76bc

SHA1
8feee81fe77a7649b969d375778d2b78d842cf48

SHA256
0912c84ded4670c427db1f405eb68a5763eae8fa0a735abe44eea81be7dc44ea

SHA512
d26a0983f0323655eddc48863a409d172a4623bd7ed465b5a4675477938de10127323040da77c80201c3a816315d98cace5194207e22b0a6ac2e65ae6795dc4f

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR7FEE.tmp

Filesize
532KB

MD5
a6f7a08b0676f0564a51b5c47973e635

SHA1
d56f5f9e2580b81717317da6582da9d379426d5b

SHA256
5dd27e845af9333ad7b907a37ab3d239b75be6ccc1f51ef4b21e59b037ce778c

SHA512
1101813034db327af1c16d069a4dfa91ab97ee8188f9ed1a6da9d25558866e7e9af59102e58127e64441d3e4a768b2ad788fd0e5a16db994a14637bfbade2954

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR809B.tmp

Filesize
72KB

MD5
c04970b55bcf614f24ca75b1de641ae2

SHA1
52b182caef513ed1c36f28eb45cedb257fa8ce40

SHA256
5ddee4aab3cf33e505f52199d64809125b26de04fb9970ca589cd8619c859d80

SHA512
a5f2660e336bf74a1936fb2e1c724220d862632907f5fd690b365009ac3e1bf35fa6689071f3da4049e495f340ff83f8438b79079ef1f248b9dcaedbdd5d3e40

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR80BB.tmp

Filesize
14KB

MD5
77fe66d74901495f4b41a5918acd02ff

SHA1
ce5bbd53152cd5b03df8bcc232a1aea36a012764

SHA256
b017168c69ef40115141813e47122391602e1af28af342c56495b09f1c3c7522

SHA512
cc6e323d0076577a0a04dbe2c33d90dc616cb5ec3637d3df67cbf169766ca2e6de567fcff4f32938fd6118d98e4796642a3010b7264f0ae247fa8f0fe079bd70

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR81F4.tmp

Filesize
14KB

MD5
d74aadd701bfacc474c431acab7b9265

SHA1
8a2b424d1f949430ddc1faddee3e9ccb79c95de2

SHA256
f1029f5cca3dabfeffe2c9db6ad84a9ff0f64f5b2fb85cb6ab348740f756e07d

SHA512
0ef85e311fb4843997fd5f87f0a2eec9715e26eae76bfb7bb701d8c043720aeaf7f4825d25187bf35e0a9f00def15ed071120128805445f1330c07c3e0ea5ced

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR8407.tmp

Filesize
366KB

MD5
0700f3dbe367287ce10472cffbd3d7d1

SHA1
079790389532599ce04fd82c2b89db5e4dedf26c

SHA256
77e46a6a8fbc079cdb1d3ee299af36c3d1881d38d93c4e0551f114965cdaf10f

SHA512
28eb67d348c8e9e36032d041315b6ee790d2e9021a3a657a7fe33c66ad1f8daa5b3e0833a2a432cb4a4c5795fea5a80a1810440fb441b6f0d56cf0d00d3e0a17

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR859E.tmp

Filesize
74KB

MD5
924b90c3d9e645dfad53f61ea4e91942

SHA1
65d397199ff191e5078095036e49f08376f9ae4e

SHA256
41788435f245133ec5511111e2c5d52f7515e359876180067e0b5ba85c729322

SHA512
76833708828c8f3fad941abeea158317aff98cf0691b5d5dfa4bca15279cdad1cc23a771258e4de41cf12a58f7033a3ee08b0b5eb834d22be568ea98b183ccd9

Download Submit
\Users\Admin\AppData\Local\Temp\BRL0000064c\BR8699.tmp

Filesize
150KB

MD5
efd81ea220094b0e91630b648d00e731

SHA1
226635424baf8146af055908c4c12b0a3faecd4f

SHA256
931c52c91ffbe12d820ff96570ba8db8abc36ac2fb852c87f2ef99271d7183fa

SHA512
fca9ffbcf94507cda23b5a68c4a598a25f0a0e22a7d429a125acbf95bdd03fd63ac80cf8738ae22d1730a73edb3325edc5b85af8d3337a62a97ac0f63dbccdbe

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-file-l1-2-0.dll

Filesize
17KB

MD5
79ee4a2fcbe24e9a65106de834ccda4a

SHA1
fd1ba674371af7116ea06ad42886185f98ba137b

SHA256
9f7bda59faafc8a455f98397a63a7f7d114efc4e8a41808c791256ebf33c7613

SHA512
6ef7857d856a1d23333669184a231ad402dc62c8f457a6305fe53ed5e792176ca6f9e561375a707da0d7dd27e6ea95f8c4355c5dc217e847e807000b310aa05c

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-file-l2-1-0.dll

Filesize
17KB

MD5
3f224766fe9b090333fdb43d5a22f9ea

SHA1
548d1bb707ae7a3dfccc0c2d99908561a305f57b

SHA256
ae5e73416eb64bc18249ace99f6847024eceea7ce9c343696c84196460f3a357

SHA512
c12ea6758071b332368d7ef0857479d2b43a4b27ceeab86cbb542bd6f1515f605ea526dfa3480717f8f452989c25d0ee92bf3335550b15ecec79e9b25e66a2ca

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
23bd405a6cfd1e38c74c5150eec28d0a

SHA1
1d3be98e7dfe565e297e837a7085731ecd368c7b

SHA256
a7fa48de6c06666b80184afee7e544c258e0fb11399ab3fe47d4e74667779f41

SHA512
c52d487727a34fbb601b01031300a80eca7c4a08af87567da32cb5b60f7a41eb2cae06697cd11095322f2fc8307219111ee02b60045904b5c9b1f37e48a06a21

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
18KB

MD5
95c5b49af7f2c7d3cd0bc14b1e9efacb

SHA1
c400205c81140e60dffa8811c1906ce87c58971e

SHA256
ff9b51aff7fbec8d7fe5cc478b12492a59b38b068dc2b518324173bb3179a0e1

SHA512
f320937b90068877c46d30a15440dc9ace652c3319f5d75e0c8bb83f37e78be0efb7767b2bd713be6d38943c8db3d3d4c3da44849271605324e599e1242309c3

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-synch-l1-2-0.dll

Filesize
18KB

MD5
6e704280d632c2f8f2cadefcae25ad85

SHA1
699c5a1c553d64d7ff3cf4fe57da72bb151caede

SHA256
758a2f9ef6908b51745db50d89610fe1de921d93b2dbea919bfdba813d5d8893

SHA512
ade85a6cd05128536996705fd60c73f04bab808dafb5d8a93c45b2ee6237b6b4ddb087f1a009a9d289c868c98e61be49259157f5161feccf9f572fd306b460e6

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-core-timezone-l1-1-0.dll

Filesize
18KB

MD5
c9a55de62e53d747c5a7fddedef874f9

SHA1
c5c5a7a873a4d686bfe8e3da6dc70f724ce41bad

SHA256
b5c725bbb475b5c06cc6cb2a2c3c70008f229659f88fba25ccd5d5c698d06a4b

SHA512
adca0360a1297e80a8d3c2e07f5fbc06d2848f572f551342ad4c9884e4ab4bd1d3b3d9919b4f2b929e2848c1a88a4e844dd38c86067cace9685f9640db100efb

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-convert-l1-1-0.dll

Filesize
21KB

MD5
9ddea3cc96e0fdd3443cc60d649931b3

SHA1
af3cb7036318a8427f20b8561079e279119dca0e

SHA256
b7c3ebc36c84630a52d23d1c0e79d61012dfa44cdebdf039af31ec9e322845a5

SHA512
1427193b31b64715f5712db9c431593bdc56ef512fe353147ddb7544c1c39ded4371cd72055d82818e965aff0441b7cbe0b811d828efb0ece28471716659e162

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-environment-l1-1-0.dll

Filesize
18KB

MD5
39325e5f023eb564c87d30f7e06dff23

SHA1
03dd79a7fbe3de1a29359b94ba2d554776bdd3fe

SHA256
56d8b7ee7619579a3c648eb130c9354ba1ba5b33a07a4f350370ee7b3653749a

SHA512
087b9dcb744ad7d330bacb9bda9c1a1df28ebb9327de0c5dc618e79929fd33d1b1ff0e1ef4c08f8b3ea8118b968a89f44fe651c66cba4ecbb3216cd4bcce3085

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
19KB

MD5
228c6bbe1bce84315e4927392a3baee5

SHA1
ba274aa567ad1ec663a2f9284af2e3cb232698fb

SHA256
ac0cec8644340125507dd0bc9a90b1853a2d194eb60a049237fb5e752d349065

SHA512
37a60cce69e81f68ef62c58bba8f2843e99e8ba1b87df9a5b561d358309e672ae5e3434a10a3dde01ae624d1638da226d42c64316f72f3d63b08015b43c56cab

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-heap-l1-1-0.dll

Filesize
18KB

MD5
1776a2b85378b27825cf5e5a3a132d9a

SHA1
626f0e7f2f18f31ec304fe7a7af1a87cbbebb1df

SHA256
675b1b82dd485cc8c8a099272db9241d0d2a7f45424901f35231b79186ec47ee

SHA512
541a5dd997fc5fec31c17b4f95f03c3a52e106d6fb590cb46bdf5adad23ed4a895853768229f3fbb9049f614d9bae031e6c43cec43fb38c89f13163721bb8348

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-locale-l1-1-0.dll

Filesize
18KB

MD5
034379bcea45eb99db8cdfeacbc5e281

SHA1
bbf93d82e7e306e827efeb9612e8eab2b760e2b7

SHA256
8b543b1bb241f5b773eb76f652dad7b12e3e4a09230f2e804cd6b0622e8baf65

SHA512
7ea6efb75b0c59d3120d5b13da139042726a06d105c924095ed252f39ac19e11e8a5c6bb1c45fa7519c0163716745d03fb9daaaca50139a115235ab2815cc256

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-math-l1-1-0.dll

Filesize
28KB

MD5
8da414c3524a869e5679c0678d1640c1

SHA1
60cf28792c68e9894878c31b323e68feb4676865

SHA256
39723e61c98703034b264b97ee0fe12e696c6560483d799020f9847d8a952672

SHA512
6ef3f81206e7d4dca5b3c1fafc9aa2328b717e61ee0acce30dfb15ad0fe3cb59b2bd61f92bf6046c0aae01445896dcb1485ad8be86629d22c3301a1b5f4f2cfa

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
22KB

MD5
fb0ca6cbfff46be87ad729a1c4fde138

SHA1
2c302d1c535d5c40f31c3a75393118b40e1b2af9

SHA256
1ee8e99190cc31b104fb75e66928b8c73138902fefedbcfb54c409df50a364df

SHA512
99144c67c33e89b8283c5b39b8bf68d55638daa6acc2715a2ac8c5dba4170dd12299d3a2dffb39ae38ef0872c2c68a64d7cdc6ceba5e660a53942761cb9eca83

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
23KB

MD5
d5166ab3034f0e1aa679bfa1907e5844

SHA1
851dd640cb34177c43b5f47b218a686c09fa6b4c

SHA256
7bcab4ca00fb1f85fea29dd3375f709317b984a6f3b9ba12b8cf1952f97beee5

SHA512
8f2d7442191de22457c1b8402faad594af2fe0c38280aaafc876c797ca79f7f4b6860e557e37c3dbe084fe7262a85c358e3eeaf91e16855a91b7535cb0ac832e

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-string-l1-1-0.dll

Filesize
23KB

MD5
ad99c2362f64cde7756b16f9a016a60f

SHA1
07c9a78ee658bfa81db61dab039cffc9145cc6cb

SHA256
73ab2161a7700835b2a15b7487045a695706cc18bcee283b114042570bb9c0aa

SHA512
9c72f239adda1de11b4ad7028f3c897c93859ef277658aeaa141f09b7ddfe788d657b9cb1e2648971ecd5d27b99166283110ccba437d461003dbb9f6885451f7

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-time-l1-1-0.dll

Filesize
20KB

MD5
9b79fda359a269c63dcac69b2c81caa4

SHA1
a38c81b7a2ec158dfcfeb72cb7c04b3eb3ccc0fb

SHA256
4d0f0ea6e8478132892f9e674e27e2bc346622fc8989c704e5b2299a18c1d138

SHA512
e69d275c5ec5eae5c95b0596f0cc681b7d287b3e2f9c78a9b5e658949e6244f754f96ad7d40214d22ed28d64e4e8bd507363cdf99999fea93cfe319078c1f541

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\api-ms-win-crt-utility-l1-1-0.dll

Filesize
18KB

MD5
70e9104e743069b573ca12a3cd87ec33

SHA1
4290755b6a49212b2e969200e7a088d1713b84a2

SHA256
7e6b33a4c0c84f18f2be294ec63212245af4fd8354636804ffe5ee9a0d526d95

SHA512
e979f28451d271f405b780fc2025707c8a29dcb4c28980ca42e33d4033666de0e4a4644defec6c1d5d4bdd3c73d405fafcffe3320c60134681f62805c965bfd9

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\bz2.dll

Filesize
63KB

MD5
37b38a8e9fbc70f3ed962e5720795a04

SHA1
171692daf0a136154edde6e22c791d238ae8c1d0

SHA256
f004cd4113a8d832fc4a57f0e28a9001c2fddf67b3544590dd36d0f60d0cef8c

SHA512
9d34222337bf50122c613f2132346b7dca0df51990921ff0c7372463f0be69a441eab18122c02e1a94c8fcaa71b533dd477282d74dbc769fb490f4d46aba2607

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\freetype.dll

Filesize
554KB

MD5
839c270a8ba5444eebddd293c61e6333

SHA1
0fcfab6030a91c722aebea4bfd1bcbe2138c71f9

SHA256
ac40311bc17fc9eaf16f4aaf08c07d8a256e07aa4af081c9db9b552b56119e6e

SHA512
d34c0f4fcd77c70fa131af3ca19ed82a1d991f599ef8bf69295be25618a0c94af859a67cd80d4893ce105559a432202281ea2ee67af352878c69f8438a1e48cd

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\libmec30.dll

Filesize
18KB

MD5
bea96b5dcb3121560701af2b1db1eecd

SHA1
4247cee3d591cb3c057ba13820ef2f54e68f91de

SHA256
7ba2fd9c4dd159b1cfc9c693826ee10c2fbb6922e08dab5aa7ef2caa60c1eadc

SHA512
6322cbcb9f1bcb0d5fa6dc4d4fc17db1b046ccaa39f32c7572c216967ed51cc2186b576ab1c8f0d9de6fde3357ab1e5a7e776e0f0e97b9a0c8573be0180316d5

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\mozglue.dll

Filesize
603KB

MD5
fc4d816a5412c30fa7e5d0f7d1c60043

SHA1
3765ff30683e2e880b367ec1a8e24da13d426e9c

SHA256
e00b8b5ae5a8437186bcfb4115e2466590753f8c268609e5d62fd7f438c7faae

SHA512
2fc0c0ae355ecbc9ad0deb5246a04891761ff3476f4019075324de9df4d04c695cd1d453d6001bc05d796a99d28a7c4f032349fa198fe1542f4fde019ee50013

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\msvcp140.dll

Filesize
439KB

MD5
5ff1fca37c466d6723ec67be93b51442

SHA1
34cc4e158092083b13d67d6d2bc9e57b798a303b

SHA256
5136a49a682ac8d7f1ce71b211de8688fce42ed57210af087a8e2dbc8a934062

SHA512
4802ef62630c521d83a1d333969593fb00c9b38f82b4d07f70fbd21f495fea9b3f67676064573d2c71c42bc6f701992989742213501b16087bb6110e337c7546

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\thunderbird.exe

Filesize
352KB

MD5
7238412641bb82a88845c355c363e897

SHA1
5a64f26adf8078941d7218b247e5728161864486

SHA256
e5bbc723a99815cf321ae9bf30f9fce147132c1a1410447d4e9c8da829eedd1c

SHA512
97e1304880d8137a9086b5f6d7b8834630d27a0babe552077324c3a04007de669eb314568ad9aea4e497f0910f686a740c9a5b97b5bbf768d774fa023a6f07e2

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\ucrtbase.dll

Filesize
1.1MB

MD5
6343ff7874ba03f78bb0dfe20b45f817

SHA1
82221a9ac1c1b8006f3f5e8539e74e3308f10bcb

SHA256
6f8f05993b8a25cadf5e301e58194c4d23402e467229b12e40956e4f128588b3

SHA512
63c3d3207577d4761103daf3f9901dd0a0ae8a89694ad1128fd7e054627cdd930d1020049317c5a898411735e2f75e2103ae303e7e514b6387a3c8463a4fb994

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\vcruntime140.dll

Filesize
78KB

MD5
a37ee36b536409056a86f50e67777dd7

SHA1
1cafa159292aa736fc595fc04e16325b27cd6750

SHA256
8934aaeb65b6e6d253dfe72dea5d65856bd871e989d5d3a2a35edfe867bb4825

SHA512
3a7c260646315cf8c01f44b2ec60974017496bd0d80dd055c7e43b707cadba2d63aab5e0efd435670aa77886ed86368390d42c4017fc433c3c4b9d1c47d0f356

Download Submit
\Users\Admin\AppData\Roaming\Clipboard Fusion Manager\zlib1.dll

Filesize
76KB

MD5
0ac2236d42d8ced5dbd181bf19637783

SHA1
59e317e893831615b7d338f3c328de42c3a04f2d

SHA256
59281018c70bfec371d593d4bd005f8c52c8a3440d96fdf28ad4881bf3c4d78f

SHA512
3c71c2f83110e51c44a6c79efd83490bbc93f022a937d6759cfed103fc250b46a7d895df5d880247381a74642ab8eb6497463202b455f1935d28b24ae0389183

Download Submit
memory/1612-54-0x0000000076681000-0x0000000076683000-memory.dmp

Filesize
8KB

Download