hxxps://cdn[.]discordapp[.]com/attachments/1035917234343776277/1035970255647932478/avg_secure_browser_setup[.]exe

Analysis

max time kernel
23s
max time network
60s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 18:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cdn.discordapp.com/attachments/1035917234343776277/1035970255647932478/avg_secure_browser_setup.exe

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs

Modify Registry

T1112

Processes:

iexplore.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\Software\Microsoft\Internet Explorer\PhishingFilter	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter\ClientSupported_MigrationTime = 89be75672cbed801	iexplore.exe

Modifies Internet Explorer settings 1 TTPs 15 IoCs

adware spyware

Modify Registry

T1112

Processes:

IEXPLORE.EXEiexplore.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\SOFTWARE\Microsoft\Internet Explorer\RepId\PublicId = "{7CC9750B-F05C-448A-AAAD-EC5713120BB9}"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{64F492FE-6B5D-11ED-A0EE-CE8FEF2919E2} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\Software\Microsoft\Internet Explorer\RepId	iexplore.exe

Suspicious use of FindShellTrayWindow 2 IoCs

Processes:

iexplore.exe

pid process

4976 iexplore.exe
4976 iexplore.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

4976 iexplore.exe
4976 iexplore.exe
444 IEXPLORE.EXE
444 IEXPLORE.EXE

pid	process
4976	iexplore.exe
4976	iexplore.exe

pid	process
4976	iexplore.exe
4976	iexplore.exe
444	IEXPLORE.EXE
444	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 4976 wrote to memory of 444	4976	iexplore.exe	IEXPLORE.EXE
PID 4976 wrote to memory of 444	4976	iexplore.exe	IEXPLORE.EXE
PID 4976 wrote to memory of 444	4976	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://cdn.discordapp.com/attachments/1035917234343776277/1035970255647932478/avg_secure_browser_setup.exe
1⤵
- Modifies Internet Explorer Phishing Filter
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4976
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4976 CREDAT:17410 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:444
- C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZX6MAMIN\avg_secure_browser_setup.exe
  "C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZX6MAMIN\avg_secure_browser_setup.exe"
  2⤵
  PID:3628
- - C:\Users\Admin\AppData\Local\Temp\aj733F.exe
    "C:\Users\Admin\AppData\Local\Temp\aj733F.exe" /relaunch=8 /was_elevated=1 /tagdata
    3⤵
    PID:2456

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:1212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0x100,0x104,0x108,0xd8,0x10c,0x7fff3b0c4f50,0x7fff3b0c4f60,0x7fff3b0c4f70
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1600,4440470727157282172,14687106439469285251,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1604 /prefetch:2
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1600,4440470727157282172,14687106439469285251,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=2016 /prefetch:8
  2⤵
  PID:4272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1600,4440470727157282172,14687106439469285251,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2276 /prefetch:8
  2⤵
  PID:4184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,4440470727157282172,14687106439469285251,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2952 /prefetch:1
  2⤵
  PID:3216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,4440470727157282172,14687106439469285251,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,4440470727157282172,14687106439469285251,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3852 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1600,4440470727157282172,14687106439469285251,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4488 /prefetch:8
  2⤵
  PID:3300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1600,4440470727157282172,14687106439469285251,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4508 /prefetch:8
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1600,4440470727157282172,14687106439469285251,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4488 /prefetch:8
  2⤵
  PID:4496

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1440

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27

Filesize
1KB

MD5
822d01aab830e5cae8025db2c3f36ca4

SHA1
09e7e6accf68443d140b3fb502488879e3e2a5de

SHA256
c8ef7223b7feb7c48fa1a88d9f027e4e4f7e8c8f94eaf93fd82cb16034bb3a74

SHA512
6787bfb8c3d48229c1b7f68ae3f06396fa82aaad9b339ed2a399538df21aa2837f98b8990296ef9bb4f32347b2e300ffc0f9d8e17467a6d4be0d135f0775ba23

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27

Filesize
438B

MD5
96cd6ddb7185af9d326dbfbdb883e601

SHA1
17017c8a4ea652255eb749d6ed17685d52b670fa

SHA256
5e1061a0d8ef968336cf38538ce2ddc50b33a165a249c756c76829bc02b7ac11

SHA512
674d9ca94443d09e0b56c032b8eac76f90b463b3374438eff072fe1c4e55bdeaa44e06faebb4e889ff51775199bb1576ee34e68d468641c256d8cbdd94be857e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZX6MAMIN\avg_secure_browser_setup.exe

Filesize
6.2MB

MD5
4e1a4222e6f18ea2cce5af529316cd69

SHA1
a580885f18814d3db9abe6e3f4323622029d8c24

SHA256
74db4b965354cb2087f990581bcb3e121ad48ed12b3b65b6da9158882434c9e7

SHA512
ae307c68433d063a7b0c72dbfa0f2d0251584965d51669ede89af67b3e9adcde221f5195754b3c7584ad2e1a20b0a62412dde1bb1572191f255513444f494519

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZX6MAMIN\avg_secure_browser_setup.exe.q2f5ql5.partial

Filesize
6.2MB

MD5
4e1a4222e6f18ea2cce5af529316cd69

SHA1
a580885f18814d3db9abe6e3f4323622029d8c24

SHA256
74db4b965354cb2087f990581bcb3e121ad48ed12b3b65b6da9158882434c9e7

SHA512
ae307c68433d063a7b0c72dbfa0f2d0251584965d51669ede89af67b3e9adcde221f5195754b3c7584ad2e1a20b0a62412dde1bb1572191f255513444f494519

Download Submit
C:\Users\Admin\AppData\Local\Temp\aj733F.exe

Filesize
6.2MB

MD5
517ddc7b1888c62396d6ae38740554b9

SHA1
9164e41f630d7279668506ffd9b539cb8d4ef1d6

SHA256
5213222d7dc404055151a1d5a00167fd169e85e79b6b5c1f406f8fa20a0b533f

SHA512
78a9b38b56832b32f8e1a65cbd4b456767cf8fc2d0dbb3f50202704cc9b0ae2c5b93bd3a59cfdfe0162ece30b763dab5a58ce8ca2e748049ad2ea2fedea58651

Download Submit
C:\Users\Admin\AppData\Local\Temp\aj733F.exe

Filesize
6.2MB

MD5
517ddc7b1888c62396d6ae38740554b9

SHA1
9164e41f630d7279668506ffd9b539cb8d4ef1d6

SHA256
5213222d7dc404055151a1d5a00167fd169e85e79b6b5c1f406f8fa20a0b533f

SHA512
78a9b38b56832b32f8e1a65cbd4b456767cf8fc2d0dbb3f50202704cc9b0ae2c5b93bd3a59cfdfe0162ece30b763dab5a58ce8ca2e748049ad2ea2fedea58651

Download Submit
C:\Users\Admin\AppData\Local\Temp\avg-securebrowser-web-tags

Filesize
34B

MD5
f6c56a9c86dfddce90e8acd7ce436b5b

SHA1
bb5749c6bc0f1ed5eba75bd69c9cdcdd88efc0d2

SHA256
34bda7d3707629594d773350cd52136b419b3533d0233620e637ae759901712b

SHA512
7ed187414c7bc08b54e2041d7e263fadfeacb44990494da3e72d025a3899f55053cf05a511e5e66492e6a5d3bfbb92bbd92af849b1bd2d25726ee6913b5f8f98

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsj5E7D.tmp\JsisPlugins.dll

Filesize
1.8MB

MD5
500a85fc88934c0fefbee13a5185be19

SHA1
982d302cf3f5d73b3663316ddb4fe21ea9d76418

SHA256
f3ecd9d2f46dc56d12a9591d6565aebacd8d091338346b2081e38f57fc22d96b

SHA512
cdf86da792f23dd12f047d865ecf9345b9c2573fe5f2ab8a20b307923ef06c83184164dcb0d231cc0dc231e317631a079e9fa9609dd8318c9c4fd2dbb57c2d0b

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsj5E7D.tmp\StdUtils.dll

Filesize
195KB

MD5
519a4d4b035a44631ababc63a27d4c58

SHA1
537fcc197969ed504fdbe5fbc2fc526d9f115344

SHA256
4ccc6961ef620bc0cd32df24ce51213d213a82bb5c9cfb68d8fc0ce8a51cff4b

SHA512
ad73e6dd005f7246e4fa1f8af21abfe102ef8c212e4a22720356a38978641f859028f1e86c879ff70848564c8061274b1a4bf82eed042ca4364c31157744705a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsj5E7D.tmp\jsis.dll

Filesize
127KB

MD5
04f96f5abfb9d4f9e032605d89a595bf

SHA1
5783963882aa6fe34aa74a82f2e192f918cc3e15

SHA256
91449e7b666a34bed1e582ef57b4013842b84cd2451534740661baf05637c78d

SHA512
ad1b7628e3eb95e65233945973e522f994064a8d7df1fe63fa46fc5abf4760f8854ae0d684bc1ea5924d95803d245bac79cda27357aea7e7f1744908574d3186

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsj5E7D.tmp\nsJSON.dll

Filesize
36KB

MD5
f0684f010c9be31bcc108057da404734

SHA1
e86527cb8d715b1dc67263dc0a918a1dfd26e61a

SHA256
eac13d703339b9c108242d067c29a7c6f852d7ac1040c6155d0a98fe0ae645a5

SHA512
78ae7c95bc145080043ccf0f03e8a2aeb0d1903e5e3c87f61a2110a497c27520424e4dd8cf05b18037a9daef60293d36f290c3b7b87b50edc1302cc0088e3347

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsj5E7D.tmp\sciterui.dll

Filesize
4.2MB

MD5
a29730d24dac9cfc391d7dbe36ea62d1

SHA1
986c452a04449f6d8c03c461737ccaf93320656c

SHA256
3bbdb4771d257763907e903e70a52f42796e733a4da8a142ee7672dcc3f29223

SHA512
f32608aa09aec94f25784600485540b50e47da2691b9ed03324bbad9f8da64af6dc937d5970131b6fe782bd0a2535ede255a491f3db966d7d5fe87786cb569d1

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsj5E7D.tmp\thirdparty.dll

Filesize
93KB

MD5
afcc7d8e333a36ef8b3e90776f049ba5

SHA1
a6ff7f5c49eb6e34d46b88072e3d6805c046118a

SHA256
d816127ab84204be59f68c09937e5234484a6248dd661b6eda503d1045dd44ca

SHA512
62d8a4c19f7f8a0ef3b1fb0080332b3d8641bcb6fa284ed684e2faae86ce35c6f37341daccb3f42527ebbec07e9f09bb6f3b880844f20af289840b57e82b25a9

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso762C.tmp\JsisPlugins.dll

Filesize
1.8MB

MD5
500a85fc88934c0fefbee13a5185be19

SHA1
982d302cf3f5d73b3663316ddb4fe21ea9d76418

SHA256
f3ecd9d2f46dc56d12a9591d6565aebacd8d091338346b2081e38f57fc22d96b

SHA512
cdf86da792f23dd12f047d865ecf9345b9c2573fe5f2ab8a20b307923ef06c83184164dcb0d231cc0dc231e317631a079e9fa9609dd8318c9c4fd2dbb57c2d0b

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso762C.tmp\Midex.dll

Filesize
126KB

MD5
9e5301876881fd99cdb1aa9cddc2c97a

SHA1
1afe6a259ef8052dff5d648f3fdd4e358411cd01

SHA256
c9dcdd953b4e552e688476a0a4478f204530aad564374e09aed54ac4410ffdfe

SHA512
a8ad92ec890b7dc3ad16cb955c8669330604aa4eb467d2f90ac04d86316112b8088461c7e260a7a92a3f3b9a00224af49241d26d910e9465ce7dab031d2757de

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso762C.tmp\Midex.dll

Filesize
126KB

MD5
9e5301876881fd99cdb1aa9cddc2c97a

SHA1
1afe6a259ef8052dff5d648f3fdd4e358411cd01

SHA256
c9dcdd953b4e552e688476a0a4478f204530aad564374e09aed54ac4410ffdfe

SHA512
a8ad92ec890b7dc3ad16cb955c8669330604aa4eb467d2f90ac04d86316112b8088461c7e260a7a92a3f3b9a00224af49241d26d910e9465ce7dab031d2757de

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso762C.tmp\StdUtils.dll

Filesize
195KB

MD5
519a4d4b035a44631ababc63a27d4c58

SHA1
537fcc197969ed504fdbe5fbc2fc526d9f115344

SHA256
4ccc6961ef620bc0cd32df24ce51213d213a82bb5c9cfb68d8fc0ce8a51cff4b

SHA512
ad73e6dd005f7246e4fa1f8af21abfe102ef8c212e4a22720356a38978641f859028f1e86c879ff70848564c8061274b1a4bf82eed042ca4364c31157744705a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso762C.tmp\jsis.dll

Filesize
127KB

MD5
04f96f5abfb9d4f9e032605d89a595bf

SHA1
5783963882aa6fe34aa74a82f2e192f918cc3e15

SHA256
91449e7b666a34bed1e582ef57b4013842b84cd2451534740661baf05637c78d

SHA512
ad1b7628e3eb95e65233945973e522f994064a8d7df1fe63fa46fc5abf4760f8854ae0d684bc1ea5924d95803d245bac79cda27357aea7e7f1744908574d3186

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso762C.tmp\nsJSON.dll

Filesize
36KB

MD5
f0684f010c9be31bcc108057da404734

SHA1
e86527cb8d715b1dc67263dc0a918a1dfd26e61a

SHA256
eac13d703339b9c108242d067c29a7c6f852d7ac1040c6155d0a98fe0ae645a5

SHA512
78ae7c95bc145080043ccf0f03e8a2aeb0d1903e5e3c87f61a2110a497c27520424e4dd8cf05b18037a9daef60293d36f290c3b7b87b50edc1302cc0088e3347

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso762C.tmp\sciterui.dll

Filesize
4.2MB

MD5
a29730d24dac9cfc391d7dbe36ea62d1

SHA1
986c452a04449f6d8c03c461737ccaf93320656c

SHA256
3bbdb4771d257763907e903e70a52f42796e733a4da8a142ee7672dcc3f29223

SHA512
f32608aa09aec94f25784600485540b50e47da2691b9ed03324bbad9f8da64af6dc937d5970131b6fe782bd0a2535ede255a491f3db966d7d5fe87786cb569d1

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso762C.tmp\thirdparty.dll

Filesize
93KB

MD5
afcc7d8e333a36ef8b3e90776f049ba5

SHA1
a6ff7f5c49eb6e34d46b88072e3d6805c046118a

SHA256
d816127ab84204be59f68c09937e5234484a6248dd661b6eda503d1045dd44ca

SHA512
62d8a4c19f7f8a0ef3b1fb0080332b3d8641bcb6fa284ed684e2faae86ce35c6f37341daccb3f42527ebbec07e9f09bb6f3b880844f20af289840b57e82b25a9

Download Submit
C:\Users\Admin\AppData\Local\Temp\{9036C816-FC60-4F50-9AFC-B2713AFBE098}\scrt.dll

Filesize
5.7MB

MD5
f36f05628b515262db197b15c7065b40

SHA1
74a8005379f26dd0de952acab4e3fc5459cde243

SHA256
67abd9e211b354fa222e7926c2876c4b3a7aca239c0af47c756ee1b6db6e6d31

SHA512
280390b1cf1b6b1e75eaa157adaf89135963d366b48686d48921a654527f9c1505c195ca1fc16dc85b8f13b2994841ca7877a63af708883418a1d588afa3dbe8

Download Submit
C:\Users\Admin\AppData\Local\Temp\{ACFCA31B-A3E7-43F4-A23C-DB88D9482C82}\scrt.dll

Filesize
5.7MB

MD5
f36f05628b515262db197b15c7065b40

SHA1
74a8005379f26dd0de952acab4e3fc5459cde243

SHA256
67abd9e211b354fa222e7926c2876c4b3a7aca239c0af47c756ee1b6db6e6d31

SHA512
280390b1cf1b6b1e75eaa157adaf89135963d366b48686d48921a654527f9c1505c195ca1fc16dc85b8f13b2994841ca7877a63af708883418a1d588afa3dbe8

Download Submit
\??\pipe\crashpad_1212_GLCDXTCICECUGEAV

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/2456-142-0x0000000000000000-mapping.dmp

Download
memory/3628-133-0x0000000000000000-mapping.dmp

Download