16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

Analysis

max time kernel
151s
max time network
44s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
24-11-2022 00:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Size

76KB
MD5

540a027298b39dadbc3ad08c8ac2e316
SHA1

5c3b19943210209fabbc7b5a43b30686c154b159
SHA256

16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93
SHA512

cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3
SSDEEP

1536:bpvF99rQswQ25+9Pn9tbfoBQy6XKEYo8+uHOdRdSBuGJOgm:9vN8VQ/nn06hvSHmdFGJW

Score

8^/10

persistence upx

Malware Config

Signatures

Drops file in Drivers directory 64 IoCs

Processes:

16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exe

description	ioc	process
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File created	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe
File opened for modification	C:\Windows\SysWOW64\drivers\TXP1atform.exe	TXP1atform.exe

Executes dropped EXE 64 IoCs

Processes:

TXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exe

pid	process
836	TXP1atform.exe
1320	TXP1atform.exe
1220	TXP1atform.exe
2036	TXP1atform.exe
1800	TXP1atform.exe
280	TXP1atform.exe
1408	TXP1atform.exe
1172	TXP1atform.exe
844	TXP1atform.exe
1624	TXP1atform.exe
1960	TXP1atform.exe
832	TXP1atform.exe
1728	TXP1atform.exe
1520	TXP1atform.exe
1608	TXP1atform.exe
2044	TXP1atform.exe
984	TXP1atform.exe
1640	TXP1atform.exe
1584	TXP1atform.exe
1444	TXP1atform.exe
1832	TXP1atform.exe
1820	TXP1atform.exe
1836	TXP1atform.exe
1824	TXP1atform.exe
1220	TXP1atform.exe
580	TXP1atform.exe
1364	TXP1atform.exe
1800	TXP1atform.exe
1604	TXP1atform.exe
1504	TXP1atform.exe
568	TXP1atform.exe
1572	TXP1atform.exe
1972	TXP1atform.exe
844	TXP1atform.exe
1772	TXP1atform.exe
1472	TXP1atform.exe
1140	TXP1atform.exe
1736	TXP1atform.exe
1660	TXP1atform.exe
1540	TXP1atform.exe
1500	TXP1atform.exe
1580	TXP1atform.exe
1600	TXP1atform.exe
880	TXP1atform.exe
1368	TXP1atform.exe
1692	TXP1atform.exe
2028	TXP1atform.exe
1108	TXP1atform.exe
1324	TXP1atform.exe
1444	TXP1atform.exe
1320	TXP1atform.exe
596	TXP1atform.exe
876	TXP1atform.exe
576	TXP1atform.exe
1020	TXP1atform.exe
1012	TXP1atform.exe
1620	TXP1atform.exe
616	TXP1atform.exe
1192	TXP1atform.exe
804	TXP1atform.exe
1260	TXP1atform.exe
1400	TXP1atform.exe
1528	TXP1atform.exe
1624	TXP1atform.exe

Sets file execution options in registry 2 TTPs 13 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

Processes:

16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe

description	ioc	process
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DLLNXOPTIONS	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATE.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GROOVE.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IE4UINIT.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ACCICONS.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLVIEW.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CNFNOT32.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EXCELCNV.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EXTEXPORT.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GRAPH.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DW20.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DWTRIG20.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EXCEL.EXE	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe

UPX packed file 64 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/1044-61-0x0000000000400000-0x000000000044A000-memory.dmp	upx
behavioral1/memory/836-63-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/836-69-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/1320-75-0x0000000000400000-0x000000000044A000-memory.dmp	upx
behavioral1/memory/1220-76-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/1220-82-0x0000000000400000-0x000000000044A000-memory.dmp	upx
behavioral1/memory/2036-83-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/2036-89-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/1800-95-0x0000000000400000-0x000000000044A000-memory.dmp	upx
behavioral1/memory/280-96-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/280-102-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/1408-108-0x0000000000400000-0x000000000044A000-memory.dmp	upx
behavioral1/memory/1172-109-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/1172-115-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/844-121-0x0000000000400000-0x000000000044A000-memory.dmp	upx
behavioral1/memory/1624-122-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/1624-128-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/1960-134-0x0000000000400000-0x000000000044A000-memory.dmp	upx
behavioral1/memory/832-135-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/832-141-0x0000000000400000-0x000000000044A000-memory.dmp	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
\Windows\SysWOW64\drivers\TXP1atform.exe	upx
C:\Windows\SysWOW64\drivers\TXP1atform.exe	upx
behavioral1/memory/1728-147-0x0000000000400000-0x000000000044A000-memory.dmp	upx

Loads dropped DLL 64 IoCs

Processes:

pid	process
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
836	TXP1atform.exe
836	TXP1atform.exe
1320	TXP1atform.exe
1320	TXP1atform.exe
1220	TXP1atform.exe
1220	TXP1atform.exe
2036	TXP1atform.exe
2036	TXP1atform.exe
1800	TXP1atform.exe
1800	TXP1atform.exe
280	TXP1atform.exe
280	TXP1atform.exe
1408	TXP1atform.exe
1408	TXP1atform.exe
1172	TXP1atform.exe
1172	TXP1atform.exe
844	TXP1atform.exe
844	TXP1atform.exe
1624	TXP1atform.exe
1624	TXP1atform.exe
1960	TXP1atform.exe
1960	TXP1atform.exe
832	TXP1atform.exe
832	TXP1atform.exe
1728	TXP1atform.exe
1728	TXP1atform.exe
1520	TXP1atform.exe
1520	TXP1atform.exe
1608	TXP1atform.exe
1608	TXP1atform.exe
2044	TXP1atform.exe
2044	TXP1atform.exe
984	TXP1atform.exe
984	TXP1atform.exe
1640	TXP1atform.exe
1640	TXP1atform.exe
1584	TXP1atform.exe
1584	TXP1atform.exe
1444	TXP1atform.exe
1444	TXP1atform.exe
1832	TXP1atform.exe
1832	TXP1atform.exe
1820	TXP1atform.exe
1820	TXP1atform.exe
1836	TXP1atform.exe
1836	TXP1atform.exe
1824	TXP1atform.exe
1824	TXP1atform.exe
1220	TXP1atform.exe
1220	TXP1atform.exe
580	TXP1atform.exe
580	TXP1atform.exe
1364	TXP1atform.exe
1364	TXP1atform.exe
1800	TXP1atform.exe
1800	TXP1atform.exe
1604	TXP1atform.exe
1604	TXP1atform.exe
1504	TXP1atform.exe
1504	TXP1atform.exe
568	TXP1atform.exe
568	TXP1atform.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exeTXP1atform.exe

pid	process
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
836	TXP1atform.exe
836	TXP1atform.exe
836	TXP1atform.exe
836	TXP1atform.exe
836	TXP1atform.exe
836	TXP1atform.exe
836	TXP1atform.exe
836	TXP1atform.exe
836	TXP1atform.exe
1320	TXP1atform.exe
1320	TXP1atform.exe
1320	TXP1atform.exe
1320	TXP1atform.exe
1320	TXP1atform.exe
1320	TXP1atform.exe
1320	TXP1atform.exe
1320	TXP1atform.exe
1320	TXP1atform.exe
1220	TXP1atform.exe
1220	TXP1atform.exe
1220	TXP1atform.exe
1220	TXP1atform.exe
1220	TXP1atform.exe
1220	TXP1atform.exe
1220	TXP1atform.exe
1220	TXP1atform.exe
1220	TXP1atform.exe
2036	TXP1atform.exe
2036	TXP1atform.exe
2036	TXP1atform.exe
2036	TXP1atform.exe
2036	TXP1atform.exe
2036	TXP1atform.exe
2036	TXP1atform.exe
2036	TXP1atform.exe
2036	TXP1atform.exe
1800	TXP1atform.exe
1800	TXP1atform.exe
1800	TXP1atform.exe
1800	TXP1atform.exe
1800	TXP1atform.exe
1800	TXP1atform.exe
1800	TXP1atform.exe
1800	TXP1atform.exe
1800	TXP1atform.exe
280	TXP1atform.exe
280	TXP1atform.exe
280	TXP1atform.exe
280	TXP1atform.exe
280	TXP1atform.exe
280	TXP1atform.exe
280	TXP1atform.exe
280	TXP1atform.exe
280	TXP1atform.exe
1408	TXP1atform.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

description	pid	process	target process
PID 1044 wrote to memory of 836	1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe	TXP1atform.exe
PID 1044 wrote to memory of 836	1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe	TXP1atform.exe
PID 1044 wrote to memory of 836	1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe	TXP1atform.exe
PID 1044 wrote to memory of 836	1044	16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe	TXP1atform.exe
PID 836 wrote to memory of 1320	836	TXP1atform.exe	TXP1atform.exe
PID 836 wrote to memory of 1320	836	TXP1atform.exe	TXP1atform.exe
PID 836 wrote to memory of 1320	836	TXP1atform.exe	TXP1atform.exe
PID 836 wrote to memory of 1320	836	TXP1atform.exe	TXP1atform.exe
PID 1320 wrote to memory of 1220	1320	TXP1atform.exe	TXP1atform.exe
PID 1320 wrote to memory of 1220	1320	TXP1atform.exe	TXP1atform.exe
PID 1320 wrote to memory of 1220	1320	TXP1atform.exe	TXP1atform.exe
PID 1320 wrote to memory of 1220	1320	TXP1atform.exe	TXP1atform.exe
PID 1220 wrote to memory of 2036	1220	TXP1atform.exe	TXP1atform.exe
PID 1220 wrote to memory of 2036	1220	TXP1atform.exe	TXP1atform.exe
PID 1220 wrote to memory of 2036	1220	TXP1atform.exe	TXP1atform.exe
PID 1220 wrote to memory of 2036	1220	TXP1atform.exe	TXP1atform.exe
PID 2036 wrote to memory of 1800	2036	TXP1atform.exe	TXP1atform.exe
PID 2036 wrote to memory of 1800	2036	TXP1atform.exe	TXP1atform.exe
PID 2036 wrote to memory of 1800	2036	TXP1atform.exe	TXP1atform.exe
PID 2036 wrote to memory of 1800	2036	TXP1atform.exe	TXP1atform.exe
PID 1800 wrote to memory of 280	1800	TXP1atform.exe	TXP1atform.exe
PID 1800 wrote to memory of 280	1800	TXP1atform.exe	TXP1atform.exe
PID 1800 wrote to memory of 280	1800	TXP1atform.exe	TXP1atform.exe
PID 1800 wrote to memory of 280	1800	TXP1atform.exe	TXP1atform.exe
PID 280 wrote to memory of 1408	280	TXP1atform.exe	TXP1atform.exe
PID 280 wrote to memory of 1408	280	TXP1atform.exe	TXP1atform.exe
PID 280 wrote to memory of 1408	280	TXP1atform.exe	TXP1atform.exe
PID 280 wrote to memory of 1408	280	TXP1atform.exe	TXP1atform.exe
PID 1408 wrote to memory of 1172	1408	TXP1atform.exe	TXP1atform.exe
PID 1408 wrote to memory of 1172	1408	TXP1atform.exe	TXP1atform.exe
PID 1408 wrote to memory of 1172	1408	TXP1atform.exe	TXP1atform.exe
PID 1408 wrote to memory of 1172	1408	TXP1atform.exe	TXP1atform.exe
PID 1172 wrote to memory of 844	1172	TXP1atform.exe	TXP1atform.exe
PID 1172 wrote to memory of 844	1172	TXP1atform.exe	TXP1atform.exe
PID 1172 wrote to memory of 844	1172	TXP1atform.exe	TXP1atform.exe
PID 1172 wrote to memory of 844	1172	TXP1atform.exe	TXP1atform.exe
PID 844 wrote to memory of 1624	844	TXP1atform.exe	TXP1atform.exe
PID 844 wrote to memory of 1624	844	TXP1atform.exe	TXP1atform.exe
PID 844 wrote to memory of 1624	844	TXP1atform.exe	TXP1atform.exe
PID 844 wrote to memory of 1624	844	TXP1atform.exe	TXP1atform.exe
PID 1624 wrote to memory of 1960	1624	TXP1atform.exe	TXP1atform.exe
PID 1624 wrote to memory of 1960	1624	TXP1atform.exe	TXP1atform.exe
PID 1624 wrote to memory of 1960	1624	TXP1atform.exe	TXP1atform.exe
PID 1624 wrote to memory of 1960	1624	TXP1atform.exe	TXP1atform.exe
PID 1960 wrote to memory of 832	1960	TXP1atform.exe	TXP1atform.exe
PID 1960 wrote to memory of 832	1960	TXP1atform.exe	TXP1atform.exe
PID 1960 wrote to memory of 832	1960	TXP1atform.exe	TXP1atform.exe
PID 1960 wrote to memory of 832	1960	TXP1atform.exe	TXP1atform.exe
PID 832 wrote to memory of 1728	832	TXP1atform.exe	TXP1atform.exe
PID 832 wrote to memory of 1728	832	TXP1atform.exe	TXP1atform.exe
PID 832 wrote to memory of 1728	832	TXP1atform.exe	TXP1atform.exe
PID 832 wrote to memory of 1728	832	TXP1atform.exe	TXP1atform.exe
PID 1728 wrote to memory of 1520	1728	TXP1atform.exe	TXP1atform.exe
PID 1728 wrote to memory of 1520	1728	TXP1atform.exe	TXP1atform.exe
PID 1728 wrote to memory of 1520	1728	TXP1atform.exe	TXP1atform.exe
PID 1728 wrote to memory of 1520	1728	TXP1atform.exe	TXP1atform.exe
PID 1520 wrote to memory of 1608	1520	TXP1atform.exe	TXP1atform.exe
PID 1520 wrote to memory of 1608	1520	TXP1atform.exe	TXP1atform.exe
PID 1520 wrote to memory of 1608	1520	TXP1atform.exe	TXP1atform.exe
PID 1520 wrote to memory of 1608	1520	TXP1atform.exe	TXP1atform.exe
PID 1608 wrote to memory of 2044	1608	TXP1atform.exe	TXP1atform.exe
PID 1608 wrote to memory of 2044	1608	TXP1atform.exe	TXP1atform.exe
PID 1608 wrote to memory of 2044	1608	TXP1atform.exe	TXP1atform.exe
PID 1608 wrote to memory of 2044	1608	TXP1atform.exe	TXP1atform.exe

C:\Users\Admin\AppData\Local\Temp\16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe
"C:\Users\Admin\AppData\Local\Temp\16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93.exe"
1⤵
- Drops file in Drivers directory
- Sets file execution options in registry
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1044

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:836

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
3⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1320

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
4⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1220

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
5⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2036

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
6⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1800

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
7⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:280

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
8⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1408

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
9⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1172

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
10⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:844

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
11⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1624

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
12⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1960

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
13⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:832

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
14⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1728

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
15⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1520

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
16⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1608

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
17⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
PID:2044

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
18⤵
- Executes dropped EXE
- Loads dropped DLL
PID:984

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
19⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
PID:1640

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
20⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1584

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
21⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1444

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
22⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1832

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
23⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
PID:1820

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
24⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
PID:1836

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
25⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1824

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
26⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1220

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
27⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
PID:580

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
28⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
PID:1364

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
29⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1800

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
30⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
PID:1604

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
31⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
PID:1504

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
32⤵
- Executes dropped EXE
- Loads dropped DLL
PID:568

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
33⤵
- Executes dropped EXE
PID:1572

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
34⤵
- Drops file in Drivers directory
- Executes dropped EXE
PID:1972

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
35⤵
- Executes dropped EXE
PID:844

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
36⤵
- Executes dropped EXE
PID:1772

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
37⤵
- Executes dropped EXE
PID:1472

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
38⤵
- Executes dropped EXE
PID:1140

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
39⤵
- Drops file in Drivers directory
- Executes dropped EXE
PID:1736

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
40⤵
- Drops file in Drivers directory
- Executes dropped EXE
PID:1660

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
41⤵
- Executes dropped EXE
PID:1540

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
42⤵
- Executes dropped EXE
PID:1500

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
43⤵
- Executes dropped EXE
PID:1580

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
44⤵
- Executes dropped EXE
PID:1600

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
45⤵
- Executes dropped EXE
PID:880

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
46⤵
- Executes dropped EXE
PID:1368

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
47⤵
- Executes dropped EXE
PID:1692

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
48⤵
- Executes dropped EXE
PID:2028

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
49⤵
- Drops file in Drivers directory
- Executes dropped EXE
PID:1108

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
50⤵
- Drops file in Drivers directory
- Executes dropped EXE
PID:1324

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
51⤵
- Executes dropped EXE
PID:1444

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
52⤵
- Executes dropped EXE
PID:1320

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
53⤵
- Executes dropped EXE
PID:596

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
54⤵
- Executes dropped EXE
PID:876

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
55⤵
- Executes dropped EXE
PID:576

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
56⤵
- Executes dropped EXE
PID:1020

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
57⤵
- Executes dropped EXE
PID:1012

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
58⤵
- Drops file in Drivers directory
- Executes dropped EXE
PID:1620

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
59⤵
- Drops file in Drivers directory
- Executes dropped EXE
PID:616

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
60⤵
- Executes dropped EXE
PID:1192

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
61⤵
- Executes dropped EXE
PID:804

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
62⤵
- Executes dropped EXE
PID:1260

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
63⤵
- Drops file in Drivers directory
- Executes dropped EXE
PID:1400

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
64⤵
- Executes dropped EXE
PID:1528

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
65⤵
- Drops file in Drivers directory
- Executes dropped EXE
PID:1624

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
66⤵
- Drops file in Drivers directory
PID:1724

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
67⤵
PID:440

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
68⤵
- Drops file in Drivers directory
PID:436

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
69⤵
PID:832

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
70⤵
PID:1952

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
71⤵
- Drops file in Drivers directory
PID:1736

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
72⤵
- Drops file in Drivers directory
PID:1660

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
73⤵
PID:1544

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
74⤵
- Drops file in Drivers directory
PID:1892

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
75⤵
PID:1980

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
76⤵
PID:1580

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
77⤵
PID:1600

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
78⤵
PID:984

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
79⤵
PID:1044

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
80⤵
PID:1640

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
81⤵
- Drops file in Drivers directory
PID:1052

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
82⤵
- Drops file in Drivers directory
PID:2028

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
83⤵
- Drops file in Drivers directory
PID:2032

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
84⤵
- Drops file in Drivers directory
PID:288

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
85⤵
- Drops file in Drivers directory
PID:948

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
86⤵
PID:1820

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
87⤵
- Drops file in Drivers directory
PID:912

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
88⤵
PID:1756

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
89⤵
PID:1220

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
90⤵
PID:580

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
91⤵
PID:980

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
92⤵
- Drops file in Drivers directory
PID:280

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
93⤵
PID:1112

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
94⤵
PID:1604

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
95⤵
PID:1172

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
96⤵
PID:1480

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
97⤵
- Drops file in Drivers directory
PID:1996

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
98⤵
PID:804

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
99⤵
PID:1260

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
100⤵
- Drops file in Drivers directory
PID:1844

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
101⤵
- Drops file in Drivers directory
PID:676

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
102⤵
PID:108

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
103⤵
PID:1472

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
104⤵
PID:1060

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
105⤵
PID:1524

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
106⤵
- Drops file in Drivers directory
PID:1496

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
107⤵
- Drops file in Drivers directory
PID:1520

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
108⤵
PID:940

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
109⤵
PID:1976

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
110⤵
PID:1660

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
111⤵
PID:752

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
112⤵
PID:1428

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
113⤵
PID:1588

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
114⤵
- Drops file in Drivers directory
PID:1580

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
115⤵
PID:1368

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
116⤵
PID:1812

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
117⤵
PID:1224

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
118⤵
- Drops file in Drivers directory
PID:1232

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
119⤵
PID:1108

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
120⤵
- Drops file in Drivers directory
PID:1324

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
121⤵
PID:1040

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
122⤵
PID:1740

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
123⤵
- Drops file in Drivers directory
PID:1444

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
124⤵
PID:596

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
125⤵
- Drops file in Drivers directory
PID:1820

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
126⤵
PID:912

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
127⤵
- Drops file in Drivers directory
PID:1756

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
128⤵
PID:1020

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
129⤵
- Drops file in Drivers directory
PID:580

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
130⤵
PID:820

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
131⤵
PID:280

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
132⤵
- Drops file in Drivers directory
PID:1336

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
133⤵
PID:1604

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
134⤵
- Drops file in Drivers directory
PID:1572

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
135⤵
PID:1480

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
136⤵
PID:1996

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
137⤵
PID:804

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
138⤵
PID:1260

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
139⤵
PID:1528

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
140⤵
PID:1140

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
141⤵
PID:1728

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
142⤵
PID:1956

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
143⤵
- Drops file in Drivers directory
PID:1164

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
144⤵
PID:832

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
145⤵
- Drops file in Drivers directory
PID:1736

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
146⤵
- Drops file in Drivers directory
PID:1520

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
147⤵
PID:940

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
148⤵
PID:1976

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
149⤵
PID:1660

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
150⤵
- Drops file in Drivers directory
PID:752

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
151⤵
PID:1712

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
152⤵
PID:1592

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
153⤵
- Drops file in Drivers directory
PID:984

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
154⤵
- Drops file in Drivers directory
PID:836

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
155⤵
PID:1340

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
156⤵
PID:1284

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
157⤵
- Drops file in Drivers directory
PID:1532

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
158⤵
PID:1128

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
159⤵
PID:1240

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
160⤵
PID:1836

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
161⤵
- Drops file in Drivers directory
PID:1824

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
162⤵
- Drops file in Drivers directory
PID:1228

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
163⤵
PID:628

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
164⤵
PID:664

C:\Windows\SysWOW64\drivers\TXP1atform.exe
C:\Windows\system32\drivers\TXP1atform.exe
165⤵
PID:1364

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
C:\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
\Windows\SysWOW64\drivers\TXP1atform.exe
Filesize
76KB

MD5
540a027298b39dadbc3ad08c8ac2e316

SHA1
5c3b19943210209fabbc7b5a43b30686c154b159

SHA256
16a64331e1f07f8cbbb6fbe973b978d4d79be2d8b3f11f8eeeb8c8a3e4f52e93

SHA512
cf887fa8f9e6b0aa0f2e8a366747262c98557247373649a60a4eace7bf66db2d46b360e51a9d287aa560cf0b56337d606b571339949ec7a63488dceca69388d3

Download Submit
memory/280-96-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/280-92-0x0000000000000000-mapping.dmp

Download
memory/280-102-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/568-226-0x0000000000000000-mapping.dmp

Download
memory/568-232-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/568-229-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/576-308-0x0000000000000000-mapping.dmp

Download
memory/580-209-0x0000000000000000-mapping.dmp

Download
memory/580-214-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/596-301-0x0000000000000000-mapping.dmp

Download
memory/616-322-0x0000000000000000-mapping.dmp

Download
memory/804-329-0x0000000000000000-mapping.dmp

Download
memory/832-135-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/832-141-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/832-131-0x0000000000000000-mapping.dmp

Download
memory/836-69-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/836-63-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/836-57-0x0000000000000000-mapping.dmp

Download
memory/844-112-0x0000000000000000-mapping.dmp

Download
memory/844-237-0x0000000000000000-mapping.dmp

Download
memory/844-242-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/844-121-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/876-305-0x0000000000000000-mapping.dmp

Download
memory/880-272-0x0000000000000000-mapping.dmp

Download
memory/984-164-0x0000000000000000-mapping.dmp

Download
memory/984-173-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1012-315-0x0000000000000000-mapping.dmp

Download
memory/1020-312-0x0000000000000000-mapping.dmp

Download
memory/1044-54-0x0000000075071000-0x0000000075073000-memory.dmp

Filesize
8KB

Download
memory/1044-62-0x00000000003B0000-0x00000000003FA000-memory.dmp

Filesize
296KB

Download
memory/1044-61-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1108-287-0x0000000000000000-mapping.dmp

Download
memory/1140-253-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1140-250-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1140-247-0x0000000000000000-mapping.dmp

Download
memory/1172-105-0x0000000000000000-mapping.dmp

Download
memory/1172-115-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1172-109-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1192-326-0x0000000000000000-mapping.dmp

Download
memory/1220-205-0x0000000000000000-mapping.dmp

Download
memory/1220-76-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1220-208-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1220-72-0x0000000000000000-mapping.dmp

Download
memory/1220-211-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1220-82-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1260-333-0x0000000000000000-mapping.dmp

Download
memory/1320-66-0x0000000000000000-mapping.dmp

Download
memory/1320-298-0x0000000000000000-mapping.dmp

Download
memory/1320-75-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1324-290-0x0000000000000000-mapping.dmp

Download
memory/1364-218-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1364-215-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1364-212-0x0000000000000000-mapping.dmp

Download
memory/1368-275-0x0000000000000000-mapping.dmp

Download
memory/1400-336-0x0000000000000000-mapping.dmp

Download
memory/1408-99-0x0000000000000000-mapping.dmp

Download
memory/1408-108-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1444-187-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1444-183-0x0000000000000000-mapping.dmp

Download
memory/1444-294-0x0000000000000000-mapping.dmp

Download
memory/1444-193-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1472-249-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1472-244-0x0000000000000000-mapping.dmp

Download
memory/1500-264-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1500-261-0x0000000000000000-mapping.dmp

Download
memory/1504-228-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1504-223-0x0000000000000000-mapping.dmp

Download
memory/1520-144-0x0000000000000000-mapping.dmp

Download
memory/1520-154-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1520-148-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1528-340-0x0000000000000000-mapping.dmp

Download
memory/1540-263-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1540-258-0x0000000000000000-mapping.dmp

Download
memory/1572-230-0x0000000000000000-mapping.dmp

Download
memory/1572-235-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1580-265-0x0000000000000000-mapping.dmp

Download
memory/1584-186-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1584-177-0x0000000000000000-mapping.dmp

Download
memory/1600-268-0x0000000000000000-mapping.dmp

Download
memory/1604-219-0x0000000000000000-mapping.dmp

Download
memory/1604-225-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1604-222-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1608-151-0x0000000000000000-mapping.dmp

Download
memory/1608-160-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1620-319-0x0000000000000000-mapping.dmp

Download
memory/1624-343-0x0000000000000000-mapping.dmp

Download
memory/1624-128-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1624-122-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1624-118-0x0000000000000000-mapping.dmp

Download
memory/1640-170-0x0000000000000000-mapping.dmp

Download
memory/1640-174-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1640-180-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1660-260-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1660-254-0x0000000000000000-mapping.dmp

Download
memory/1660-257-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1692-279-0x0000000000000000-mapping.dmp

Download
memory/1728-138-0x0000000000000000-mapping.dmp

Download
memory/1728-147-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1736-251-0x0000000000000000-mapping.dmp

Download
memory/1736-256-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1772-246-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1772-240-0x0000000000000000-mapping.dmp

Download
memory/1772-243-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1800-86-0x0000000000000000-mapping.dmp

Download
memory/1800-216-0x0000000000000000-mapping.dmp

Download
memory/1800-221-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1800-95-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1820-194-0x0000000000000000-mapping.dmp

Download
memory/1820-200-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1820-197-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1824-207-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1824-202-0x0000000000000000-mapping.dmp

Download
memory/1832-196-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1832-190-0x0000000000000000-mapping.dmp

Download
memory/1836-204-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1836-198-0x0000000000000000-mapping.dmp

Download
memory/1836-201-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1960-125-0x0000000000000000-mapping.dmp

Download
memory/1960-134-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1972-239-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/1972-233-0x0000000000000000-mapping.dmp

Download
memory/1972-236-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/2028-282-0x0000000000000000-mapping.dmp

Download
memory/2036-89-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/2036-83-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/2036-79-0x0000000000000000-mapping.dmp

Download
memory/2044-161-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/2044-167-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download
memory/2044-157-0x0000000000000000-mapping.dmp

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads