Analysis

  • max time kernel
    148s
  • max time network
    58s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    22-12-2022 21:01

General

  • Target

    iScreenKit.exe

  • Size

    28.3MB

  • MD5

    a197d19a71443b4e9214ce2ff11cd8d5

  • SHA1

    481b429e469e75bcb10ce01821e8a8b3852d121b

  • SHA256

    4432678c8a337e4bdf3fca48acbe7f1e5da4dfbdb9eea5959c7636ab7d0cab58

  • SHA512

    687aa2e20b61756f3d10ce4ae914c09bfce473cdf987674f03e7bf328a16e13860e52fc8f444f23ce86475b12935b1ab21383408c23f7a389d9d32aab6e9f169

  • SSDEEP

    393216:UXaHM4BfsmDxD8+vxr60kTgOX49fEJsanLH3hBvJC5SMOkpb5N0UCRBuplNzzg3y:UXasKxpWJHsaLRyFpFNVlNHU5bs

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 54 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Drops file in Program Files directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 6 IoCs
  • Suspicious use of SendNotifyMessage 5 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\iScreenKit.exe
    "C:\Users\Admin\AppData\Local\Temp\iScreenKit.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1344
    • C:\Users\Admin\AppData\Local\Temp\is-91PLL.tmp\iScreenKit.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-91PLL.tmp\iScreenKit.tmp" /SL5="$90120,28899390,1046016,C:\Users\Admin\AppData\Local\Temp\iScreenKit.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Drops file in Program Files directory
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:1740
      • C:\Program Files (x86)\iScreenKit\ScreenKit.exe
        "C:\Program Files (x86)\iScreenKit\ScreenKit.exe" -firsttime
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:956

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\iScreenKit\MSVCP140.dll

    Filesize

    429KB

    MD5

    61414859fcb6ca5e03aedcb990bc5e50

    SHA1

    b37dbd2dbbf3e45b3aed711c0fa8050cee969d7a

    SHA256

    242db44cbd857272b66267f52afe8ecad9fbf6a7e1ffef4d1bd4beb5c1b6290f

    SHA512

    1e1f6e71f017b37e051e8b2168d9832cc5b05d279cc2525f5ce9297cd0b9bdaaf5d515151f32a9810434bacbfef59d5fe1ee8f76be5acf07fcc5226aeddec366

  • C:\Program Files (x86)\iScreenKit\Qt5Core.dll

    Filesize

    4.6MB

    MD5

    8897bb5341e8c47ca5882365ca15c24c

    SHA1

    0676a57f129591beed3826eb9cea530d9111ef9c

    SHA256

    8a518ead59386b7f1912e043c498e0c08c4a6cca02013068c6454dae0fc87d1d

    SHA512

    0f6c60f859ff11dca220b85fe79387d344e4fa28cfc78d4423453f8c4e9c20d93bc35b18d41bdcd7af98b04dfc7e506f13c447659d566ecd811777d00cf30312

  • C:\Program Files (x86)\iScreenKit\Qt5Gui.dll

    Filesize

    5.0MB

    MD5

    ca96d2e79499528faad1e3636ed0d3a8

    SHA1

    4edfd718318c4a016009f0325f1b442340b7a551

    SHA256

    2ec2c15ae82a3c402d9d3f7e4dd2d4da3b295ecb9e495b04eec7c098793af952

    SHA512

    e85e685ab3eb6910f6e9459df41a600b4f4c56d8eadb76e31ef90228838036f8826117d043ca86eaf2c97f9f25d158b9d80030069193b38bde81bff5edb24891

  • C:\Program Files (x86)\iScreenKit\Qt5Multimedia.dll

    Filesize

    568KB

    MD5

    14bd82df0f84d7a561324ec6898576fe

    SHA1

    560c23def2a0715e2462b75a7ebd7db5f2dc4b8e

    SHA256

    8219e39bfb8ac7d97436555e53b66838812f9b166bb8198fd56e073b7209b14d

    SHA512

    e3f05add40702edfe6eaab758e15d64af5ca4157613254aeeb132a4adbd0e92760f9b0c5a7a8428e1ce8d9617547aae381e4449c2d88160c35863019c709726c

  • C:\Program Files (x86)\iScreenKit\Qt5MultimediaWidgets.dll

    Filesize

    81KB

    MD5

    bf564383974a15f0eb47370169974cb7

    SHA1

    31b9a84b40b7f1d94558ef7a5a03750298e3a8a9

    SHA256

    1193d334e10b8d831e8f6d90390fb0693eae9c67a98869ad6363d26c8c0a7ace

    SHA512

    8bcb7e713ac14f8bf2456c94a040a65953ddf4ff514ab5b94c72921dd68e317a2f0a9504ca37d08a0bce53c700ae0220e63623ce3adde6bcc590e6b7f84cea3b

  • C:\Program Files (x86)\iScreenKit\Qt5Network.dll

    Filesize

    961KB

    MD5

    f9d294fce83647f2db52271455ef3358

    SHA1

    d5a1e2c5cb6df88e4289b61cb447037f0ab8dc6b

    SHA256

    f104638510c03618edb54b717b8c25d6e5feb2a40e2b8f7df6ce52a211efb62b

    SHA512

    0638a7731ebc2c9aabb6691559af5dba968e20625cecd9a5e6f358284a5213e6a1a0b6e839f3e5b2bac77a9d676167391c831f226a6330af96736e5e1b829ec0

  • C:\Program Files (x86)\iScreenKit\Qt5OpenGL.dll

    Filesize

    265KB

    MD5

    2c90f93068ed78ace01868ae99a50abf

    SHA1

    0db600241e8ae50cf4041374b214ff3a520b9321

    SHA256

    25b07afb02d92c83ef198028a0f8717058cbf2512bb8649927b91668db95e209

    SHA512

    2db296c1d404d941008912dd2fb78d3858bd23290d673dfc68cdc5fee7e017976dfe2528de0ffd241a2ca01a98b055a6c4e5da3eb4d1b16dded88d1cd6691a35

  • C:\Program Files (x86)\iScreenKit\Qt5Widgets.dll

    Filesize

    4.2MB

    MD5

    0204db097c94b3c7fa22105c8f921111

    SHA1

    1fb8f70bdd3b2351a7503300350b9246487462f2

    SHA256

    efc6ac346c11dbbc68e30038898f3a05e875f9c3958954978c52ccec17bb0410

    SHA512

    b09ecd2750b4867cd52973b14ff56cf51615482906292018ad7547d2fff0ea0fd9789b936c2140d8b208f66295bfee73bce31582aeff46b6b08b8fb1aa6bf1d4

  • C:\Program Files (x86)\iScreenKit\Qt5WinExtras.dll

    Filesize

    228KB

    MD5

    60b6d42c961d17c52d9a3f59ea0bfe4d

    SHA1

    68baf91d3478021a6c3759e46403677e09e105e5

    SHA256

    28ac8a83f083a7cfddcbb0d19cd1b7a31d582ed93883de72da9761b6ead58ec0

    SHA512

    060d8ccbb4e417649d91f99fce2a79562a0cf67d5a4c54b2f5d8901f7b0fd9a8edd3ed8fb8be0d9f6fdd84c7cf9c66d2a527b974954359dab3261dfa41f85bf4

  • C:\Program Files (x86)\iScreenKit\ScreenKit.exe

    Filesize

    5.1MB

    MD5

    51790f9ca72eb4e121389d98f256efa6

    SHA1

    8eb13d2a9dac68ffea6a64108525d0ab2268df1d

    SHA256

    1c3ceafc260fa540dbdff4d632c786f140e2c0385493c5d370979b9922f7dace

    SHA512

    e8af1cac85c5dc05ff06564fe6e92280ff4d43d9fb3c82bf216101212a1292208e66d2a0e6f68fbb447a7f7adbf369cd0c1e175419bec6566068f777b1f3b2e3

  • C:\Program Files (x86)\iScreenKit\VCRUNTIME140.dll

    Filesize

    81KB

    MD5

    c3b569faa8871739efe0a67e177adeab

    SHA1

    a83a4ec70176d0dc0ac74de6bfa28890c18f1d25

    SHA256

    2db24a9659e7f74fe5c5ad742bbd8350c8f5be460f9adf1c9fa11e0f3b4571be

    SHA512

    1040f16e2fd068a7fcf0d2229a61a2c36e1493a1ff06d5289347b127e7dab9fa17c06dee59512b374b55a23f32cb8d6fa7a93fde994f3af194f8513a9b239ae3

  • C:\Program Files (x86)\iScreenKit\api-ms-win-core-file-l1-2-0.dll

    Filesize

    18KB

    MD5

    395d39f6ec3e09c5194899434150cdf7

    SHA1

    abd262b486e1adc39b40dbfe012a551c732dfd69

    SHA256

    ecc40b2c80300b94615b450d5a97ed15ce51aa929c73da22c906ab01856f8223

    SHA512

    0f55725eb8609ae52c45ff7e255c3e23bff0b9e049f2f37cb4fc12841ad9f5ed8264307961cbd27031997c29ce04677b646f9c859fc629b25186ec52f735ba36

  • C:\Program Files (x86)\iScreenKit\api-ms-win-core-file-l2-1-0.dll

    Filesize

    18KB

    MD5

    f2cd3227975bd33ae08e34221d223ca6

    SHA1

    26b19fd814ea86825244e7a7cf82e7eddc189895

    SHA256

    f88209bb4993bfbcfc9727d101a4f1ecf84649ca5fd15b264faac11daf19ac7f

    SHA512

    690408ba6d88ad97334a8f9012c5db5c4d46d70cd9519f1d8e9131d1044805dce992d89167ef12d0192f4e5ab079722b88700df9601c05674267fc4f8d5486e3

  • C:\Program Files (x86)\iScreenKit\api-ms-win-core-localization-l1-2-0.dll

    Filesize

    21KB

    MD5

    b178f49844a5168d29d5cce20a6303e3

    SHA1

    29dd5bd890addbba1d8a9aeacb68716f8208da73

    SHA256

    9358400795afcc41f5e748e20b139cfbb1ac976b3e460597b0b21893d647276d

    SHA512

    b65308d482342291069314e9f99964c3479ea41579db17d3cbe3888318bb7605ee67c11a40f14609665a419f44a61809513bddb8b3657b24a4bac16bb274664f

  • C:\Program Files (x86)\iScreenKit\api-ms-win-core-processthreads-l1-1-1.dll

    Filesize

    10KB

    MD5

    9acbbefab038673e6a34a59caf59cdbb

    SHA1

    58af07e6b5acc8d00c122ca4cdd49c8f9fbbec6a

    SHA256

    54017678c649f078dfd9c1eacbfd9a405e590dd55825cee60347acd0288de36d

    SHA512

    df36d44be2bfbf804323d3a20377454734b47febf62e21cbc2c8c59141fefd9291813d6288d2639470055cad0595f59744df9b1d1c5153a37266b7232b619a6f

  • C:\Program Files (x86)\iScreenKit\api-ms-win-core-synch-l1-2-0.dll

    Filesize

    19KB

    MD5

    500dc43299f083fbdccd7043d8665c6f

    SHA1

    ad084aad23cc9e18fd4b436fb53aeff4484a7e14

    SHA256

    829c05601bac069db875dc89c713ee2f54b350cd5a1a96ecd1ea8ea46ac59ad5

    SHA512

    4b6490b9d4890b5c8d7fe2e2b31b88841f239daf6756034f14d3ded247eaece8290dc078d69e934de49ab623dcbf69c22b32a0fde72d31accef91f6c5cc496fd

  • C:\Program Files (x86)\iScreenKit\api-ms-win-core-timezone-l1-1-0.dll

    Filesize

    18KB

    MD5

    c54a336fdc425291b1d972f6fbaca6c7

    SHA1

    ea3872c198f3f41e41dcc42cf92aabbc6540579d

    SHA256

    8d1f5410f8b4326876410b45fcdcabb96bea4941f71ea5b11cb6dae80e6bdd49

    SHA512

    abe7694493ce2e367582be1155fb5100a7840e67eb1f646dbd5360a47b430ec03634a3f1a940a8a5f555d96da0fdab66a4a2de544b847234e38b588cf597e0e9

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-convert-l1-1-0.dll

    Filesize

    22KB

    MD5

    6486f7508afd3ea4791ccd434c5ee39c

    SHA1

    071ff44f4a625ff5b0ac601efc8210648d5309bc

    SHA256

    82c4085866e4293759d9c9a5fed599f3fbff3abfa15f6c6ff0a8a82600592e37

    SHA512

    fe9d16bb25942f5b08509cdfae37c2a2846e2798142c9749b4965d244bccd65b7d7e5e6c82d73489c2c858d7313ee3f2543d3bbc4148646385ffaeb14f9b159d

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-environment-l1-1-0.dll

    Filesize

    19KB

    MD5

    e1c852f7771c28cea12da3084345b9a5

    SHA1

    5413f005fce127893c547927a4c7324ad07f1ad4

    SHA256

    f1634bfc7d08c588e85b6b6745084dd1b59bd5ece9fb2817243eb3b877601fdb

    SHA512

    46b457b05168ca2ba4efbbe4fdf3dd094c955a6494e3275508a0f98153d6432263d8cff8a07c557c713ed3005db905279581f4302398f05687655c0639d75995

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-filesystem-l1-1-0.dll

    Filesize

    20KB

    MD5

    c4d92c5ccf85f577b213b8f93f7db782

    SHA1

    94958c96a31b716c2a1d3d4f08739d7e95e100fa

    SHA256

    86fc8c1ed25712db755c21d3d61e597a115d5750261de443ee55a2f8d10ee640

    SHA512

    3a16f9f9c9def96c090286181b9a6affc8670a1781db7f57c1bfd4ee97ea9e159bc406c561f9e05bea60de41699b5539a36abcdcdffd3a9fb5aef14c9e19b200

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-heap-l1-1-0.dll

    Filesize

    19KB

    MD5

    c3aa45f69ceeedae8799c3c71ce4d64b

    SHA1

    92b24bedb8782f7b4baa73679b7f43e39dcf3b09

    SHA256

    4e756b8ab0e0047c838a29bc809e68945e9c10a4d054f33ee3ebd9b79546a23b

    SHA512

    4249079f1c4fe4b25361b73442ddd60c12651dfe5190b928a8fd97c78ca09f017420c78f714b90d043e11e17b075667617a7f9a9cf0fa8f0342e5f11cb8c2dc2

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-locale-l1-1-0.dll

    Filesize

    19KB

    MD5

    8f1bf32b70d388ec06393d04e16eec0a

    SHA1

    7b2dafe0e97d192e51d7c4bf0c7ab61319740d9e

    SHA256

    33f5a6d56bee34de3866587fabc5be9040d30d69638b53d0301028f113ed2613

    SHA512

    a03f9673861f6e42461e102f7ca6d11aac9c23648930fe5f7f6eaffc9bff19aee4ee005d20c272bf6a733ad1030ebf197bf3116ac3b055bba5621188f3f3f6ff

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-math-l1-1-0.dll

    Filesize

    29KB

    MD5

    c723f17218f1c0ce46c69b76783bc15a

    SHA1

    bc0f24d817a8641069a1f92a09ba47bd6618c46f

    SHA256

    6c38011a0bcf7d46fb2262029466d8fd731cf9ed9d10062c55894df68adfaa22

    SHA512

    135ee4afcf04793e4141c1a75f28b152a8819d3411d3221670ea160a6a9b6802128528e023cca01f6425dae1dffeccae335f7c4f0e49d04a4d7249995a0731d5

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-multibyte-l1-1-0.dll

    Filesize

    26KB

    MD5

    dd768ccc1b0297dfdac99029ba4ba7ab

    SHA1

    4086bc4920d49d99854d16b4e0c1387f75a30452

    SHA256

    25338fbf5d4bd5b99499bb1885867fc026e0fa61f92f876a79e5972a023f4c12

    SHA512

    766d03b2e8cd2f1f2f96abb779d49df77a0ca35009a86d9b9264bfb35c0a43f1edb27836084d5858bbeaecc9e4fa6b6272e688d2620f115c84401fc3ea49f7e1

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-runtime-l1-1-0.dll

    Filesize

    23KB

    MD5

    da9cb6b2a96ca5f3d8ef55ef2f7165ba

    SHA1

    eccc29dc737032ac602bdb6da1561064dc2aec49

    SHA256

    057991c1da75cefbe544992d78db72ba476f6861819055aa011875abea3195cc

    SHA512

    580ed6a8b779b4be7380f159f2cb22b729fe6f6c30e01cd824ef34873816ac9aa4b20c62d4c611aae9e229804407e181f89b146089cabae3e1e86dbf8480ea48

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-stdio-l1-1-0.dll

    Filesize

    24KB

    MD5

    5e7bdf944b1c9a987665156393680e01

    SHA1

    4bb997c4ecc09a76b38005431bbdf5a69b0e8aec

    SHA256

    daf29d2df289a7794f7e52ad2cf3644f7fdff36efe54e9771cc1a5c7467c93ae

    SHA512

    22af27df1d05f037e1363a4ae4dd3bd23dff82ff257d6f72acc6bd087f6f8085d2f68b35f68ea37143ec50a14fe15628ad25514a291e5c12b57dcba5a1667cac

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-string-l1-1-0.dll

    Filesize

    24KB

    MD5

    e27ce56b6565c66171f7fa29b240cf98

    SHA1

    1c1ae84e7d9d68674f3ca156dbba675dc913b5cd

    SHA256

    58e11bcc6ce7a7a2cad717340b7e3e31ab017e8c242b7c72cea19a2ba0c664ac

    SHA512

    afb75f8e8ccc8d790aa32a9a5f821532d4128fb291721b5ac0bc09a542da954cd9e32a47099bc243cdb2471528337686f3f4888ea0f1d3d4605445271121734b

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-time-l1-1-0.dll

    Filesize

    21KB

    MD5

    ad41d7793e8e931d6edb8fe72d70c190

    SHA1

    750fdf2dcc52d40be1ac6764bbd96f5ddab6ba20

    SHA256

    df4524b35b88023f7bc4c8741776e1b4f933fe5ebf241e1ed5230fd10205b133

    SHA512

    f7e81989944f15cf2e590b54bc53b934683f31f0aceb672541c1138b7654d63cc3703369c39be3ccbc49232f7ffaaf9f51fdcbbe30d77f6238e671261fcf84b5

  • C:\Program Files (x86)\iScreenKit\api-ms-win-crt-utility-l1-1-0.dll

    Filesize

    19KB

    MD5

    371dfcd9218a52fa7a4cf2b187926b47

    SHA1

    a7e0726383e4caffaa8b7ae87248f5ae5a62ab7e

    SHA256

    7043b82592d65977d920579a2bcf695d1321515e4733ee9881cdf65ee5dc7818

    SHA512

    faa3e4cc6a4db7c976d1c14877f3557cafeb83547ba1a3965a292af75731307552ee0e4c3de81c59239e1d5b9ba705cc4faaf4b845232f6e33457de2d5128559

  • C:\Program Files (x86)\iScreenKit\ucrtbase.DLL

    Filesize

    1.1MB

    MD5

    b9820b010d39c3f0d5ec277d54b37fbf

    SHA1

    b2f704ade582bd498224bd84dfd8ec5a4efc2fb1

    SHA256

    de3f497d6da0b5b8ce3785d4ea1e587c50f1cae356226ffa3416fa43ef8a8503

    SHA512

    abd3c0f7d733d2537df5aed4b1327aa8988b823bc654528f1b206cd5b454c57bd0d004092a90dbb20d7109a24591669d3602d9e28c435ec815dd21efaa8cb2b7

  • C:\Users\Admin\AppData\Local\Temp\is-91PLL.tmp\iScreenKit.tmp

    Filesize

    2.7MB

    MD5

    93ad40cb8951e3a6c94c35358fed70f6

    SHA1

    8446707ef9ae92d49d45e0c6b59fc8b593fc4580

    SHA256

    796cea842e091a8865349ce458a6198f2a3deedabe7c5a98543852fbe6d7cdfc

    SHA512

    46d1bd9ce79b14ca5107f581b8673ccfff7dea0fdba0a7f78fe38a682c770313056afd8e93343df44ef695c89adb490044d79985686d5955c0ec9172ecc9e6f6

  • C:\Users\Admin\AppData\Local\Temp\is-91PLL.tmp\iScreenKit.tmp

    Filesize

    2.7MB

    MD5

    93ad40cb8951e3a6c94c35358fed70f6

    SHA1

    8446707ef9ae92d49d45e0c6b59fc8b593fc4580

    SHA256

    796cea842e091a8865349ce458a6198f2a3deedabe7c5a98543852fbe6d7cdfc

    SHA512

    46d1bd9ce79b14ca5107f581b8673ccfff7dea0fdba0a7f78fe38a682c770313056afd8e93343df44ef695c89adb490044d79985686d5955c0ec9172ecc9e6f6

  • \Program Files (x86)\iScreenKit\Qt5Core.dll

    Filesize

    4.6MB

    MD5

    8897bb5341e8c47ca5882365ca15c24c

    SHA1

    0676a57f129591beed3826eb9cea530d9111ef9c

    SHA256

    8a518ead59386b7f1912e043c498e0c08c4a6cca02013068c6454dae0fc87d1d

    SHA512

    0f6c60f859ff11dca220b85fe79387d344e4fa28cfc78d4423453f8c4e9c20d93bc35b18d41bdcd7af98b04dfc7e506f13c447659d566ecd811777d00cf30312

  • \Program Files (x86)\iScreenKit\Qt5Gui.dll

    Filesize

    5.0MB

    MD5

    ca96d2e79499528faad1e3636ed0d3a8

    SHA1

    4edfd718318c4a016009f0325f1b442340b7a551

    SHA256

    2ec2c15ae82a3c402d9d3f7e4dd2d4da3b295ecb9e495b04eec7c098793af952

    SHA512

    e85e685ab3eb6910f6e9459df41a600b4f4c56d8eadb76e31ef90228838036f8826117d043ca86eaf2c97f9f25d158b9d80030069193b38bde81bff5edb24891

  • \Program Files (x86)\iScreenKit\Qt5Multimedia.dll

    Filesize

    568KB

    MD5

    14bd82df0f84d7a561324ec6898576fe

    SHA1

    560c23def2a0715e2462b75a7ebd7db5f2dc4b8e

    SHA256

    8219e39bfb8ac7d97436555e53b66838812f9b166bb8198fd56e073b7209b14d

    SHA512

    e3f05add40702edfe6eaab758e15d64af5ca4157613254aeeb132a4adbd0e92760f9b0c5a7a8428e1ce8d9617547aae381e4449c2d88160c35863019c709726c

  • \Program Files (x86)\iScreenKit\Qt5MultimediaWidgets.dll

    Filesize

    81KB

    MD5

    bf564383974a15f0eb47370169974cb7

    SHA1

    31b9a84b40b7f1d94558ef7a5a03750298e3a8a9

    SHA256

    1193d334e10b8d831e8f6d90390fb0693eae9c67a98869ad6363d26c8c0a7ace

    SHA512

    8bcb7e713ac14f8bf2456c94a040a65953ddf4ff514ab5b94c72921dd68e317a2f0a9504ca37d08a0bce53c700ae0220e63623ce3adde6bcc590e6b7f84cea3b

  • \Program Files (x86)\iScreenKit\Qt5Network.dll

    Filesize

    961KB

    MD5

    f9d294fce83647f2db52271455ef3358

    SHA1

    d5a1e2c5cb6df88e4289b61cb447037f0ab8dc6b

    SHA256

    f104638510c03618edb54b717b8c25d6e5feb2a40e2b8f7df6ce52a211efb62b

    SHA512

    0638a7731ebc2c9aabb6691559af5dba968e20625cecd9a5e6f358284a5213e6a1a0b6e839f3e5b2bac77a9d676167391c831f226a6330af96736e5e1b829ec0

  • \Program Files (x86)\iScreenKit\Qt5OpenGL.dll

    Filesize

    265KB

    MD5

    2c90f93068ed78ace01868ae99a50abf

    SHA1

    0db600241e8ae50cf4041374b214ff3a520b9321

    SHA256

    25b07afb02d92c83ef198028a0f8717058cbf2512bb8649927b91668db95e209

    SHA512

    2db296c1d404d941008912dd2fb78d3858bd23290d673dfc68cdc5fee7e017976dfe2528de0ffd241a2ca01a98b055a6c4e5da3eb4d1b16dded88d1cd6691a35

  • \Program Files (x86)\iScreenKit\Qt5Widgets.dll

    Filesize

    4.2MB

    MD5

    0204db097c94b3c7fa22105c8f921111

    SHA1

    1fb8f70bdd3b2351a7503300350b9246487462f2

    SHA256

    efc6ac346c11dbbc68e30038898f3a05e875f9c3958954978c52ccec17bb0410

    SHA512

    b09ecd2750b4867cd52973b14ff56cf51615482906292018ad7547d2fff0ea0fd9789b936c2140d8b208f66295bfee73bce31582aeff46b6b08b8fb1aa6bf1d4

  • \Program Files (x86)\iScreenKit\Qt5WinExtras.dll

    Filesize

    228KB

    MD5

    60b6d42c961d17c52d9a3f59ea0bfe4d

    SHA1

    68baf91d3478021a6c3759e46403677e09e105e5

    SHA256

    28ac8a83f083a7cfddcbb0d19cd1b7a31d582ed93883de72da9761b6ead58ec0

    SHA512

    060d8ccbb4e417649d91f99fce2a79562a0cf67d5a4c54b2f5d8901f7b0fd9a8edd3ed8fb8be0d9f6fdd84c7cf9c66d2a527b974954359dab3261dfa41f85bf4

  • \Program Files (x86)\iScreenKit\ScreenKit.exe

    Filesize

    5.1MB

    MD5

    51790f9ca72eb4e121389d98f256efa6

    SHA1

    8eb13d2a9dac68ffea6a64108525d0ab2268df1d

    SHA256

    1c3ceafc260fa540dbdff4d632c786f140e2c0385493c5d370979b9922f7dace

    SHA512

    e8af1cac85c5dc05ff06564fe6e92280ff4d43d9fb3c82bf216101212a1292208e66d2a0e6f68fbb447a7f7adbf369cd0c1e175419bec6566068f777b1f3b2e3

  • \Program Files (x86)\iScreenKit\ScreenKit.exe

    Filesize

    5.1MB

    MD5

    51790f9ca72eb4e121389d98f256efa6

    SHA1

    8eb13d2a9dac68ffea6a64108525d0ab2268df1d

    SHA256

    1c3ceafc260fa540dbdff4d632c786f140e2c0385493c5d370979b9922f7dace

    SHA512

    e8af1cac85c5dc05ff06564fe6e92280ff4d43d9fb3c82bf216101212a1292208e66d2a0e6f68fbb447a7f7adbf369cd0c1e175419bec6566068f777b1f3b2e3

  • \Program Files (x86)\iScreenKit\api-ms-win-core-file-l1-2-0.dll

    Filesize

    18KB

    MD5

    395d39f6ec3e09c5194899434150cdf7

    SHA1

    abd262b486e1adc39b40dbfe012a551c732dfd69

    SHA256

    ecc40b2c80300b94615b450d5a97ed15ce51aa929c73da22c906ab01856f8223

    SHA512

    0f55725eb8609ae52c45ff7e255c3e23bff0b9e049f2f37cb4fc12841ad9f5ed8264307961cbd27031997c29ce04677b646f9c859fc629b25186ec52f735ba36

  • \Program Files (x86)\iScreenKit\api-ms-win-core-file-l2-1-0.dll

    Filesize

    18KB

    MD5

    f2cd3227975bd33ae08e34221d223ca6

    SHA1

    26b19fd814ea86825244e7a7cf82e7eddc189895

    SHA256

    f88209bb4993bfbcfc9727d101a4f1ecf84649ca5fd15b264faac11daf19ac7f

    SHA512

    690408ba6d88ad97334a8f9012c5db5c4d46d70cd9519f1d8e9131d1044805dce992d89167ef12d0192f4e5ab079722b88700df9601c05674267fc4f8d5486e3

  • \Program Files (x86)\iScreenKit\api-ms-win-core-localization-l1-2-0.dll

    Filesize

    21KB

    MD5

    b178f49844a5168d29d5cce20a6303e3

    SHA1

    29dd5bd890addbba1d8a9aeacb68716f8208da73

    SHA256

    9358400795afcc41f5e748e20b139cfbb1ac976b3e460597b0b21893d647276d

    SHA512

    b65308d482342291069314e9f99964c3479ea41579db17d3cbe3888318bb7605ee67c11a40f14609665a419f44a61809513bddb8b3657b24a4bac16bb274664f

  • \Program Files (x86)\iScreenKit\api-ms-win-core-processthreads-l1-1-1.dll

    Filesize

    10KB

    MD5

    9acbbefab038673e6a34a59caf59cdbb

    SHA1

    58af07e6b5acc8d00c122ca4cdd49c8f9fbbec6a

    SHA256

    54017678c649f078dfd9c1eacbfd9a405e590dd55825cee60347acd0288de36d

    SHA512

    df36d44be2bfbf804323d3a20377454734b47febf62e21cbc2c8c59141fefd9291813d6288d2639470055cad0595f59744df9b1d1c5153a37266b7232b619a6f

  • \Program Files (x86)\iScreenKit\api-ms-win-core-synch-l1-2-0.dll

    Filesize

    19KB

    MD5

    500dc43299f083fbdccd7043d8665c6f

    SHA1

    ad084aad23cc9e18fd4b436fb53aeff4484a7e14

    SHA256

    829c05601bac069db875dc89c713ee2f54b350cd5a1a96ecd1ea8ea46ac59ad5

    SHA512

    4b6490b9d4890b5c8d7fe2e2b31b88841f239daf6756034f14d3ded247eaece8290dc078d69e934de49ab623dcbf69c22b32a0fde72d31accef91f6c5cc496fd

  • \Program Files (x86)\iScreenKit\api-ms-win-core-timezone-l1-1-0.dll

    Filesize

    18KB

    MD5

    c54a336fdc425291b1d972f6fbaca6c7

    SHA1

    ea3872c198f3f41e41dcc42cf92aabbc6540579d

    SHA256

    8d1f5410f8b4326876410b45fcdcabb96bea4941f71ea5b11cb6dae80e6bdd49

    SHA512

    abe7694493ce2e367582be1155fb5100a7840e67eb1f646dbd5360a47b430ec03634a3f1a940a8a5f555d96da0fdab66a4a2de544b847234e38b588cf597e0e9

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-convert-l1-1-0.dll

    Filesize

    22KB

    MD5

    6486f7508afd3ea4791ccd434c5ee39c

    SHA1

    071ff44f4a625ff5b0ac601efc8210648d5309bc

    SHA256

    82c4085866e4293759d9c9a5fed599f3fbff3abfa15f6c6ff0a8a82600592e37

    SHA512

    fe9d16bb25942f5b08509cdfae37c2a2846e2798142c9749b4965d244bccd65b7d7e5e6c82d73489c2c858d7313ee3f2543d3bbc4148646385ffaeb14f9b159d

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-environment-l1-1-0.dll

    Filesize

    19KB

    MD5

    e1c852f7771c28cea12da3084345b9a5

    SHA1

    5413f005fce127893c547927a4c7324ad07f1ad4

    SHA256

    f1634bfc7d08c588e85b6b6745084dd1b59bd5ece9fb2817243eb3b877601fdb

    SHA512

    46b457b05168ca2ba4efbbe4fdf3dd094c955a6494e3275508a0f98153d6432263d8cff8a07c557c713ed3005db905279581f4302398f05687655c0639d75995

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-filesystem-l1-1-0.dll

    Filesize

    20KB

    MD5

    c4d92c5ccf85f577b213b8f93f7db782

    SHA1

    94958c96a31b716c2a1d3d4f08739d7e95e100fa

    SHA256

    86fc8c1ed25712db755c21d3d61e597a115d5750261de443ee55a2f8d10ee640

    SHA512

    3a16f9f9c9def96c090286181b9a6affc8670a1781db7f57c1bfd4ee97ea9e159bc406c561f9e05bea60de41699b5539a36abcdcdffd3a9fb5aef14c9e19b200

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-heap-l1-1-0.dll

    Filesize

    19KB

    MD5

    c3aa45f69ceeedae8799c3c71ce4d64b

    SHA1

    92b24bedb8782f7b4baa73679b7f43e39dcf3b09

    SHA256

    4e756b8ab0e0047c838a29bc809e68945e9c10a4d054f33ee3ebd9b79546a23b

    SHA512

    4249079f1c4fe4b25361b73442ddd60c12651dfe5190b928a8fd97c78ca09f017420c78f714b90d043e11e17b075667617a7f9a9cf0fa8f0342e5f11cb8c2dc2

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-locale-l1-1-0.dll

    Filesize

    19KB

    MD5

    8f1bf32b70d388ec06393d04e16eec0a

    SHA1

    7b2dafe0e97d192e51d7c4bf0c7ab61319740d9e

    SHA256

    33f5a6d56bee34de3866587fabc5be9040d30d69638b53d0301028f113ed2613

    SHA512

    a03f9673861f6e42461e102f7ca6d11aac9c23648930fe5f7f6eaffc9bff19aee4ee005d20c272bf6a733ad1030ebf197bf3116ac3b055bba5621188f3f3f6ff

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-math-l1-1-0.dll

    Filesize

    29KB

    MD5

    c723f17218f1c0ce46c69b76783bc15a

    SHA1

    bc0f24d817a8641069a1f92a09ba47bd6618c46f

    SHA256

    6c38011a0bcf7d46fb2262029466d8fd731cf9ed9d10062c55894df68adfaa22

    SHA512

    135ee4afcf04793e4141c1a75f28b152a8819d3411d3221670ea160a6a9b6802128528e023cca01f6425dae1dffeccae335f7c4f0e49d04a4d7249995a0731d5

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-multibyte-l1-1-0.dll

    Filesize

    26KB

    MD5

    dd768ccc1b0297dfdac99029ba4ba7ab

    SHA1

    4086bc4920d49d99854d16b4e0c1387f75a30452

    SHA256

    25338fbf5d4bd5b99499bb1885867fc026e0fa61f92f876a79e5972a023f4c12

    SHA512

    766d03b2e8cd2f1f2f96abb779d49df77a0ca35009a86d9b9264bfb35c0a43f1edb27836084d5858bbeaecc9e4fa6b6272e688d2620f115c84401fc3ea49f7e1

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-runtime-l1-1-0.dll

    Filesize

    23KB

    MD5

    da9cb6b2a96ca5f3d8ef55ef2f7165ba

    SHA1

    eccc29dc737032ac602bdb6da1561064dc2aec49

    SHA256

    057991c1da75cefbe544992d78db72ba476f6861819055aa011875abea3195cc

    SHA512

    580ed6a8b779b4be7380f159f2cb22b729fe6f6c30e01cd824ef34873816ac9aa4b20c62d4c611aae9e229804407e181f89b146089cabae3e1e86dbf8480ea48

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-stdio-l1-1-0.dll

    Filesize

    24KB

    MD5

    5e7bdf944b1c9a987665156393680e01

    SHA1

    4bb997c4ecc09a76b38005431bbdf5a69b0e8aec

    SHA256

    daf29d2df289a7794f7e52ad2cf3644f7fdff36efe54e9771cc1a5c7467c93ae

    SHA512

    22af27df1d05f037e1363a4ae4dd3bd23dff82ff257d6f72acc6bd087f6f8085d2f68b35f68ea37143ec50a14fe15628ad25514a291e5c12b57dcba5a1667cac

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-string-l1-1-0.dll

    Filesize

    24KB

    MD5

    e27ce56b6565c66171f7fa29b240cf98

    SHA1

    1c1ae84e7d9d68674f3ca156dbba675dc913b5cd

    SHA256

    58e11bcc6ce7a7a2cad717340b7e3e31ab017e8c242b7c72cea19a2ba0c664ac

    SHA512

    afb75f8e8ccc8d790aa32a9a5f821532d4128fb291721b5ac0bc09a542da954cd9e32a47099bc243cdb2471528337686f3f4888ea0f1d3d4605445271121734b

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-time-l1-1-0.dll

    Filesize

    21KB

    MD5

    ad41d7793e8e931d6edb8fe72d70c190

    SHA1

    750fdf2dcc52d40be1ac6764bbd96f5ddab6ba20

    SHA256

    df4524b35b88023f7bc4c8741776e1b4f933fe5ebf241e1ed5230fd10205b133

    SHA512

    f7e81989944f15cf2e590b54bc53b934683f31f0aceb672541c1138b7654d63cc3703369c39be3ccbc49232f7ffaaf9f51fdcbbe30d77f6238e671261fcf84b5

  • \Program Files (x86)\iScreenKit\api-ms-win-crt-utility-l1-1-0.dll

    Filesize

    19KB

    MD5

    371dfcd9218a52fa7a4cf2b187926b47

    SHA1

    a7e0726383e4caffaa8b7ae87248f5ae5a62ab7e

    SHA256

    7043b82592d65977d920579a2bcf695d1321515e4733ee9881cdf65ee5dc7818

    SHA512

    faa3e4cc6a4db7c976d1c14877f3557cafeb83547ba1a3965a292af75731307552ee0e4c3de81c59239e1d5b9ba705cc4faaf4b845232f6e33457de2d5128559

  • \Program Files (x86)\iScreenKit\msvcp140.dll

    Filesize

    429KB

    MD5

    61414859fcb6ca5e03aedcb990bc5e50

    SHA1

    b37dbd2dbbf3e45b3aed711c0fa8050cee969d7a

    SHA256

    242db44cbd857272b66267f52afe8ecad9fbf6a7e1ffef4d1bd4beb5c1b6290f

    SHA512

    1e1f6e71f017b37e051e8b2168d9832cc5b05d279cc2525f5ce9297cd0b9bdaaf5d515151f32a9810434bacbfef59d5fe1ee8f76be5acf07fcc5226aeddec366

  • \Program Files (x86)\iScreenKit\ucrtbase.dll

    Filesize

    1.1MB

    MD5

    b9820b010d39c3f0d5ec277d54b37fbf

    SHA1

    b2f704ade582bd498224bd84dfd8ec5a4efc2fb1

    SHA256

    de3f497d6da0b5b8ce3785d4ea1e587c50f1cae356226ffa3416fa43ef8a8503

    SHA512

    abd3c0f7d733d2537df5aed4b1327aa8988b823bc654528f1b206cd5b454c57bd0d004092a90dbb20d7109a24591669d3602d9e28c435ec815dd21efaa8cb2b7

  • \Program Files (x86)\iScreenKit\vcruntime140.dll

    Filesize

    81KB

    MD5

    c3b569faa8871739efe0a67e177adeab

    SHA1

    a83a4ec70176d0dc0ac74de6bfa28890c18f1d25

    SHA256

    2db24a9659e7f74fe5c5ad742bbd8350c8f5be460f9adf1c9fa11e0f3b4571be

    SHA512

    1040f16e2fd068a7fcf0d2229a61a2c36e1493a1ff06d5289347b127e7dab9fa17c06dee59512b374b55a23f32cb8d6fa7a93fde994f3af194f8513a9b239ae3

  • \Users\Admin\AppData\Local\Temp\is-91PLL.tmp\iScreenKit.tmp

    Filesize

    2.7MB

    MD5

    93ad40cb8951e3a6c94c35358fed70f6

    SHA1

    8446707ef9ae92d49d45e0c6b59fc8b593fc4580

    SHA256

    796cea842e091a8865349ce458a6198f2a3deedabe7c5a98543852fbe6d7cdfc

    SHA512

    46d1bd9ce79b14ca5107f581b8673ccfff7dea0fdba0a7f78fe38a682c770313056afd8e93343df44ef695c89adb490044d79985686d5955c0ec9172ecc9e6f6

  • memory/956-66-0x0000000000000000-mapping.dmp

  • memory/1344-71-0x0000000000400000-0x000000000050D000-memory.dmp

    Filesize

    1.1MB

  • memory/1344-54-0x0000000074F41000-0x0000000074F43000-memory.dmp

    Filesize

    8KB

  • memory/1344-61-0x0000000000400000-0x000000000050D000-memory.dmp

    Filesize

    1.1MB

  • memory/1344-55-0x0000000000400000-0x000000000050D000-memory.dmp

    Filesize

    1.1MB

  • memory/1344-128-0x0000000000400000-0x000000000050D000-memory.dmp

    Filesize

    1.1MB

  • memory/1740-62-0x00000000745E1000-0x00000000745E3000-memory.dmp

    Filesize

    8KB

  • memory/1740-58-0x0000000000000000-mapping.dmp