bcbe2f8ab2e6a8b7f692ed687c37de0c826696cb5673729f6ca75a3f91eb579b

Resubmissions

13/01/2023, 03:47

230113-eb63vshf9t 8

Analysis

max time kernel
34s
max time network
39s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
13/01/2023, 03:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

L4150_Lite_LA.exe
Size

13.2MB
MD5

58d4ce0a1db6b881c2a9d37da8bc7a5b
SHA1

bac1a43872f9a792ba845506116df000d79fb5d4
SHA256

bcbe2f8ab2e6a8b7f692ed687c37de0c826696cb5673729f6ca75a3f91eb579b
SHA512

0628707d48f60caeab5746805a89299267d2c3e2cbed56260e2e13d2d2251a45b37702d428e26153dc1fbde96b936e9f631247cadac20aaa5ce071fe5e3e4416
SSDEEP

393216:1kOLJYPAb/EMm4LaTnhnMUeeHInjQzjZTw10DcPjQ7dlc3STyT6h9EJ:24Fm6aLhMqInjSjJw1ecPqlcQyTK9E

Score

8^/10

Malware Config

Signatures

Executes dropped EXE 3 IoCs

pid	Process
2040	L4150_Lite_LA.tmp
1624	Setup.exe
1684	Splash.exe

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-999675638-2867687379-27515722-1000\Control Panel\International\Geo\Nation	Setup.exe

Loads dropped DLL 7 IoCs

pid	Process
1960	L4150_Lite_LA.exe
2040	L4150_Lite_LA.tmp
1624	Setup.exe
1624	Setup.exe
1624	Setup.exe
1624	Setup.exe
1624	Setup.exe

Drops file in Windows directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\EpsonCDInstaller.ini	Setup.exe
File opened for modification	C:\Windows\EpsonCDInstaller.INI	Setup.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 3 IoCs

pid	Process
2040	L4150_Lite_LA.tmp
2040	L4150_Lite_LA.tmp
1624	Setup.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2040	L4150_Lite_LA.tmp

Suspicious use of SetWindowsHookEx 13 IoCs

pid	Process
1624	Setup.exe
1624	Setup.exe
1684	Splash.exe
1684	Splash.exe
1624	Setup.exe
1624	Setup.exe
1624	Setup.exe
1624	Setup.exe
1624	Setup.exe
1624	Setup.exe
1624	Setup.exe
1624	Setup.exe
1624	Setup.exe

Suspicious use of WriteProcessMemory 25 IoCs

description	pid	Process	procid_target
PID 1960 wrote to memory of 2040	1960	L4150_Lite_LA.exe	27
PID 1960 wrote to memory of 2040	1960	L4150_Lite_LA.exe	27
PID 1960 wrote to memory of 2040	1960	L4150_Lite_LA.exe	27
PID 1960 wrote to memory of 2040	1960	L4150_Lite_LA.exe	27
PID 1960 wrote to memory of 2040	1960	L4150_Lite_LA.exe	27
PID 1960 wrote to memory of 2040	1960	L4150_Lite_LA.exe	27
PID 1960 wrote to memory of 2040	1960	L4150_Lite_LA.exe	27
PID 2040 wrote to memory of 1624	2040	L4150_Lite_LA.tmp	28
PID 2040 wrote to memory of 1624	2040	L4150_Lite_LA.tmp	28
PID 2040 wrote to memory of 1624	2040	L4150_Lite_LA.tmp	28
PID 2040 wrote to memory of 1624	2040	L4150_Lite_LA.tmp	28
PID 2040 wrote to memory of 1624	2040	L4150_Lite_LA.tmp	28
PID 2040 wrote to memory of 1624	2040	L4150_Lite_LA.tmp	28
PID 2040 wrote to memory of 1624	2040	L4150_Lite_LA.tmp	28
PID 1624 wrote to memory of 1684	1624	Setup.exe	30
PID 1624 wrote to memory of 1684	1624	Setup.exe	30
PID 1624 wrote to memory of 1684	1624	Setup.exe	30
PID 1624 wrote to memory of 1684	1624	Setup.exe	30
PID 1624 wrote to memory of 1684	1624	Setup.exe	30
PID 1624 wrote to memory of 1684	1624	Setup.exe	30
PID 1624 wrote to memory of 1684	1624	Setup.exe	30
PID 2040 wrote to memory of 972	2040	L4150_Lite_LA.tmp	32
PID 2040 wrote to memory of 972	2040	L4150_Lite_LA.tmp	32
PID 2040 wrote to memory of 972	2040	L4150_Lite_LA.tmp	32
PID 2040 wrote to memory of 972	2040	L4150_Lite_LA.tmp	32

C:\Users\Admin\AppData\Local\Temp\L4150_Lite_LA.exe
"C:\Users\Admin\AppData\Local\Temp\L4150_Lite_LA.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1960
- C:\Users\Admin\AppData\Local\Temp\is-1K8LU.tmp\L4150_Lite_LA.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-1K8LU.tmp\L4150_Lite_LA.tmp" /SL5="$60120,13481749,348160,C:\Users\Admin\AppData\Local\Temp\L4150_Lite_LA.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:2040
- - C:\Users\Admin\AppData\Local\Temp\L4150\Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\L4150\Setup.exe"
    3⤵
    - Executes dropped EXE
    - Checks computer location settings
    - Loads dropped DLL
    - Drops file in Windows directory
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:1624
  - - C:\Users\Admin\AppData\Local\Temp\L4150\res\Splash.exe
      "C:\Users\Admin\AppData\Local\Temp\L4150\res\Splash.exe" 5000
      4⤵
      Executes dropped EXE
      Suspicious use of SetWindowsHookEx
      PID:1684
- - C:\Windows\SysWOW64\cmd.exe
    "C:\Windows\system32\cmd.exe" /C rd /S /Q "C:\Users\Admin\AppData\Local\Temp\L4150"
    3⤵
    PID:972

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\L4150\Apps\Register\EPAUDFLG.exe

Filesize
403KB

MD5
9a129ceebe6e461435bba0770859368d

SHA1
fcecf9175561808061d58d66e33608d1ec0b95bf

SHA256
817ff72ea35296662c7e5ef153b83ec9d4cb8b4b0e95f5af99fa0e186ac714a3

SHA512
b96f2673376a64a1e6f3f3537f753b11e1f64332c4b54fb9568ad17a53073a18c574860e30cf0730ea0502c7fde49cdee2232a528636cf9fa22dffa91fca3b8e

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Apps\Register\EPSONR~1.EXE

Filesize
1.6MB

MD5
31be971a326f4cb0d7451532ed6963d9

SHA1
2390a19b2fc1ff9c882673ae3be40de1bd721333

SHA256
2189042a1b86e882a55e0b5fc8612e2fb6239b9d5b5fb00b6125100934a1fdc8

SHA512
28fdf3033cd9d25626e298859fe3a40a77186cfaba8bf4a3171655fb10c11e527d684c5b30bac1cea2c60032c7d477fc3a096060b4413a184c59c1c1a833ace0

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Apps\Register\EPSONR~1.INI

Filesize
442B

MD5
270afcb6afc0cd75650e6110d1345fb6

SHA1
65ff8cff3919e5731fe64e6c52a4262900209855

SHA256
cb9f35bccb108998967ba86a46db2b8daede345ba81cc4e6278932fcbd4c5304

SHA512
055749f8bc3ca2ceca681dba0c4e246c81c65db4e369d46e838dae23797779dbcae3bd2a2ae94251d91af6274bac40244b9df11fbbb4cd0a86f544e5d942e92f

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Apps\Register\EPSONR~2.EXE

Filesize
2.4MB

MD5
6ad8e8509b33821e423a04d3f9b09c97

SHA1
366e76a563427ecdb269d7b1caac855a9453036c

SHA256
79c472b841af8e06919849b4ad8f4689e61fb96c6b2cb9535d340c00dca6e2e7

SHA512
187a5880cfcb973dff0de097fcd0cfd3d9bbb983242d5455a050f43cb5036ec83ecdf93658477395b66e3619fa0356c7df35204ae10cc70747a388569bef1ff0

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\COPYRI~1.TXT

Filesize
1KB

MD5
0d7c756b6f2f68b54b820ce8833ddb68

SHA1
b580d32cba6f93260ac0b11c3dd3558063d03ead

SHA256
519e663932da632debccca69de8d94588a8ae1eab91324d5a21fdd7b28669368

SHA512
39bbfd62204ee1ab97aca91db03af03a33559e54bd81fdfda7da1acbb9227eb280bed8239608ee035f3845f150ccb1ade6db3ef1f495ca083ec88400fc94b75c

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\ENAPPI~1.DLL

Filesize
193KB

MD5
017132da7e2db1e98b1f5852f8edb4d3

SHA1
3daf4df87b869f99ae97fb589b4bcdcaf11aa1a3

SHA256
6b949ee6ef58fc394bedf77edfe4551a8d640b4ea8099117fcd1ee9e09a5a301

SHA512
498e7a44fbe768e0cb110fe50afc1b102c9866b23abdfcbaae6b3a4404887502ccacb68ae6589c764af4c6b348af5c268319442b70d1c53fe28895337b5c1fab

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\ENEASY~1.EXE

Filesize
5.0MB

MD5
add3d61c4a725db6d0ceb69be2f7b8b8

SHA1
0084bedc911c0bac7eb57c458b493d41fa8e999a

SHA256
366d02ad1969ca0e5cb06c2d73fec894dfca3d4d4dcdb6c989b7f7c43f3efaa1

SHA512
03591e5acf508c68e322e19cb1d7359aa76246a760f8b1eb5cb90b2bcfc80da18b7d2b6a20186b583a137f9ca7e70d4d67357c94e01323d6f83011abf6a8acdb

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\ENMM.exe

Filesize
67KB

MD5
6d27ffa740ed534c495b8561d3dc22d4

SHA1
6eecd3f754ea6efae786e956edfef2157c444355

SHA256
d55b61814e0cc196d8e27266d5ab06aff39078e34830dd24459dbf48e59959e7

SHA512
c79a6915f2fe302ecbb81b11fff21fe6c8e34ae6a4ab1c7e706a55b6827a9b1e65d690feeeb39ba4fe59a0f5ce3865bd595767646c7820fe07d5494ea8957111

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\ENWLS.exe

Filesize
77KB

MD5
0c1c96dc8d8c062b9e0ae16d0a8f7531

SHA1
52ffe4eda885f83d283597e99872e1dd540213bc

SHA256
12e3f8437f83fea9c62f5d3251a877d8f60989cb53bf42b2d04828598df1da0f

SHA512
228d80990485fc6bbc1adca61973237f75f3d7531b59e2d5fb61918a42c8f5d6e9c15e19d2793ee0197109035bca22b79f72e638df0bc26acdb2b0f1cf2be419

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\ENWSD.exe

Filesize
89KB

MD5
62a0d3c8f5b09434e4d6ce41ceb623f1

SHA1
2f6a07eb257d4e1532db5f9ebd9b061677e4eecf

SHA256
2649900d2a5a049195e64f1da2e31a4932417ef87c14890ade7786c3042d6608

SHA512
16e56622ad5a75c17109c22b42437440fe759ba411f67ab0631cf5ecdb18d9931f0b319ad3fd22958e5d114643f0092aa877298cf01e8f8e136b445c87c53f78

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\ENWSD64.exe

Filesize
99KB

MD5
b45dd8c9b4ed07f0afcfd7709de3e12d

SHA1
7e7169aefe17e9c9e29cb69ea515d99e138272e3

SHA256
26e925fa9c444d1695a52438fb5850136915f532a67041a17d0db091528ab909

SHA512
6115dc6ef74389d34b1c87de9f959cebbc8bc3e6c86b431b09db1113520cf309a1ae16b04ef165d3eaf358625f36060a7b78703d5b4cb68e6fb88cec41bd94ce

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\EPDEVMGR.DLL

Filesize
165KB

MD5
6fe3dac1fcffc323f699c1a85f141499

SHA1
f34aaeb1dd9953f7fb2073dab62a511ef0790550

SHA256
fec331afdb02c53ae18b39e2b79319259757acc67e7cf11c26298cdc3286faf2

SHA512
87adc9ffa4ccdccf1b64e60fc3043fb4f2843d42f4fbd7ff8708f2f83fd2d43c0880c95011fa996294ccaf3d0c20bcc3f29bb10fce7a9f76f0ad022900ed5aba

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\EPINST~1.DLL

Filesize
607KB

MD5
fbf0e51a4c145847d96245f74377afdf

SHA1
d2c032d2b5de910d6a09f3b8f8170c9101679830

SHA256
e566c275244aef2a597f622aee927a54edc7e20137a58ae8d48a7daf2afc273a

SHA512
4f6a52d9e8e8cc32cd7b0be97ea6eb63ac140202294e411a23899d5b3526c470d3f515be24d278bab579a32b20d0c8420c6eb0d09c5818cb993d81684661666b

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\EbpD4Fax.dll

Filesize
88KB

MD5
b20b7a37c139b3efe2ab38ae8c763c68

SHA1
59237c828b638eb5a5d6ddd1c4cdaf87e7e38968

SHA256
67f7f90cf407c257fc0c0a2568de6c70c7c70608f785a3c7a58c3a73562fb099

SHA512
9bfbe2252f74bbb0f1c293d1923b7a9e5f01551aceabcc8a7f91eca83239db20b426f92cc3fc5b41a8ca74f38dabe2caa4592bf024ecd67902026156bd5dd240

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres200.dat

Filesize
66KB

MD5
0fc09deaba6b17663faa48b286aac105

SHA1
5ef78f18bbb0291442752f209a8becddcec8ae22

SHA256
e472ec7057e717a5490b52a9d5fbae9d668631743dc8d4baac2c64cf4af4b0f0

SHA512
f4cb24794f37e8cef73aeecec5067ca271630d133e84ee9a08cef967a02390e0cba07fdb26820db86d10030fbeb099b3d847c56ad4dac6a6a108df1abc46fd7b

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres300.dat

Filesize
1KB

MD5
1fd9d9da1e6b62e8f69864c35347321f

SHA1
38d7d30317c705331c79642d1e38d5e7f6e45275

SHA256
f4c22bad7b50d651a2e3a327014434354c66dd91177cd6f2d52cfbf710ef7e8e

SHA512
4dae98b6cc7d84332c5d2891e67778bfd80800655b4f4718f68a95eced45bd9fab5279eb7f6b91ca02f9c0c68102600461a0a8865613d939f2670c1ac3bbf3ea

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres302.dat

Filesize
3KB

MD5
f98eeedb8893365d8b3b6aa9f5306723

SHA1
e4d7c817e510422a25a5fe3233396164bdb75fa5

SHA256
8b28502c002f8f8fb1414461901fb32e9b59ee3b3ef1585ab8de7dda72bd577d

SHA512
281fdc1ea8162655f5c665e8a7c459a3f5810513a5e6da972077cb9b2f1655e9dedff2363dc1453c915a34f1a231e6aa077cbd43ff88330c209d9caecf738210

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres303.dat

Filesize
708B

MD5
716e1941f4485f09c0740a702583242e

SHA1
acb2121fb77f9ddf0af49c15ebc5d0d3176aac35

SHA256
b61e1d9efd30a087cd75a70fb8c84648fcddc3ccc443598da8b0545113a4d02d

SHA512
3935b27fe3467f60f6335ae057ccd79168564ec3dbe7d38bb7b0a266fff2b12f239f935e0baa016927e253cf828f01e061ebed5e281a75dfaa4e5407ecae4a25

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres304.dat

Filesize
4KB

MD5
f8772ab196b5248dd0225f317a49086f

SHA1
3c268753f0d85738f4c6541912d692812fa636bb

SHA256
f1ba6d5eca5db4b8ffb32ba891ff648430a2499c0b11cc0527eb52c01a649d02

SHA512
953f162757ae982ab16e08674080cb56a178a9767279e8ecb513a366460c4e556d6c390002ed5f42489268116be138304bc5968e1536ba8f1d55877eab1e5449

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres305.dat

Filesize
185KB

MD5
ee00540ba0fd64bf61047aa881b8a989

SHA1
abcb73f0cb5ce0532d499db2859e232865635ef9

SHA256
b64684477712d745e1756fff5453db7c4a77b58857ca80e35ce68f05e4495647

SHA512
4ff1146414e8cde4632bc18c880e15c2a27fe31c954f07d169657d915e97830f1a65fba1e93d3f32afab15670feaf0e9a9e8bcda1e45f19d1ec0844d985561e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres306.dat

Filesize
167KB

MD5
59fc91b0eb00da2c431846c2f8994b5a

SHA1
003c1adda707347d2cf0e05600b9a6aced5ea4fc

SHA256
a98da03e6a95eda63cc3de17e3959ae6285132c998cf08c9a63aa66cf20859c9

SHA512
271242d3f2452283a361d5e1fba1540d0bf0c6cbcc0c344a1121b49b4fb1c7b2ad446e120bf9b9878b93045e55f510ecf45ef222d25310142577cf3e677364b4

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres307.dat

Filesize
167KB

MD5
1bc663a3a4c27d08f342d965cdfa5b34

SHA1
6b941dece6e5ced708dffbc8f79ea40a533acc65

SHA256
b23f688392018cb10309175796a6143865c028fa3950a4b0b05d7f037f5e8ada

SHA512
361d9d400ef0f28a20d3246f8012d56d71704aa56bf079f32abae7c79cb9b1c94da7c929e0ea2869b1fb2238ebf005e245718b5810c5e662a9e4753171002d81

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres308.dat

Filesize
160KB

MD5
ccbb6c30d0d5fa715666b317d0044623

SHA1
230108ee23c58338dfe2a5f7c72fcc14291a2cf9

SHA256
90f4616e3f510fe78be825d0547496bab229d508675f8b183b8ed57a45588de4

SHA512
51b4a3aa664bb66bbd27929d23d63a385fed49decf0b76f6556b2018ed2a5f4b4ed8bbe33879bad6688f5339f8344c3d8f3de3fa1cbf6e9ca1ae39b9791ffb72

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres309.dat

Filesize
28KB

MD5
9867db45e0d764387b1901ddde5d99ab

SHA1
d1b722d998cbebbb5a9edb218b4b9f8a40bedd55

SHA256
5682e2ea6fa7b13298d06a446ccce9ad65e50f7ef6cb256e0b5ceadd6df27cae

SHA512
39b9bba4cd622788acc743b63c36afa9d17f2fe6881026bef6e4de17147bbd87ff87f975750d6c3d9f3dfebc363bfcf9b10625d826a694bcb818194703745927

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres311.dat

Filesize
31KB

MD5
019364d82309c9de5e46a41c204e8bf3

SHA1
edbc401c60b08f32b60a2a066b4b7071f1457d16

SHA256
61136ae1075b9caf76d1f052c3adeb34f2a972bf70629e9963b6debb1e14d354

SHA512
b18766f3486b90179248e2aaf1665ec77462210bf339c3f5eee1c2b10caeb9745e54d2bb041e5febc8ea4db661089c41062a2fab3fd8552098b6440668b5c2bc

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres312.dat

Filesize
19KB

MD5
e89df6d15e286e919ccfbbe3b56fc8ae

SHA1
3b0f76874a5205d8faaa9c2f2676e5143a343641

SHA256
2ae8be4622b0b2864cf7ba1b0d6aeff9f75b4d7aab084fd1297e36c318873050

SHA512
e12c1b6301b10671e9b51128942d7e9b6fcac392cdab95a752a513b29a11c582fa9e1f3510267d1f9887099f13b83f4736f9ed4281f32fdc12041e5d69c898aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres313.dat

Filesize
30KB

MD5
9f5c537b4cc3d8647ef67452f26c54fb

SHA1
bbf686f944fffebdc00298f104aba5ce48c11e60

SHA256
78563dbe675cf27fd06cf6b2ba80ebb050e0119266ce802247b56c74bfdcb5b2

SHA512
0f717283024c695d481146d34cc3f53af9361027e71408d7a827737b72418288ffaabfae94884c45a41622f63d27bad286a902a481a1a920d8c6440e447bd244

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres314.dat

Filesize
46KB

MD5
0c5f714b995e4c8bd5ce8a154e5c85b1

SHA1
edb23bf57e05fd2952ff30927f198e9548be7d6b

SHA256
dd94f1cdf4f9e95ebed5a9e7c3b42a38b6ef110a27749e3269b4c6c3b69eca61

SHA512
ec8ab1a77e332057daa89c901d1a9fe6999d34fd2a5dcbf0a8af12b41176e4b5d2eeb8b1e273578e020ba13b51abb453c2ef0b4369a792eb82b8c0947b2e4d44

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres315.dat

Filesize
198KB

MD5
571304a64cac2b2aeeae89920d1f4548

SHA1
a0d23f7b775f40ba8a8bc832a0b34d827f36e15b

SHA256
3fc06efc6ea121e6476fdde5d9983480230e69c50c58fcffd01c8233595cae9e

SHA512
3f58166b31c957b1c029482d0c9e7b039d8a6c7ee99e9e4bdc795114173385c3ee5f02ae1f40b3ca939d6c7ea43276004d1c2dafba3e759384fe13f57949321d

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\FRAMEW~1\enres320.dat

Filesize
16KB

MD5
29216671bbe92a641f1255876dd4d605

SHA1
3a99cec37f6a8fc8cacb959a96d3da14ada92a6a

SHA256
b905d545ca36441bb7afaf83787e56434d4519556bb3349a884c5a76f9026699

SHA512
93fcee2feea582d68d4b2953317d0d4097999123c921688061b319e93840fa889654c3f12de123ce567b99f17e24454ee1f35d01cfe13770105171cd8d8f5103

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\Strings\00\ar\enres301.dat

Filesize
65KB

MD5
2d4ac4f04586ee66d75bf2531d6b9542

SHA1
b867b31380e816cafe5a6664ea5ea16d56778d09

SHA256
46594d620e34b0a6f2b34ea7f071d0ea13c02b1b3a2955539a2da01198b3e8bb

SHA512
0c8f4e6d651389003eecb977ee02354ab929b48dc93636e5857965320ae7ffe1e071e39e3be3a81ca00f708c682d616d5fa49fba7900320620aee7aaf2929cdb

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\Strings\00\az\enres301.dat

Filesize
56KB

MD5
62413f398bd4b43d199e6ae3a49c262e

SHA1
976f406abe4d8d299778c122f5b1edf4434529ff

SHA256
81c7970cc422773d9272fb1a20c4113e5955357fbd9f43833306711e41f47bfb

SHA512
79bd37c170e68511bcc8a99c1349e1b4668972a8d4b8f6c265fe3d418dcb7ea380279353b8807882760b2b7df38e9b0b8a7bb05c03ebe8c17f7c8f35b96ca142

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\Strings\00\be\enres301.dat

Filesize
76KB

MD5
e38f3865c27201920e824e3d9755cf80

SHA1
ddd8b57288c46bdc1a45174a713cf6114c9a1655

SHA256
18a88b489844d16a396a90f962dee1d0905bdfde147d27e986c3c41bd29e04cb

SHA512
a75710321f1cf180cf6042fdc864444ca93e26d21299a9b2a6d19abc497e07c43ddde3aa362b27313b6e207728c99b71983ea8611a494a3a38ffd915059ccb34

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\RESOUR~1\Strings\00\bg\enres301.dat

Filesize
79KB

MD5
93b13afb8383381bfc09b9c3c5d930e7

SHA1
4c3b5687ce3da8b86bee95bf14dad3ed6baeb7f7

SHA256
b04c3dc02098899dfa4cd6233cacf41571409a462d2684189f5ed3bac7ab6227

SHA512
7914b804acde1f632af8278e0acbb00dd411424edb08522106759a91c7cc0735e2fdc03ae99012730b65a052ab33c6fe1e0e5c42afa27c8d3b396beb9672dfb5

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\e_dge321.dll

Filesize
16KB

MD5
f52513835729f957bfff013122da0d1b

SHA1
70b1cb61e9a05446c79f0d22852bbcd36310d816

SHA256
c20bffcc4712657b26a0ded5fa3490bee07d5b667037ccc0cfba47e077f806a3

SHA512
5ae7d072916ac4cf41311e660add228a24b416dda35ea39ab62402b2c0eec7e3cc87b98e07a3d125094528977138c70abaf7b6c49fc38abbb411e4aa42dc9376

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EPSONN~1\gdiplus.dll

Filesize
1.6MB

MD5
cc73464126d45ec55bf908e16505ec65

SHA1
394f7a932a5ae946b74cbab149f83dc87f52fa47

SHA256
7fe971893502163ac9b65a9bf7aee779b55b1b1891d3c57d39428d8aebca63e6

SHA512
e21230f1af1d895db8513385c2f54d9e17539c6c935117678844f2e4f88fb2200242c99d00aeb950460f420a54ffc5c4722d01d7113ef03f5d39b0650541414f

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Network\EpsonNetSetup\ENSF.DLL

Filesize
379KB

MD5
fe166f5c21fabcd26d31cc18075c2cfc

SHA1
20b755e6832b869b6cf44587c24b214c5e4731b2

SHA256
4be62db859fd60655d77bfcfd0af51dc4192fcfd01abe841af983781194f8816

SHA512
4854b6e674a70e9ca80c2f3c51b29681dc29b766645bf0594e875aaaabc8b4e5a7a7dfae427580608aec0093b8218fda70969731755b9fbb718ee44303775b5e

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Setup.exe

Filesize
864KB

MD5
04e5cc5a15a79b210beaf7be15d0b2a8

SHA1
c6fc0b18bf49536e3506668f1c32b91577fa1539

SHA256
a9717b283617c6e28b8ea7bb2aa712932b526af356beca2cb3a9bb419d37fe4b

SHA512
2e298d76a8e5950218005303aa7850f1f17bcd84f0eea9cbbfc2d782e0af27710eb1fef962be7ecca31188f955c658bf57b54127896bcfd3bae33383b46d8bf7

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\Setup.exe

Filesize
864KB

MD5
04e5cc5a15a79b210beaf7be15d0b2a8

SHA1
c6fc0b18bf49536e3506668f1c32b91577fa1539

SHA256
a9717b283617c6e28b8ea7bb2aa712932b526af356beca2cb3a9bb419d37fe4b

SHA512
2e298d76a8e5950218005303aa7850f1f17bcd84f0eea9cbbfc2d782e0af27710eb1fef962be7ecca31188f955c658bf57b54127896bcfd3bae33383b46d8bf7

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\EPInstallation.dll

Filesize
314KB

MD5
f04de82e0a498ca77b3b0b57b013b211

SHA1
0a3559e306081fd5bf3d9036bfccbd09a7ad6b43

SHA256
72a27af25d58773d0d66d022426be2b38fcc6b6f0447bec5918624f78bde0076

SHA512
fa7b560f5d529cdbc8a18d950504603f51e4500a94a1c32f731ea1d1e50fe4949ae67733ebe2159de5b091bc0c2d5fbb204b968adcf7194d825ad73f3db10249

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\EPSetup.dll

Filesize
585KB

MD5
a6c597fbe46fe10984f9862bb3f9ff4c

SHA1
28361b4a43ee12645002440b809694a34ca6bcfd

SHA256
26bacb956593926d53a098fe655675e74dad072d76f6a5f9e922beb398e6e032

SHA512
7ec126cfbe013ee4c7dccc0678358a9a61f1b617cd3f2c3d4f0c763e0429f34a3a89f09611e7f309486703b194a7e2220f517b2612b6158d296daf7c0126080b

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\EPSoftware.dll

Filesize
281KB

MD5
ea35f8089b57823ca6ab59bb1c4dc65f

SHA1
8e82331732426b8d81db4284bb31146d0990ba50

SHA256
bd56de634c591242a56210e9fe1c3cac2a4d98314dda8d8c3e6e723e47d2634a

SHA512
e6bfc5f0a8b49919ca6cb2643a4119937eb96493a6010d181b90182d0e9f142351f31787ddebda21491c5d98a3175a625fa258c83bf38b969ccb0b6898791acd

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\English\language.ini

Filesize
6KB

MD5
2007c172fb741bb0c26ab36ac9bc4749

SHA1
f3eafc981bc9e79ddfda4165c53678d3f9fb8296

SHA256
b543475b1960fd1b1ca47f505d32f31bb61d764ef735762e2a03776e57dcbc67

SHA512
0548af2c017538de9987a2f33a592af820fdc80b0dca4bf9e0523ee9823a45a09bd4d0e464eb06d5ff2ba8940cc3c8511e157eb27151fc3bfbf019fb392850ae

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\English\uistrings.ini

Filesize
10KB

MD5
b14cfad67c39a04c3435ccf98ad3c95b

SHA1
6d6fbb9a27828f553bf2dc1aa73f27812d668fd7

SHA256
bb5e9d14f05cb7bc6975f48b616ac2ffb0910cb00f697a5b060a35513d06617b

SHA512
f8a2bd174bf06b5958a0d07d86fa8d5e03d0e1ef9d6b47dd804969d4debabfee4ad0bbf3e851b9377ca084354639a9ff916d30bc504f1de98abb1f9310384ff0

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\Spanish\License.rtf

Filesize
15KB

MD5
72bd26c96bbf2fb77f907b328f87d82f

SHA1
3cb4d10e9a9467b200bfa1fd2b3e74bb5755d1ca

SHA256
011bae947eb5c97e681789ee4a24c5b9ccea87cd27aad33fc9a475460f65e84c

SHA512
c393169e9e69716e51d52a07d87645365226e0ac3c0328b2ec900e94a7f2f05e00dd85d868812fc417f22245cd71c155d59f1b3aec19326545370e130b942259

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\Spanish\language.ini

Filesize
6KB

MD5
15d14a9c7b78e8e9f073799a8ef7f946

SHA1
39ec22f926e6f1599b58acc8b7a282b7584c1a0d

SHA256
4d8d2fca1d456dee4a5329c4a291d19beccbd6913813e68c9dd07e2229251ffe

SHA512
b8dd4685bfcfcfa47fb61cd17edcfbb1da641718a9c1729ce9bde96999a3b362307eb9aca4c47f1eb9cd7579c265f3403c10536e61e52fb999397b1ccd59e634

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\Spanish\uistrings.ini

Filesize
12KB

MD5
5662491275bc4ce4f9aaacb023b8b44a

SHA1
2a3fbf26c30474aa5b15988cbde7fe0bf135a510

SHA256
e876dfeff5c1406df0bc0cd360bafedb7e11f61d42176ceff641ae383f37af75

SHA512
2d93a459059cc23975d5e75196b4edd10c9aa6e788a2a4306c43c15f331128b37aa8aeeb721a416345563e3c14a03c85420a3356516daf011f01adb71ca3ac6e

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\Splash.exe

Filesize
2.6MB

MD5
59472313e464e19320f2aafdb541ba62

SHA1
a54108d5e7d68c5bd16d95a3c4bde6ec47466a94

SHA256
51033cc3311dda2c154da72dc5f7bebc8f1168d51f07fec4eb833d43fd74f4a4

SHA512
8e5ca315ba3eef94adb21c566c5d64cc00e62b8d9ee61bfcd91e7bc676f23759bea0d3d257e95770018e6c2b69f25e8e0e8d1c67f204eda525cfcf9f4ed53375

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\Splash.exe

Filesize
2.6MB

MD5
59472313e464e19320f2aafdb541ba62

SHA1
a54108d5e7d68c5bd16d95a3c4bde6ec47466a94

SHA256
51033cc3311dda2c154da72dc5f7bebc8f1168d51f07fec4eb833d43fd74f4a4

SHA512
8e5ca315ba3eef94adb21c566c5d64cc00e62b8d9ee61bfcd91e7bc676f23759bea0d3d257e95770018e6c2b69f25e8e0e8d1c67f204eda525cfcf9f4ed53375

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\ad_01.png

Filesize
219KB

MD5
7ba774d11c4964f6bf66743c4f03bdc5

SHA1
92793c9bdd4cce237da2a61f74322510f796938f

SHA256
dbecca38382c080b74064312716f49323432ac2b00dcfec329a9c525fff97008

SHA512
6b76ad7b86c4765b29374de07ab38ffe3747688e93cf0b15890ad24e86a077d46824c9591547dc2fca77694023b0bced5a1505f24a7f911d8740dc6595ee98b2

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\ad_02.png

Filesize
212KB

MD5
1a150e5a66f75d3aac3ed5cd5db79386

SHA1
b5b7e6f1d7f37eb206a43bdef9ef7b425f2e2923

SHA256
efee7c55492e8edac0b523897b42a231c3010d5b8426d1d4b3bb54fc72f3b8d2

SHA512
109c6c6cce5d9bd41e245b82b1d32696684bbd2fdd9d2a1a102a6e82d5ce4545439038e075c0e77cdcf6e54902f1ca742b61a26e0a860c9bfffbed57887cb243

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\ad_03.png

Filesize
212KB

MD5
9756d2ca3740be9306b5a4936bd600f0

SHA1
31f9e02a7f2828d0ea81f1e0d84fc7dbe1199cb1

SHA256
9ec2d5f2aea3d1670c38e12124d38dc95a9bcc92abc16687ea5af1a9fb3f4efc

SHA512
ffa36ae6d2ac7d09be0c4fab396c5d3c9aefae605f9d1de10510d8a40cf5e755f585cda0d38989725e36d680b7bb56a85bdba4bb58febbf398695bc9678c4e0f

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\ad_04.png

Filesize
249KB

MD5
65284b8a756bba9049edb70774c73071

SHA1
377b844966af440c2c62f0345e7389e29d3795cb

SHA256
b8c5cd8171ab7fcbce76357c03f2a624a5ab3ff9df22bcc66805cd9351441b4f

SHA512
6ae100cf66b4f960aeb5ab18467aac1f327ab2cc706dea3240ac525d96d99eee781f421838bee620c77973015cde3ab1cc330729099c0e795183405912391680

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\ad_05_s.png

Filesize
168KB

MD5
6aaa3a02e568ca9b9e7ce704d51cf77f

SHA1
78decdf565e876b3e85bcd04ea0b29346e828ede

SHA256
604a9720ae3e02f59e3c3551b2dd8e32e34110428f0ba52205b4e7d7a73adc09

SHA512
e616faf2f1026d73525aa204a6fef2aebc6af093f8883b0f571592e398e72ad088c01be48f5a6542eb1bdbac9f415b822588b6e5a44588db1c8a737efd41de9a

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\defaultBackground.png

Filesize
62KB

MD5
060e7a6829d04e59741e23a24b7ec65d

SHA1
15bc563c50bbcdef404132a4a876bb8b71f51cd9

SHA256
a57c44f0c852ef55ae681a69d596b9d417a3477f43c46f2a070cab81d8e05a78

SHA512
94c5f0a059504b81b9013137d1ef6eec617830369a0d8f4aad91b5c7377011c9f8044a586bec2fa79fe98cd7cb1dca4214b9fce53c6b9efd4f64e96a3f7cc87b

Download Submit
C:\Users\Admin\AppData\Local\Temp\L4150\res\epson.ini

Filesize
768B

MD5
21ec04ed757c58c61dd19a5dbf8ba3ef

SHA1
e7a3489b7b8e6edcc8524d1b87ea2d63dfc73db9

SHA256
093b5b9de6410b2b3165a82f1457dfdcbb40d9b7ea2b20e96b7a6ac813b88ef6

SHA512
964eed446469d211ebe2eff1c95a1d69be297db88fe48cd8f2d8cda860977038a7ba38c42e71afa441fc395287482340074acf4e24692def04977f84805a79be

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-1K8LU.tmp\L4150_Lite_LA.tmp

Filesize
992KB

MD5
a6fc596624b3567cbfbf2aad85dd8b2f

SHA1
51c3e982a72a51b00f8634b267bd19935dc2ee0f

SHA256
d2560f86b3f8a616f30255a1216ab66b66bbe09f8f56fe8f1215eeff45c8f617

SHA512
43a6bf8abd803ab802cfccc8ffaba42d33f8a4e95885ac1289f84224699930e03ffcd62083b00c323ad06a08a11e30e0e9ce751f4e0fba4d05430dac28801eb0

Download Submit
\Users\Admin\AppData\Local\Temp\L4150\Network\EpsonNetSetup\ENSF.dll

Filesize
379KB

MD5
fe166f5c21fabcd26d31cc18075c2cfc

SHA1
20b755e6832b869b6cf44587c24b214c5e4731b2

SHA256
4be62db859fd60655d77bfcfd0af51dc4192fcfd01abe841af983781194f8816

SHA512
4854b6e674a70e9ca80c2f3c51b29681dc29b766645bf0594e875aaaabc8b4e5a7a7dfae427580608aec0093b8218fda70969731755b9fbb718ee44303775b5e

Download Submit
\Users\Admin\AppData\Local\Temp\L4150\Setup.exe

Filesize
864KB

MD5
04e5cc5a15a79b210beaf7be15d0b2a8

SHA1
c6fc0b18bf49536e3506668f1c32b91577fa1539

SHA256
a9717b283617c6e28b8ea7bb2aa712932b526af356beca2cb3a9bb419d37fe4b

SHA512
2e298d76a8e5950218005303aa7850f1f17bcd84f0eea9cbbfc2d782e0af27710eb1fef962be7ecca31188f955c658bf57b54127896bcfd3bae33383b46d8bf7

Download Submit
\Users\Admin\AppData\Local\Temp\L4150\res\EPInstallation.dll

Filesize
314KB

MD5
f04de82e0a498ca77b3b0b57b013b211

SHA1
0a3559e306081fd5bf3d9036bfccbd09a7ad6b43

SHA256
72a27af25d58773d0d66d022426be2b38fcc6b6f0447bec5918624f78bde0076

SHA512
fa7b560f5d529cdbc8a18d950504603f51e4500a94a1c32f731ea1d1e50fe4949ae67733ebe2159de5b091bc0c2d5fbb204b968adcf7194d825ad73f3db10249

Download Submit
\Users\Admin\AppData\Local\Temp\L4150\res\EPSetup.dll

Filesize
585KB

MD5
a6c597fbe46fe10984f9862bb3f9ff4c

SHA1
28361b4a43ee12645002440b809694a34ca6bcfd

SHA256
26bacb956593926d53a098fe655675e74dad072d76f6a5f9e922beb398e6e032

SHA512
7ec126cfbe013ee4c7dccc0678358a9a61f1b617cd3f2c3d4f0c763e0429f34a3a89f09611e7f309486703b194a7e2220f517b2612b6158d296daf7c0126080b

Download Submit
\Users\Admin\AppData\Local\Temp\L4150\res\EPSoftware.dll

Filesize
281KB

MD5
ea35f8089b57823ca6ab59bb1c4dc65f

SHA1
8e82331732426b8d81db4284bb31146d0990ba50

SHA256
bd56de634c591242a56210e9fe1c3cac2a4d98314dda8d8c3e6e723e47d2634a

SHA512
e6bfc5f0a8b49919ca6cb2643a4119937eb96493a6010d181b90182d0e9f142351f31787ddebda21491c5d98a3175a625fa258c83bf38b969ccb0b6898791acd

Download Submit
\Users\Admin\AppData\Local\Temp\L4150\res\Splash.exe

Filesize
2.6MB

MD5
59472313e464e19320f2aafdb541ba62

SHA1
a54108d5e7d68c5bd16d95a3c4bde6ec47466a94

SHA256
51033cc3311dda2c154da72dc5f7bebc8f1168d51f07fec4eb833d43fd74f4a4

SHA512
8e5ca315ba3eef94adb21c566c5d64cc00e62b8d9ee61bfcd91e7bc676f23759bea0d3d257e95770018e6c2b69f25e8e0e8d1c67f204eda525cfcf9f4ed53375

Download Submit
\Users\Admin\AppData\Local\Temp\is-1K8LU.tmp\L4150_Lite_LA.tmp

Filesize
992KB

MD5
a6fc596624b3567cbfbf2aad85dd8b2f

SHA1
51c3e982a72a51b00f8634b267bd19935dc2ee0f

SHA256
d2560f86b3f8a616f30255a1216ab66b66bbe09f8f56fe8f1215eeff45c8f617

SHA512
43a6bf8abd803ab802cfccc8ffaba42d33f8a4e95885ac1289f84224699930e03ffcd62083b00c323ad06a08a11e30e0e9ce751f4e0fba4d05430dac28801eb0

Download Submit
memory/1960-95-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/1960-54-0x0000000075AD1000-0x0000000075AD3000-memory.dmp

Filesize
8KB

Download
memory/1960-60-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/1960-82-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/1960-55-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/2040-62-0x0000000074C01000-0x0000000074C03000-memory.dmp

Filesize
8KB

Download