Overview

overview

8

Static

static

1

signotec_s...it.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    94s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/03/2023, 04:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    signotec_signopadtools_3.1.13_64bit.exe

  • Size

    111.7MB

  • MD5

    f37728a05d6e0fddfcc31408c2039780

  • SHA1

    52043a87ccfe4d210edcc8490ae1b5acd319e6fa

  • SHA256

    c9ee16525262c65c8900accfeaaf60b94faaae91fcd9a1ff9c689449a3fd7639

  • SHA512

    e3a1c989d96e7293e70e2b0a436a3fbb869bad44f178d478448d904f0e4c98d8b0920516c8699acd9abb98dafea3f20042f6724f4d2c83476adb44f5a800f572

  • SSDEEP

    3145728:39C5XXrMK6YHnSR+2mqsKwa4lrsMTkssi3eG5G:3aXAK6Su+2GNVlAMaQG

Score
8/10
persistence

Malware Config

Signatures

  • Blocklisted process makes network request 2 IoCs
  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 3 IoCs
  • Loads dropped DLL 6 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates connected drives 3 TTPs 48 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in System32 directory 30 IoCs
  • Drops file in Program Files directory 8 IoCs
  • Drops file in Windows directory 22 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Checks SCSI registry key(s) 3 TTPs 10 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Modifies data under HKEY_USERS 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 30 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\signotec_signopadtools_3.1.13_64bit.exe
    "C:\Users\Admin\AppData\Local\Temp\signotec_signopadtools_3.1.13_64bit.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Users\Admin\AppData\Local\Temp\{2B962842-6847-4C4A-BDA2-360C104DE16E}\signotec_signopadtools_3.1.13_64bit.exe
      C:\Users\Admin\AppData\Local\Temp\{2B962842-6847-4C4A-BDA2-360C104DE16E}\signotec_signopadtools_3.1.13_64bit.exe /q"C:\Users\Admin\AppData\Local\Temp\signotec_signopadtools_3.1.13_64bit.exe" /tempdisk1folder"C:\Users\Admin\AppData\Local\Temp\{2B962842-6847-4C4A-BDA2-360C104DE16E}" /IS_temp
      2⤵
      • Executes dropped EXE
      • Suspicious use of WriteProcessMemory
      PID:1660
      • C:\Windows\system32\MSIEXEC.EXE
        "C:\Windows\system32\MSIEXEC.EXE" /i "C:\ProgramData\Downloaded Installations\{F8D15F52-0920-4D0D-B205-0A806A8B3CF7}\signotec_signoPADTools_3.1.13_64Bit.msi" TRANSFORMS="C:\ProgramData\Downloaded Installations\{F8D15F52-0920-4D0D-B205-0A806A8B3CF7}\1033.MST" SETUPEXEDIR="C:\Users\Admin\AppData\Local\Temp" SETUPEXENAME="signotec_signopadtools_3.1.13_64bit.exe"
        3⤵
        • Blocklisted process makes network request
        • Enumerates connected drives
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        PID:3892
  • C:\Windows\system32\msiexec.exe
    C:\Windows\system32\msiexec.exe /V
    1⤵
    • Enumerates connected drives
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:620
    • C:\Windows\syswow64\MsiExec.exe
      C:\Windows\syswow64\MsiExec.exe -Embedding DC5C7A83D96863D90D14EA7F707E233C C
      2⤵
      • Loads dropped DLL
      • Suspicious use of WriteProcessMemory
      PID:1272
      • C:\Users\Admin\AppData\Local\Temp\signotec_signopadtools_3.1.13_64bit.exe
        "C:\Users\Admin\AppData\Local\Temp\signotec_signopadtools_3.1.13_64bit.exe" /embed"{10B3AA36-FFC3-456D-99D1-187C69EFD9C1}" /hide_splash /hide_progress /runprerequisites"Documentation,OfficeAddIns,ExcelAddIn2010,ExcelAddIn2010_x64,RSAManager,UsageMode_x64,WordAddIn2010,WordAddIn2010_x64,signoImager2,signoIntegrator2,signoIntegrator2_x64,signoReset,x64" /l1033 /v"TRANSFORMS=\"C:\ProgramData\Downloaded Installations\{F8D15F52-0920-4D0D-B205-0A806A8B3CF7}\1033.MST\""
        3⤵
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:4284
        • C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\signotec_signopadtools_3.1.13_64bit.exe
          C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\signotec_signopadtools_3.1.13_64bit.exe /q"C:\Users\Admin\AppData\Local\Temp\signotec_signopadtools_3.1.13_64bit.exe" /tempdisk1folder"C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}" /embed"{10B3AA36-FFC3-456D-99D1-187C69EFD9C1}" /hide_splash /hide_progress /runprerequisites"Documentation,OfficeAddIns,ExcelAddIn2010,ExcelAddIn2010_x64,RSAManager,UsageMode_x64,WordAddIn2010,WordAddIn2010_x64,signoImager2,signoIntegrator2,signoIntegrator2_x64,signoReset,x64" /l1033 /v"TRANSFORMS=\"C:\ProgramData\Downloaded Installations\{F8D15F52-0920-4D0D-B205-0A806A8B3CF7}\1033.MST\"" /eprq /IS_temp
          4⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Adds Run key to start application
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:1884
          • C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\{4FE2BFF3-7F39-49F7-9A62-95459C77CF9E}\signotec_WinUSB_2.1.0_64Bit.exe
            "C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\{4FE2BFF3-7F39-49F7-9A62-95459C77CF9E}\signotec_WinUSB_2.1.0_64Bit.exe" /s /v"/qn"
            5⤵
            • Executes dropped EXE
            • Suspicious use of SetWindowsHookEx
            • Suspicious use of WriteProcessMemory
            PID:3488
            • C:\Windows\system32\MSIEXEC.EXE
              "C:\Windows\system32\MSIEXEC.EXE" /i "C:\Users\Admin\AppData\Local\Downloaded Installations\{96565FE1-A01F-4BC0-9938-9277DD1B9DF5}\signotec_WinUSB_2.1.0_64Bit.msi" /qn TRANSFORMS="C:\Users\Admin\AppData\Local\Downloaded Installations\{96565FE1-A01F-4BC0-9938-9277DD1B9DF5}\1033.MST" SETUPEXEDIR="C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\{4FE2BFF3-7F39-49F7-9A62-95459C77CF9E}" SETUPEXENAME="signotec_WinUSB_2.1.0_64Bit.exe"
              6⤵
                PID:3848
      • C:\Windows\syswow64\MsiExec.exe
        C:\Windows\syswow64\MsiExec.exe -Embedding 38DB0EA3FB48B2044C16D664681F3BA4
        2⤵
        • Loads dropped DLL
        PID:3156
      • C:\Windows\System32\MsiExec.exe
        C:\Windows\System32\MsiExec.exe -Embedding C1A0BAD4981DBADB3E2E2B0FBBD75CC9
        2⤵
        • Loads dropped DLL
        PID:4808
      • C:\Windows\System32\MsiExec.exe
        C:\Windows\System32\MsiExec.exe -Embedding E4C8119E57E937A71D814F6CF84CEB95 E Global\MSI0000
        2⤵
        • Loads dropped DLL
        • Drops file in Windows directory
        PID:3644
    • C:\Windows\system32\svchost.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
      1⤵
      • Drops file in Windows directory
      • Checks SCSI registry key(s)
      • Suspicious use of WriteProcessMemory
      PID:624
      • C:\Windows\system32\DrvInst.exe
        DrvInst.exe "4" "1" "C:\Program Files\signotec\Driver\WinUSB\Sigpad.inf" "9" "48f3a300b" "000000000000014C" "WinSta0\Default" "000000000000015C" "208" "C:\Program Files\signotec\Driver\WinUSB"
        2⤵
        • Drops file in System32 directory
        • Drops file in Windows directory
        • Modifies data under HKEY_USERS
        • Suspicious use of WriteProcessMemory
        PID:4972
        • C:\Windows\system32\rundll32.exe
          rundll32.exe C:\Windows\system32\pnpui.dll,InstallSecurityPromptRunDllW 20 Global\{8dac5013-44f5-f346-94ec-d60455a5f1e6} Global\{60857f4b-9e96-2c4e-bc3f-c479e1a9e42d} C:\Windows\System32\DriverStore\Temp\{df6c8aeb-e41b-a340-ad7c-6842dad190eb}\Sigpad.inf C:\Windows\System32\DriverStore\Temp\{df6c8aeb-e41b-a340-ad7c-6842dad190eb}\SigPad.cat
          3⤵
          • Drops file in System32 directory
          • Modifies data under HKEY_USERS
          PID:3068

    Network

          MITRE ATT&CK Enterprise v6

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\PROGRA~1\signotec\Driver\WinUSB\SigPad.cat
            Filesize

            16KB

            MD5

            1fd7d6fc989e177f666c8ed35dcae3fe

            SHA1

            ebc5146d6b4c6d402d31da6ea4d7f1ee3c8af983

            SHA256

            04929b6f0ec16c919c2253c51111067d3b2a4ddc66a28f1be5be32451198a7aa

            SHA512

            e7d352748cffaaa3ef1ebe99d31cfdeedf77e5ed8ce3a1cb50af103e67586cbe3646ba4278892bead600250765c1db2af27e4efe2fb765af1364f978f86ea095

            Download Submit

          • C:\PROGRA~1\signotec\Driver\WinUSB\amd64\WUDFUpdate_01009.dll
            Filesize

            2.1MB

            MD5

            ebf9ee8a7671f3b260ed9b08fcee0cc5

            SHA1

            d9688d1849a86dd209732529375c6ada272ff8fd

            SHA256

            015f26bbcd619a0b67b5eaa985b69582bac27d5cbca99ce747a76532fcde4aff

            SHA512

            ea869026b73b4c3d0249beb1fe81efc8b2686d66c5ddf916d314c21989e68a12191efc2a32ef13caf2676327159e95fc4e69100fc09df5a7bbf5c019ea383dd8

            Download Submit

          • C:\PROGRA~1\signotec\Driver\WinUSB\amd64\WdfCoInstaller01009.dll
            Filesize

            1.6MB

            MD5

            4da5da193e0e4f86f6f8fd43ef25329a

            SHA1

            68a44d37ff535a2c454f2440e1429833a1c6d810

            SHA256

            18487b4ff94edccc98ed59d9fca662d4a1331c5f1e14df8db3093256dd9f1c3e

            SHA512

            b3d73ed5e45d6f2908b2f3086390dd28c1631e298756cee9bdf26b185f0b77d1b8c03ad55e0495dba982c5bed4a03337b130c76f7112f3e19821127d2cf36853

            Download Submit

          • C:\PROGRA~1\signotec\Driver\WinUSB\amd64\WinUSBCoInstaller2.dll
            Filesize

            979KB

            MD5

            246900ce6474718730ecd4f873234cf5

            SHA1

            0c84b56c82e4624824154d27926ded1c45f4b331

            SHA256

            981a17effddbc20377512ddaec9f22c2b7067e17a3e2a8ccf82bb7bb7b2420b6

            SHA512

            6a9e305bfbfb57d8f8fd16edabef9291a8a97e4b9c2ae90622f6c056e518a0a731fbb3e33a2591d87c8e4293d0f983ec515e6a241792962257b82401a8811d5c

            Download Submit

          • C:\Program Files\signotec\Driver\WinUSB\Sigpad.inf
            Filesize

            2KB

            MD5

            e64e683f1261620e25611deed37db323

            SHA1

            e839b1beb907a3f65ca70466ff547aadafa81b71

            SHA256

            2bb3bd2bb5bbeaab97025a1af03c6d12f071599571681581d176e82247e3b815

            SHA512

            7441a41c93ebd682fefdad657ee73be72ee6c19552f4e045472412837dcb402fd9468e1d802057dc23d9065e21338c9e149fd4094c79d790abc25abe203e5885

            Download Submit

          • C:\ProgramData\Downloaded Installations\{F8D15F52-0920-4D0D-B205-0A806A8B3CF7}\1033.MST
            Filesize

            32KB

            MD5

            e7979c54b4ecacf80f5ef7d493a1f115

            SHA1

            1c2d7639d89ed2a5742b13f6611aea556d3bbfe7

            SHA256

            97e1fa22b1f28a43917226dd5144cab077643ae2483490970e6c28e5836e9db2

            SHA512

            41e6395bb53872ba7c3a9ee87a854496cf3a00864179bf69e7653e97b6e149e40535ad4cb1118046c40b746b0c4ddba5c11883d4822bd9662d55e2ec81c36694

            Download Submit

          • C:\ProgramData\Downloaded Installations\{F8D15F52-0920-4D0D-B205-0A806A8B3CF7}\1033.MST
            Filesize

            32KB

            MD5

            e7979c54b4ecacf80f5ef7d493a1f115

            SHA1

            1c2d7639d89ed2a5742b13f6611aea556d3bbfe7

            SHA256

            97e1fa22b1f28a43917226dd5144cab077643ae2483490970e6c28e5836e9db2

            SHA512

            41e6395bb53872ba7c3a9ee87a854496cf3a00864179bf69e7653e97b6e149e40535ad4cb1118046c40b746b0c4ddba5c11883d4822bd9662d55e2ec81c36694

            Download Submit

          • C:\ProgramData\Downloaded Installations\{F8D15F52-0920-4D0D-B205-0A806A8B3CF7}\signotec_signoPADTools_3.1.13_64Bit.msi
            Filesize

            32.3MB

            MD5

            e492fa6af6e739223d690bdba832316a

            SHA1

            c2cc678f4c8f707b26e25128624d0a0b471f9b81

            SHA256

            f09a45bd75d6dbfc732a5ae380b90069db72cca64c4ba25540e2a41354c96e17

            SHA512

            af682f18bb75ed6da51c35f9e05995f4c9ae2517ffc23309b9510238a94b12e39aeeb8021934449a69a9b7d8de9bc881e72e7ea171ab6acf67dc2b4ea6bb0d68

            Download Submit

          • C:\Users\Admin\AppData\Local\Downloaded Installations\{96565FE1-A01F-4BC0-9938-9277DD1B9DF5}\1033.MST
            Filesize

            32KB

            MD5

            9a358da2e191ec7a33ed5ec72813773f

            SHA1

            8d203b213fc1e04824208d5ac7a0f7670e3de756

            SHA256

            a5a05c2fc448c56bafaf5cd42d92fd6ab85bdccfbaec34da920632138ebc080f

            SHA512

            5cdcf4a25df63eb2f156c8d84dfb143f819c7f585c260ead9702427684cb9f39aab9c7e87db0c83ba3b91b72334efc70f0e0e15f02392e1253550c253da84bca

            Download Submit

          • C:\Users\Admin\AppData\Local\Downloaded Installations\{96565FE1-A01F-4BC0-9938-9277DD1B9DF5}\signotec_WinUSB_2.1.0_64Bit.msi
            Filesize

            10.0MB

            MD5

            6b1e81f43d6ae9d324805dd3fe1307a4

            SHA1

            1bc5db8c670413d04cacdfb68a3d188ad916bb7a

            SHA256

            4c2e118a31ddd72377510becfab232bb76446b494b9418bd02fe0959273853f1

            SHA512

            1da26cf86324a9fbf06e64c9a7a36e7ab5a69a0d4a62617092e2c6d0162144fce9c4266e384b0139e6d19dfa5115a83037a2b6297b2da9bfc5059cfea8b773c2

            Download Submit

          • C:\Users\Admin\AppData\Local\Downloaded Installations\{96565FE1-A01F-4BC0-9938-9277DD1B9DF5}\signotec_WinUSB_2.1.0_64Bit.msi
            Filesize

            10.0MB

            MD5

            6b1e81f43d6ae9d324805dd3fe1307a4

            SHA1

            1bc5db8c670413d04cacdfb68a3d188ad916bb7a

            SHA256

            4c2e118a31ddd72377510becfab232bb76446b494b9418bd02fe0959273853f1

            SHA512

            1da26cf86324a9fbf06e64c9a7a36e7ab5a69a0d4a62617092e2c6d0162144fce9c4266e384b0139e6d19dfa5115a83037a2b6297b2da9bfc5059cfea8b773c2

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\MSI782F.tmp
            Filesize

            278KB

            MD5

            9e7ad4e41266d8eae8e3773bdc9f17e4

            SHA1

            57a9016861bf4fafee85fbc90f0b9a28d794facf

            SHA256

            51fa4b6f83772ace72b6ede1787ad32719232f90f825dd58a9700e6b94e6087d

            SHA512

            fff31642999b60442b154fac3b84848c5c828d4ee2a460f799d40d48c24bb76b1b61c3aeb5dfe1074bcdb1ace2179751cc00ff675682c5f8209153daea7a1675

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\MSI782F.tmp
            Filesize

            278KB

            MD5

            9e7ad4e41266d8eae8e3773bdc9f17e4

            SHA1

            57a9016861bf4fafee85fbc90f0b9a28d794facf

            SHA256

            51fa4b6f83772ace72b6ede1787ad32719232f90f825dd58a9700e6b94e6087d

            SHA512

            fff31642999b60442b154fac3b84848c5c828d4ee2a460f799d40d48c24bb76b1b61c3aeb5dfe1074bcdb1ace2179751cc00ff675682c5f8209153daea7a1675

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\MSIE65D.tmp
            Filesize

            172KB

            MD5

            f06f23aea87f6c01da10f48aac553a38

            SHA1

            41e11ccbb30a5a49efa77c3b1b5e95bbaa46542c

            SHA256

            2dc5a31f67fe877ca0eb95113873749def2beb0a205c62de206ccd7a668fce14

            SHA512

            32d162880fba832c8952b237182bbec742f56705f9717de08ac05ec4a09903cce5dd7e4ce5299b0f77c14e529dd9d762e8e603bb2c20d30420848ae6642d26a0

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\MSIE65D.tmp
            Filesize

            172KB

            MD5

            f06f23aea87f6c01da10f48aac553a38

            SHA1

            41e11ccbb30a5a49efa77c3b1b5e95bbaa46542c

            SHA256

            2dc5a31f67fe877ca0eb95113873749def2beb0a205c62de206ccd7a668fce14

            SHA512

            32d162880fba832c8952b237182bbec742f56705f9717de08ac05ec4a09903cce5dd7e4ce5299b0f77c14e529dd9d762e8e603bb2c20d30420848ae6642d26a0

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\MSIE823.tmp
            Filesize

            166KB

            MD5

            129120808f692df35062a9357ef1f7a5

            SHA1

            7e376a6e8ea3713f59013f8bd68732f45adcc61a

            SHA256

            a92ffef856e46d73fffda3eecc57ab65014a21e175501eed40fc11c4c0492596

            SHA512

            71d814fc45c0a8aee3824b364e6ea0afb4350e31d2f26e0578ca7c8027c31903f939ac9dbf5ebc7d9ef840dca827883dd919f46a683552b4956f63de6ba54346

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\MSIE823.tmp
            Filesize

            166KB

            MD5

            129120808f692df35062a9357ef1f7a5

            SHA1

            7e376a6e8ea3713f59013f8bd68732f45adcc61a

            SHA256

            a92ffef856e46d73fffda3eecc57ab65014a21e175501eed40fc11c4c0492596

            SHA512

            71d814fc45c0a8aee3824b364e6ea0afb4350e31d2f26e0578ca7c8027c31903f939ac9dbf5ebc7d9ef840dca827883dd919f46a683552b4956f63de6ba54346

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_isC27D..dll
            Filesize

            2.5MB

            MD5

            776275f6e820cef1544c4b4d108a2fd2

            SHA1

            df9772159cc04e842636628c0a8e1029ce771cc8

            SHA256

            580467f266bd2e7c69a6ee288bcad2a1c843b4a0571a0df68ad2c15a4cfed691

            SHA512

            869d2caa001f965cf399ad9a2bdf4b9103fd6d9a697bec263efd2f02a78dcb9a328a4e295f025c549c72bbc258e790f7c139eeb49f0d6911ea25d31601b42f62

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{2B962842-6847-4C4A-BDA2-360C104DE16E}\0x0409.ini
            Filesize

            21KB

            MD5

            a108f0030a2cda00405281014f897241

            SHA1

            d112325fa45664272b08ef5e8ff8c85382ebb991

            SHA256

            8b76df0ffc9a226b532b60936765b852b89780c6e475c152f7c320e085e43948

            SHA512

            d83894b039316c38915a789920758664257680dcb549a9b740cf5361addbee4d4a96a3ff2999b5d8acfb1d9336da055ec20012d29a9f83ee5459f103fbeec298

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{2B962842-6847-4C4A-BDA2-360C104DE16E}\Setup.INI
            Filesize

            7KB

            MD5

            88f1df63290f711a217846b3346a02d5

            SHA1

            de8820af62d1da45e50814c0cf360ffdc5b2bd51

            SHA256

            c2dcada8e6f83b06a1a80dfa76f06f28a6660cee560b4923e51f58469d60037b

            SHA512

            e5859674c2f9490453ed50d1640ddd656a7fe82e852fc2a8fec0c7e40fd534395dc07af1e9502c5aa8a0e27fe7d6d14d785aea70d410db539f8284379c64d122

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{2B962842-6847-4C4A-BDA2-360C104DE16E}\_ISMSIDEL.INI
            Filesize

            516B

            MD5

            0930b21c3cb5eccc975532b456e29b0d

            SHA1

            d72d1f7125926122a9ad3bc00c105c219b47bd7b

            SHA256

            33870a7f5db241ccca9dc7f7f5edab071043ffd049409c887fc2270bda9e2559

            SHA512

            ac48688546e9551e11540a6b44442f1467719eacecc45ca0252c9384791a405339846412b5bbff4866373d455da0b38dd83d53f646d9af6f06069af8f16f8b22

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{2B962842-6847-4C4A-BDA2-360C104DE16E}\signotec_signoPADTools_3.1.13_64Bit.msi
            Filesize

            32.3MB

            MD5

            e492fa6af6e739223d690bdba832316a

            SHA1

            c2cc678f4c8f707b26e25128624d0a0b471f9b81

            SHA256

            f09a45bd75d6dbfc732a5ae380b90069db72cca64c4ba25540e2a41354c96e17

            SHA512

            af682f18bb75ed6da51c35f9e05995f4c9ae2517ffc23309b9510238a94b12e39aeeb8021934449a69a9b7d8de9bc881e72e7ea171ab6acf67dc2b4ea6bb0d68

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{2B962842-6847-4C4A-BDA2-360C104DE16E}\signotec_signopadtools_3.1.13_64bit.exe
            Filesize

            111.7MB

            MD5

            f37728a05d6e0fddfcc31408c2039780

            SHA1

            52043a87ccfe4d210edcc8490ae1b5acd319e6fa

            SHA256

            c9ee16525262c65c8900accfeaaf60b94faaae91fcd9a1ff9c689449a3fd7639

            SHA512

            e3a1c989d96e7293e70e2b0a436a3fbb869bad44f178d478448d904f0e4c98d8b0920516c8699acd9abb98dafea3f20042f6724f4d2c83476adb44f5a800f572

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{2B962842-6847-4C4A-BDA2-360C104DE16E}\signotec_signopadtools_3.1.13_64bit.exe
            Filesize

            111.7MB

            MD5

            f37728a05d6e0fddfcc31408c2039780

            SHA1

            52043a87ccfe4d210edcc8490ae1b5acd319e6fa

            SHA256

            c9ee16525262c65c8900accfeaaf60b94faaae91fcd9a1ff9c689449a3fd7639

            SHA512

            e3a1c989d96e7293e70e2b0a436a3fbb869bad44f178d478448d904f0e4c98d8b0920516c8699acd9abb98dafea3f20042f6724f4d2c83476adb44f5a800f572

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\_ISMSIDEL.INI
            Filesize

            516B

            MD5

            e338d99821b2f75ed97bf3a95a33b332

            SHA1

            fca4e2be4d391688d094499daaff8f8680be8f4a

            SHA256

            96edac09009595ebf1c1760d92de6d11c8dd9cd9c9e6cb2cd20d3e400c4fe381

            SHA512

            5783f375d6f5cd6b58452b8a17f8ab825adb5dc00a886012f4fa3cbf7aa078215cb090ae2096773b36547da0b2fb86eac8a47bdb4ae05127094e5dd7e5b120e8

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\signotec_signopadtools_3.1.13_64bit.exe
            Filesize

            111.7MB

            MD5

            f37728a05d6e0fddfcc31408c2039780

            SHA1

            52043a87ccfe4d210edcc8490ae1b5acd319e6fa

            SHA256

            c9ee16525262c65c8900accfeaaf60b94faaae91fcd9a1ff9c689449a3fd7639

            SHA512

            e3a1c989d96e7293e70e2b0a436a3fbb869bad44f178d478448d904f0e4c98d8b0920516c8699acd9abb98dafea3f20042f6724f4d2c83476adb44f5a800f572

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\signotec_signopadtools_3.1.13_64bit.exe
            Filesize

            111.7MB

            MD5

            f37728a05d6e0fddfcc31408c2039780

            SHA1

            52043a87ccfe4d210edcc8490ae1b5acd319e6fa

            SHA256

            c9ee16525262c65c8900accfeaaf60b94faaae91fcd9a1ff9c689449a3fd7639

            SHA512

            e3a1c989d96e7293e70e2b0a436a3fbb869bad44f178d478448d904f0e4c98d8b0920516c8699acd9abb98dafea3f20042f6724f4d2c83476adb44f5a800f572

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\{4FE2BFF3-7F39-49F7-9A62-95459C77CF9E}\signotec_WinUSB_2.1.0_64Bit.exe
            Filesize

            10.2MB

            MD5

            4b96908635042e3a54e4873373c29628

            SHA1

            717e7d56ff9fb903634587a150abb77c0c617cfa

            SHA256

            8105db70350e4f620482cf6a91fce4ca24c7f390a5301a77de9370e0e48624c3

            SHA512

            a61410b55f8400cfccf11d72eb2f1b8354998f16068317c777ea4803cc0dda146558eac46bb0c29dc0aad6419113635c368b3a72699290682f7c6f752ce4b3cc

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\{4FE2BFF3-7F39-49F7-9A62-95459C77CF9E}\signotec_WinUSB_2.1.0_64Bit.exe
            Filesize

            10.2MB

            MD5

            4b96908635042e3a54e4873373c29628

            SHA1

            717e7d56ff9fb903634587a150abb77c0c617cfa

            SHA256

            8105db70350e4f620482cf6a91fce4ca24c7f390a5301a77de9370e0e48624c3

            SHA512

            a61410b55f8400cfccf11d72eb2f1b8354998f16068317c777ea4803cc0dda146558eac46bb0c29dc0aad6419113635c368b3a72699290682f7c6f752ce4b3cc

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\{8455BF73-5ED7-41E4-957A-C4A4E6239ED6}\{4FE2BFF3-7F39-49F7-9A62-95459C77CF9E}\signotec_WinUSB_2.1.0_64Bit.exe
            Filesize

            10.2MB

            MD5

            4b96908635042e3a54e4873373c29628

            SHA1

            717e7d56ff9fb903634587a150abb77c0c617cfa

            SHA256

            8105db70350e4f620482cf6a91fce4ca24c7f390a5301a77de9370e0e48624c3

            SHA512

            a61410b55f8400cfccf11d72eb2f1b8354998f16068317c777ea4803cc0dda146558eac46bb0c29dc0aad6419113635c368b3a72699290682f7c6f752ce4b3cc

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\~CD43.tmp
            Filesize

            5KB

            MD5

            66bf21ffe7133ef26b60172e5a7f8059

            SHA1

            179f4841e0bfde45825af91e1b840ff8327159ee

            SHA256

            949445988d0967874d46524c07e6ac4b31782b580ca3862a46f2f706fcea025f

            SHA512

            2b527e67fff6a9187ffd87b5181d3d2f9b4886f1acd16fb4f0f98e29e2879d7d9c9cf5c5332d3b38f402f06fd0f6238acaf7befb8d34be49c063dcd907f180b3

            Download Submit

          • C:\Windows\Installer\MSID5ED.tmp
            Filesize

            153KB

            MD5

            69e9bb71d4d394e87f0109734d328371

            SHA1

            82fbef8f36aecefbca489d58c09cdf4b0386f787

            SHA256

            c3a87617d5ba229a62da7fd4e0929be26cac33c58470fd5e5f0b54c30ff4d172

            SHA512

            867c051e8bead1b4b093833776b2643e2b077e5d0866ff0d5362ea51ad277c3ff0f6892475183f4308409742de63ffeed6289fbe4bd6da692f873ef647ae3414

            Download Submit

          • C:\Windows\Installer\MSID5ED.tmp
            Filesize

            153KB

            MD5

            69e9bb71d4d394e87f0109734d328371

            SHA1

            82fbef8f36aecefbca489d58c09cdf4b0386f787

            SHA256

            c3a87617d5ba229a62da7fd4e0929be26cac33c58470fd5e5f0b54c30ff4d172

            SHA512

            867c051e8bead1b4b093833776b2643e2b077e5d0866ff0d5362ea51ad277c3ff0f6892475183f4308409742de63ffeed6289fbe4bd6da692f873ef647ae3414

            Download Submit

          • C:\Windows\Installer\MSID89F.tmp
            Filesize

            107KB

            MD5

            cf6354b5789cb6b9691b8896e255a378

            SHA1

            e9429ffa42b00f45073fa1989f92c2c27d7aad86

            SHA256

            16c4cf37242385f27d2625ee8b660b745342ef8340541e6c7e4673522ed13956

            SHA512

            7ba049a5ec80d94763d44c7cdc85d2e94b4edfe5db2ce575d594e4914f321bbb730f60b33f2ff9f58f359ce4f4b35dd5efbaad670c30c31dd836735110776202

            Download Submit

          • C:\Windows\Installer\MSID89F.tmp
            Filesize

            107KB

            MD5

            cf6354b5789cb6b9691b8896e255a378

            SHA1

            e9429ffa42b00f45073fa1989f92c2c27d7aad86

            SHA256

            16c4cf37242385f27d2625ee8b660b745342ef8340541e6c7e4673522ed13956

            SHA512

            7ba049a5ec80d94763d44c7cdc85d2e94b4edfe5db2ce575d594e4914f321bbb730f60b33f2ff9f58f359ce4f4b35dd5efbaad670c30c31dd836735110776202

            Download Submit

          • C:\Windows\Installer\MSIDA36.tmp
            Filesize

            650KB

            MD5

            6aa987dbea3f424fa44cd541dbae7368

            SHA1

            47ba276719f0a3e25e24fb546ecad8b97b6ebe67

            SHA256

            07694439a93f220f5e9f46ac3ceb0b22fe1dadb3ed9bf18a9f2835be7a5c3bc6

            SHA512

            c5c5901bcdfdb413cb679d39c90a4fa64e96ad10d25476c62e2d2276bdc1cf8a5b4d987f881acb701ffaaa22662b64442e399f1aa8cb6ff5c761e03c474756a2

            Download Submit

          • C:\Windows\Installer\MSIDA36.tmp
            Filesize

            650KB

            MD5

            6aa987dbea3f424fa44cd541dbae7368

            SHA1

            47ba276719f0a3e25e24fb546ecad8b97b6ebe67

            SHA256

            07694439a93f220f5e9f46ac3ceb0b22fe1dadb3ed9bf18a9f2835be7a5c3bc6

            SHA512

            c5c5901bcdfdb413cb679d39c90a4fa64e96ad10d25476c62e2d2276bdc1cf8a5b4d987f881acb701ffaaa22662b64442e399f1aa8cb6ff5c761e03c474756a2

            Download Submit

          • C:\Windows\System32\DriverStore\Temp\{df6c8aeb-e41b-a340-ad7c-6842dad190eb}\SigPad.cat
            Filesize

            16KB

            MD5

            1fd7d6fc989e177f666c8ed35dcae3fe

            SHA1

            ebc5146d6b4c6d402d31da6ea4d7f1ee3c8af983

            SHA256

            04929b6f0ec16c919c2253c51111067d3b2a4ddc66a28f1be5be32451198a7aa

            SHA512

            e7d352748cffaaa3ef1ebe99d31cfdeedf77e5ed8ce3a1cb50af103e67586cbe3646ba4278892bead600250765c1db2af27e4efe2fb765af1364f978f86ea095

            Download Submit

          • C:\Windows\System32\DriverStore\Temp\{df6c8aeb-e41b-a340-ad7c-6842dad190eb}\SigPad.cat
            Filesize

            16KB

            MD5

            1fd7d6fc989e177f666c8ed35dcae3fe

            SHA1

            ebc5146d6b4c6d402d31da6ea4d7f1ee3c8af983

            SHA256

            04929b6f0ec16c919c2253c51111067d3b2a4ddc66a28f1be5be32451198a7aa

            SHA512

            e7d352748cffaaa3ef1ebe99d31cfdeedf77e5ed8ce3a1cb50af103e67586cbe3646ba4278892bead600250765c1db2af27e4efe2fb765af1364f978f86ea095

            Download Submit

          • C:\Windows\System32\DriverStore\Temp\{df6c8aeb-e41b-a340-ad7c-6842dad190eb}\Sigpad.inf
            Filesize

            2KB

            MD5

            e64e683f1261620e25611deed37db323

            SHA1

            e839b1beb907a3f65ca70466ff547aadafa81b71

            SHA256

            2bb3bd2bb5bbeaab97025a1af03c6d12f071599571681581d176e82247e3b815

            SHA512

            7441a41c93ebd682fefdad657ee73be72ee6c19552f4e045472412837dcb402fd9468e1d802057dc23d9065e21338c9e149fd4094c79d790abc25abe203e5885

            Download Submit

          • C:\Windows\System32\DriverStore\Temp\{df6c8aeb-e41b-a340-ad7c-6842dad190eb}\Sigpad.inf
            Filesize

            2KB

            MD5

            e64e683f1261620e25611deed37db323

            SHA1

            e839b1beb907a3f65ca70466ff547aadafa81b71

            SHA256

            2bb3bd2bb5bbeaab97025a1af03c6d12f071599571681581d176e82247e3b815

            SHA512

            7441a41c93ebd682fefdad657ee73be72ee6c19552f4e045472412837dcb402fd9468e1d802057dc23d9065e21338c9e149fd4094c79d790abc25abe203e5885

            Download Submit

          • C:\Windows\System32\DriverStore\Temp\{df6c8aeb-e41b-a340-ad7c-6842dad190eb}\amd64\WUDFUpdate_01009.dll
            Filesize

            2.1MB

            MD5

            ebf9ee8a7671f3b260ed9b08fcee0cc5

            SHA1

            d9688d1849a86dd209732529375c6ada272ff8fd

            SHA256

            015f26bbcd619a0b67b5eaa985b69582bac27d5cbca99ce747a76532fcde4aff

            SHA512

            ea869026b73b4c3d0249beb1fe81efc8b2686d66c5ddf916d314c21989e68a12191efc2a32ef13caf2676327159e95fc4e69100fc09df5a7bbf5c019ea383dd8

            Download Submit

          • C:\Windows\System32\DriverStore\Temp\{df6c8aeb-e41b-a340-ad7c-6842dad190eb}\amd64\WdfCoInstaller01009.dll
            Filesize

            1.6MB

            MD5

            4da5da193e0e4f86f6f8fd43ef25329a

            SHA1

            68a44d37ff535a2c454f2440e1429833a1c6d810

            SHA256

            18487b4ff94edccc98ed59d9fca662d4a1331c5f1e14df8db3093256dd9f1c3e

            SHA512

            b3d73ed5e45d6f2908b2f3086390dd28c1631e298756cee9bdf26b185f0b77d1b8c03ad55e0495dba982c5bed4a03337b130c76f7112f3e19821127d2cf36853

            Download Submit

          • C:\Windows\System32\DriverStore\Temp\{df6c8aeb-e41b-a340-ad7c-6842dad190eb}\amd64\WinUSBCoInstaller2.dll
            Filesize

            979KB

            MD5

            246900ce6474718730ecd4f873234cf5

            SHA1

            0c84b56c82e4624824154d27926ded1c45f4b331

            SHA256

            981a17effddbc20377512ddaec9f22c2b7067e17a3e2a8ccf82bb7bb7b2420b6

            SHA512

            6a9e305bfbfb57d8f8fd16edabef9291a8a97e4b9c2ae90622f6c056e518a0a731fbb3e33a2591d87c8e4293d0f983ec515e6a241792962257b82401a8811d5c

            Download Submit