Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

MBSetup.exe

windows7-x64

8

MBSetup.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    150s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/03/2023, 05:43 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MBSetup.exe

  • Size

    2.4MB

  • MD5

    e8a9e2ba85ba4a91c714e25f97227bb6

  • SHA1

    175bbcda38deb982ebc12ae4589445ff98eb1851

  • SHA256

    d3e21e607c9b4e4c1d9cc08d38aca37b91544fbfd5a9b7aca3485215ef41fbef

  • SHA512

    c240b644fe77972982924d7347fa6f874fafdc97938dc20988d7d20edc8051059f7ca102bfddb2d5d7ebd69c6664d9ee793f1f26ba8c15eddc0e43e1b7015f58

  • SSDEEP

    49152:ViT6ISa9C/5BirX0wxZN2DxiIq2d4BW3y3LP:VpISa0u/WRq2

Score
8/10
discoverypersistencespywarestealer

Malware Config

Signatures

  • Downloads MZ/PE file
  • Drops file in Drivers directory 10 IoCs
  • Modifies RDP port number used by Windows 1 TTPs
  • Sets service image path in registry 2 TTPs 2 IoCs
    persistence
  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Executes dropped EXE 4 IoCs
  • Loads dropped DLL 61 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Registers COM server for autorun 1 TTPs 64 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates connected drives 3 TTPs 48 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in System32 directory 2 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Checks processor information in registry 2 TTPs 7 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Delays execution with timeout.exe 1 IoCs
    evasion
  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 64 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 26 IoCs
  • Suspicious behavior: LoadsDriver 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 13 IoCs
  • Suspicious use of SendNotifyMessage 11 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\MBSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\MBSetup.exe"
    1⤵
    • Drops file in Drivers directory
    • Suspicious use of WriteProcessMemory
    PID:1512
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /C timeout /t 1 & "C:\Program Files\Mozilla Firefox\firefox.exe" -install -extension "C:\Users\Admin\AppData\Local\Temp\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1492
      • C:\Windows\SysWOW64\timeout.exe
        timeout /t 1
        3⤵
        • Delays execution with timeout.exe
        PID:4864
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe" -install -extension "C:\Users\Admin\AppData\Local\Temp\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi"
        3⤵
        • Suspicious use of WriteProcessMemory
        PID:3568
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -install -extension C:\Users\Admin\AppData\Local\Temp\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi
          4⤵
          • Checks processor information in registry
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:1796
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1796.0.103518714\1347602893" -parentBuildID 20221007134813 -prefsHandle 1700 -prefMapHandle 1692 -prefsLen 20890 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f97a4b46-6afb-46d8-9f16-451a3d766410} 1796 "\\.\pipe\gecko-crash-server-pipe.1796" 1780 1b9c1816858 gpu
            5⤵
              PID:2784
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1796.1.266972403\1718101825" -parentBuildID 20221007134813 -prefsHandle 2336 -prefMapHandle 2332 -prefsLen 21706 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9fe00935-897a-4240-b2a3-27f859067e06} 1796 "\\.\pipe\gecko-crash-server-pipe.1796" 2348 1b9b4871658 socket
              5⤵
                PID:4776
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1796.2.1350460231\2078806346" -childID 1 -isForBrowser -prefsHandle 3228 -prefMapHandle 3224 -prefsLen 21789 -prefMapSize 232675 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {42e9c3ba-8fbe-426f-9d63-1e5c7d18f87b} 1796 "\\.\pipe\gecko-crash-server-pipe.1796" 3240 1b9c433f458 tab
                5⤵
                  PID:4408
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1796.3.1039365827\824362109" -childID 2 -isForBrowser -prefsHandle 2912 -prefMapHandle 2776 -prefsLen 26519 -prefMapSize 232675 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d825bdb3-14cc-4e82-b4f9-6a3af6a94a57} 1796 "\\.\pipe\gecko-crash-server-pipe.1796" 3512 1b9b48e4e58 tab
                  5⤵
                    PID:1652
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1796.6.708341780\1755855840" -childID 5 -isForBrowser -prefsHandle 5072 -prefMapHandle 5076 -prefsLen 26658 -prefMapSize 232675 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d048a7c2-4969-4b2e-9326-e163d59cff0d} 1796 "\\.\pipe\gecko-crash-server-pipe.1796" 5060 1b9c5c6e458 tab
                    5⤵
                      PID:1972
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1796.5.544452167\662146081" -childID 4 -isForBrowser -prefsHandle 4884 -prefMapHandle 4888 -prefsLen 26658 -prefMapSize 232675 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {96fa8a20-4677-4d4c-8819-70d3a41c7b13} 1796 "\\.\pipe\gecko-crash-server-pipe.1796" 4876 1b9c5c6de58 tab
                      5⤵
                        PID:4676
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1796.4.1638304542\1096357982" -childID 3 -isForBrowser -prefsHandle 4452 -prefMapHandle 4608 -prefsLen 26658 -prefMapSize 232675 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a72422be-637b-4ff8-9756-e4e8552c7608} 1796 "\\.\pipe\gecko-crash-server-pipe.1796" 4584 1b9c5c6f058 tab
                        5⤵
                          PID:2816
                • C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
                  "C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"
                  1⤵
                  • Drops file in Drivers directory
                  • Executes dropped EXE
                  • Loads dropped DLL
                  • Enumerates connected drives
                  • Drops file in Program Files directory
                  • Modifies Internet Explorer settings
                  • Modifies data under HKEY_USERS
                  • Suspicious behavior: EnumeratesProcesses
                  • Suspicious use of WriteProcessMemory
                  PID:2052
                  • C:\Windows\system32\certutil.exe
                    "C:\Windows\system32\certutil.exe" -f -addstore root "C:\Windows\TEMP\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\starfieldrootcag2_new.crt"
                    2⤵
                    • Modifies data under HKEY_USERS
                    PID:2656
                  • C:\Windows\system32\certutil.exe
                    "C:\Windows\system32\certutil.exe" -f -addstore root "C:\Windows\TEMP\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\msrootca2020.crt"
                    2⤵
                      PID:3888
                    • C:\Windows\system32\certutil.exe
                      "C:\Windows\system32\certutil.exe" -f -addstore root "C:\Windows\TEMP\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\SectigoRootCA.crt"
                      2⤵
                        PID:2924
                      • C:\Windows\system32\certutil.exe
                        "C:\Windows\system32\certutil.exe" -f -addstore root "C:\Windows\TEMP\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\starfieldClass2CA.crt"
                        2⤵
                          PID:2876
                        • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
                          "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Service /Protected
                          2⤵
                          • Drops file in Drivers directory
                          • Executes dropped EXE
                          • Registers COM server for autorun
                          • Drops file in System32 directory
                          • Modifies registry class
                          • Suspicious use of AdjustPrivilegeToken
                          PID:1456
                      • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
                        "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
                        1⤵
                        • Drops file in Drivers directory
                        • Sets service image path in registry
                        • Checks BIOS information in registry
                        • Executes dropped EXE
                        • Loads dropped DLL
                        • Registers COM server for autorun
                        • Enumerates connected drives
                        • Drops file in System32 directory
                        • Checks processor information in registry
                        • Modifies Internet Explorer settings
                        • Modifies data under HKEY_USERS
                        • Suspicious behavior: EnumeratesProcesses
                        • Suspicious use of AdjustPrivilegeToken
                        • Suspicious use of WriteProcessMemory
                        PID:3812
                        • C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
                          "C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
                          2⤵
                          • Executes dropped EXE
                          • Loads dropped DLL
                          • Suspicious behavior: AddClipboardFormatListener
                          • Suspicious behavior: EnumeratesProcesses
                          • Suspicious use of FindShellTrayWindow
                          • Suspicious use of SendNotifyMessage
                          PID:1704

                      Network

                      • flag-us
                        DNS
                        59.128.231.4.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        59.128.231.4.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        108.211.229.192.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        108.211.229.192.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        210.81.184.52.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        210.81.184.52.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        73.159.190.20.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        73.159.190.20.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        assets.msn.com
                        Remote address:
                        8.8.8.8:53
                        Request
                        assets.msn.com
                        IN A
                        Response
                        assets.msn.com
                        IN CNAME
                        assets.msn.com.edgekey.net
                        assets.msn.com.edgekey.net
                        IN CNAME
                        e28578.d.akamaiedge.net
                        e28578.d.akamaiedge.net
                        IN A
                        104.126.37.179
                        e28578.d.akamaiedge.net
                        IN A
                        104.126.37.147
                      • flag-de
                        GET
                        https://assets.msn.com/serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=328e19fa-ea39-4ddc-8673-a980d3e9428b&ocid=windows-windowsShell-feeds&user=m-dee0c10466b643e89577c6977f68127b&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask
                        Remote address:
                        104.126.37.179:443
                        Request
                        GET /serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=328e19fa-ea39-4ddc-8673-a980d3e9428b&ocid=windows-windowsShell-feeds&user=m-dee0c10466b643e89577c6977f68127b&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask HTTP/2.0
                        host: assets.msn.com
                        x-search-account: None
                        accept-encoding: gzip, deflate
                        x-device-machineid: {85E413F2-034D-4322-93CB-EE4811A71BC0}
                        x-userageclass: Unknown
                        x-bm-market: US
                        x-bm-dateformat: M/d/yyyy
                        x-device-ossku: 48
                        x-bm-dtz: 0
                        x-deviceid: 0100B2E609000CC3
                        x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11D898D7,FX:11DB147C,FX:11DE505A,FX:11E11E97,FX:11E3E2BA,FX:11E50151,FX:11E9EE98,FX:11F1992A,FX:11F4161E,FX:11F41B68,FX:11FB0F2F,FX:1201B330,FX:1202B7FC,FX:120BB68E,FX:121A20E1,FX:121BF15F,FX:121E5EC8,FX:122D8E86,FX:123031A3,FX:1231B88B,FX:123371B1,FX:1233C945,FX:123D7C31,FX:1240013C,FX:1246E4A3,FX:1248306D,FX:124B38D0,FX:1250080B,FX:125A7FDA,FX:1264FA75,FX:126DBC22,FX:127159BE,FX:12769734,FX:127C935B,FX:127DC03A,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:129135BB
                        sitename: www.msn.com
                        x-bm-theme: 000000;0078d7
                        muid: DEE0C10466B643E89577C6977F68127B
                        x-agent-deviceid: 0100B2E609000CC3
                        x-bm-onlinesearchdisabled: true
                        x-bm-cbt: 1679726655
                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                        x-device-isoptin: false
                        accept-language: en-US, en
                        x-device-touch: false
                        x-device-clientsession: FA27276500174CA6ACCD4425DE0BFB31
                        cookie: MUID=DEE0C10466B643E89577C6977F68127B
                        Response
                        HTTP/2.0 200
                        content-type: application/json; charset=utf-8
                        server: Kestrel
                        access-control-allow-credentials: true
                        access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
                        access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
                        access-control-allow-origin: *.msn.com
                        access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
                        content-encoding: gzip
                        ddd-authenticatedwithjwtflow: False
                        ddd-usertype: AnonymousMuid
                        ddd-tmpl: coldStartUpsell:1;partialResponse:1;SportsMatch_all:1;Nowcast_cold:1;SevereWeather_cold:1;WildFire_cold:1;TeaserVisibility_cold:1;TeaserTemp_cold:1;lowC:0;lowT:0;coldStart:1
                        ddd-feednewsitemcount: 0
                        x-wpo-activityid: 1918E94C-3B47-4613-B35E-720EC1707938|2023-03-25T05:44:18.6728191Z|fabric:/wpo|WEU|WPO_89
                        ddd-activityid: 1918e94c-3b47-4613-b35e-720ec1707938
                        ddd-strategyexecutionlatency: 00:00:00.1678522
                        ddd-debugid: 1918e94c-3b47-4613-b35e-720ec1707938|2023-03-25T05:44:18.6820720Z|fabric:/winfeed|WEU|WinFeed_146
                        onewebservicelatency: 169
                        x-msedge-responseinfo: 169
                        x-ceto-ref: 641e8a322bb04a97a16f4e9a8fde7462|2023-03-25T05:44:18.510Z
                        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                        expires: Sat, 25 Mar 2023 05:44:18 GMT
                        date: Sat, 25 Mar 2023 05:44:18 GMT
                        content-length: 16275
                        set-cookie: _C_ETH=1; domain=.msn.com; path=/; secure; httponly
                        akamai-request-bc: [a=104.126.37.175,b=542582955,c=g,n=DE_HE_FRANKFURT,o=20940],[a=20.23.114.34,c=o]
                        server-timing: clientrtt; dur=38, clienttt; dur=182, origin; dur=180 , cdntime; dur=2
                        akamai-cache-status: Miss from child
                        akamai-server-ip: 104.126.37.175
                        akamai-request-id: 205728ab
                        x-as-suppresssetcookie: 1
                        cache-control: private, max-age=0
                        timing-allow-origin: *
                        vary: Origin
                      • flag-us
                        DNS
                        179.37.126.104.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        179.37.126.104.in-addr.arpa
                        IN PTR
                        Response
                        179.37.126.104.in-addr.arpa
                        IN PTR
                        a104-126-37-179deploystaticakamaitechnologiescom
                      • flag-us
                        DNS
                        ark.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        ark.mwbsys.com
                        IN A
                        Response
                        ark.mwbsys.com
                        IN A
                        184.73.40.255
                        ark.mwbsys.com
                        IN A
                        44.195.215.218
                        ark.mwbsys.com
                        IN A
                        3.230.137.231
                      • flag-us
                        GET
                        https://ark.mwbsys.com/mbam-c.isvc.64bitv4/release
                        MBSetup.exe
                        Remote address:
                        184.73.40.255:443
                        Request
                        GET /mbam-c.isvc.64bitv4/release HTTP/1.1
                        Connection: Keep-Alive
                        User-Agent: Malwarebytes Installer
                        Host: ark.mwbsys.com
                        Response
                        HTTP/1.1 302 Found
                        Date: Sat, 25 Mar 2023 05:44:29 GMT
                        Content-Type: text/html;charset=utf-8
                        Content-Length: 0
                        Connection: keep-alive
                        Set-Cookie: AWSALB=41k9JgUWzMVb/hCKEcDzsbKHvd3zJ99NKhZmMPXVDR1+rTsw9Tsn4nsAVfOSHHXYBy/mGHshEWkGLDros3Usy2tpWTM+/CMO8vZ+KQN4r1luonwhq0Yj7Lkc5kZ6; Expires=Sat, 01 Apr 2023 05:44:29 GMT; Path=/
                        Set-Cookie: AWSALBCORS=41k9JgUWzMVb/hCKEcDzsbKHvd3zJ99NKhZmMPXVDR1+rTsw9Tsn4nsAVfOSHHXYBy/mGHshEWkGLDros3Usy2tpWTM+/CMO8vZ+KQN4r1luonwhq0Yj7Lkc5kZ6; Expires=Sat, 01 Apr 2023 05:44:29 GMT; Path=/; SameSite=None; Secure
                        semver: 4.0.505
                        Location: https://cdn.mwbsys.com/packages/mbam-c.isvc.64bitv4/3/c/7/b/3c7b30585f27d8b078be165406bb651e/fa6bc79f-67f1-49af-9d05-bf2336f1848a.exe
                        X-XSS-Protection: 1; mode=block
                        X-Content-Type-Options: nosniff
                        X-Frame-Options: SAMEORIGIN
                      • flag-us
                        DNS
                        cdn.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        cdn.mwbsys.com
                        IN A
                        Response
                        cdn.mwbsys.com
                        IN CNAME
                        d333241snikpcq.cloudfront.net
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.63
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.16
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.14
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.37
                      • flag-nl
                        GET
                        https://cdn.mwbsys.com/packages/mbam-c.isvc.64bitv4/3/c/7/b/3c7b30585f27d8b078be165406bb651e/fa6bc79f-67f1-49af-9d05-bf2336f1848a.exe
                        MBSetup.exe
                        Remote address:
                        52.222.139.63:443
                        Request
                        GET /packages/mbam-c.isvc.64bitv4/3/c/7/b/3c7b30585f27d8b078be165406bb651e/fa6bc79f-67f1-49af-9d05-bf2336f1848a.exe HTTP/1.1
                        Connection: Keep-Alive
                        User-Agent: Malwarebytes Installer
                        Host: cdn.mwbsys.com
                        Response
                        HTTP/1.1 200 OK
                        Content-Type: application/octet-stream
                        Content-Length: 9074552
                        Connection: keep-alive
                        x-amz-replication-status: COMPLETED
                        Last-Modified: Wed, 08 Mar 2023 17:20:48 GMT
                        x-amz-server-side-encryption: AES256
                        Content-Disposition: attachment; filename=MBAMIService.exe
                        x-amz-version-id: NNuncP8cRSCIv3TwRaqcupBiUtaLFnp4
                        Accept-Ranges: bytes
                        Server: AmazonS3
                        Date: Fri, 24 Mar 2023 18:42:38 GMT
                        ETag: "3c7b30585f27d8b078be165406bb651e"
                        Vary: Accept-Encoding
                        X-Cache: Hit from cloudfront
                        Via: 1.1 618e94643d6094e9ff9adbaaa8ed3aee.cloudfront.net (CloudFront)
                        X-Amz-Cf-Pop: AMS50-C1
                        X-Amz-Cf-Id: TIfAHzjNuyoVHeZBOdVyYJjuTKkWbyOAJ9rvSoiQKXMjMSNHFwGZig==
                        Age: 39728
                      • flag-us
                        DNS
                        255.40.73.184.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        255.40.73.184.in-addr.arpa
                        IN PTR
                        Response
                        255.40.73.184.in-addr.arpa
                        IN PTR
                        ec2-184-73-40-255 compute-1 amazonawscom
                      • flag-us
                        DNS
                        63.139.222.52.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        63.139.222.52.in-addr.arpa
                        IN PTR
                        Response
                        63.139.222.52.in-addr.arpa
                        IN PTR
                        server-52-222-139-63ams50r cloudfrontnet
                      • flag-us
                        GET
                        https://ark.mwbsys.com/mbam-c.svc.64bit/release
                        MBAMInstallerService.exe
                        Remote address:
                        184.73.40.255:443
                        Request
                        GET /mbam-c.svc.64bit/release HTTP/2.0
                        host: ark.mwbsys.com
                        user-agent: Malwarebytes Installer
                        Response
                        HTTP/2.0 302
                        date: Sat, 25 Mar 2023 05:44:32 GMT
                        content-type: text/html;charset=utf-8
                        content-length: 0
                        location: https://cdn.mwbsys.com/packages/mbam-c.svc.64bit/e/c/f/0/ecf09907a11d0e209b104f2db2c9ff35/d0815d9c-a15b-438c-85ef-6ef142214b47.7z
                        set-cookie: AWSALB=lUizzPyq9kgrMLr7o3NSHsGOqC3D8zKfGJclJQG7AhxP9xJmop2GUbDOq856/PPVq7pif364Ux0tx4/4ZLwCiDqvi51RpIh4bDl1k8kzlC8ZTslYt2wvwVEX6swz; Expires=Sat, 01 Apr 2023 05:44:32 GMT; Path=/
                        set-cookie: AWSALBCORS=lUizzPyq9kgrMLr7o3NSHsGOqC3D8zKfGJclJQG7AhxP9xJmop2GUbDOq856/PPVq7pif364Ux0tx4/4ZLwCiDqvi51RpIh4bDl1k8kzlC8ZTslYt2wvwVEX6swz; Expires=Sat, 01 Apr 2023 05:44:32 GMT; Path=/; SameSite=None; Secure
                        semver: 4.5.256
                        x-xss-protection: 1; mode=block
                        x-content-type-options: nosniff
                        x-frame-options: SAMEORIGIN
                      • flag-us
                        DNS
                        cdn.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        cdn.mwbsys.com
                        IN A
                        Response
                        cdn.mwbsys.com
                        IN CNAME
                        d333241snikpcq.cloudfront.net
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.63
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.16
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.14
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.37
                      • flag-nl
                        GET
                        https://cdn.mwbsys.com/packages/mbam-c.svc.64bit/e/c/f/0/ecf09907a11d0e209b104f2db2c9ff35/d0815d9c-a15b-438c-85ef-6ef142214b47.7z
                        MBAMInstallerService.exe
                        Remote address:
                        52.222.139.63:443
                        Request
                        GET /packages/mbam-c.svc.64bit/e/c/f/0/ecf09907a11d0e209b104f2db2c9ff35/d0815d9c-a15b-438c-85ef-6ef142214b47.7z HTTP/2.0
                        host: cdn.mwbsys.com
                        user-agent: Malwarebytes Installer
                        Response
                        HTTP/2.0 200
                        content-type: application/x-7z-compressed
                        content-length: 2613775
                        x-amz-replication-status: COMPLETED
                        last-modified: Fri, 17 Mar 2023 18:50:53 GMT
                        x-amz-server-side-encryption: AES256
                        content-disposition: attachment; filename=svc.64bit.7z
                        x-amz-version-id: jJBCz34wMWLpOCuCdKC9Rf1pe_93YoOV
                        accept-ranges: bytes
                        server: AmazonS3
                        date: Fri, 24 Mar 2023 18:43:21 GMT
                        etag: "ecf09907a11d0e209b104f2db2c9ff35"
                        vary: Accept-Encoding
                        x-cache: Hit from cloudfront
                        via: 1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
                        x-amz-cf-pop: AMS50-C1
                        x-amz-cf-id: R8y_BVL99XCxGHraTqXesWFM-TO2WVOejrXmKh8qhorbNZE4LT9AFw==
                        age: 39711
                      • flag-us
                        GET
                        https://ark.mwbsys.com/mbam-c.ctlr.64bitv4/release
                        MBAMInstallerService.exe
                        Remote address:
                        184.73.40.255:443
                        Request
                        GET /mbam-c.ctlr.64bitv4/release HTTP/2.0
                        host: ark.mwbsys.com
                        user-agent: Malwarebytes Installer
                        Response
                        HTTP/2.0 302
                        date: Sat, 25 Mar 2023 05:44:33 GMT
                        content-type: text/html;charset=utf-8
                        content-length: 0
                        location: https://cdn.mwbsys.com/packages/mbam-c.ctlr.64bitv4/d/4/3/0/d430ccf17d58493404f83ab7d3ee33bb/fac32e31-1dd1-4987-9c39-70acd95f179f.7z
                        set-cookie: AWSALB=D4Q4YmerjMPurI9JBKE6PMnTOEL6kxAF5yOyg5UVbFSLl1f2v+PFRIqxALZklYCpTf642W+NpW6a+UpSfVWW5s+7/xc5lIdBkgFFaEs8GeasET7KhXrSG1R983hC; Expires=Sat, 01 Apr 2023 05:44:33 GMT; Path=/
                        set-cookie: AWSALBCORS=D4Q4YmerjMPurI9JBKE6PMnTOEL6kxAF5yOyg5UVbFSLl1f2v+PFRIqxALZklYCpTf642W+NpW6a+UpSfVWW5s+7/xc5lIdBkgFFaEs8GeasET7KhXrSG1R983hC; Expires=Sat, 01 Apr 2023 05:44:33 GMT; Path=/; SameSite=None; Secure
                        semver: 1.0.1957
                        x-xss-protection: 1; mode=block
                        x-content-type-options: nosniff
                        x-frame-options: SAMEORIGIN
                      • flag-us
                        DNS
                        cdn.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        cdn.mwbsys.com
                        IN A
                        Response
                        cdn.mwbsys.com
                        IN CNAME
                        d333241snikpcq.cloudfront.net
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.63
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.14
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.37
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.16
                      • flag-nl
                        GET
                        https://cdn.mwbsys.com/packages/mbam-c.ctlr.64bitv4/d/4/3/0/d430ccf17d58493404f83ab7d3ee33bb/fac32e31-1dd1-4987-9c39-70acd95f179f.7z
                        MBAMInstallerService.exe
                        Remote address:
                        52.222.139.63:443
                        Request
                        GET /packages/mbam-c.ctlr.64bitv4/d/4/3/0/d430ccf17d58493404f83ab7d3ee33bb/fac32e31-1dd1-4987-9c39-70acd95f179f.7z HTTP/2.0
                        host: cdn.mwbsys.com
                        user-agent: Malwarebytes Installer
                        Response
                        HTTP/2.0 200
                        content-type: application/x-7z-compressed
                        content-length: 35283315
                        x-amz-replication-status: COMPLETED
                        last-modified: Fri, 17 Mar 2023 19:16:21 GMT
                        x-amz-server-side-encryption: AES256
                        content-disposition: attachment; filename=ctlr.64bit.7z
                        x-amz-version-id: TzhKjAgBXj2dBpLX6uEqqjRnWetVyhdc
                        accept-ranges: bytes
                        server: AmazonS3
                        date: Fri, 24 Mar 2023 23:33:59 GMT
                        etag: "d430ccf17d58493404f83ab7d3ee33bb"
                        vary: Accept-Encoding
                        x-cache: Hit from cloudfront
                        via: 1.1 b2bc712713f500af8be071fa65fa924c.cloudfront.net (CloudFront)
                        x-amz-cf-pop: AMS50-C1
                        x-amz-cf-id: ABVHS_jFlw_lHCbNoPF_Dj7BjjZpVxQ-TyRAizad-Bn6Dg9qNzYupA==
                        age: 22367
                      • flag-us
                        GET
                        https://ark.mwbsys.com/mbam-c.dbcls.64bitv4/release
                        MBAMInstallerService.exe
                        Remote address:
                        184.73.40.255:443
                        Request
                        GET /mbam-c.dbcls.64bitv4/release HTTP/2.0
                        host: ark.mwbsys.com
                        user-agent: Malwarebytes Installer
                        Response
                        HTTP/2.0 302
                        date: Sat, 25 Mar 2023 05:44:36 GMT
                        content-type: text/html;charset=utf-8
                        content-length: 0
                        location: https://cdn.mwbsys.com/packages/mbam-c.dbcls.64bitv4/e/6/b/b/e6bbc362824ca0d63f918a7dc6eea3c2/1b35adf7-85c4-40e2-987c-6a5b1308b641.7z
                        set-cookie: AWSALB=zVO3vW5XCqOCtdMd6s7e1Z/K5Zc09ZIJGq0Dy1TasiHw8wyPMaD9Mmg47UnpoJ1/tifYJNJK+rj5S+STcu+wJ92ykq3EdY3doyjOJ/7fsEqcDe9GeKabrb8Pqt82; Expires=Sat, 01 Apr 2023 05:44:36 GMT; Path=/
                        set-cookie: AWSALBCORS=zVO3vW5XCqOCtdMd6s7e1Z/K5Zc09ZIJGq0Dy1TasiHw8wyPMaD9Mmg47UnpoJ1/tifYJNJK+rj5S+STcu+wJ92ykq3EdY3doyjOJ/7fsEqcDe9GeKabrb8Pqt82; Expires=Sat, 01 Apr 2023 05:44:36 GMT; Path=/; SameSite=None; Secure
                        semver: 1.0.67110
                        x-xss-protection: 1; mode=block
                        x-content-type-options: nosniff
                        x-frame-options: SAMEORIGIN
                      • flag-us
                        DNS
                        cdn.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        cdn.mwbsys.com
                        IN A
                        Response
                        cdn.mwbsys.com
                        IN CNAME
                        d333241snikpcq.cloudfront.net
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.14
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.63
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.37
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.16
                      • flag-nl
                        GET
                        https://cdn.mwbsys.com/packages/mbam-c.dbcls.64bitv4/e/6/b/b/e6bbc362824ca0d63f918a7dc6eea3c2/1b35adf7-85c4-40e2-987c-6a5b1308b641.7z
                        MBAMInstallerService.exe
                        Remote address:
                        52.222.139.14:443
                        Request
                        GET /packages/mbam-c.dbcls.64bitv4/e/6/b/b/e6bbc362824ca0d63f918a7dc6eea3c2/1b35adf7-85c4-40e2-987c-6a5b1308b641.7z HTTP/2.0
                        host: cdn.mwbsys.com
                        user-agent: Malwarebytes Installer
                        Response
                        HTTP/2.0 200
                        content-type: application/x-7z-compressed
                        content-length: 68731085
                        date: Sat, 25 Mar 2023 05:02:41 GMT
                        x-amz-replication-status: COMPLETED
                        last-modified: Sat, 25 Mar 2023 04:48:54 GMT
                        etag: "e6bbc362824ca0d63f918a7dc6eea3c2"
                        x-amz-server-side-encryption: AES256
                        content-disposition: attachment; filename=dbcls.64bit.full.7z
                        x-amz-version-id: ttoCiaTiUol.ktbycnJqSjN9vjuDDBmN
                        accept-ranges: bytes
                        server: AmazonS3
                        x-cache: Hit from cloudfront
                        via: 1.1 4f516e51d4c38a41272c9098bf829774.cloudfront.net (CloudFront)
                        x-amz-cf-pop: AMS50-C1
                        x-amz-cf-id: iIf042U8frzRJ37aj5iUqE60rUv4gc5kcwxDwXEEZoXyyQDO0PJ7HQ==
                        age: 2517
                      • flag-us
                        DNS
                        14.139.222.52.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        14.139.222.52.in-addr.arpa
                        IN PTR
                        Response
                        14.139.222.52.in-addr.arpa
                        IN PTR
                        server-52-222-139-14ams50r cloudfrontnet
                      • flag-us
                        DNS
                        67.169.210.20.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        67.169.210.20.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        177.238.32.23.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        177.238.32.23.in-addr.arpa
                        IN PTR
                        Response
                        177.238.32.23.in-addr.arpa
                        IN PTR
                        a23-32-238-177deploystaticakamaitechnologiescom
                      • flag-us
                        DNS
                        177.238.32.23.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        177.238.32.23.in-addr.arpa
                        IN PTR
                        Response
                        177.238.32.23.in-addr.arpa
                        IN PTR
                        a23-32-238-177deploystaticakamaitechnologiescom
                      • flag-us
                        GET
                        https://ark.mwbsys.com/mbam-c.ui.64bit/release
                        MBAMInstallerService.exe
                        Remote address:
                        184.73.40.255:443
                        Request
                        GET /mbam-c.ui.64bit/release HTTP/2.0
                        host: ark.mwbsys.com
                        user-agent: Malwarebytes Installer
                        Response
                        HTTP/2.0 302
                        date: Sat, 25 Mar 2023 05:44:50 GMT
                        content-type: text/html;charset=utf-8
                        content-length: 0
                        location: https://cdn.mwbsys.com/packages/mbam-c.ui.64bit/b/b/f/6/bbf6199afaf84a5428479c25fc4de6bb/acf0b8c1-f31b-4eb3-b56d-e865495bc23a.7z
                        set-cookie: AWSALB=Ba49HNkOw00DK7BVuzTFHVtdP6e8aEu3zo/xo5RwNlsxr2RAoOERW/0EuRV0sjz2LSgvbg2csPaMPqtSCldtKwQ4BoDmHqI0OQi9DJWZ7Y/HT4RyeDYxyaToYMMk; Expires=Sat, 01 Apr 2023 05:44:50 GMT; Path=/
                        set-cookie: AWSALBCORS=Ba49HNkOw00DK7BVuzTFHVtdP6e8aEu3zo/xo5RwNlsxr2RAoOERW/0EuRV0sjz2LSgvbg2csPaMPqtSCldtKwQ4BoDmHqI0OQi9DJWZ7Y/HT4RyeDYxyaToYMMk; Expires=Sat, 01 Apr 2023 05:44:50 GMT; Path=/; SameSite=None; Secure
                        semver: 4.0.13
                        x-xss-protection: 1; mode=block
                        x-content-type-options: nosniff
                        x-frame-options: SAMEORIGIN
                      • flag-us
                        DNS
                        cdn.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        cdn.mwbsys.com
                        IN A
                        Response
                        cdn.mwbsys.com
                        IN CNAME
                        d333241snikpcq.cloudfront.net
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.63
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.16
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.14
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.37
                      • flag-us
                        DNS
                        cdn.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        cdn.mwbsys.com
                        IN A
                        Response
                        cdn.mwbsys.com
                        IN CNAME
                        d333241snikpcq.cloudfront.net
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.37
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.14
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.63
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.16
                      • flag-nl
                        GET
                        https://cdn.mwbsys.com/packages/mbam-c.ui.64bit/b/b/f/6/bbf6199afaf84a5428479c25fc4de6bb/acf0b8c1-f31b-4eb3-b56d-e865495bc23a.7z
                        MBAMInstallerService.exe
                        Remote address:
                        52.222.139.63:443
                        Request
                        GET /packages/mbam-c.ui.64bit/b/b/f/6/bbf6199afaf84a5428479c25fc4de6bb/acf0b8c1-f31b-4eb3-b56d-e865495bc23a.7z HTTP/2.0
                        host: cdn.mwbsys.com
                        user-agent: Malwarebytes Installer
                        Response
                        HTTP/2.0 200
                        content-type: application/x-7z-compressed
                        content-length: 50004971
                        x-amz-replication-status: COMPLETED
                        last-modified: Wed, 16 Feb 2022 17:10:55 GMT
                        content-disposition: attachment; filename=ui.64bit.7z
                        x-amz-version-id: uUQuQziSr7J3kL5Gfc.AIoL07Df62k.b
                        accept-ranges: bytes
                        server: AmazonS3
                        date: Sat, 25 Mar 2023 02:35:58 GMT
                        etag: "bbf6199afaf84a5428479c25fc4de6bb"
                        vary: Accept-Encoding
                        x-cache: Hit from cloudfront
                        via: 1.1 042b48eeaf8a253b1b396e09e8bdea20.cloudfront.net (CloudFront)
                        x-amz-cf-pop: AMS50-C1
                        x-amz-cf-id: VZjEhtS4FA49G8N53JA90o0a8hMCacCWHHgVZNy8tjgY_A7hBNIB4g==
                        age: 11371
                      • flag-us
                        DNS
                        0.77.109.52.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        0.77.109.52.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        0.77.109.52.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        0.77.109.52.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        8.3.197.209.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        8.3.197.209.in-addr.arpa
                        IN PTR
                        Response
                        8.3.197.209.in-addr.arpa
                        IN PTR
                        vip0x008map2sslhwcdnnet
                      • flag-us
                        DNS
                        8.3.197.209.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        8.3.197.209.in-addr.arpa
                        IN PTR
                        Response
                        8.3.197.209.in-addr.arpa
                        IN PTR
                        vip0x008map2sslhwcdnnet
                      • flag-us
                        DNS
                        iris.mwbsys.com
                        mbamtray.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        iris.mwbsys.com
                        IN A
                        Response
                        iris.mwbsys.com
                        IN A
                        18.235.154.91
                        iris.mwbsys.com
                        IN A
                        3.208.145.87
                        iris.mwbsys.com
                        IN A
                        107.23.57.85
                        iris.mwbsys.com
                        IN A
                        52.202.167.80
                      • flag-us
                        DNS
                        iris.mwbsys.com
                        mbamtray.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        iris.mwbsys.com
                        IN A
                        Response
                        iris.mwbsys.com
                        IN A
                        3.208.145.87
                        iris.mwbsys.com
                        IN A
                        52.202.167.80
                        iris.mwbsys.com
                        IN A
                        18.235.154.91
                        iris.mwbsys.com
                        IN A
                        107.23.57.85
                      • flag-us
                        DNS
                        87.145.208.3.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        87.145.208.3.in-addr.arpa
                        IN PTR
                        Response
                        87.145.208.3.in-addr.arpa
                        IN PTR
                        ec2-3-208-145-87 compute-1 amazonawscom
                      • flag-us
                        DNS
                        keystone.mwbsys.com
                        MBAMService.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        keystone.mwbsys.com
                        IN A
                        Response
                        keystone.mwbsys.com
                        IN A
                        100.24.224.12
                        keystone.mwbsys.com
                        IN A
                        34.197.155.191
                        keystone.mwbsys.com
                        IN A
                        18.208.121.16
                        keystone.mwbsys.com
                        IN A
                        52.5.79.35
                        keystone.mwbsys.com
                        IN A
                        107.23.24.21
                      • flag-us
                        DNS
                        16.121.208.18.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        16.121.208.18.in-addr.arpa
                        IN PTR
                        Response
                        16.121.208.18.in-addr.arpa
                        IN PTR
                        ec2-18-208-121-16 compute-1 amazonawscom
                      • flag-us
                        DNS
                        ark.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        ark.mwbsys.com
                        IN A
                        Response
                        ark.mwbsys.com
                        IN A
                        184.73.40.255
                        ark.mwbsys.com
                        IN A
                        3.230.137.231
                        ark.mwbsys.com
                        IN A
                        44.195.215.218
                      • flag-us
                        DNS
                        ark.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        ark.mwbsys.com
                        IN A
                        Response
                        ark.mwbsys.com
                        IN A
                        184.73.40.255
                        ark.mwbsys.com
                        IN A
                        3.230.137.231
                        ark.mwbsys.com
                        IN A
                        44.195.215.218
                      • flag-us
                        GET
                        https://ark.mwbsys.com/bgext
                        MBSetup.exe
                        Remote address:
                        184.73.40.255:443
                        Request
                        GET /bgext HTTP/1.1
                        Connection: Keep-Alive
                        User-Agent: Malwarebytes Installer
                        Host: ark.mwbsys.com
                        Response
                        HTTP/1.1 302 Found
                        Date: Sat, 25 Mar 2023 05:45:50 GMT
                        Content-Type: text/html;charset=utf-8
                        Content-Length: 0
                        Connection: keep-alive
                        Set-Cookie: AWSALB=dyvBSoxB5XnAgb0NJ/frGmU71+AmIu10YDsDawqK2qsBSeRf5LKQo2QeJbb+E9CcMl/jVO1jLfkK2x49KsmoPCAKCy3WRVx/njWyTJIoTcq6EHdPEfRSrdftuDiY; Expires=Sat, 01 Apr 2023 05:45:50 GMT; Path=/
                        Set-Cookie: AWSALBCORS=dyvBSoxB5XnAgb0NJ/frGmU71+AmIu10YDsDawqK2qsBSeRf5LKQo2QeJbb+E9CcMl/jVO1jLfkK2x49KsmoPCAKCy3WRVx/njWyTJIoTcq6EHdPEfRSrdftuDiY; Expires=Sat, 01 Apr 2023 05:45:50 GMT; Path=/; SameSite=None; Secure
                        semver: 1.0.1
                        Location: https://cdn.mwbsys.com/packages/mbam-c.bgext.32bit/1/6/2/7/16276deaedc24dd2a138960a8c493783/d2bb6ed7-b4a3-4dae-bb69-c65b074b3bf9.xpi
                        X-XSS-Protection: 1; mode=block
                        X-Content-Type-Options: nosniff
                        X-Frame-Options: SAMEORIGIN
                      • flag-us
                        DNS
                        cdn.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        cdn.mwbsys.com
                        IN A
                        Response
                        cdn.mwbsys.com
                        IN CNAME
                        d333241snikpcq.cloudfront.net
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.63
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.37
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.14
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.16
                      • flag-us
                        DNS
                        cdn.mwbsys.com
                        MBSetup.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        cdn.mwbsys.com
                        IN A
                        Response
                        cdn.mwbsys.com
                        IN CNAME
                        d333241snikpcq.cloudfront.net
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.63
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.37
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.14
                        d333241snikpcq.cloudfront.net
                        IN A
                        52.222.139.16
                      • flag-nl
                        GET
                        https://cdn.mwbsys.com/packages/mbam-c.bgext.32bit/1/6/2/7/16276deaedc24dd2a138960a8c493783/d2bb6ed7-b4a3-4dae-bb69-c65b074b3bf9.xpi
                        MBSetup.exe
                        Remote address:
                        52.222.139.63:443
                        Request
                        GET /packages/mbam-c.bgext.32bit/1/6/2/7/16276deaedc24dd2a138960a8c493783/d2bb6ed7-b4a3-4dae-bb69-c65b074b3bf9.xpi HTTP/1.1
                        Connection: Keep-Alive
                        User-Agent: Malwarebytes Installer
                        Host: cdn.mwbsys.com
                        Response
                        HTTP/1.1 200 OK
                        Content-Length: 18971954
                        Connection: keep-alive
                        x-amz-replication-status: COMPLETED
                        Last-Modified: Thu, 07 Jul 2022 20:50:54 GMT
                        Content-Disposition: attachment; filename=MBBG.xpi
                        x-amz-version-id: Qzr2htvKiTCkDS2NthyI.crC485m__KU
                        Accept-Ranges: bytes
                        Server: AmazonS3
                        Date: Sat, 25 Mar 2023 05:18:19 GMT
                        ETag: "958e984e93ca21f633e2cf342b8f3ea9-1"
                        Vary: Accept-Encoding
                        X-Cache: Hit from cloudfront
                        Via: 1.1 63cf97e5788a160a76e89d4e12e2ca28.cloudfront.net (CloudFront)
                        X-Amz-Cf-Pop: AMS50-C1
                        X-Amz-Cf-Id: niBOo9e9aFRBruDFYxh0UijrVAgzkXUmmuGwowdEIRKW9uU7RXRbhg==
                        Age: 7125
                      • flag-us
                        DNS
                        versionhistory.googleapis.com
                        MBAMService.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        versionhistory.googleapis.com
                        IN A
                        Response
                        versionhistory.googleapis.com
                        IN A
                        142.250.179.234
                        versionhistory.googleapis.com
                        IN A
                        142.250.180.10
                        versionhistory.googleapis.com
                        IN A
                        142.250.187.202
                        versionhistory.googleapis.com
                        IN A
                        142.250.187.234
                        versionhistory.googleapis.com
                        IN A
                        142.250.200.42
                        versionhistory.googleapis.com
                        IN A
                        172.217.16.234
                        versionhistory.googleapis.com
                        IN A
                        142.250.200.10
                        versionhistory.googleapis.com
                        IN A
                        142.250.178.10
                        versionhistory.googleapis.com
                        IN A
                        216.58.213.10
                        versionhistory.googleapis.com
                        IN A
                        172.217.169.10
                        versionhistory.googleapis.com
                        IN A
                        216.58.212.234
                        versionhistory.googleapis.com
                        IN A
                        172.217.169.42
                      • flag-us
                        DNS
                        versionhistory.googleapis.com
                        MBAMService.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        versionhistory.googleapis.com
                        IN A
                        Response
                        versionhistory.googleapis.com
                        IN A
                        216.58.212.234
                        versionhistory.googleapis.com
                        IN A
                        142.250.179.234
                        versionhistory.googleapis.com
                        IN A
                        142.250.180.10
                        versionhistory.googleapis.com
                        IN A
                        142.250.187.202
                        versionhistory.googleapis.com
                        IN A
                        142.250.187.234
                        versionhistory.googleapis.com
                        IN A
                        142.250.200.42
                        versionhistory.googleapis.com
                        IN A
                        172.217.16.234
                        versionhistory.googleapis.com
                        IN A
                        142.250.200.10
                        versionhistory.googleapis.com
                        IN A
                        142.250.178.10
                        versionhistory.googleapis.com
                        IN A
                        216.58.213.10
                      • flag-us
                        DNS
                        10.178.250.142.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        10.178.250.142.in-addr.arpa
                        IN PTR
                        Response
                        10.178.250.142.in-addr.arpa
                        IN PTR
                        lhr48s27-in-f101e100net
                      • flag-us
                        DNS
                        10.178.250.142.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        10.178.250.142.in-addr.arpa
                        IN PTR
                        Response
                        10.178.250.142.in-addr.arpa
                        IN PTR
                        lhr48s27-in-f101e100net
                      • flag-us
                        DNS
                        iris.mwbsys.com
                        mbamtray.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        iris.mwbsys.com
                        IN A
                        Response
                        iris.mwbsys.com
                        IN A
                        52.202.167.80
                        iris.mwbsys.com
                        IN A
                        107.23.57.85
                        iris.mwbsys.com
                        IN A
                        3.208.145.87
                        iris.mwbsys.com
                        IN A
                        18.235.154.91
                      • flag-us
                        DNS
                        iris.mwbsys.com
                        mbamtray.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        iris.mwbsys.com
                        IN A
                        Response
                        iris.mwbsys.com
                        IN A
                        52.202.167.80
                        iris.mwbsys.com
                        IN A
                        107.23.57.85
                        iris.mwbsys.com
                        IN A
                        3.208.145.87
                        iris.mwbsys.com
                        IN A
                        18.235.154.91
                      • flag-us
                        DNS
                        80.167.202.52.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        80.167.202.52.in-addr.arpa
                        IN PTR
                        Response
                        80.167.202.52.in-addr.arpa
                        IN PTR
                        ec2-52-202-167-80 compute-1 amazonawscom
                      • flag-us
                        DNS
                        80.167.202.52.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        80.167.202.52.in-addr.arpa
                        IN PTR
                        Response
                        80.167.202.52.in-addr.arpa
                        IN PTR
                        ec2-52-202-167-80 compute-1 amazonawscom
                      • flag-us
                        DNS
                        telemetry.malwarebytes.com
                        MBAMService.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        telemetry.malwarebytes.com
                        IN A
                        Response
                        telemetry.malwarebytes.com
                        IN CNAME
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        52.43.50.181
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        44.226.203.218
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        44.241.155.41
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        54.200.62.106
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        44.239.185.60
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        54.70.40.33
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        35.161.42.168
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        44.224.67.22
                      • flag-us
                        DNS
                        telemetry.malwarebytes.com
                        MBAMService.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        telemetry.malwarebytes.com
                        IN A
                        Response
                        telemetry.malwarebytes.com
                        IN CNAME
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        52.43.50.181
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        44.226.203.218
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        44.241.155.41
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        54.200.62.106
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        44.239.185.60
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        54.70.40.33
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        35.161.42.168
                        elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
                        IN A
                        44.224.67.22
                      • flag-us
                        DNS
                        getpocket.cdn.mozilla.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        getpocket.cdn.mozilla.net
                        IN A
                        Response
                        getpocket.cdn.mozilla.net
                        IN CNAME
                        getpocket-cdn.prod.mozaws.net
                        getpocket-cdn.prod.mozaws.net
                        IN CNAME
                        prod.pocket.prod.cloudops.mozgcp.net
                        prod.pocket.prod.cloudops.mozgcp.net
                        IN A
                        34.120.5.221
                      • flag-us
                        DNS
                        contile.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        contile.services.mozilla.com
                        IN A
                        Response
                        contile.services.mozilla.com
                        IN A
                        34.117.237.239
                      • flag-us
                        DNS
                        firefox.settings.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        firefox.settings.services.mozilla.com
                        IN A
                        Response
                        firefox.settings.services.mozilla.com
                        IN A
                        35.241.9.150
                      • flag-us
                        GET
                        https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30
                        firefox.exe
                        Remote address:
                        34.120.5.221:443
                        Request
                        GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30 HTTP/2.0
                        host: getpocket.cdn.mozilla.net
                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
                        accept: */*
                        accept-language: en-US,en;q=0.5
                        accept-encoding: gzip, deflate, br
                        sec-fetch-dest: empty
                        sec-fetch-mode: cors
                        sec-fetch-site: cross-site
                        te: trailers
                      • flag-us
                        DNS
                        prod.pocket.prod.cloudops.mozgcp.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        prod.pocket.prod.cloudops.mozgcp.net
                        IN A
                        Response
                        prod.pocket.prod.cloudops.mozgcp.net
                        IN A
                        34.120.5.221
                      • flag-us
                        GET
                        https://contile.services.mozilla.com/v1/tiles
                        firefox.exe
                        Remote address:
                        34.117.237.239:443
                        Request
                        GET /v1/tiles HTTP/2.0
                        host: contile.services.mozilla.com
                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
                        accept: */*
                        accept-language: en-US,en;q=0.5
                        accept-encoding: gzip, deflate, br
                        sec-fetch-dest: empty
                        sec-fetch-mode: cors
                        sec-fetch-site: cross-site
                        te: trailers
                      • flag-us
                        DNS
                        contile.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        contile.services.mozilla.com
                        IN A
                        Response
                        contile.services.mozilla.com
                        IN A
                        34.117.237.239
                      • flag-us
                        DNS
                        prod.pocket.prod.cloudops.mozgcp.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        prod.pocket.prod.cloudops.mozgcp.net
                        IN AAAA
                        Response
                        prod.pocket.prod.cloudops.mozgcp.net
                        IN AAAA
                        2600:1901:0:524c::
                      • flag-us
                        DNS
                        firefox.settings.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        firefox.settings.services.mozilla.com
                        IN A
                        Response
                        firefox.settings.services.mozilla.com
                        IN A
                        35.241.9.150
                      • flag-us
                        DNS
                        contile.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        contile.services.mozilla.com
                        IN AAAA
                        Response
                      • flag-us
                        DNS
                        contile.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        contile.services.mozilla.com
                        IN AAAA
                        Response
                      • flag-us
                        DNS
                        firefox.settings.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        firefox.settings.services.mozilla.com
                        IN AAAA
                        Response
                      • flag-us
                        DNS
                        firefox.settings.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        firefox.settings.services.mozilla.com
                        IN AAAA
                        Response
                      • flag-us
                        DNS
                        shavar.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        shavar.services.mozilla.com
                        IN A
                        Response
                        shavar.services.mozilla.com
                        IN CNAME
                        shavar.prod.mozaws.net
                        shavar.prod.mozaws.net
                        IN A
                        54.148.4.3
                        shavar.prod.mozaws.net
                        IN A
                        44.236.158.174
                        shavar.prod.mozaws.net
                        IN A
                        35.83.144.93
                        shavar.prod.mozaws.net
                        IN A
                        54.214.73.137
                        shavar.prod.mozaws.net
                        IN A
                        44.238.157.127
                        shavar.prod.mozaws.net
                        IN A
                        44.241.53.229
                      • flag-us
                        DNS
                        shavar.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        shavar.services.mozilla.com
                        IN A
                        Response
                        shavar.services.mozilla.com
                        IN CNAME
                        shavar.prod.mozaws.net
                        shavar.prod.mozaws.net
                        IN A
                        35.83.144.93
                        shavar.prod.mozaws.net
                        IN A
                        44.236.158.174
                        shavar.prod.mozaws.net
                        IN A
                        44.238.157.127
                        shavar.prod.mozaws.net
                        IN A
                        54.214.73.137
                        shavar.prod.mozaws.net
                        IN A
                        44.241.53.229
                        shavar.prod.mozaws.net
                        IN A
                        54.148.4.3
                      • flag-us
                        DNS
                        push.services.mozilla.com
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        push.services.mozilla.com
                        IN A
                        Response
                        push.services.mozilla.com
                        IN CNAME
                        autopush.prod.mozaws.net
                        autopush.prod.mozaws.net
                        IN A
                        54.184.50.153
                        autopush.prod.mozaws.net
                        IN A
                        44.238.223.58
                        autopush.prod.mozaws.net
                        IN A
                        35.80.203.55
                        autopush.prod.mozaws.net
                        IN A
                        52.24.53.237
                        autopush.prod.mozaws.net
                        IN A
                        52.36.191.5
                        autopush.prod.mozaws.net
                        IN A
                        54.201.249.32
                        autopush.prod.mozaws.net
                        IN A
                        44.226.72.95
                        autopush.prod.mozaws.net
                        IN A
                        54.186.109.55
                      • flag-us
                        DNS
                        shavar.prod.mozaws.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        shavar.prod.mozaws.net
                        IN A
                        Response
                        shavar.prod.mozaws.net
                        IN A
                        54.214.73.137
                        shavar.prod.mozaws.net
                        IN A
                        44.236.158.174
                        shavar.prod.mozaws.net
                        IN A
                        54.148.4.3
                        shavar.prod.mozaws.net
                        IN A
                        35.83.144.93
                        shavar.prod.mozaws.net
                        IN A
                        44.238.157.127
                        shavar.prod.mozaws.net
                        IN A
                        44.241.53.229
                      • flag-us
                        DNS
                        shavar.prod.mozaws.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        shavar.prod.mozaws.net
                        IN A
                        Response
                        shavar.prod.mozaws.net
                        IN A
                        44.236.158.174
                        shavar.prod.mozaws.net
                        IN A
                        44.238.157.127
                        shavar.prod.mozaws.net
                        IN A
                        54.214.73.137
                        shavar.prod.mozaws.net
                        IN A
                        44.241.53.229
                        shavar.prod.mozaws.net
                        IN A
                        35.83.144.93
                        shavar.prod.mozaws.net
                        IN A
                        54.148.4.3
                      • flag-us
                        DNS
                        autopush.prod.mozaws.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        autopush.prod.mozaws.net
                        IN A
                        Response
                        autopush.prod.mozaws.net
                        IN A
                        52.39.49.137
                        autopush.prod.mozaws.net
                        IN A
                        52.40.48.115
                        autopush.prod.mozaws.net
                        IN A
                        35.162.129.177
                        autopush.prod.mozaws.net
                        IN A
                        44.228.49.203
                        autopush.prod.mozaws.net
                        IN A
                        44.227.109.32
                        autopush.prod.mozaws.net
                        IN A
                        34.215.11.44
                        autopush.prod.mozaws.net
                        IN A
                        34.217.172.46
                        autopush.prod.mozaws.net
                        IN A
                        52.13.249.229
                      • flag-us
                        DNS
                        autopush.prod.mozaws.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        autopush.prod.mozaws.net
                        IN A
                        Response
                        autopush.prod.mozaws.net
                        IN A
                        34.223.211.231
                        autopush.prod.mozaws.net
                        IN A
                        52.39.77.173
                        autopush.prod.mozaws.net
                        IN A
                        35.163.227.146
                        autopush.prod.mozaws.net
                        IN A
                        52.32.229.246
                        autopush.prod.mozaws.net
                        IN A
                        52.27.198.70
                        autopush.prod.mozaws.net
                        IN A
                        35.163.142.85
                        autopush.prod.mozaws.net
                        IN A
                        44.232.81.124
                        autopush.prod.mozaws.net
                        IN A
                        35.162.11.178
                      • flag-us
                        DNS
                        shavar.prod.mozaws.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        shavar.prod.mozaws.net
                        IN AAAA
                        Response
                      • flag-us
                        DNS
                        shavar.prod.mozaws.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        shavar.prod.mozaws.net
                        IN AAAA
                        Response
                      • flag-us
                        DNS
                        autopush.prod.mozaws.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        autopush.prod.mozaws.net
                        IN AAAA
                        Response
                      • flag-us
                        DNS
                        content-signature-2.cdn.mozilla.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        content-signature-2.cdn.mozilla.net
                        IN A
                        Response
                        content-signature-2.cdn.mozilla.net
                        IN CNAME
                        content-signature-chains.prod.autograph.services.mozaws.net
                        content-signature-chains.prod.autograph.services.mozaws.net
                        IN CNAME
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        IN A
                        34.160.144.191
                      • flag-us
                        DNS
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        IN A
                        Response
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        IN A
                        34.160.144.191
                      • flag-us
                        DNS
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        firefox.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        IN AAAA
                        Response
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        IN AAAA
                        2600:1901:0:92a9::
                      • flag-us
                        DNS
                        221.5.120.34.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        221.5.120.34.in-addr.arpa
                        IN PTR
                        Response
                        221.5.120.34.in-addr.arpa
                        IN PTR
                        221512034bcgoogleusercontentcom
                      • flag-us
                        DNS
                        221.5.120.34.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        221.5.120.34.in-addr.arpa
                        IN PTR
                        Response
                        221.5.120.34.in-addr.arpa
                        IN PTR
                        221512034bcgoogleusercontentcom
                      • flag-us
                        DNS
                        239.237.117.34.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        239.237.117.34.in-addr.arpa
                        IN PTR
                        Response
                        239.237.117.34.in-addr.arpa
                        IN PTR
                        23923711734bcgoogleusercontentcom
                      • flag-us
                        DNS
                        239.237.117.34.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        239.237.117.34.in-addr.arpa
                        IN PTR
                        Response
                        239.237.117.34.in-addr.arpa
                        IN PTR
                        23923711734bcgoogleusercontentcom
                      • flag-us
                        DNS
                        168.42.161.35.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        168.42.161.35.in-addr.arpa
                        IN PTR
                        Response
                        168.42.161.35.in-addr.arpa
                        IN PTR
                        ec2-35-161-42-168 us-west-2compute amazonawscom
                      • flag-us
                        DNS
                        168.42.161.35.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        168.42.161.35.in-addr.arpa
                        IN PTR
                        Response
                        168.42.161.35.in-addr.arpa
                        IN PTR
                        ec2-35-161-42-168 us-west-2compute amazonawscom
                      • flag-us
                        DNS
                        150.9.241.35.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        150.9.241.35.in-addr.arpa
                        IN PTR
                        Response
                        150.9.241.35.in-addr.arpa
                        IN PTR
                        150924135bcgoogleusercontentcom
                      • flag-us
                        DNS
                        150.9.241.35.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        150.9.241.35.in-addr.arpa
                        IN PTR
                        Response
                        150.9.241.35.in-addr.arpa
                        IN PTR
                        150924135bcgoogleusercontentcom
                      • flag-us
                        DNS
                        3.4.148.54.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        3.4.148.54.in-addr.arpa
                        IN PTR
                        Response
                        3.4.148.54.in-addr.arpa
                        IN PTR
                        ec2-54-148-4-3 us-west-2compute amazonawscom
                      • flag-us
                        DNS
                        3.4.148.54.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        3.4.148.54.in-addr.arpa
                        IN PTR
                        Response
                        3.4.148.54.in-addr.arpa
                        IN PTR
                        ec2-54-148-4-3 us-west-2compute amazonawscom
                      • flag-us
                        DNS
                        191.144.160.34.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        191.144.160.34.in-addr.arpa
                        IN PTR
                        Response
                        191.144.160.34.in-addr.arpa
                        IN PTR
                        19114416034bcgoogleusercontentcom
                      • flag-us
                        DNS
                        153.50.184.54.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        153.50.184.54.in-addr.arpa
                        IN PTR
                        Response
                        153.50.184.54.in-addr.arpa
                        IN PTR
                        ec2-54-184-50-153 us-west-2compute amazonawscom
                      • flag-us
                        DNS
                        153.50.184.54.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        153.50.184.54.in-addr.arpa
                        IN PTR
                        Response
                        153.50.184.54.in-addr.arpa
                        IN PTR
                        ec2-54-184-50-153 us-west-2compute amazonawscom
                      • 8.248.5.254:80
                        322 B
                         7
                      • 8.248.5.254:80
                        322 B
                         7
                      • 104.126.37.179:443
                        https://assets.msn.com/serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=328e19fa-ea39-4ddc-8673-a980d3e9428b&ocid=windows-windowsShell-feeds&user=m-dee0c10466b643e89577c6977f68127b&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask
                        tls, http2
                        3.2kB
                         26.1kB
                         32
                        30

                        HTTP Request

                        GET https://assets.msn.com/serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=328e19fa-ea39-4ddc-8673-a980d3e9428b&ocid=windows-windowsShell-feeds&user=m-dee0c10466b643e89577c6977f68127b&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask

                        HTTP Response

                        200
                      • 184.73.40.255:443
                        https://ark.mwbsys.com/mbam-c.isvc.64bitv4/release
                        tls, http
                        MBSetup.exe
                        1.1kB
                         5.3kB
                         13
                        16

                        HTTP Request

                        GET https://ark.mwbsys.com/mbam-c.isvc.64bitv4/release

                        HTTP Response

                        302
                      • 52.222.139.63:443
                        https://cdn.mwbsys.com/packages/mbam-c.isvc.64bitv4/3/c/7/b/3c7b30585f27d8b078be165406bb651e/fa6bc79f-67f1-49af-9d05-bf2336f1848a.exe
                        tls, http
                        MBSetup.exe
                        193.9kB
                         9.5MB
                         4031
                        6768

                        HTTP Request

                        GET https://cdn.mwbsys.com/packages/mbam-c.isvc.64bitv4/3/c/7/b/3c7b30585f27d8b078be165406bb651e/fa6bc79f-67f1-49af-9d05-bf2336f1848a.exe

                        HTTP Response

                        200
                      • 184.73.40.255:443
                        https://ark.mwbsys.com/mbam-c.svc.64bit/release
                        tls, http2
                        MBAMInstallerService.exe
                        1.2kB
                         5.2kB
                         14
                        16

                        HTTP Request

                        GET https://ark.mwbsys.com/mbam-c.svc.64bit/release

                        HTTP Response

                        302
                      • 52.222.139.63:443
                        https://cdn.mwbsys.com/packages/mbam-c.svc.64bit/e/c/f/0/ecf09907a11d0e209b104f2db2c9ff35/d0815d9c-a15b-438c-85ef-6ef142214b47.7z
                        tls, http2
                        MBAMInstallerService.exe
                        54.1kB
                         2.7MB
                         1160
                        1951

                        HTTP Request

                        GET https://cdn.mwbsys.com/packages/mbam-c.svc.64bit/e/c/f/0/ecf09907a11d0e209b104f2db2c9ff35/d0815d9c-a15b-438c-85ef-6ef142214b47.7z

                        HTTP Response

                        200
                      • 184.73.40.255:443
                        https://ark.mwbsys.com/mbam-c.ctlr.64bitv4/release
                        tls, http2
                        MBAMInstallerService.exe
                        1.2kB
                         5.2kB
                         14
                        16

                        HTTP Request

                        GET https://ark.mwbsys.com/mbam-c.ctlr.64bitv4/release

                        HTTP Response

                        302
                      • 52.222.139.63:443
                        https://cdn.mwbsys.com/packages/mbam-c.ctlr.64bitv4/d/4/3/0/d430ccf17d58493404f83ab7d3ee33bb/fac32e31-1dd1-4987-9c39-70acd95f179f.7z
                        tls, http2
                        MBAMInstallerService.exe
                        971.0kB
                         36.4MB
                         20048
                        26072

                        HTTP Request

                        GET https://cdn.mwbsys.com/packages/mbam-c.ctlr.64bitv4/d/4/3/0/d430ccf17d58493404f83ab7d3ee33bb/fac32e31-1dd1-4987-9c39-70acd95f179f.7z

                        HTTP Response

                        200
                      • 52.152.110.14:443
                        260 B
                         5
                      • 184.73.40.255:443
                        https://ark.mwbsys.com/mbam-c.dbcls.64bitv4/release
                        tls, http2
                        MBAMInstallerService.exe
                        1.2kB
                         5.2kB
                         14
                        16

                        HTTP Request

                        GET https://ark.mwbsys.com/mbam-c.dbcls.64bitv4/release

                        HTTP Response

                        302
                      • 52.222.139.14:443
                        https://cdn.mwbsys.com/packages/mbam-c.dbcls.64bitv4/e/6/b/b/e6bbc362824ca0d63f918a7dc6eea3c2/1b35adf7-85c4-40e2-987c-6a5b1308b641.7z
                        tls, http2
                        MBAMInstallerService.exe
                        4.1MB
                         74.6MB
                         53470
                        53366

                        HTTP Request

                        GET https://cdn.mwbsys.com/packages/mbam-c.dbcls.64bitv4/e/6/b/b/e6bbc362824ca0d63f918a7dc6eea3c2/1b35adf7-85c4-40e2-987c-6a5b1308b641.7z

                        HTTP Response

                        200
                      • 13.69.239.74:443
                        322 B
                         7
                      • 184.73.40.255:443
                        https://ark.mwbsys.com/mbam-c.ui.64bit/release
                        tls, http2
                        MBAMInstallerService.exe
                        1.2kB
                         5.2kB
                         14
                        16

                        HTTP Request

                        GET https://ark.mwbsys.com/mbam-c.ui.64bit/release

                        HTTP Response

                        302
                      • 52.222.139.63:443
                        https://cdn.mwbsys.com/packages/mbam-c.ui.64bit/b/b/f/6/bbf6199afaf84a5428479c25fc4de6bb/acf0b8c1-f31b-4eb3-b56d-e865495bc23a.7z
                        tls, http2
                        MBAMInstallerService.exe
                        1.3MB
                         51.6MB
                         27900
                        36953

                        HTTP Request

                        GET https://cdn.mwbsys.com/packages/mbam-c.ui.64bit/b/b/f/6/bbf6199afaf84a5428479c25fc4de6bb/acf0b8c1-f31b-4eb3-b56d-e865495bc23a.7z

                        HTTP Response

                        200
                      • 52.152.110.14:443
                        260 B
                         5
                      • 8.248.5.254:80
                        322 B
                         7
                      • 173.223.113.164:443
                        322 B
                         7
                      • 173.223.113.131:80
                        322 B
                         7
                      • 204.79.197.203:80
                        api.msn.com
                        322 B
                         7
                      • 52.152.110.14:443
                        260 B
                         5
                      • 3.208.145.87:443
                        iris.mwbsys.com
                        tls
                        MBAMService.exe
                        1.6kB
                         7.2kB
                         13
                        16
                      • 18.208.121.16:443
                        keystone.mwbsys.com
                        tls
                        MBAMService.exe
                        1.7kB
                         8.7kB
                         13
                        18
                      • 18.208.121.16:443
                        keystone.mwbsys.com
                        tls
                        MBAMService.exe
                        1.7kB
                         8.7kB
                         14
                        18
                      • 162.19.139.184:2222
                        46 B
                         390 B
                         1
                        1
                      • 52.152.110.14:443
                        260 B
                         5
                      • 18.208.121.16:443
                        keystone.mwbsys.com
                        tls
                        MBAMService.exe
                        2.1kB
                         8.7kB
                         13
                        19
                      • 184.73.40.255:443
                        https://ark.mwbsys.com/bgext
                        tls, http
                        MBSetup.exe
                        889 B
                         5.1kB
                         10
                        12

                        HTTP Request

                        GET https://ark.mwbsys.com/bgext

                        HTTP Response

                        302
                      • 52.222.139.63:443
                        https://cdn.mwbsys.com/packages/mbam-c.bgext.32bit/1/6/2/7/16276deaedc24dd2a138960a8c493783/d2bb6ed7-b4a3-4dae-bb69-c65b074b3bf9.xpi
                        tls, http
                        MBSetup.exe
                        1.1MB
                         19.6MB
                         14010
                        13993

                        HTTP Request

                        GET https://cdn.mwbsys.com/packages/mbam-c.bgext.32bit/1/6/2/7/16276deaedc24dd2a138960a8c493783/d2bb6ed7-b4a3-4dae-bb69-c65b074b3bf9.xpi

                        HTTP Response

                        200
                      • 142.250.178.10:443
                        versionhistory.googleapis.com
                        tls
                        MBAMService.exe
                        2.5kB
                         40.3kB
                         24
                        37
                      • 52.202.167.80:443
                        iris.mwbsys.com
                        tls
                        mbamtray.exe
                        1.7kB
                         30.5kB
                         19
                        32
                      • 52.152.110.14:443
                        260 B
                         5
                      • 127.0.0.1:53900
                        firefox.exe
                      • 35.161.42.168:443
                        telemetry.malwarebytes.com
                        tls
                        MBAMService.exe
                        2.6kB
                         4.8kB
                         11
                        16
                      • 34.120.5.221:443
                        https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30
                        tls, http2
                        firefox.exe
                        2.0kB
                         52.0kB
                         19
                        44

                        HTTP Request

                        GET https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30
                      • 34.117.237.239:443
                        https://contile.services.mozilla.com/v1/tiles
                        tls, http2
                        firefox.exe
                        1.5kB
                         6.9kB
                         11
                        14

                        HTTP Request

                        GET https://contile.services.mozilla.com/v1/tiles
                      • 35.241.9.150:443
                        firefox.settings.services.mozilla.com
                        tls
                        firefox.exe
                        1.9kB
                         7.5kB
                         15
                        22
                      • 35.241.9.150:443
                        firefox.settings.services.mozilla.com
                        tls, http2
                        firefox.exe
                        1.3kB
                         5.7kB
                         11
                        11
                      • 54.148.4.3:443
                        shavar.services.mozilla.com
                        tls
                        firefox.exe
                        2.2kB
                         4.1kB
                         10
                        9
                      • 54.184.50.153:443
                        push.services.mozilla.com
                        tls
                        firefox.exe
                        1.7kB
                         3.8kB
                         8
                        8
                      • 34.160.144.191:443
                        content-signature-2.cdn.mozilla.net
                        tls
                        firefox.exe
                        1.6kB
                         11.6kB
                         13
                        20
                      • 127.0.0.1:53927
                        firefox.exe
                      • 52.152.110.14:443
                        208 B
                         4
                      • 8.8.8.8:53
                        59.128.231.4.in-addr.arpa
                        dns
                        71 B
                         157 B
                         1
                        1

                        DNS Request

                        59.128.231.4.in-addr.arpa

                      • 8.8.8.8:53
                        108.211.229.192.in-addr.arpa
                        dns
                        74 B
                         145 B
                         1
                        1

                        DNS Request

                        108.211.229.192.in-addr.arpa

                      • 8.8.8.8:53
                        210.81.184.52.in-addr.arpa
                        dns
                        72 B
                         146 B
                         1
                        1

                        DNS Request

                        210.81.184.52.in-addr.arpa

                      • 8.8.8.8:53
                        73.159.190.20.in-addr.arpa
                        dns
                        72 B
                         158 B
                         1
                        1

                        DNS Request

                        73.159.190.20.in-addr.arpa

                      • 8.8.8.8:53
                        assets.msn.com
                        dns
                        60 B
                         166 B
                         1
                        1

                        DNS Request

                        assets.msn.com

                        DNS Response

                        104.126.37.179
                        104.126.37.147

                      • 8.8.8.8:53
                        179.37.126.104.in-addr.arpa
                        dns
                        73 B
                         139 B
                         1
                        1

                        DNS Request

                        179.37.126.104.in-addr.arpa

                      • 8.8.8.8:53
                        ark.mwbsys.com
                        dns
                        MBSetup.exe
                        60 B
                         108 B
                         1
                        1

                        DNS Request

                        ark.mwbsys.com

                        DNS Response

                        184.73.40.255
                        44.195.215.218
                        3.230.137.231

                      • 8.8.8.8:53
                        cdn.mwbsys.com
                        dns
                        MBSetup.exe
                        60 B
                         167 B
                         1
                        1

                        DNS Request

                        cdn.mwbsys.com

                        DNS Response

                        52.222.139.63
                        52.222.139.16
                        52.222.139.14
                        52.222.139.37

                      • 8.8.8.8:53
                        255.40.73.184.in-addr.arpa
                        dns
                        72 B
                         127 B
                         1
                        1

                        DNS Request

                        255.40.73.184.in-addr.arpa

                      • 8.8.8.8:53
                        63.139.222.52.in-addr.arpa
                        dns
                        72 B
                         129 B
                         1
                        1

                        DNS Request

                        63.139.222.52.in-addr.arpa

                      • 8.8.8.8:53
                        cdn.mwbsys.com
                        dns
                        MBSetup.exe
                        60 B
                         167 B
                         1
                        1

                        DNS Request

                        cdn.mwbsys.com

                        DNS Response

                        52.222.139.63
                        52.222.139.16
                        52.222.139.14
                        52.222.139.37

                      • 8.8.8.8:53
                        cdn.mwbsys.com
                        dns
                        MBSetup.exe
                        60 B
                         167 B
                         1
                        1

                        DNS Request

                        cdn.mwbsys.com

                        DNS Response

                        52.222.139.63
                        52.222.139.14
                        52.222.139.37
                        52.222.139.16

                      • 8.8.8.8:53
                        cdn.mwbsys.com
                        dns
                        MBSetup.exe
                        60 B
                         167 B
                         1
                        1

                        DNS Request

                        cdn.mwbsys.com

                        DNS Response

                        52.222.139.14
                        52.222.139.63
                        52.222.139.37
                        52.222.139.16

                      • 8.8.8.8:53
                        14.139.222.52.in-addr.arpa
                        dns
                        72 B
                         129 B
                         1
                        1

                        DNS Request

                        14.139.222.52.in-addr.arpa

                      • 8.8.8.8:53
                        67.169.210.20.in-addr.arpa
                        dns
                        72 B
                         158 B
                         1
                        1

                        DNS Request

                        67.169.210.20.in-addr.arpa

                      • 8.8.8.8:53
                        177.238.32.23.in-addr.arpa
                        dns
                        144 B
                         274 B
                         2
                        2

                        DNS Request

                        177.238.32.23.in-addr.arpa

                        DNS Request

                        177.238.32.23.in-addr.arpa

                      • 8.8.8.8:53
                        cdn.mwbsys.com
                        dns
                        MBSetup.exe
                        120 B
                         334 B
                         2
                        2

                        DNS Request

                        cdn.mwbsys.com

                        DNS Request

                        cdn.mwbsys.com

                        DNS Response

                        52.222.139.63
                        52.222.139.16
                        52.222.139.14
                        52.222.139.37

                        DNS Response

                        52.222.139.37
                        52.222.139.14
                        52.222.139.63
                        52.222.139.16

                      • 8.8.8.8:53
                        0.77.109.52.in-addr.arpa
                        dns
                        140 B
                         288 B
                         2
                        2

                        DNS Request

                        0.77.109.52.in-addr.arpa

                        DNS Request

                        0.77.109.52.in-addr.arpa

                      • 8.8.8.8:53
                        8.3.197.209.in-addr.arpa
                        dns
                        140 B
                         222 B
                         2
                        2

                        DNS Request

                        8.3.197.209.in-addr.arpa

                        DNS Request

                        8.3.197.209.in-addr.arpa

                      • 8.8.8.8:53
                        iris.mwbsys.com
                        dns
                        mbamtray.exe
                        122 B
                         250 B
                         2
                        2

                        DNS Request

                        iris.mwbsys.com

                        DNS Request

                        iris.mwbsys.com

                        DNS Response

                        18.235.154.91
                        3.208.145.87
                        107.23.57.85
                        52.202.167.80

                        DNS Response

                        3.208.145.87
                        52.202.167.80
                        18.235.154.91
                        107.23.57.85

                      • 8.8.8.8:53
                        87.145.208.3.in-addr.arpa
                        dns
                        71 B
                         125 B
                         1
                        1

                        DNS Request

                        87.145.208.3.in-addr.arpa

                      • 8.8.8.8:53
                        keystone.mwbsys.com
                        dns
                        MBAMService.exe
                        65 B
                         145 B
                         1
                        1

                        DNS Request

                        keystone.mwbsys.com

                        DNS Response

                        100.24.224.12
                        34.197.155.191
                        18.208.121.16
                        52.5.79.35
                        107.23.24.21

                      • 8.8.8.8:53
                        16.121.208.18.in-addr.arpa
                        dns
                        72 B
                         127 B
                         1
                        1

                        DNS Request

                        16.121.208.18.in-addr.arpa

                      • 8.8.8.8:53
                        ark.mwbsys.com
                        dns
                        MBSetup.exe
                        120 B
                         216 B
                         2
                        2

                        DNS Request

                        ark.mwbsys.com

                        DNS Request

                        ark.mwbsys.com

                        DNS Response

                        184.73.40.255
                        3.230.137.231
                        44.195.215.218

                        DNS Response

                        184.73.40.255
                        3.230.137.231
                        44.195.215.218

                      • 8.8.8.8:53
                        cdn.mwbsys.com
                        dns
                        MBSetup.exe
                        120 B
                         334 B
                         2
                        2

                        DNS Request

                        cdn.mwbsys.com

                        DNS Request

                        cdn.mwbsys.com

                        DNS Response

                        52.222.139.63
                        52.222.139.37
                        52.222.139.14
                        52.222.139.16

                        DNS Response

                        52.222.139.63
                        52.222.139.37
                        52.222.139.14
                        52.222.139.16

                      • 8.8.8.8:53
                        versionhistory.googleapis.com
                        dns
                        MBAMService.exe
                        150 B
                         502 B
                         2
                        2

                        DNS Request

                        versionhistory.googleapis.com

                        DNS Request

                        versionhistory.googleapis.com

                        DNS Response

                        142.250.179.234
                        142.250.180.10
                        142.250.187.202
                        142.250.187.234
                        142.250.200.42
                        172.217.16.234
                        142.250.200.10
                        142.250.178.10
                        216.58.213.10
                        172.217.169.10
                        216.58.212.234
                        172.217.169.42

                        DNS Response

                        216.58.212.234
                        142.250.179.234
                        142.250.180.10
                        142.250.187.202
                        142.250.187.234
                        142.250.200.42
                        172.217.16.234
                        142.250.200.10
                        142.250.178.10
                        216.58.213.10

                      • 8.8.8.8:53
                        10.178.250.142.in-addr.arpa
                        dns
                        146 B
                         224 B
                         2
                        2

                        DNS Request

                        10.178.250.142.in-addr.arpa

                        DNS Request

                        10.178.250.142.in-addr.arpa

                      • 8.8.8.8:53
                        iris.mwbsys.com
                        dns
                        mbamtray.exe
                        122 B
                         250 B
                         2
                        2

                        DNS Request

                        iris.mwbsys.com

                        DNS Request

                        iris.mwbsys.com

                        DNS Response

                        52.202.167.80
                        107.23.57.85
                        3.208.145.87
                        18.235.154.91

                        DNS Response

                        52.202.167.80
                        107.23.57.85
                        3.208.145.87
                        18.235.154.91

                      • 8.8.8.8:53
                        80.167.202.52.in-addr.arpa
                        dns
                        144 B
                         254 B
                         2
                        2

                        DNS Request

                        80.167.202.52.in-addr.arpa

                        DNS Request

                        80.167.202.52.in-addr.arpa

                      • 8.8.8.8:53
                        telemetry.malwarebytes.com
                        dns
                        MBAMService.exe
                        144 B
                         554 B
                         2
                        2

                        DNS Request

                        telemetry.malwarebytes.com

                        DNS Response

                        52.43.50.181
                        44.226.203.218
                        44.241.155.41
                        54.200.62.106
                        44.239.185.60
                        54.70.40.33
                        35.161.42.168
                        44.224.67.22

                        DNS Request

                        telemetry.malwarebytes.com

                        DNS Response

                        52.43.50.181
                        44.226.203.218
                        44.241.155.41
                        54.200.62.106
                        44.239.185.60
                        54.70.40.33
                        35.161.42.168
                        44.224.67.22

                      • 8.8.8.8:53
                        getpocket.cdn.mozilla.net
                        dns
                        firefox.exe
                        71 B
                         174 B
                         1
                        1

                        DNS Request

                        getpocket.cdn.mozilla.net

                        DNS Response

                        34.120.5.221

                      • 8.8.8.8:53
                        contile.services.mozilla.com
                        dns
                        firefox.exe
                        74 B
                         90 B
                         1
                        1

                        DNS Request

                        contile.services.mozilla.com

                        DNS Response

                        34.117.237.239

                      • 8.8.8.8:53
                        firefox.settings.services.mozilla.com
                        dns
                        firefox.exe
                        83 B
                         99 B
                         1
                        1

                        DNS Request

                        firefox.settings.services.mozilla.com

                        DNS Response

                        35.241.9.150

                      • 8.8.8.8:53
                        prod.pocket.prod.cloudops.mozgcp.net
                        dns
                        firefox.exe
                        82 B
                         98 B
                         1
                        1

                        DNS Request

                        prod.pocket.prod.cloudops.mozgcp.net

                        DNS Response

                        34.120.5.221

                      • 8.8.8.8:53
                        contile.services.mozilla.com
                        dns
                        firefox.exe
                        74 B
                         90 B
                         1
                        1

                        DNS Request

                        contile.services.mozilla.com

                        DNS Response

                        34.117.237.239

                      • 8.8.8.8:53
                        prod.pocket.prod.cloudops.mozgcp.net
                        dns
                        firefox.exe
                        82 B
                         110 B
                         1
                        1

                        DNS Request

                        prod.pocket.prod.cloudops.mozgcp.net

                        DNS Response

                        2600:1901:0:524c::

                      • 8.8.8.8:53
                        firefox.settings.services.mozilla.com
                        dns
                        firefox.exe
                        83 B
                         99 B
                         1
                        1

                        DNS Request

                        firefox.settings.services.mozilla.com

                        DNS Response

                        35.241.9.150

                      • 8.8.8.8:53
                        contile.services.mozilla.com
                        dns
                        firefox.exe
                        148 B
                         310 B
                         2
                        2

                        DNS Request

                        contile.services.mozilla.com

                        DNS Request

                        contile.services.mozilla.com

                      • 8.8.8.8:53
                        firefox.settings.services.mozilla.com
                        dns
                        firefox.exe
                        166 B
                         334 B
                         2
                        2

                        DNS Request

                        firefox.settings.services.mozilla.com

                        DNS Request

                        firefox.settings.services.mozilla.com

                      • 8.8.8.8:53
                        shavar.services.mozilla.com
                        dns
                        firefox.exe
                        146 B
                         410 B
                         2
                        2

                        DNS Request

                        shavar.services.mozilla.com

                        DNS Response

                        54.148.4.3
                        44.236.158.174
                        35.83.144.93
                        54.214.73.137
                        44.238.157.127
                        44.241.53.229

                        DNS Request

                        shavar.services.mozilla.com

                        DNS Response

                        35.83.144.93
                        44.236.158.174
                        44.238.157.127
                        54.214.73.137
                        44.241.53.229
                        54.148.4.3

                      • 8.8.8.8:53
                        push.services.mozilla.com
                        dns
                        firefox.exe
                        71 B
                         237 B
                         1
                        1

                        DNS Request

                        push.services.mozilla.com

                        DNS Response

                        54.184.50.153
                        44.238.223.58
                        35.80.203.55
                        52.24.53.237
                        52.36.191.5
                        54.201.249.32
                        44.226.72.95
                        54.186.109.55

                      • 8.8.8.8:53
                        shavar.prod.mozaws.net
                        dns
                        firefox.exe
                        136 B
                         328 B
                         2
                        2

                        DNS Request

                        shavar.prod.mozaws.net

                        DNS Response

                        54.214.73.137
                        44.236.158.174
                        54.148.4.3
                        35.83.144.93
                        44.238.157.127
                        44.241.53.229

                        DNS Request

                        shavar.prod.mozaws.net

                        DNS Response

                        44.236.158.174
                        44.238.157.127
                        54.214.73.137
                        44.241.53.229
                        35.83.144.93
                        54.148.4.3

                      • 8.8.8.8:53
                        autopush.prod.mozaws.net
                        dns
                        firefox.exe
                        140 B
                         396 B
                         2
                        2

                        DNS Request

                        autopush.prod.mozaws.net

                        DNS Response

                        52.39.49.137
                        52.40.48.115
                        35.162.129.177
                        44.228.49.203
                        44.227.109.32
                        34.215.11.44
                        34.217.172.46
                        52.13.249.229

                        DNS Request

                        autopush.prod.mozaws.net

                        DNS Response

                        34.223.211.231
                        52.39.77.173
                        35.163.227.146
                        52.32.229.246
                        52.27.198.70
                        35.163.142.85
                        44.232.81.124
                        35.162.11.178

                      • 8.8.8.8:53
                        shavar.prod.mozaws.net
                        dns
                        firefox.exe
                        136 B
                         306 B
                         2
                        2

                        DNS Request

                        shavar.prod.mozaws.net

                        DNS Request

                        shavar.prod.mozaws.net

                      • 8.8.8.8:53
                        autopush.prod.mozaws.net
                        dns
                        firefox.exe
                        70 B
                         155 B
                         1
                        1

                        DNS Request

                        autopush.prod.mozaws.net

                      • 8.8.8.8:53
                        content-signature-2.cdn.mozilla.net
                        dns
                        firefox.exe
                        81 B
                         235 B
                         1
                        1

                        DNS Request

                        content-signature-2.cdn.mozilla.net

                        DNS Response

                        34.160.144.191

                      • 8.8.8.8:53
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        dns
                        firefox.exe
                        103 B
                         119 B
                         1
                        1

                        DNS Request

                        prod.content-signature-chains.prod.webservices.mozgcp.net

                        DNS Response

                        34.160.144.191

                      • 8.8.8.8:53
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        dns
                        firefox.exe
                        103 B
                         131 B
                         1
                        1

                        DNS Request

                        prod.content-signature-chains.prod.webservices.mozgcp.net

                        DNS Response

                        2600:1901:0:92a9::

                      • 8.8.8.8:53
                        221.5.120.34.in-addr.arpa
                        dns
                        142 B
                         244 B
                         2
                        2

                        DNS Request

                        221.5.120.34.in-addr.arpa

                        DNS Request

                        221.5.120.34.in-addr.arpa

                      • 8.8.8.8:53
                        239.237.117.34.in-addr.arpa
                        dns
                        146 B
                         252 B
                         2
                        2

                        DNS Request

                        239.237.117.34.in-addr.arpa

                        DNS Request

                        239.237.117.34.in-addr.arpa

                      • 8.8.8.8:53
                        168.42.161.35.in-addr.arpa
                        dns
                        144 B
                         270 B
                         2
                        2

                        DNS Request

                        168.42.161.35.in-addr.arpa

                        DNS Request

                        168.42.161.35.in-addr.arpa

                      • 8.8.8.8:53
                        150.9.241.35.in-addr.arpa
                        dns
                        142 B
                         244 B
                         2
                        2

                        DNS Request

                        150.9.241.35.in-addr.arpa

                        DNS Request

                        150.9.241.35.in-addr.arpa

                      • 8.8.8.8:53
                        3.4.148.54.in-addr.arpa
                        dns
                        138 B
                         258 B
                         2
                        2

                        DNS Request

                        3.4.148.54.in-addr.arpa

                        DNS Request

                        3.4.148.54.in-addr.arpa

                      • 8.8.8.8:53
                        191.144.160.34.in-addr.arpa
                        dns
                        73 B
                         126 B
                         1
                        1

                        DNS Request

                        191.144.160.34.in-addr.arpa

                      • 8.8.8.8:53
                        153.50.184.54.in-addr.arpa
                        dns
                        144 B
                         270 B
                         2
                        2

                        DNS Request

                        153.50.184.54.in-addr.arpa

                        DNS Request

                        153.50.184.54.in-addr.arpa

                      MITRE ATT&CK Enterprise v6

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\7z.dll
                        Filesize

                        1.7MB

                        MD5

                        461faf68ccc02b0223fd273b630f21fe

                        SHA1

                        363b8beaa74f0f454c2d544ace9e71a84bc2b4cf

                        SHA256

                        cb07f3f461e9c267831b1ab93af6dfda1bb51d72e42d73d00d26594f09326be1

                        SHA512

                        4b671f48e45fdedf50c7f7bb6c8d82a3b98f7502006eb002aaf8ff31f25f9ff1257c7bcc12caf622e43d4ec665b19d978ae3e3762f76def0bc71485ebdb8426f

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\Actions.dll
                        Filesize

                        5.0MB

                        MD5

                        1eff53d95ecaf6bbfffe80d866d8e1dd

                        SHA1

                        d7ef7d7c77fd04b2c0eb8c16bb3cd08057f6742f

                        SHA256

                        6dd748f7ca56125cbe158fa3612f08e7312ef58ad5375e6b7ab5532cc16ca0ac

                        SHA512

                        c59b8e6f0b238a247e64b9c7bb42213dadac1dada63542830a6292361174c935c0c662b2d1aed3fb6100cc4993297b1eaf25e328f2b4613458c4ffca63b9f02d

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ActionsShim.dll
                        Filesize

                        2.5MB

                        MD5

                        e7a4bb8fa34bc5ae8b84bf15442da99c

                        SHA1

                        26e6d20876f01faa32a7a846c12dd35c695d55b6

                        SHA256

                        9ed946c62c7801779822a83d9126257f6426af381a42ce29d5a3c49c774fc141

                        SHA512

                        10b007f132cdaa7ea2e75281cd7767b59fd61335d28bc55b778e05479ac993e3578ba1370fe1ce6bf35d271ca970346d5f8cd13637f59fb1fa01c8a6345727b1

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\BrowserSDKDLL.dll
                        Filesize

                        5.8MB

                        MD5

                        1ed53171d00f440f29a12f9beb84dac4

                        SHA1

                        4d9a1e3579b0999f1ab2fa818b588411e9ee920c

                        SHA256

                        e659e687a872050f9e65d78992d16bd9b393cf3f8e8c94e0e15fb42b7065327e

                        SHA512

                        17161cfc672d1b996b8af4ebac17f9a8a3807f38c9a23e2e5b4dadcd9a21c3a64faec9bf59147022a9df88b80f89300f1b537091289bd7a42806bd206a317e6e

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CleanControllerImpl.dll
                        Filesize

                        6.9MB

                        MD5

                        ef3e4c2c617164e495bbc0ec13890ca9

                        SHA1

                        f384c1892e00720ccb97a921d556654d730f1d3e

                        SHA256

                        7fa7d2d0618f46d50d36401f76d0314c72096ebd003d365d8df2b488bf02103b

                        SHA512

                        54f56aedaccf3bade0ec4601a86d23b8110702562be0a2fe2ce18aed09793eb0e7290215b3267e3e2c57dac850f446b10fd3a5e3c81e11508f1a70224366a51f

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CloudControllerImpl.dll
                        Filesize

                        4.8MB

                        MD5

                        3cad89a85ae704b4e264a03dcbf1de8f

                        SHA1

                        aacc5111236b95b9044f3228c961345ead3ee5c2

                        SHA256

                        1f56f70c09fb6b6c92795dedbcfa0626ec29383d53166ef0f179e86a46b33b56

                        SHA512

                        4efbb0b81392378cd143e1526d94b39434306e7354dbd6326bceb37cc3919f2b84d4ec08b378a35b44a2f93b660623f9112a36f4fb745f34327f9fda8f0e84d2

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\LicenseControllerImpl.dll
                        Filesize

                        4.4MB

                        MD5

                        b7a9a7b44b82e954c1b77e7b7f71ee66

                        SHA1

                        02f3eabef778d5641eea89d318268e79949da7c6

                        SHA256

                        ba97bf9a2a0c454dbd965ef7b6c12f582d49391d5297fe2ef4a94bb13d2d472e

                        SHA512

                        524dee007193cc13ee81e9734564e8a121715f7ecb27d113eb7d8265b7562ab60237aa64c556a819239ee9b4abdc8523a57ca666bdd48de82eca79efba771bc5

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll
                        Filesize

                        6.3MB

                        MD5

                        888b794737cd78e918486cd2a4116c65

                        SHA1

                        335aa063439ee8c2242591dd4cfe6c9bc28531fe

                        SHA256

                        2194ea4af98e6ba23e14ac60860a6c727f4694a9d904025288997ad05f0859bc

                        SHA512

                        f6a15dc86a89adcbf9ea6b96eb7d5671a2077696ef4cacf88c36d7c73c5f28d96f4a257ae8672981a24907e0583bb15c01dfe09ee1ac5837ffa693d5668dbbeb

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMShim.dll
                        Filesize

                        3.0MB

                        MD5

                        f44b6c80c46c4cf3071b5f5b916e1271

                        SHA1

                        839f2238ecbbfa80ebf9c1f77eafc78204b58761

                        SHA256

                        732523df43358729d5e85cceb557d69016dcdd3e2238d903c33c5327c3131fae

                        SHA512

                        99be164ae96bc4f93dc896d5df445ad1c2f023f10605a8c9857d7ebedfc5b070f50cd33b401d61003e601a06b8446e6c0b5dbddda4927a2e1352407d3b266942

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
                        Filesize

                        4.1MB

                        MD5

                        c447ffc8af4633daf687e0a943061a60

                        SHA1

                        2f0a1854d75a82929dcff5308befe3b83439259b

                        SHA256

                        c01804c902c5532517fa0ceadc91beed01d5ac67adf062b7ce7eaba8272c40bc

                        SHA512

                        e0d650c35a46063d0e3870e1888d95827050e7792391b8c6ba4b5cd0cf2501cf0eb3aeb1c4a9f524467b6efcc4cb44c8816ba91aa09858c3594d8334a3eb2edf

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ScanControllerImpl.dll
                        Filesize

                        5.7MB

                        MD5

                        a340fa4ce6b8a5e22dfe5348752138c8

                        SHA1

                        4cd995cce3194b43a5e2f12f032eb5cad88fc3c5

                        SHA256

                        250f17aad7e80a1b33b79b1e95cdae26d6be6f1c27dc9aaba1b6d8f346393b8a

                        SHA512

                        bc72a19624042b1a3f6f873ec193c890a12fbb85111b60399e5b3c9584a752c9c38b637fc37b5a7a968dcedaf804b299ee2156726aa7462bc940154d3654feff

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SwissarmyShim.dll
                        Filesize

                        2.6MB

                        MD5

                        89a38afcfa758e3298609c6c51929593

                        SHA1

                        2df1ee30adc92bd995526e41fd9c823354de30b4

                        SHA256

                        4795576483af0c136a71dcee87a0ffb54f0869cae6395ac2ff8312bf555e7161

                        SHA512

                        cceaed0b9a7517aebd739a377c7bd8987b9ac357be2bf987dbae31d59f2121c5bb9a9bfa2c70a9a54ad65546ef23903176dd6328d93408cb5c991257d59e2717

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\TelemetryControllerImpl.dll
                        Filesize

                        5.3MB

                        MD5

                        a6b7865089133607d9fe66617abcebea

                        SHA1

                        e7d887a75fd48945d3f56b5635bae822ad5c7a1c

                        SHA256

                        f1f1958fbd3ecc0b61f1be129025dfc59112c09b146299caca61bd6f552c0355

                        SHA512

                        3c0638229b90fd4d4ecfbdac89a467d514824e57f1d40f68c5009051a48cc53a0f2f5712aeb530ed6aa9b855272590563c95738abf768f46bdc332806e6d7792

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\UpdateControllerImpl.dll
                        Filesize

                        4.4MB

                        MD5

                        d0b204fb32962798ebd9ab0ad336a83c

                        SHA1

                        f281b35553afa236a214b910c537ecad0e3bacea

                        SHA256

                        627db74adff5407a074e94997cb724434478801607c972ff2afdf10d4928bb98

                        SHA512

                        5d3aa0851b7479d3c6d092052fa8271cb335f54ccac526a01c64745c222f906b6a5ece2fb6637e6dee878cf76af3ad89e0eb7e7686a7061c134a9e8e6d0d3eac

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
                        Filesize

                        1.8MB

                        MD5

                        f4bcae29120428ab0d1b72acc375d7fe

                        SHA1

                        0970f103d74c634a91afd69388ab692f2df4819a

                        SHA256

                        f6e63c104b5a3714a035d2272e4663b0d9599c405bb31e7f9e7e108205707d4a

                        SHA512

                        078c4a5a15882ad74eaae3539bb787f28a5b3bb18e8b3a33bf44cfaf98d7dae05bf73245193ad2d3075686b6405c25a6cecdad3d6bb36ffa8b3da5812ae675b0

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\pkgvers.dat
                        Filesize

                        75B

                        MD5

                        41fb6e2500f1c73388454b2a49bac2e3

                        SHA1

                        654740636a4a562872417aa1fd8be9b841004861

                        SHA256

                        a8dc97bc10cfe317ec6ff9fe4367ef7ff272f054e099d95bd255a04ea914e9e6

                        SHA512

                        32fca5719ada6ee6c9dfe6fdf7d0b7992ee268b5646d0196c8c477dcc6dd798fd5f24dbf6fa148cd58e074a0046c9be9b3b2ef4bedd7bb124c5147ae1c7bb2af

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\sample.dll
                        Filesize

                        528KB

                        MD5

                        f712ebc5aa4cc78b7f1a0c8810ce7db4

                        SHA1

                        48899721fbcd93b7d5440ce269b7777a62582eab

                        SHA256

                        46d6f6dad272240bcdcfc0d5c42f88a2784a5ebf31bb284555cf260b21e8a4d1

                        SHA512

                        20ea70c3b4e3cdd3727207b9b13e54332bee15ca18cde5228c7f93982310d77e5f6ebccd1a8251ad4d8cbf9ac6646bf7f5856f1c82d3b3ef2390fa779ec06017

                        Download Submit

                      • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\version.dat
                        Filesize

                        47B

                        MD5

                        a26ef860b5878a7400e4ea50db6e2b4d

                        SHA1

                        9c2beb835ef24dd9e9bd791500ef4bb35f16a5c5

                        SHA256

                        af031cc78b5f25dbafe354b95b23ca60f14aac7825c0bb8bb396b909711d4dcf

                        SHA512

                        df646539049f5ad87a3b5a3600ebf727220c7755184d064f7774ee215c72c12a08469374ae386b28d7a7287a76d1bdf5bf78ed17073ca113ad2821a646f8da39

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\Global.nm
                        Filesize

                        316KB

                        MD5

                        1dafc4de7ca94ea98bfd98e584483ba9

                        SHA1

                        c5d2cc9e72e8f7404af5e04366fc6ce039e7d30c

                        SHA256

                        0645ad7cb1777ffd2ac8b36f16df5664f2a982f159b658f4fdfe7078f19c9cf2

                        SHA512

                        bb8bb10405efee77e2e46a91a0ae2e0a699458dbc7e4416fcb2cdaab0add54553d08b4b2ac50fba6dde55462ebbca5ed02bd3824ed6b15f686e8b1b72ee4eafe

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\Global.sr
                        Filesize

                        25.0MB

                        MD5

                        c9e1d56bd4fb4a0c5699b02e73aacbef

                        SHA1

                        bea23ff5de154440fb406e5aadd0b7c0d23c5d6a

                        SHA256

                        b55a0103e868b68507b2b53d94742479278721a47d7c82401ec041933e1cc914

                        SHA512

                        d0a8593f3a865937cf04c60ebee126b23b05adb03d091d94ecb4d8f44a1325d1b21f86c0d3683f98c85d12ba3f360de7da4a3a6a7ecca4200dc4940a649830a9

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\cfg.bin
                        Filesize

                        639B

                        MD5

                        544a36063346eeb1e751030008a9f7e3

                        SHA1

                        b5c44a037d16bfd5cfe0e6ba9cb770111b3aac82

                        SHA256

                        33a822063dc53b5a693b5920f6a14bf4c9c1905c08b3257b7621c9f0c41d39d6

                        SHA512

                        fb86ef1c271d10da364654b244253a4492b8331d69e2a71479671a44f613b88a72822b5a849159b63b7b28c7cbe0c6b7ed35f82cf749a598b23676fae70f279c

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb
                        Filesize

                        10KB

                        MD5

                        b08f5c57848e38686fc3ea0214124e8c

                        SHA1

                        13b1fb16ac11decdaa6aadf702c29bb176076fe8

                        SHA256

                        9f526f72efc6115306277c70bb16f86112c35187e22291c2f23e0cebffc4e9a0

                        SHA512

                        b24ebcd09028995bf56ea9f1f8223fc3c4a8b26cb2d49c624b20373cdd439243d5b8663a058780f5a553274b5ecaacc0b817bf3b2b2bc156bb925e2062425597

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbmanifest2.dat
                        Filesize

                        924B

                        MD5

                        0442a3f16c917d326496b95341cea953

                        SHA1

                        55c84ca2db1723565757e373d80f39c1d9a7b0e5

                        SHA256

                        5d13840e9d3b0b0a87319ccebc8a522a80362cad89629a731a600d719c6e88ff

                        SHA512

                        7c3d3ebcd3710ebe30b4a7535d22aa4b39ffaccf6a6866757d4a43921e1aa03a6ab3be177987cbbcbe6da514fd2eb7aef3dbca6ade93123b7fcb5060210367d7

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dynconfig.dat
                        Filesize

                        39KB

                        MD5

                        10f23e7c8c791b91c86cd966d67b7bc7

                        SHA1

                        3f596093b2bc33f7a2554818f8e41adbbd101961

                        SHA256

                        008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc

                        SHA512

                        2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\exclusions.txt
                        Filesize

                        23KB

                        MD5

                        aef4eca7ee01bb1a146751c4d0510d2d

                        SHA1

                        5cf2273da41147126e5e1eabd3182f19304eea25

                        SHA256

                        9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f

                        SHA512

                        d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\mbdigsig2.dat
                        Filesize

                        514B

                        MD5

                        9167f2b5ae53627de5512e4ead331cdc

                        SHA1

                        2b76c5f12bf096641e9d6c2c95b061b87e7e746e

                        SHA256

                        1430c15216fe4cb7461b059b01e04a9d539c6e6de88d98b40d017932781faf47

                        SHA512

                        272429b6df67ad273800358c19458eaaf65f34f0bb6ae19f667303f0d93a31005abafaf71ba51927f33107630cb32289891548f59906d35c8df7a88bd64f14b2

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\prot.mbdb
                        Filesize

                        24B

                        MD5

                        546d9e30eadad8b22f5b3ffa875144bf

                        SHA1

                        3b323ffef009bfe0662c2bd30bb06af6dfc68e4d

                        SHA256

                        6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f

                        SHA512

                        3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\rdefs.mbdb
                        Filesize

                        24B

                        MD5

                        2f7423ca7c6a0f1339980f3c8c7de9f8

                        SHA1

                        102c77faa28885354cfe6725d987bc23bc7108ba

                        SHA256

                        850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55

                        SHA512

                        e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\rules.mbdb
                        Filesize

                        21.7MB

                        MD5

                        f73eeea88febe13d789520e87483c292

                        SHA1

                        b2ff4540f9337c1ab8f379117fc7692fcc081b48

                        SHA256

                        7dfb153f20937862b76eee4437f2ac618427da906d1f7bd0d6fec57eceac043c

                        SHA512

                        4e71487b15a4984cad2dd559100532475787cd8a1a4686fa212a2ec20a801fbd2ebab65c08c6451fe6c34bf1cb726829d747afd266d87f74c844d9b55bc74016

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\scan.mbdb
                        Filesize

                        1.4MB

                        MD5

                        3e2599322e6c4b24689ad33a1ea0875e

                        SHA1

                        0cf990c744b3a401961113da95782bce39be53cd

                        SHA256

                        bb7a496a689ecde10e537dc5eb1c8f374b52287a763bcc0cb5388adc05085f38

                        SHA512

                        573bb53e673d7e403d63f30afd181690be3f47adc77fa882e372a50ec9bbc7c365251f4f5092aacbbc350a195713020ed435ffbf8d8436028e9e8e230345a81d

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\tids.mbdb
                        Filesize

                        233KB

                        MD5

                        471541d2750183c22b806f20c78b3b4c

                        SHA1

                        879698ec92809b1846955ac46bb40bdbd705a091

                        SHA256

                        8d8339a1e58886e580c28c516a697f526efd5ec0b92c588f1638112d9c5b119d

                        SHA512

                        11933a0ef1fbbb0c4d6b0ffdb84c652bf96ef5079941d51a0736f7055ff5b608f1101c57147f3b9662aec7391b183a77a2499254a2d7826631c49bcf7bda3f85

                        Download Submit

                      • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\wprot2.mbdb
                        Filesize

                        38.9MB

                        MD5

                        bfc5a5f64dd1c2af0ad9cd1057a5e127

                        SHA1

                        e965a7f52df192eba3463be57b6097486042e4c6

                        SHA256

                        fc3eceb8d034cbad69f29d2a5dbb322c795754c3f518c7a7b78b6a8c33559c2b

                        SHA512

                        3bd3e7c77540b59c036dbc3e6b4f2b806ea5ea4199a5dbfdeb7899f31869217c9d7051ab16f389729a8e18d1a21e8ce97a4328fb8768cbd6ddb491d0ad96bb83

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\7z.dll
                        Filesize

                        1.7MB

                        MD5

                        461faf68ccc02b0223fd273b630f21fe

                        SHA1

                        363b8beaa74f0f454c2d544ace9e71a84bc2b4cf

                        SHA256

                        cb07f3f461e9c267831b1ab93af6dfda1bb51d72e42d73d00d26594f09326be1

                        SHA512

                        4b671f48e45fdedf50c7f7bb6c8d82a3b98f7502006eb002aaf8ff31f25f9ff1257c7bcc12caf622e43d4ec665b19d978ae3e3762f76def0bc71485ebdb8426f

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\Actions.dll
                        Filesize

                        5.0MB

                        MD5

                        1eff53d95ecaf6bbfffe80d866d8e1dd

                        SHA1

                        d7ef7d7c77fd04b2c0eb8c16bb3cd08057f6742f

                        SHA256

                        6dd748f7ca56125cbe158fa3612f08e7312ef58ad5375e6b7ab5532cc16ca0ac

                        SHA512

                        c59b8e6f0b238a247e64b9c7bb42213dadac1dada63542830a6292361174c935c0c662b2d1aed3fb6100cc4993297b1eaf25e328f2b4613458c4ffca63b9f02d

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\ActionsShim.dll
                        Filesize

                        2.5MB

                        MD5

                        e7a4bb8fa34bc5ae8b84bf15442da99c

                        SHA1

                        26e6d20876f01faa32a7a846c12dd35c695d55b6

                        SHA256

                        9ed946c62c7801779822a83d9126257f6426af381a42ce29d5a3c49c774fc141

                        SHA512

                        10b007f132cdaa7ea2e75281cd7767b59fd61335d28bc55b778e05479ac993e3578ba1370fe1ce6bf35d271ca970346d5f8cd13637f59fb1fa01c8a6345727b1

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\CleanControllerImpl.dll
                        Filesize

                        6.9MB

                        MD5

                        ef3e4c2c617164e495bbc0ec13890ca9

                        SHA1

                        f384c1892e00720ccb97a921d556654d730f1d3e

                        SHA256

                        7fa7d2d0618f46d50d36401f76d0314c72096ebd003d365d8df2b488bf02103b

                        SHA512

                        54f56aedaccf3bade0ec4601a86d23b8110702562be0a2fe2ce18aed09793eb0e7290215b3267e3e2c57dac850f446b10fd3a5e3c81e11508f1a70224366a51f

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\CloudControllerImpl.dll
                        Filesize

                        4.8MB

                        MD5

                        3cad89a85ae704b4e264a03dcbf1de8f

                        SHA1

                        aacc5111236b95b9044f3228c961345ead3ee5c2

                        SHA256

                        1f56f70c09fb6b6c92795dedbcfa0626ec29383d53166ef0f179e86a46b33b56

                        SHA512

                        4efbb0b81392378cd143e1526d94b39434306e7354dbd6326bceb37cc3919f2b84d4ec08b378a35b44a2f93b660623f9112a36f4fb745f34327f9fda8f0e84d2

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\CloudControllerImpl.dll
                        Filesize

                        4.8MB

                        MD5

                        3cad89a85ae704b4e264a03dcbf1de8f

                        SHA1

                        aacc5111236b95b9044f3228c961345ead3ee5c2

                        SHA256

                        1f56f70c09fb6b6c92795dedbcfa0626ec29383d53166ef0f179e86a46b33b56

                        SHA512

                        4efbb0b81392378cd143e1526d94b39434306e7354dbd6326bceb37cc3919f2b84d4ec08b378a35b44a2f93b660623f9112a36f4fb745f34327f9fda8f0e84d2

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll
                        Filesize

                        4.4MB

                        MD5

                        b7a9a7b44b82e954c1b77e7b7f71ee66

                        SHA1

                        02f3eabef778d5641eea89d318268e79949da7c6

                        SHA256

                        ba97bf9a2a0c454dbd965ef7b6c12f582d49391d5297fe2ef4a94bb13d2d472e

                        SHA512

                        524dee007193cc13ee81e9734564e8a121715f7ecb27d113eb7d8265b7562ab60237aa64c556a819239ee9b4abdc8523a57ca666bdd48de82eca79efba771bc5

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
                        Filesize

                        8.7MB

                        MD5

                        3c7b30585f27d8b078be165406bb651e

                        SHA1

                        26918e1e29b380ad833198658f939b057e33db7d

                        SHA256

                        1c340f49c4449d5eda5c425b893368f21f7d85901053c1d1b61f791020502ecb

                        SHA512

                        8825e70dabb6d99d11a1727ec831d428a509bdfaf0283367cd29cd6c560021bf65dd8cb9b54eb71e9bca22d8681fb155adde443e272646bdc28994b7990db07c

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
                        Filesize

                        8.7MB

                        MD5

                        3c7b30585f27d8b078be165406bb651e

                        SHA1

                        26918e1e29b380ad833198658f939b057e33db7d

                        SHA256

                        1c340f49c4449d5eda5c425b893368f21f7d85901053c1d1b61f791020502ecb

                        SHA512

                        8825e70dabb6d99d11a1727ec831d428a509bdfaf0283367cd29cd6c560021bf65dd8cb9b54eb71e9bca22d8681fb155adde443e272646bdc28994b7990db07c

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
                        Filesize

                        8.7MB

                        MD5

                        acd4e9792488adc9627075238bcf3843

                        SHA1

                        54f49eba565197460b564af8ddfacad91df960ff

                        SHA256

                        84864e2ce732b2007492cdba8fd83d25f2a6314414e97f67e7bab9cb66ce3833

                        SHA512

                        8a0d680d532621da8e174ddc6142a89cf81b5af7d8a4325cffbcd61f473d3006dd419d0f740454610be818c53858ea7a30c22102465522130b5ba9b15c7a13a0

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
                        Filesize

                        8.7MB

                        MD5

                        acd4e9792488adc9627075238bcf3843

                        SHA1

                        54f49eba565197460b564af8ddfacad91df960ff

                        SHA256

                        84864e2ce732b2007492cdba8fd83d25f2a6314414e97f67e7bab9cb66ce3833

                        SHA512

                        8a0d680d532621da8e174ddc6142a89cf81b5af7d8a4325cffbcd61f473d3006dd419d0f740454610be818c53858ea7a30c22102465522130b5ba9b15c7a13a0

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
                        Filesize

                        8.7MB

                        MD5

                        acd4e9792488adc9627075238bcf3843

                        SHA1

                        54f49eba565197460b564af8ddfacad91df960ff

                        SHA256

                        84864e2ce732b2007492cdba8fd83d25f2a6314414e97f67e7bab9cb66ce3833

                        SHA512

                        8a0d680d532621da8e174ddc6142a89cf81b5af7d8a4325cffbcd61f473d3006dd419d0f740454610be818c53858ea7a30c22102465522130b5ba9b15c7a13a0

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\MBAMShim.dll
                        Filesize

                        3.0MB

                        MD5

                        f44b6c80c46c4cf3071b5f5b916e1271

                        SHA1

                        839f2238ecbbfa80ebf9c1f77eafc78204b58761

                        SHA256

                        732523df43358729d5e85cceb557d69016dcdd3e2238d903c33c5327c3131fae

                        SHA512

                        99be164ae96bc4f93dc896d5df445ad1c2f023f10605a8c9857d7ebedfc5b070f50cd33b401d61003e601a06b8446e6c0b5dbddda4927a2e1352407d3b266942

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\MbamElam.cat
                        Filesize

                        10KB

                        MD5

                        60608328775d6acf03eaab38407e5b7c

                        SHA1

                        9f63644893517286753f63ad6d01bc8bfacf79b1

                        SHA256

                        3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59

                        SHA512

                        9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\MbamElam.inf
                        Filesize

                        2KB

                        MD5

                        c481ad4dd1d91860335787aa61177932

                        SHA1

                        81633414c5bf5832a8584fb0740bc09596b9b66d

                        SHA256

                        793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3

                        SHA512

                        d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\MbamElam.sys
                        Filesize

                        20KB

                        MD5

                        9e77c51e14fa9a323ee1635dc74ecc07

                        SHA1

                        a78bde0bd73260ce7af9cdc441af9db54d1637c2

                        SHA256

                        b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0

                        SHA512

                        a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll
                        Filesize

                        4.1MB

                        MD5

                        c447ffc8af4633daf687e0a943061a60

                        SHA1

                        2f0a1854d75a82929dcff5308befe3b83439259b

                        SHA256

                        c01804c902c5532517fa0ceadc91beed01d5ac67adf062b7ce7eaba8272c40bc

                        SHA512

                        e0d650c35a46063d0e3870e1888d95827050e7792391b8c6ba4b5cd0cf2501cf0eb3aeb1c4a9f524467b6efcc4cb44c8816ba91aa09858c3594d8334a3eb2edf

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll
                        Filesize

                        5.7MB

                        MD5

                        a340fa4ce6b8a5e22dfe5348752138c8

                        SHA1

                        4cd995cce3194b43a5e2f12f032eb5cad88fc3c5

                        SHA256

                        250f17aad7e80a1b33b79b1e95cdae26d6be6f1c27dc9aaba1b6d8f346393b8a

                        SHA512

                        bc72a19624042b1a3f6f873ec193c890a12fbb85111b60399e5b3c9584a752c9c38b637fc37b5a7a968dcedaf804b299ee2156726aa7462bc940154d3654feff

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
                        Filesize

                        593B

                        MD5

                        6cbf1f9199b1705b34c75c9c33ff14f0

                        SHA1

                        3efa02e69bc2a83e9085c26774b32229547d2852

                        SHA256

                        bf14350d89d6a9434850867c265ba2acddc40761a6c1c4ee943cb42e7bf5a585

                        SHA512

                        995afc2ac2a8b4313b602b010571f30075491086a13df1f4c0b619b2b9803022b8e694510b15ae503d3b1669cc6db32b0fea2420d1381e498b0c988f7ea9e4cf

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
                        Filesize

                        593B

                        MD5

                        6cbf1f9199b1705b34c75c9c33ff14f0

                        SHA1

                        3efa02e69bc2a83e9085c26774b32229547d2852

                        SHA256

                        bf14350d89d6a9434850867c265ba2acddc40761a6c1c4ee943cb42e7bf5a585

                        SHA512

                        995afc2ac2a8b4313b602b010571f30075491086a13df1f4c0b619b2b9803022b8e694510b15ae503d3b1669cc6db32b0fea2420d1381e498b0c988f7ea9e4cf

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
                        Filesize

                        655B

                        MD5

                        fbe49ff12c15759bf13451dea485331f

                        SHA1

                        85222d82031b952976feb5ce3d5910308187560c

                        SHA256

                        760059ba0f706e58657330d6881e3a101b56f67b3b5a281617599a3613f6206f

                        SHA512

                        25d53555bbfa999e5e30b28a238cfbf7330f4dc6c69891a8aeb156dd9c071b463a3762b738169c0d3e75cb5dffbf6530ab98f8effe1a9397f3213302fe43707f

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\TelemetryControllerImpl.dll
                        Filesize

                        5.3MB

                        MD5

                        a6b7865089133607d9fe66617abcebea

                        SHA1

                        e7d887a75fd48945d3f56b5635bae822ad5c7a1c

                        SHA256

                        f1f1958fbd3ecc0b61f1be129025dfc59112c09b146299caca61bd6f552c0355

                        SHA512

                        3c0638229b90fd4d4ecfbdac89a467d514824e57f1d40f68c5009051a48cc53a0f2f5712aeb530ed6aa9b855272590563c95738abf768f46bdc332806e6d7792

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll
                        Filesize

                        4.4MB

                        MD5

                        d0b204fb32962798ebd9ab0ad336a83c

                        SHA1

                        f281b35553afa236a214b910c537ecad0e3bacea

                        SHA256

                        627db74adff5407a074e94997cb724434478801607c972ff2afdf10d4928bb98

                        SHA512

                        5d3aa0851b7479d3c6d092052fa8271cb335f54ccac526a01c64745c222f906b6a5ece2fb6637e6dee878cf76af3ad89e0eb7e7686a7061c134a9e8e6d0d3eac

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\ctlrvers.dat
                        Filesize

                        8B

                        MD5

                        c72425e92fb1804d6f0dec0a59ef783b

                        SHA1

                        294f71997179899cb5dae2ab7cbf62d435e2826e

                        SHA256

                        808e8f5cdcbe8b277c027aa029c25131809202230b579b716ba17c8d6778df55

                        SHA512

                        e1125b1c6314de927c6a1b8211c968f5eacce52f4cd4f93730bc7b05fd0c3daeb4016168e4b54063305cc26d9c02ae06b0cc1bdb6269b1f631d221e1346d5885

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\mb4uns.exe
                        Filesize

                        3.8MB

                        MD5

                        b9d4462ef148f15b28f87040d294b6ac

                        SHA1

                        a11426b9b2054562973bab331cf3de32d4965fde

                        SHA256

                        c7d2a91dc0230c4b2f7833490e9299e3d1ec8a80379dcc6f90582f51415f96b3

                        SHA512

                        67064c8b60d050126053ec3ec108b270dc2e673aededd720a4c18463f7c185195d39db113dd8097543b7f259c8c23832f4d5780bd56c1bd94c266e7357c4ba51

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
                        Filesize

                        22.1MB

                        MD5

                        f55ee10564dfde096fed148b36fa87e8

                        SHA1

                        d3e9b68880ec9d7d74f4ee5dd7445c16ae712bc1

                        SHA256

                        8ca62ef10d6cb40defa4a379b1202351e1034b9451d7c53b554d5c24315f4efc

                        SHA512

                        3f961ce85818f75fd9cef3223801b35a85e6b414d0f649e24edba26229887d2523e760f59f0a6f164156104cc416b087906afe4d3ada4c0c4b6570e6451e1270

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
                        Filesize

                        8.0MB

                        MD5

                        d71e580c70548588faca4e4421b7fce9

                        SHA1

                        924bacd7de250be62178dd14f1e391b919a489fc

                        SHA256

                        08812c249960a9b3d88c3e29586422e8bd940dfce2279560cc2340fce594cdcb

                        SHA512

                        42d5318c1380e4c6b1330def1377a074c308127aed25f277037062e25c54d82c5f6396d781278f5174b7bb8b33a840210a86aad3b7df44e2d807f62b837d45e6

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
                        Filesize

                        2.7MB

                        MD5

                        b7e5071b317550d93258f7e1e13e7b6f

                        SHA1

                        2d08d78a5c29cf724bc523530d1a9014642bbc60

                        SHA256

                        467de01d7cee7ec54166b80658ff22f9feebdb1c24eaf1629cf40e4124508064

                        SHA512

                        9c35293c95c1a9141740ac99315605964aa37c4a42d3a11cae9e5649ff1427a9480d3d5e7f763212cf13db3511c5ea3c84e68f95f0067fe6339a9d3fb7b27c54

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
                        Filesize

                        2.7MB

                        MD5

                        b7e5071b317550d93258f7e1e13e7b6f

                        SHA1

                        2d08d78a5c29cf724bc523530d1a9014642bbc60

                        SHA256

                        467de01d7cee7ec54166b80658ff22f9feebdb1c24eaf1629cf40e4124508064

                        SHA512

                        9c35293c95c1a9141740ac99315605964aa37c4a42d3a11cae9e5649ff1427a9480d3d5e7f763212cf13db3511c5ea3c84e68f95f0067fe6339a9d3fb7b27c54

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll
                        Filesize

                        114KB

                        MD5

                        16663d125398773a90d0a53333b7cf5e

                        SHA1

                        f92928ae3c9292588547ceaca1cb1d372bfd7936

                        SHA256

                        38e6811b47262101759aa51a631263d9e3eee5d211164318a751e078afec4cbc

                        SHA512

                        091764b8ad80aa31eea0bbd91ee505ebdea2654bc8aeaa3081a061d0d37ab13d27dd203075fd0de10c6687591aa0e36139a38af846c4e34e6aa67ab81dc277df

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll
                        Filesize

                        114KB

                        MD5

                        16663d125398773a90d0a53333b7cf5e

                        SHA1

                        f92928ae3c9292588547ceaca1cb1d372bfd7936

                        SHA256

                        38e6811b47262101759aa51a631263d9e3eee5d211164318a751e078afec4cbc

                        SHA512

                        091764b8ad80aa31eea0bbd91ee505ebdea2654bc8aeaa3081a061d0d37ab13d27dd203075fd0de10c6687591aa0e36139a38af846c4e34e6aa67ab81dc277df

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.sys
                        Filesize

                        233KB

                        MD5

                        1dc6d344ee9b6b024ba23278891db9a5

                        SHA1

                        519b792d11daa2bf9d127f69cdd603a236576e04

                        SHA256

                        823e1c7321e177b006c1f3fd1ec8b99607a12d2c3c321f3a6cbbcf7030b6c240

                        SHA512

                        fb96c4ede03c3aa729d2ea5a72c5f14029f6d69a79b6e0d5449e371bf3acdbbd1cb2079e8bbac3a3140a257c71018bc7a2a31a45ad5c8b65382e67cc3431ab6a

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys
                        Filesize

                        217KB

                        MD5

                        6a21162e1c8a9f65787b14bc439eb077

                        SHA1

                        1bf68b253edd6cae098144e24e09b4e22178784f

                        SHA256

                        8b7990e1c676f53918e41f6b18b20179d77e598352d9243b05e2ea22b2d9e4fe

                        SHA512

                        a0dafe66479b9e68ebf04a7e2fa7c7cc352fb075356b7eccebee7af527393711e3cb36c7ff6466a5e28b17d1d003c1c49ef176b448f5de36a7c8177c9c8808c4

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\srvversion.dat
                        Filesize

                        10B

                        MD5

                        998cdb4aaab329f32b7f47e12e39f3ea

                        SHA1

                        120b5294f287c1012209dd530e3779531b037b6c

                        SHA256

                        79a1be670d35f1bcd3e21d744943b594100648a1dada89f134ba16e3a76f6981

                        SHA512

                        a095900684807d8bc770fb4f93f6ef1d7c96fccf038726429e416c749147c53bd0e195bd2655ab83298a6f2a0e6d6baa0c1d9580123d93cba10c576e06f54333

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\uipkgver.dat
                        Filesize

                        6B

                        MD5

                        9e94f26e0bdd478d4c04984bbee7af09

                        SHA1

                        2faa997e896c76833739c181ac8a9d43a06d490d

                        SHA256

                        98bfb5c401b5ddc4bd6b666ffec4037e780478a8ace9afad84567a4d6530b787

                        SHA512

                        185082a8b6b3868afe36593bfd5eaae910efc9acbe2bbf214da08f58debd6c536184b67def9062e337fcd6133c1c62c2999b16b76c6a9c232d5e751d0813fd6f

                        Download Submit

                      • C:\Program Files\Malwarebytes\Anti-Malware\version.dat
                        Filesize

                        47B

                        MD5

                        a26ef860b5878a7400e4ea50db6e2b4d

                        SHA1

                        9c2beb835ef24dd9e9bd791500ef4bb35f16a5c5

                        SHA256

                        af031cc78b5f25dbafe354b95b23ca60f14aac7825c0bb8bb396b909711d4dcf

                        SHA512

                        df646539049f5ad87a3b5a3600ebf727220c7755184d064f7774ee215c72c12a08469374ae386b28d7a7287a76d1bdf5bf78ed17073ca113ad2821a646f8da39

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
                        Filesize

                        1KB

                        MD5

                        5574f5de75ea1ea1fd5f61b320c48c28

                        SHA1

                        c4a19e70bd4bca7ad35c352016d5d7ec860ea995

                        SHA256

                        8768dc0a203b103ec7262224452f891d0b23fbc154c44d0f4145c080c7996c28

                        SHA512

                        eaf23911461a5af09c40de6a05c40f50a0b2ca29ecf34e053b78307cf3cef459d0d2cb46a425d448ca789167059c156ab19a39cd37ac5b54824e8fe59359c1af

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
                        Filesize

                        47KB

                        MD5

                        bc9a1a41811bab3d01486635bcc4548c

                        SHA1

                        403f4019616bb4a06c4eeeba2858fd7a556dc1c4

                        SHA256

                        517b7169e994075e7c2a715aee3832aa7a63b1432e996e2d853d23db32acf9fc

                        SHA512

                        0b84cf39219e2bc4d0405890854ea1cf49665faae340f0b38334493c98e636ed49ecccc2c8adff585634058d7d56a7c1db82db7c45ee62fb48f49025df0914cc

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
                        Filesize

                        64KB

                        MD5

                        b2b2bb278b691ce1c06f509b80ff279d

                        SHA1

                        47edb8574baa339ea8e35f1bba0f0cee753bb207

                        SHA256

                        2ca66770b2847c41f33b8e3123a68673b1893f476bc8b8bc043ac7cf6489c04e

                        SHA512

                        50f125103bd84c61fe075ec1180fdb25bfb365ad8d63e87eea06e1ceaf82a3fe8ae0e91be1e1b04bf7d4392552503b5e6df9ef2771075e6c9f44fbea1d0e3a46

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
                        Filesize

                        64KB

                        MD5

                        a94729fd8a322d324a453ca732bb9d03

                        SHA1

                        8b04488904ca04596a22245552df6db20c75b5ca

                        SHA256

                        af0faa07d7bdac3954d9cf222d0bf3c06be5ae4a63fa7a0373fadc6e23ad6193

                        SHA512

                        96f69b7e72d84057ad1df8fc62b999270678683a107ce885578b716e2372e20678c0b9689d5a665975292728c75580bac166f2f4f0621972898f5e984d8592b6

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
                        Filesize

                        607B

                        MD5

                        fa778165891efa02c5498b15aeef5343

                        SHA1

                        1e0cb8facdcf47e84575b9356eb4d2970168fe1e

                        SHA256

                        d5e69b3dbe91132f688dd5ea284762b0f3870a928582998b642a91bca3ad5af6

                        SHA512

                        d53ae4de3564450dbf43a68ce0018f2002e5bc68422c60e0243b4765c28a257c9036b0d54c64d800b8bc9220201e7ede18a418d8da0241ef70bac86ad7af8913

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
                        Filesize

                        808B

                        MD5

                        7f37bab64eec344057c60d8a4728f501

                        SHA1

                        5fa28dd5828ff3a8517d864bcf3de59742102136

                        SHA256

                        7afa69f9602c9cb005c4f3faa3a07d296f7b183c88315283b4ddc331dc846d00

                        SHA512

                        e39f6dc6e274b63089e08133f70b91fc97408894d9cb85b42a83c905a7aabf8bb46fafc6b11814166f63aac80fc1d868a7b55c27f2e96c8c39e50711ef098a2e

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
                        Filesize

                        543B

                        MD5

                        0bed0f6f26ab2c0e6aeb0413ea2124f9

                        SHA1

                        6f9eda0ad2359dfa2db38870791a174b8262b222

                        SHA256

                        55676a373d85ec4e520019db210cb7253733fd6b707161b5f566c88249a166e6

                        SHA512

                        c23ecf47486dc925b4ca791c2e117ef6597807ad80fa5ce0292779a23ca7d3394d6cd68387e6f1a40b2b436d4916e9db06f0f97afe64419c2e295e929307d877

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
                        Filesize

                        9KB

                        MD5

                        fb19cab7a79c769eb13a9514b7b34ad3

                        SHA1

                        9db09f91286149dc607c5851b5b529e070eb593f

                        SHA256

                        eb1b0cb0c61403255060985d2ca1e2c8a65905571d59b1faff8914362edf673c

                        SHA512

                        5510fe4cf6ebed4404245ff8592085175a8d391ee68ce0bdac4392cfc94de539f89c7f7d9d40aa001b3ab8f9629d9041cd5e56c76651a1180bcfc170726329ae

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
                        Filesize

                        10KB

                        MD5

                        74ca74b7ea007de1884e3f50483903f3

                        SHA1

                        5b799b243d4379991205ad674d0c9689b5ac2437

                        SHA256

                        2ff9f9d39236159baf3a1ce3d9faf046600423df9f4cc269bf30815254ae4c45

                        SHA512

                        96e46cdb8d90430b919b710bb307a1b622a3b470c71cda0d286a549b806e605ca948e28759626ba952b6a26e8399ec3b0ac12b4b073fc8d3799f66163b5a272c

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
                        Filesize

                        10KB

                        MD5

                        8a55f90b3a7fa588df101244ffd23c22

                        SHA1

                        2b5405f14378091b95916113fbb604da2b8e61b4

                        SHA256

                        eeb2a2151a31a21137a951f49bcce3d368f4102ed3111e5f73e88941d7872803

                        SHA512

                        a0100478de9220692d5f09166389ace9acd815e0cf33be3adfacb8d057b65ac7339c9d28b26092f3e96c3f8e46049e0784fd00c7be85c8e243387552432eaebf

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
                        Filesize

                        10KB

                        MD5

                        ce7a3a36b30ce1c4652ff6f07eb1fa20

                        SHA1

                        25c1d878f1c9edd5874ceea2fe76089f16bdcfc0

                        SHA256

                        d017e7b60ecc17093ff16ad2cd770beb49ed7aae76b6a79640b52372b730ee7e

                        SHA512

                        c346542a14b88410fb4b4d938c30d384f5d793a3bc284504328d56bc9f5bddb721e04b36b8420762f02f58f03d3e74679f5a17dd08c3feb3ca235ce19fc8b0a2

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
                        Filesize

                        753B

                        MD5

                        85eafccdaf36d07a0da991ebdcfb50a2

                        SHA1

                        4f2af6e6dce0ac83eaa5eed7288e992669dc7558

                        SHA256

                        c73571b7238ea0a379828017deb13bf9e0fb06bd7f747afd688180022b32c6f7

                        SHA512

                        0f65883f34e74d392a195ab00fcf1bf4d5474aa82c5ed946b6cbc08327559f723a9732ded42fcfde35752f2511d69c86b594b8d3b7c837188cd4fd0ce28ed131

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
                        Filesize

                        1KB

                        MD5

                        706dc439c627eca1e2806c2ffec690a1

                        SHA1

                        40735df492d8ee280733f982f09114e702521a9a

                        SHA256

                        6e143a7fd8133c6ce2dcdc1e54dc5df5739d030be51fa3f558271d390e66eb10

                        SHA512

                        b97ad95d6e300d0c5e97fd8eddf35edce56dabbc1012792bc346a82c5db0ae2f945bc6d863a760d8fb440d99a7124058ae322ddf73067c3a8130cf2daafe92f6

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
                        Filesize

                        1KB

                        MD5

                        e6cdd912a69f5da7d06d179b645e142c

                        SHA1

                        51a04b04cd78fedce1a51a601e3e463834188965

                        SHA256

                        b3f87aa355cbef29ad16eef89f86cb5f1e56b2f00806b8cd347997a5819e74fe

                        SHA512

                        8bcb939c78a81a6c2d47213f0f40522793b3f0a9dae87ab5b5485fbe03795df878d79966f6ac156c999987849b8b4782c04b747caa805cf5c2aaad46f7a5a5fb

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
                        Filesize

                        2KB

                        MD5

                        4d77df5aeab284b81af0682c92f82363

                        SHA1

                        aec722264e7f71285ed568ae4d996cce0f95f517

                        SHA256

                        32f851c6f0be81ee7e4218b8d9fa76c3211f4ea3ae793bab075f1efc777e7fe0

                        SHA512

                        89c46600dc512e89f73507431ee3ad055c58ae093e10d49bb1e9b338e18bdd08a2dcb71519046fa4ec4a5f84a12592eff010dcb5e1dea30cea128ce501aa0929

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
                        Filesize

                        811B

                        MD5

                        f9dd1be743bdf2ed9fdceb973269f51f

                        SHA1

                        fb636ede31d1b300d7518e1b0036aafe3d011a08

                        SHA256

                        96fd743c527c04d42d1ce23c488174f65452d0f18d23a31ec341eb58aacec51f

                        SHA512

                        86436d61a582eb32ca1eec8b858fdc6997f8229cecc4c7029ee9bb29466dfd06e8bac7b5a649992086e944ee06a7e2172d1d9f3787ed607ad86cd7a12d26352d

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
                        Filesize

                        814B

                        MD5

                        5956da9c1deb07c2175b03fd5f410b69

                        SHA1

                        2cd883aaa53d8bf8c1a7818c5bab21866c56be58

                        SHA256

                        009ee570085edcf38e4e9db9b54d8e85a8383f4ba1f1fdf9e9bc188256eed36f

                        SHA512

                        fffc2627f50d6d934fc1ba5d62a573416a39bec3712f3666a30d8460ee7697f9b8310c2b6b91c227d35a38f8ffb419aa7ae412db4a71d6da77b81f71b49a1ab1

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
                        Filesize

                        1KB

                        MD5

                        042faf2b0f3c03348a69b56c5408ea94

                        SHA1

                        02b5fe5da87a126110ce373f29c7a99cae5de75d

                        SHA256

                        324f2e7e56677bcf3d372413c3c3cf20877c7cf7c695e5669d1973d186e547be

                        SHA512

                        efe91a4c82adf560e341ca9b231ae2b44675504f4dbb4a28fcf538a9de635c896879dd8b9ba93368359a3156c801a289e43248ee34488c5524e56e68e5122d6b

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
                        Filesize

                        2KB

                        MD5

                        b6c7738c176e4aba409a3bd1faf25d2c

                        SHA1

                        cbacf7224597a6db885d01a46bfcf76f7363b5e7

                        SHA256

                        99269a30fccb9363424ac9e582574227a19780e6591073c7108e34cbf8c2a9ca

                        SHA512

                        c58f6dec295a53f0ce9b23ad47196957ede2a83f9d8b2c846c5a37f1ba3c3dd605d515725639624fe5459e9e84e1ea47e6e334f04f87d84f61d8eb41a0596eb6

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
                        Filesize

                        4KB

                        MD5

                        8e0afbe3f2f099b165c6d9a150823ede

                        SHA1

                        fb688993cddb0a298bbce60481c96297cda9f0ad

                        SHA256

                        7be6c0c12202fbc92e2a19735d031ef4301d83e4541dc8afa1a013d416b9c94d

                        SHA512

                        a4e3b2de65f292ceeb862b3e04abdc6a5a79287057a626cffad906d3c379a59426f57c8d4a4de854da914dedc0bd4c2467b49a48260af41c2a2f1a152c66fc09

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
                        Filesize

                        10KB

                        MD5

                        c96fad3e48fbfdd3407c63d197250413

                        SHA1

                        48245720d9786fd3fa7325ec887baee24549052f

                        SHA256

                        83228098c78e5ee6172fe57f51c8b12acacf30cef1743482e3be3d507501aa1f

                        SHA512

                        3065624d34666f701d8cc3240fda19d1a5d1f7adcd2204285f73e5fc7cf02d3943349a3f4a77fdfb7f5be071532f6be277b8e18191465dfb7547397eacf961c1

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
                        Filesize

                        1KB

                        MD5

                        2a6e8898c1b3b5d6f3dfd9833660c6bd

                        SHA1

                        334e039e17f77db95457a1dbfe68b4e3a1f26389

                        SHA256

                        3de8b319b1220efebbf6cfa391571f7279658a68c1e9379615e5f6f9d1c3b73a

                        SHA512

                        6ddd687be3d80484f88ed386e50f32d6a37e9c4b41c13516ac676195f0bcc1f639288f1da03edd6279985c80d1b6644b5f8c77a213b9963ec1304bf48cf802c5

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
                        Filesize

                        1KB

                        MD5

                        e65c5ee59faa4013c17feb712dadd3fc

                        SHA1

                        0f50dc0f7cc93996345e4b7576950c021be8eaaf

                        SHA256

                        0b9d12769cf2b2d866762cfa977c7e6f0952cdc823772b20b642f6a1b45a5f40

                        SHA512

                        c8d02d02aa697096f37708957f5f5d529da1d09955b8a8915b5c7c46d1f9bb5c1dc9cb0fcef40820843f8398f80396cca8847b79cfa0860cfbff7bbe7f6559cd

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
                        Filesize

                        1KB

                        MD5

                        ad131a32d32ab477793a064a3b38f766

                        SHA1

                        060734c838d746b0ed61f2ca1bebe22f18637c10

                        SHA256

                        b90c033439d5a59463cd29c9e7c1b2253f0c6e5cff3f508fd477e33750551b88

                        SHA512

                        0e47d57524b0d4e1a139d592098e9b32e411e0bd22298ac67ab5bfe0b4c25f76a1aaff3012a106bc4a68c9e33c84ddfb2ffbae1b49cfb1cea05b08b39ab723e3

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json.bak
                        Filesize

                        1KB

                        MD5

                        538d4f7ee095526783b3d206089a59a2

                        SHA1

                        f8778cf4cd370df02212f1e110b8dcf5e6ca455b

                        SHA256

                        23012875371466479cf7370c461b6a9a9cea5770d153f755c81da4bca69d294e

                        SHA512

                        7436d66d41565e4c258f789a198c51df6857c520caf49ba196390705cfd8cdb9c6885f17a549bdfe159380c4621336b2b144495071f7fad4bd400d053e99cad1

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                        Filesize

                        1KB

                        MD5

                        e12fdf95d63e258caf38b6787229525a

                        SHA1

                        7284a312ef6899cb48b57c029f4066f53e55afa9

                        SHA256

                        a911c05d7bbbff401f06712e97e45d42429cc9a6a9f8b83fc585c554b579f8b8

                        SHA512

                        81f76e6387fa90f0d45cbb1bbb8db20785661848c891e910aa4699378c15775f02447794925fe92835d0b26196f3144e93be5912b5d82bd85cca8ce8b2d36847

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                        Filesize

                        1KB

                        MD5

                        0f7d7e42801ea5cf8ad92be674ef82fb

                        SHA1

                        6eeaa6ec7a2fb6762e91696286a6c2881bb699c6

                        SHA256

                        cdb00a2b4b09d13a86f562470d46b233c994214432abc97a4f060538fa972990

                        SHA512

                        3e9cbd501cbce5915f26c047a0a7b02ad9efe35eada872ce850e7488c1ed21c447bb24008fd7766be634ff599064915c0a12cc4f050f032eb120610cb33ed6a9

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                        Filesize

                        1KB

                        MD5

                        883deefb7199c9f5e39d6cc65135f54a

                        SHA1

                        53e139896be21c5d76a0d9d182f3600da3739021

                        SHA256

                        dc0063345dbd29cf3fa21819fa019bbe458d1d018f2a7766323bbbcb70e5c9f9

                        SHA512

                        7c490da2bd0df22b7cf626174511feea61bae91fa452556558f4c2cac4c878088970873f6a57ea49ab66094fd7efea18b35d17cdabe50b937681f79529afcff2

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak
                        Filesize

                        1KB

                        MD5

                        2c016e3cae7862bc37291a2539649f51

                        SHA1

                        7c336feb59abedf4f12884472b383dc6781729f6

                        SHA256

                        451c0de033f9d7b588d0ea68e0f839dd9aed8ca4abe04c4ae7760ae0f42d0ee7

                        SHA512

                        c8f0562f1febff8b9cfa1e93dc5100785c26441ca3d24ee9da1260f9d658674dc8d981534bca42a888c049973d1ba64c47b67fca8dc6b839af9d28fd767486d4

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak
                        Filesize

                        1KB

                        MD5

                        062cc11242817739457631bdefae78d8

                        SHA1

                        3fa37e7bfed15d674a12116c7e873af633fc0c3a

                        SHA256

                        acfe7a11f238e744b6dc7d98dfe583c47e2f7fc7ce05c9a1814d0dba68a1dbe6

                        SHA512

                        a9660f026bee6ddec1a0ded7bb1453ba94a753d5817d5dd2b9a1f134f04334c2becb21955742d01582093150eb44d3434edc0bfac4e2e63fbdaf2756b5c03603

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak
                        Filesize

                        1KB

                        MD5

                        3c7f5b0e06cdc1c320b7b9a7e60264c4

                        SHA1

                        4d742ac75934548f3322ea6d309df1f7d9c97a9e

                        SHA256

                        8e5e0d118cb2ab07b0f1c3b39bea0f1d0760ed6b703f990ebb85e6186e379475

                        SHA512

                        6f84d19bcabd0581e6010c900cd604c1155746d73071ec9a5d55d1fba3bb7fa775fb50e279fcf2571582be3f6115b4797e245f405905df9a3e89e395bc695e57

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll
                        Filesize

                        5.0MB

                        MD5

                        1eff53d95ecaf6bbfffe80d866d8e1dd

                        SHA1

                        d7ef7d7c77fd04b2c0eb8c16bb3cd08057f6742f

                        SHA256

                        6dd748f7ca56125cbe158fa3612f08e7312ef58ad5375e6b7ab5532cc16ca0ac

                        SHA512

                        c59b8e6f0b238a247e64b9c7bb42213dadac1dada63542830a6292361174c935c0c662b2d1aed3fb6100cc4993297b1eaf25e328f2b4613458c4ffca63b9f02d

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll
                        Filesize

                        5.8MB

                        MD5

                        1ed53171d00f440f29a12f9beb84dac4

                        SHA1

                        4d9a1e3579b0999f1ab2fa818b588411e9ee920c

                        SHA256

                        e659e687a872050f9e65d78992d16bd9b393cf3f8e8c94e0e15fb42b7065327e

                        SHA512

                        17161cfc672d1b996b8af4ebac17f9a8a3807f38c9a23e2e5b4dadcd9a21c3a64faec9bf59147022a9df88b80f89300f1b537091289bd7a42806bd206a317e6e

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.nm
                        Filesize

                        316KB

                        MD5

                        1dafc4de7ca94ea98bfd98e584483ba9

                        SHA1

                        c5d2cc9e72e8f7404af5e04366fc6ce039e7d30c

                        SHA256

                        0645ad7cb1777ffd2ac8b36f16df5664f2a982f159b658f4fdfe7078f19c9cf2

                        SHA512

                        bb8bb10405efee77e2e46a91a0ae2e0a699458dbc7e4416fcb2cdaab0add54553d08b4b2ac50fba6dde55462ebbca5ed02bd3824ed6b15f686e8b1b72ee4eafe

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.sr
                        Filesize

                        25.0MB

                        MD5

                        c9e1d56bd4fb4a0c5699b02e73aacbef

                        SHA1

                        bea23ff5de154440fb406e5aadd0b7c0d23c5d6a

                        SHA256

                        b55a0103e868b68507b2b53d94742479278721a47d7c82401ec041933e1cc914

                        SHA512

                        d0a8593f3a865937cf04c60ebee126b23b05adb03d091d94ecb4d8f44a1325d1b21f86c0d3683f98c85d12ba3f360de7da4a3a6a7ecca4200dc4940a649830a9

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\MBAMCore.dll
                        Filesize

                        6.3MB

                        MD5

                        888b794737cd78e918486cd2a4116c65

                        SHA1

                        335aa063439ee8c2242591dd4cfe6c9bc28531fe

                        SHA256

                        2194ea4af98e6ba23e14ac60860a6c727f4694a9d904025288997ad05f0859bc

                        SHA512

                        f6a15dc86a89adcbf9ea6b96eb7d5671a2077696ef4cacf88c36d7c73c5f28d96f4a257ae8672981a24907e0583bb15c01dfe09ee1ac5837ffa693d5668dbbeb

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\cfg.bin
                        Filesize

                        639B

                        MD5

                        544a36063346eeb1e751030008a9f7e3

                        SHA1

                        b5c44a037d16bfd5cfe0e6ba9cb770111b3aac82

                        SHA256

                        33a822063dc53b5a693b5920f6a14bf4c9c1905c08b3257b7621c9f0c41d39d6

                        SHA512

                        fb86ef1c271d10da364654b244253a4492b8331d69e2a71479671a44f613b88a72822b5a849159b63b7b28c7cbe0c6b7ed35f82cf749a598b23676fae70f279c

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\clean.mbdb
                        Filesize

                        10KB

                        MD5

                        b08f5c57848e38686fc3ea0214124e8c

                        SHA1

                        13b1fb16ac11decdaa6aadf702c29bb176076fe8

                        SHA256

                        9f526f72efc6115306277c70bb16f86112c35187e22291c2f23e0cebffc4e9a0

                        SHA512

                        b24ebcd09028995bf56ea9f1f8223fc3c4a8b26cb2d49c624b20373cdd439243d5b8663a058780f5a553274b5ecaacc0b817bf3b2b2bc156bb925e2062425597

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dbmanifest2.dat
                        Filesize

                        924B

                        MD5

                        0442a3f16c917d326496b95341cea953

                        SHA1

                        55c84ca2db1723565757e373d80f39c1d9a7b0e5

                        SHA256

                        5d13840e9d3b0b0a87319ccebc8a522a80362cad89629a731a600d719c6e88ff

                        SHA512

                        7c3d3ebcd3710ebe30b4a7535d22aa4b39ffaccf6a6866757d4a43921e1aa03a6ab3be177987cbbcbe6da514fd2eb7aef3dbca6ade93123b7fcb5060210367d7

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dynconfig.dat
                        Filesize

                        39KB

                        MD5

                        10f23e7c8c791b91c86cd966d67b7bc7

                        SHA1

                        3f596093b2bc33f7a2554818f8e41adbbd101961

                        SHA256

                        008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc

                        SHA512

                        2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\exclusions.txt
                        Filesize

                        23KB

                        MD5

                        aef4eca7ee01bb1a146751c4d0510d2d

                        SHA1

                        5cf2273da41147126e5e1eabd3182f19304eea25

                        SHA256

                        9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f

                        SHA512

                        d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe
                        Filesize

                        1.8MB

                        MD5

                        f4bcae29120428ab0d1b72acc375d7fe

                        SHA1

                        0970f103d74c634a91afd69388ab692f2df4819a

                        SHA256

                        f6e63c104b5a3714a035d2272e4663b0d9599c405bb31e7f9e7e108205707d4a

                        SHA512

                        078c4a5a15882ad74eaae3539bb787f28a5b3bb18e8b3a33bf44cfaf98d7dae05bf73245193ad2d3075686b6405c25a6cecdad3d6bb36ffa8b3da5812ae675b0

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\mbdigsig2.dat
                        Filesize

                        514B

                        MD5

                        9167f2b5ae53627de5512e4ead331cdc

                        SHA1

                        2b76c5f12bf096641e9d6c2c95b061b87e7e746e

                        SHA256

                        1430c15216fe4cb7461b059b01e04a9d539c6e6de88d98b40d017932781faf47

                        SHA512

                        272429b6df67ad273800358c19458eaaf65f34f0bb6ae19f667303f0d93a31005abafaf71ba51927f33107630cb32289891548f59906d35c8df7a88bd64f14b2

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\prot.mbdb
                        Filesize

                        24B

                        MD5

                        546d9e30eadad8b22f5b3ffa875144bf

                        SHA1

                        3b323ffef009bfe0662c2bd30bb06af6dfc68e4d

                        SHA256

                        6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f

                        SHA512

                        3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rdefs.mbdb
                        Filesize

                        24B

                        MD5

                        2f7423ca7c6a0f1339980f3c8c7de9f8

                        SHA1

                        102c77faa28885354cfe6725d987bc23bc7108ba

                        SHA256

                        850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55

                        SHA512

                        e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb
                        Filesize

                        21.7MB

                        MD5

                        f73eeea88febe13d789520e87483c292

                        SHA1

                        b2ff4540f9337c1ab8f379117fc7692fcc081b48

                        SHA256

                        7dfb153f20937862b76eee4437f2ac618427da906d1f7bd0d6fec57eceac043c

                        SHA512

                        4e71487b15a4984cad2dd559100532475787cd8a1a4686fa212a2ec20a801fbd2ebab65c08c6451fe6c34bf1cb726829d747afd266d87f74c844d9b55bc74016

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll
                        Filesize

                        528KB

                        MD5

                        f712ebc5aa4cc78b7f1a0c8810ce7db4

                        SHA1

                        48899721fbcd93b7d5440ce269b7777a62582eab

                        SHA256

                        46d6f6dad272240bcdcfc0d5c42f88a2784a5ebf31bb284555cf260b21e8a4d1

                        SHA512

                        20ea70c3b4e3cdd3727207b9b13e54332bee15ca18cde5228c7f93982310d77e5f6ebccd1a8251ad4d8cbf9ac6646bf7f5856f1c82d3b3ef2390fa779ec06017

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb
                        Filesize

                        1.4MB

                        MD5

                        3e2599322e6c4b24689ad33a1ea0875e

                        SHA1

                        0cf990c744b3a401961113da95782bce39be53cd

                        SHA256

                        bb7a496a689ecde10e537dc5eb1c8f374b52287a763bcc0cb5388adc05085f38

                        SHA512

                        573bb53e673d7e403d63f30afd181690be3f47adc77fa882e372a50ec9bbc7c365251f4f5092aacbbc350a195713020ed435ffbf8d8436028e9e8e230345a81d

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\tids.mbdb
                        Filesize

                        233KB

                        MD5

                        471541d2750183c22b806f20c78b3b4c

                        SHA1

                        879698ec92809b1846955ac46bb40bdbd705a091

                        SHA256

                        8d8339a1e58886e580c28c516a697f526efd5ec0b92c588f1638112d9c5b119d

                        SHA512

                        11933a0ef1fbbb0c4d6b0ffdb84c652bf96ef5079941d51a0736f7055ff5b608f1101c57147f3b9662aec7391b183a77a2499254a2d7826631c49bcf7bda3f85

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb
                        Filesize

                        38.9MB

                        MD5

                        bfc5a5f64dd1c2af0ad9cd1057a5e127

                        SHA1

                        e965a7f52df192eba3463be57b6097486042e4c6

                        SHA256

                        fc3eceb8d034cbad69f29d2a5dbb322c795754c3f518c7a7b78b6a8c33559c2b

                        SHA512

                        3bd3e7c77540b59c036dbc3e6b4f2b806ea5ea4199a5dbfdeb7899f31869217c9d7051ab16f389729a8e18d1a21e8ce97a4328fb8768cbd6ddb491d0ad96bb83

                        Download Submit

                      • C:\ProgramData\Malwarebytes\MBAMService\pkgvers.dat
                        Filesize

                        75B

                        MD5

                        41fb6e2500f1c73388454b2a49bac2e3

                        SHA1

                        654740636a4a562872417aa1fd8be9b841004861

                        SHA256

                        a8dc97bc10cfe317ec6ff9fe4367ef7ff272f054e099d95bd255a04ea914e9e6

                        SHA512

                        32fca5719ada6ee6c9dfe6fdf7d0b7992ee268b5646d0196c8c477dcc6dd798fd5f24dbf6fa148cd58e074a0046c9be9b3b2ef4bedd7bb124c5147ae1c7bb2af

                        Download Submit

                      • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\57nap2zl.default-release\activity-stream.discovery_stream.json.tmp
                        Filesize

                        152KB

                        MD5

                        5fc7459e0bc4f6a3f8481f6234e186b6

                        SHA1

                        4a4735df45f12641288806df6c1872a6737a703d

                        SHA256

                        657e013592b2fb9832c79b401e0256b4a079effa4dc0e4d9bd2420c3e47b84c1

                        SHA512

                        1ddeb76d9f1804aff8990921ba1e03c0e4081772916acf7173484b0a5bb1e3ea144c6bd43ace694ec0d0060651d08dd7f0b228d00a2bc97948cf46d523b3b4b9

                        Download Submit

                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\57nap2zl.default-release\prefs-1.js
                        Filesize

                        6KB

                        MD5

                        09e477f991ca592d480ef490e862375c

                        SHA1

                        133649d5f59b9b96b324744bc0debfcdbf166021

                        SHA256

                        cf5bb4968ff4a3ffcc0972960743c1e362520f5b0f73b463af044abb459013b1

                        SHA512

                        98bd3aecb5731be85907aa8a524e485baa7d10d78d437da4223ea09b995b4b13a8557a8ad92bec18cfba3fa7f906279837ae9abd3cdd28c5da1b7adfa5cf15ec

                        Download Submit

                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\57nap2zl.default-release\prefs-1.js
                        Filesize

                        6KB

                        MD5

                        714a4d8124235f19e165c355e99c9f9b

                        SHA1

                        0af97edf2620739bd3f04325bf31b083f1ad09fb

                        SHA256

                        949ae81d7d2c737bdf251d883eb34adfca42151937841b00e955bf6c9ac5b97e

                        SHA512

                        d1fb1afb1371c25b7790018d6ef6a2ba70102ab9871e1d6e8cac0b32f37f3923047dc03f37230058f79e88f6f3c4fc4d8266252752e6c973921d210763076bc7

                        Download Submit

                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\57nap2zl.default-release\prefs-1.js
                        Filesize

                        6KB

                        MD5

                        5c34fe895afff10657329eb1e31527aa

                        SHA1

                        56ef290ae4fbff15379ce9581cdc718d47dce9ff

                        SHA256

                        f8ebaf1e4f917591821a9f3df964321eac1adb064fbc43ee16b786cacf7898cd

                        SHA512

                        8b4b8434a2c243df54fb1522580f0fefc16f569c6f73cac0c930d0eaec3cf1227122069498a31fcf1ea3d60a97acb4859022c7be92639b4268f54ea885757e5b

                        Download Submit

                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\57nap2zl.default-release\prefs-1.js
                        Filesize

                        6KB

                        MD5

                        1147b02feabd02b1521db8e9a99ca794

                        SHA1

                        92f13e302fc75896491b227250535e40a8c2a6d6

                        SHA256

                        c8ffec3dab522e02b14aec937b4cf98dcb8bf2e25b17fba89dcce2c41d9479fb

                        SHA512

                        a3eece792be436ddee7ce070ac3f937b61f623858d89edcca25af46ed6eb6288167430fc2432e476df344dd35d870010143041b03a3272da11be0988b496a796

                        Download Submit

                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\57nap2zl.default-release\prefs.js
                        Filesize

                        6KB

                        MD5

                        feb8a52858c8167a58f36caa1b37f116

                        SHA1

                        7ae7f9d2721ae3c579f9e18e4fea679e8c848158

                        SHA256

                        adbc4c7b5e775c3d401ae811d5be5a69b844f5937e3d0a416d374dd5a7ec227a

                        SHA512

                        109d42ec5b9744b3561d29a9cabdcf2ffb81233935fa5c2d80c39f27b92ae55366c3c51ae3d26cc1a8936635662acbd11af89e54efac374aceaa279f13e7dc16

                        Download Submit

                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\57nap2zl.default-release\sessionstore-backups\recovery.jsonlz4
                        Filesize

                        1KB

                        MD5

                        9474bb1868b4160b8c8f9cbc2a2e99ec

                        SHA1

                        1821852760f6508f94fb1a8d7d01325a8a8378bc

                        SHA256

                        a28709f35548fcb39fb7e34e4ec052cce1f2714ee2672a8b2ed30326862e6101

                        SHA512

                        d47433857d00915c3486d1c9cfa77a19da752ff23256811fe6bcba62cf62c2609a9f8cbbfc45f412d50f2a5bcb62802313b204bf6b39328d95c4a7fc4a261dbd

                        Download Submit

                      • C:\Windows\TEMP\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\SectigoRootCA.crt
                        Filesize

                        1KB

                        MD5

                        b821ee78c10eda973c40a382fa5ca457

                        SHA1

                        f40c413c6d17c4c4195d30a9a1454d186710727c

                        SHA256

                        028fd01ccc988386d6718eda921f6131044a61c06e0f84574d4911918e4659f3

                        SHA512

                        ea4b9b5e8d7ea4e9c137fc21b36112c01905aad771ad09c408ab94d7eb7d0458a60f3730b5a5af6cbfe8d6167c28132483b68900e7c8db55a4430e7bbd56d61f

                        Download Submit

                      • C:\Windows\TEMP\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\msrootca2020.crt
                        Filesize

                        2KB

                        MD5

                        77ac2a1ae404c2e29334c4d0ce29ac0e

                        SHA1

                        c8eecd58d3b43a2ddec5054ef9eacdf0c2940e62

                        SHA256

                        626727d3f4fb4c4ef816648217966d5eb2a028afe03c801788b1834a456b48e8

                        SHA512

                        40bf30c83db166803798fdfbdcbc04d6d01bce7ec569d2f24089bf1b6d81f8694876d43c29ce78359d1101d40386044a0b9f11aedabb3a6348eb1a7da6762fd9

                        Download Submit

                      • C:\Windows\TEMP\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\starfieldClass2CA.crt
                        Filesize

                        1KB

                        MD5

                        7fe5fafc33ce6e6f97e73bc5071bc3ce

                        SHA1

                        9ea40194cd3610f746f9fadee86d8e57e7905d2e

                        SHA256

                        64e8c4bf59964857adcd42001e719c1764a7f060d52b170982504e07bd26246b

                        SHA512

                        4578f75aa7bd65e5932c9d851299f1ec71bcc6c3e70361a9df76053532f246e026de1cbfdfdc8ac285bc5c9eb32fcc39cdcd405995734f3d3256c61cfbaeca09

                        Download Submit

                      • C:\Windows\TEMP\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\starfieldrootcag2_new.crt
                        Filesize

                        993B

                        MD5

                        d63981c6527e9669fcfcca66ed05f296

                        SHA1

                        b51c067cee2b0c3df855ab2d92f4fe39d4e70f0e

                        SHA256

                        2ce1cb0bf9d2f9e102993fbe215152c3b2dd0cabde1c68e5319b839154dbb7f5

                        SHA512

                        5fada52ff721f4f7f14f5a70500531fa7b131d1203eabb29b5c85a39d67cf358287d9d5b9104c8517b9757dba58df9527d07dc9a82f704b8961f8473cdd92ae7

                        Download Submit

                      • C:\Windows\Temp\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\7z.dll
                        Filesize

                        1.6MB

                        MD5

                        ab8f0c1a37c0df5c8924aab509db42c9

                        SHA1

                        53dba959124e6d740829bda2360e851bcb85cce8

                        SHA256

                        6e223b275b84d948cc5ae1f161f0bfff2adb34de04634c84d7dbe9305a4998d5

                        SHA512

                        ff8a26e8fd5a08c74e5ba93a564e0d3cd932754e7f06993a365bfad06670497889e69ec45bfba1378040b72f82d468e79682beba2439937bb29d2a41da940d4a

                        Download Submit

                      • C:\Windows\Temp\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\7z.dll
                        Filesize

                        1.6MB

                        MD5

                        ab8f0c1a37c0df5c8924aab509db42c9

                        SHA1

                        53dba959124e6d740829bda2360e851bcb85cce8

                        SHA256

                        6e223b275b84d948cc5ae1f161f0bfff2adb34de04634c84d7dbe9305a4998d5

                        SHA512

                        ff8a26e8fd5a08c74e5ba93a564e0d3cd932754e7f06993a365bfad06670497889e69ec45bfba1378040b72f82d468e79682beba2439937bb29d2a41da940d4a

                        Download Submit

                      • C:\Windows\Temp\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\ctlrpkg\mbae64.sys
                        Filesize

                        154KB

                        MD5

                        95515708f41a7e283d6725506f56f6f2

                        SHA1

                        9afc20a19db3d2a75b6915d8d9af602c5218735e

                        SHA256

                        321058a27d7462e55e39d253ad5d8b19a9acf754666400f82fe0542f33e733c6

                        SHA512

                        d9230901adeecb13b1f92287abe9317cdac458348885b96ef6500960793a7586c76ae374df053be948a35b44abe934aa853975a6ccd3788f93909903cc718c08

                        Download Submit

                      • C:\Windows\Temp\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\MBAMService.exe
                        Filesize

                        8.7MB

                        MD5

                        acd4e9792488adc9627075238bcf3843

                        SHA1

                        54f49eba565197460b564af8ddfacad91df960ff

                        SHA256

                        84864e2ce732b2007492cdba8fd83d25f2a6314414e97f67e7bab9cb66ce3833

                        SHA512

                        8a0d680d532621da8e174ddc6142a89cf81b5af7d8a4325cffbcd61f473d3006dd419d0f740454610be818c53858ea7a30c22102465522130b5ba9b15c7a13a0

                        Download Submit

                      • C:\Windows\Temp\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\mbamelam.cat
                        Filesize

                        10KB

                        MD5

                        60608328775d6acf03eaab38407e5b7c

                        SHA1

                        9f63644893517286753f63ad6d01bc8bfacf79b1

                        SHA256

                        3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59

                        SHA512

                        9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7

                        Download Submit

                      • C:\Windows\Temp\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\mbamelam.inf
                        Filesize

                        2KB

                        MD5

                        c481ad4dd1d91860335787aa61177932

                        SHA1

                        81633414c5bf5832a8584fb0740bc09596b9b66d

                        SHA256

                        793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3

                        SHA512

                        d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830

                        Download Submit

                      • C:\Windows\Temp\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\mbamelam.sys
                        Filesize

                        20KB

                        MD5

                        9e77c51e14fa9a323ee1635dc74ecc07

                        SHA1

                        a78bde0bd73260ce7af9cdc441af9db54d1637c2

                        SHA256

                        b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0

                        SHA512

                        a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186

                        Download Submit

                      • C:\Windows\Temp\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\servicepkg\mbshlext.dll
                        Filesize

                        2.7MB

                        MD5

                        b7e5071b317550d93258f7e1e13e7b6f

                        SHA1

                        2d08d78a5c29cf724bc523530d1a9014642bbc60

                        SHA256

                        467de01d7cee7ec54166b80658ff22f9feebdb1c24eaf1629cf40e4124508064

                        SHA512

                        9c35293c95c1a9141740ac99315605964aa37c4a42d3a11cae9e5649ff1427a9480d3d5e7f763212cf13db3511c5ea3c84e68f95f0067fe6339a9d3fb7b27c54

                        Download Submit

                      • C:\Windows\Temp\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\uipkg\QtQuick\Controls.2\HorizontalHeaderView.qml
                        Filesize

                        1KB

                        MD5

                        d8c9674c0e9bddbd8aa59a9d343cf462

                        SHA1

                        490aa022ac31ddce86d5b62f913b23fbb0de27c2

                        SHA256

                        1ef333b5fb4d8075973f312ef787237240b9f49f3f9185fb21202883f900e7d7

                        SHA512

                        0b86ec673133f6400c38b79f9ba4f7b37ce5afdab1a2e34acbf75019e2590cc26b26d323ddc1567c91375053c9c8593be0615389db8eb1a8d1eb084ad4200b82

                        Download Submit

                      • C:\Windows\Temp\MBInstallTemp7e8b5c69cad811ed881e72edbb006969\uipkg\QtQuick\Controls.2\Imagine\VerticalHeaderView.qml
                        Filesize

                        1KB

                        MD5

                        829769b2741d92df3c5d837eee64f297

                        SHA1

                        f61c91436ca3420c4e9b94833839fd9c14024b69

                        SHA256

                        489c02f8716e7a1de61834b3d8bbb61bce91ca4a33a6b62342b4c851d93e51e0

                        SHA512

                        4061c271db37523b9dea9a9973226d91337e1809d4e7767e57ac938d35d77a302363ed92ab4be18c35ba589f528194ad71c93a8507449bf74dd035acf7cdb521

                        Download Submit

                      • memory/1704-4208-0x000001633AA90000-0x000001633AED0000-memory.dmp

                        Filesize

                        4.2MB

                        Download

                      • memory/1704-4204-0x00007FFD73470000-0x00007FFD739DB000-memory.dmp

                        Filesize

                        5.4MB

                        Download

                      • memory/1704-4203-0x00007FFD7A9E0000-0x00007FFD7ADFE000-memory.dmp

                        Filesize

                        4.1MB

                        Download

                      • memory/1704-4210-0x000001633AED0000-0x000001633B0D0000-memory.dmp

                        Filesize

                        2.0MB

                        Download

                      • memory/1704-4207-0x0000016338520000-0x0000016338530000-memory.dmp

                        Filesize

                        64KB

                        Download

                      • memory/3812-4205-0x000001FF9BD00000-0x000001FF9C1B0000-memory.dmp

                        Filesize

                        4.7MB

                        Download

                      • memory/3812-3364-0x000001FF9BD00000-0x000001FF9C1B0000-memory.dmp

                        Filesize

                        4.7MB

                        Download

                      • memory/3812-4206-0x000001FF9C610000-0x000001FF9CBD0000-memory.dmp

                        Filesize

                        5.8MB

                        Download

                      • memory/3812-3239-0x000001FF9BD00000-0x000001FF9C1B0000-memory.dmp

                        Filesize

                        4.7MB

                        Download

                      • memory/3812-3365-0x000001FF9C610000-0x000001FF9CBD0000-memory.dmp

                        Filesize

                        5.8MB

                        Download

                      We care about your privacy.

                      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.