Analysis

  • max time kernel
    112s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-04-2023 14:31

General

  • Target

    https://www.pchelpsoft.com/static/lp/driver-updater/en/LP19.php?device=Generic&campaignid=ADWORDS&filter=107088519756&tracking=PH_WORLD_ESC_PP_GO_SE_DU&gclid=CjwKCAjwue6hBhBVEiwA9YTx8OxVKRwaRKWHSUN5iKuFvMKitFOq80cxWUoaIUqNeu0_1DNaOw-TORoCJMwQAvD_BwE

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 59 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.pchelpsoft.com/static/lp/driver-updater/en/LP19.php?device=Generic&campaignid=ADWORDS&filter=107088519756&tracking=PH_WORLD_ESC_PP_GO_SE_DU&gclid=CjwKCAjwue6hBhBVEiwA9YTx8OxVKRwaRKWHSUN5iKuFvMKitFOq80cxWUoaIUqNeu0_1DNaOw-TORoCJMwQAvD_BwE
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4116 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3780
    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\Driver_Updater_5495.exe
      "C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\Driver_Updater_5495.exe"
      2⤵
        PID:2296
        • C:\Users\Admin\AppData\Local\Temp\is-9DLPU.tmp\Driver_Updater_5495.tmp
          "C:\Users\Admin\AppData\Local\Temp\is-9DLPU.tmp\Driver_Updater_5495.tmp" /SL5="$2023E,6068862,810496,C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\Driver_Updater_5495.exe"
          3⤵
            PID:3932
            • C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
              "C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /INSTALL
              4⤵
                PID:544
                • C:\Windows\SysWOW64\schtasks.exe
                  "C:\Windows\System32\schtasks.exe" /Delete /TN "PC HelpSoft Driver Updater Schedule" /F
                  5⤵
                    PID:352
                  • C:\Windows\SysWOW64\schtasks.exe
                    "C:\Windows\System32\schtasks.exe" /Delete /TN "PC HelpSoft Driver Updater Monitoring" /F
                    5⤵
                      PID:4300
                  • C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
                    "C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /START /INSTALLED
                    4⤵
                      PID:1680
                    • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe
                      "C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe"
                      4⤵
                        PID:1684

                Network

                MITRE ATT&CK Enterprise v6

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\7z.dll

                  Filesize

                  999KB

                  MD5

                  6de20d75ed981894ff5b8b89ccbc7499

                  SHA1

                  066bfefdb6a22fcc69d8cd7b22b9b9657c4f8e73

                  SHA256

                  23cc17c0e8c24f8084cd8a396e9aa33cb3e766d8b93cae54fc3857af825e7f36

                  SHA512

                  1e9766a3102da84673779e6fe597a2e301d0c770754bfa943897fa5449b21403f7e0e05c110ba0b8f84b73d791ce37e5f01c3c58f8304b86bfc0fc492e604aff

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\7z.dll

                  Filesize

                  999KB

                  MD5

                  6de20d75ed981894ff5b8b89ccbc7499

                  SHA1

                  066bfefdb6a22fcc69d8cd7b22b9b9657c4f8e73

                  SHA256

                  23cc17c0e8c24f8084cd8a396e9aa33cb3e766d8b93cae54fc3857af825e7f36

                  SHA512

                  1e9766a3102da84673779e6fe597a2e301d0c770754bfa943897fa5449b21403f7e0e05c110ba0b8f84b73d791ce37e5f01c3c58f8304b86bfc0fc492e604aff

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\7z.dll

                  Filesize

                  999KB

                  MD5

                  6de20d75ed981894ff5b8b89ccbc7499

                  SHA1

                  066bfefdb6a22fcc69d8cd7b22b9b9657c4f8e73

                  SHA256

                  23cc17c0e8c24f8084cd8a396e9aa33cb3e766d8b93cae54fc3857af825e7f36

                  SHA512

                  1e9766a3102da84673779e6fe597a2e301d0c770754bfa943897fa5449b21403f7e0e05c110ba0b8f84b73d791ce37e5f01c3c58f8304b86bfc0fc492e604aff

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\English.ini

                  Filesize

                  51KB

                  MD5

                  fb42b5453102e3f83ef4486d7270af41

                  SHA1

                  b049d548c9de5fe523a3577580ed64e1fba7dcd1

                  SHA256

                  312ce7178cb9bfa8ba41d503fb66ecdc7643a55f7918487d5bca78f95cea8fc7

                  SHA512

                  8d5ccd9ac3e513014b3b6b8954c889f6c2151bc4376ea5c2ee92d6bf3ffa7a951bdfd58b641f270fe281138d593ece307ed669db732f514e56aca61203607ffb

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Brazilian.ini

                  Filesize

                  13KB

                  MD5

                  4966a1d6a02a758aefb8f34d986fb1f1

                  SHA1

                  4d95fd540a96689f24a34dd39a8dae0922961482

                  SHA256

                  c09dc433092b58cdf0bcd78979d742b5a9ccdb13f07a896261ce3742d653b0c4

                  SHA512

                  6598ca2243b6e8fef440856e0da437b04bc037d1a08fef983701bc09aaf1b83445b46ce42f20f796fdeba8d73c0e35e3fb2948ddb2c49bd6281b73fbc514878c

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Danish.ini

                  Filesize

                  12KB

                  MD5

                  ad25fd6aa41fbd4b588ec1dd55ccc233

                  SHA1

                  f9659880dca8352b6144c4da737eef98f41081e7

                  SHA256

                  4eba683aabfb911dfce4ed0a35d8dc00b5f378945ce6a50de2c9392f9c9b0947

                  SHA512

                  d0126340b34c1b9214cff98f37bd1ccbb877532c48d45fc0d5566be750f9d99db548731261e5f180175e9ed2b863ca3056e04c14386660534d8687579332719f

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe

                  Filesize

                  5.1MB

                  MD5

                  bb347e253b2b9f7efbd261bc0574d5ac

                  SHA1

                  96d2297c9fb3e48eb33ce98e1cca492a51fae786

                  SHA256

                  11c021a5021ec5819a9b50460c932db21182386cb16b41027b2f0bb3324c6189

                  SHA512

                  d26ac76581d16342ae6daf93cfa885b85497f244b4e6f0fe176ca88a26f8e578b13e532c22b619bdc936f466fc5c61f4c0c3d65443a71351a52030a30582ca82

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe

                  Filesize

                  5.1MB

                  MD5

                  bb347e253b2b9f7efbd261bc0574d5ac

                  SHA1

                  96d2297c9fb3e48eb33ce98e1cca492a51fae786

                  SHA256

                  11c021a5021ec5819a9b50460c932db21182386cb16b41027b2f0bb3324c6189

                  SHA512

                  d26ac76581d16342ae6daf93cfa885b85497f244b4e6f0fe176ca88a26f8e578b13e532c22b619bdc936f466fc5c61f4c0c3d65443a71351a52030a30582ca82

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Dutch.ini

                  Filesize

                  12KB

                  MD5

                  d13a4dcbf4d5a2064bcd57081e80826d

                  SHA1

                  0687bb7f21d2af036bdf7f95a20946b5e6369ba3

                  SHA256

                  fad7ac8569ab970e8eae9b97098634f397af8d301ab424d8a12aa03b803efe5d

                  SHA512

                  d20cfda363597ee0ae3758a658862d4c05887a3939a3f2e5ae7f7fd68a15339cee643af01400c7d5a5fcff927520897e42e7f7a2fe9def598376818df1802757

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\English.ini

                  Filesize

                  11KB

                  MD5

                  f78a7bcf5f9ed8969726477d5c9ad47d

                  SHA1

                  8cb30ce41e6d4b19847ab4653009ba46674f566d

                  SHA256

                  22f31ce9682e6508d72db3f4fc45f16f6d9d6bdc0839fc86c830bd828c64c9b1

                  SHA512

                  c7770d4d92f11a1659e3d500ec19864c3a0c34b34c41e75a905399c3bdea0386d49340171e23285aa2231d0bebf209b71daa8976a67db2ae1edb5668e3a27a38

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Finnish.ini

                  Filesize

                  13KB

                  MD5

                  2c4d280523f0d5508f8af5469fe53790

                  SHA1

                  47b1637aa3390fc216b3f2b28b186c8db33af69c

                  SHA256

                  34de14d4cccce9a62a9c55112c247ebb9c0b8d9ec58f9446e21bb18776ab3a80

                  SHA512

                  6125dbb0d80bd3f31d267793814dd11ad700f2c69a5247d72f5b62ca20dd3f36caac824e05ce20a9045ebbe667306e985163887ef994be0d5ef3d795d2afa0a1

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\French.ini

                  Filesize

                  13KB

                  MD5

                  bc11076cc470946d34785281ebe78043

                  SHA1

                  c4c6eea3042bc4d8336cfda04a0c5bef5fd166e0

                  SHA256

                  ae95e112665178f9fa57d20ecf7c3e8818eef0d03282918c41f1297d63f656a6

                  SHA512

                  9085b6258dc30ff89ea9e51e1bd202f1d99eb65962ab6042758c35db30cd0977bfa08a91426310014bcea34ba3204b311eac0f38b649dbcd96110fa9214a1164

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\German.ini

                  Filesize

                  13KB

                  MD5

                  05e98c84958b34fc3690e72090dcde1b

                  SHA1

                  7dd3a1239bee67089dcb12ab17aa6dfa76866ea6

                  SHA256

                  beb8aa2b559d38d907170094c6a0b675b0c432601531f597623c741b2edd3ccb

                  SHA512

                  24d0c5fc9df4cc6f504f95f321a0aa0e45b905d86d0ffe6cd95fd1500adf4ef949b548e950c163e8aa549aca563528d1b03c3dc5f586fec633fda6b336b9465a

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Italian.ini

                  Filesize

                  12KB

                  MD5

                  33144174aa354789fb690a22dd2bc6d6

                  SHA1

                  d4b2d0ea89f888e280140f8c1d36a871ffa76fad

                  SHA256

                  a7fa3ac871b9b8fda7d12a733ab345a8089f336f531cae63893fd39a1e1c3f02

                  SHA512

                  97bbbadcfa2a290387ece1f2121655cd48f660189de17c4c68a2651932815e1ee9c7ccc7ef04ae039914095c474d91018aed88b074c38c087b0fa118dffda9af

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Japanese.ini

                  Filesize

                  16KB

                  MD5

                  b297096d0d8c3b4bc4bb143c6e5039ec

                  SHA1

                  fd31c9e5639b982a86f82119e7fc2e251ff312cc

                  SHA256

                  2d560f5070673daafc1d437d0d04fb1c319734a94cd6e2c09b32b3e7d35e6479

                  SHA512

                  847f0c91e2468e262d5a3eda01a0828701addfc2ed611a0ca3adbebdb7dffcefacea297e33bcf26be49c68bbf49d346104f2be47c07e45dd0263c80175c361f7

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Norwegian.ini

                  Filesize

                  12KB

                  MD5

                  e1b23e22fcefced06904e6e6a3e5dda0

                  SHA1

                  e067a027b89a27c4761474f74d6c9b810db51271

                  SHA256

                  7f3b1b8c70e3b3d6156bcf06f348ff273cd27e4a6d9f8e725f9bf876b7a91b0f

                  SHA512

                  2432d4b828a9af978c1be30b2558eab2c17a3a5398e0d360826d7b5906453bc880645200200295ca009a71d62422e1a3d04689712e2522fb8de15b71c4e9ef25

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Polish.ini

                  Filesize

                  13KB

                  MD5

                  e68841b9197d14bd671466cc3bb8af60

                  SHA1

                  014c08c8eaf63c4febbb470ce1b956a3e098e216

                  SHA256

                  c3f142f53ba1cce415b782bc7a9644029c0b5f953268ecc2832daaeeecda4271

                  SHA512

                  894d0dba19c37b1bb72e8abd44223d8157f232e4bc3ba4841e31ecf6a39eeaedb5f428efd1dbc1d4ba009e34e8f197e9facc53f3d2f95a591875ff7cbaa1aaf5

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Portuguese.ini

                  Filesize

                  12KB

                  MD5

                  c0aec1541c227bc31013bf715699507c

                  SHA1

                  0eb59ab2adcb1267d40f11b5cecb70f8d948feae

                  SHA256

                  235af2551d71c948cb203e7424e29e292b36f60d1295b3e5ccce90c200e7cb40

                  SHA512

                  978c87ab5f6760e472d5092ef267e72bf6b960ecc561bdf9f97e24b0f30d037a3da5064881247548a978b6ad507421b3d35e48545dbbe1efcdcb32b415bb3edc

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Russian.ini

                  Filesize

                  21KB

                  MD5

                  ad39890235f6229afc174dbacb1782b8

                  SHA1

                  d419b91c680efea24be36f26e2e006caadab41d6

                  SHA256

                  66d5bb407db0994d93b9c8afc80bad2528f1a530e9eda20134b4edef57ddae4f

                  SHA512

                  76283db6b072817789bb8922ed89680edb9476a8af4f207b2430c1c1884acf31b6acc62894e58ba9956d74143a5884d6dbec7e1cb6072d5112810b29b77ab4ac

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Settings.ini

                  Filesize

                  126B

                  MD5

                  77d8771a751ba0d495200f339872ef85

                  SHA1

                  533acd0f129881feaa756fb79dde5d023f6bcede

                  SHA256

                  0166b6cd9fa3a3b030681c23b3d2399148a9ae0fa945ea5c39ff0b87f18098a9

                  SHA512

                  9bdd6655e27b36954fd6127a75bfee92d49ae7d1d553c44f6f67592ebfd147a4c0791b2bdabaa2657916c4621212b20bbb913499fbe3653584de099fd5cd01d7

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Spanish.ini

                  Filesize

                  13KB

                  MD5

                  70ad461be751c3937c3319d4a1e0fc90

                  SHA1

                  5e4f2ca89c22a604939a6b378ac10a5bd4aa10bc

                  SHA256

                  e8a108d0c3ba5497932ca984ce7f1ca10e9090051deec64f05a41422905c5e7b

                  SHA512

                  7412bd5bb0b6f28acbb2e6497b0b07545b248ed13bb6e17c5c0b0380749fc7cc528aff67336c2be16d3204717f99d3222d8ea017381b34f9c0b4b6883124a983

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Swedish.ini

                  Filesize

                  12KB

                  MD5

                  2b9ef4c0bffbfb9438bda4ef207f436b

                  SHA1

                  2d4555593a45906235d99e004822199d66e9f942

                  SHA256

                  1323709292ab57b7445ef62c504501eae66921fc1c2f8947fe2cc6d59e92df8f

                  SHA512

                  ab02271526fe036cb865bcaea75d76fc13407d9a50b5b7f75924d3626cb19e86b7723a7943f56e9323906e68b4c19291d18095cc9cb5886897c7e442101f1929

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\sqlite3.dll

                  Filesize

                  640KB

                  MD5

                  842e8edbfbeffb9ef234a2da6d5980fe

                  SHA1

                  f76e944e5ac3c489d987a11a313b41dee3e813f3

                  SHA256

                  ec30f1214fa645b8e436142acab6cc9a07f5c4e3414b5e539a832df9237a7bb3

                  SHA512

                  1ca9449dffa72b274b842b3a1f2008d3f13c6f423e7ac466e2efb97fe2103e1aea052a5e8a9839083061154fb61ec870fbe8e35164b386a3aa0aaaf8064a0ed4

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\sqlite3.dll

                  Filesize

                  640KB

                  MD5

                  842e8edbfbeffb9ef234a2da6d5980fe

                  SHA1

                  f76e944e5ac3c489d987a11a313b41dee3e813f3

                  SHA256

                  ec30f1214fa645b8e436142acab6cc9a07f5c4e3414b5e539a832df9237a7bb3

                  SHA512

                  1ca9449dffa72b274b842b3a1f2008d3f13c6f423e7ac466e2efb97fe2103e1aea052a5e8a9839083061154fb61ec870fbe8e35164b386a3aa0aaaf8064a0ed4

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe

                  Filesize

                  8.5MB

                  MD5

                  5503ccc68eddf44bb248244602c9e198

                  SHA1

                  56f94f5e8ccb564691facb769a90ec4126a4550e

                  SHA256

                  bdc7126a10cd5ab97d06351ca1d8468ae9ed1b31302f6c41b4bad87d09a57f80

                  SHA512

                  9e4aed26fc3e9d59309efc505969e97f419a158c1b248116f79467d2e77d24f26289aeae7240b69545dab05715a7ef9f37322bee7ce845335c9b34e76467f830

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe

                  Filesize

                  8.5MB

                  MD5

                  5503ccc68eddf44bb248244602c9e198

                  SHA1

                  56f94f5e8ccb564691facb769a90ec4126a4550e

                  SHA256

                  bdc7126a10cd5ab97d06351ca1d8468ae9ed1b31302f6c41b4bad87d09a57f80

                  SHA512

                  9e4aed26fc3e9d59309efc505969e97f419a158c1b248116f79467d2e77d24f26289aeae7240b69545dab05715a7ef9f37322bee7ce845335c9b34e76467f830

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe

                  Filesize

                  8.5MB

                  MD5

                  5503ccc68eddf44bb248244602c9e198

                  SHA1

                  56f94f5e8ccb564691facb769a90ec4126a4550e

                  SHA256

                  bdc7126a10cd5ab97d06351ca1d8468ae9ed1b31302f6c41b4bad87d09a57f80

                  SHA512

                  9e4aed26fc3e9d59309efc505969e97f419a158c1b248116f79467d2e77d24f26289aeae7240b69545dab05715a7ef9f37322bee7ce845335c9b34e76467f830

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe

                  Filesize

                  8.5MB

                  MD5

                  5503ccc68eddf44bb248244602c9e198

                  SHA1

                  56f94f5e8ccb564691facb769a90ec4126a4550e

                  SHA256

                  bdc7126a10cd5ab97d06351ca1d8468ae9ed1b31302f6c41b4bad87d09a57f80

                  SHA512

                  9e4aed26fc3e9d59309efc505969e97f419a158c1b248116f79467d2e77d24f26289aeae7240b69545dab05715a7ef9f37322bee7ce845335c9b34e76467f830

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\PlayaSDK.dll

                  Filesize

                  960KB

                  MD5

                  11a813c0972b740937d3a7e2daf9ffcb

                  SHA1

                  4245b5a3c97f725c56a29d745767edebb5e3f15d

                  SHA256

                  3f933bced2d9f65d48f7c48715bf286fd431341a74e1ce15d39b7c4c96603cf9

                  SHA512

                  9a590dcab0cf7051d04743736ea7a6b74fa0f87539580cc41a58ad33a76574201e7b6d54d5100cbcd262266bc55b053243edd4860a2d43deeb1c164395e4a941

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\PlayaSDK.dll

                  Filesize

                  960KB

                  MD5

                  11a813c0972b740937d3a7e2daf9ffcb

                  SHA1

                  4245b5a3c97f725c56a29d745767edebb5e3f15d

                  SHA256

                  3f933bced2d9f65d48f7c48715bf286fd431341a74e1ce15d39b7c4c96603cf9

                  SHA512

                  9a590dcab0cf7051d04743736ea7a6b74fa0f87539580cc41a58ad33a76574201e7b6d54d5100cbcd262266bc55b053243edd4860a2d43deeb1c164395e4a941

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\sqlite3.dll

                  Filesize

                  640KB

                  MD5

                  842e8edbfbeffb9ef234a2da6d5980fe

                  SHA1

                  f76e944e5ac3c489d987a11a313b41dee3e813f3

                  SHA256

                  ec30f1214fa645b8e436142acab6cc9a07f5c4e3414b5e539a832df9237a7bb3

                  SHA512

                  1ca9449dffa72b274b842b3a1f2008d3f13c6f423e7ac466e2efb97fe2103e1aea052a5e8a9839083061154fb61ec870fbe8e35164b386a3aa0aaaf8064a0ed4

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\sqlite3.dll

                  Filesize

                  640KB

                  MD5

                  842e8edbfbeffb9ef234a2da6d5980fe

                  SHA1

                  f76e944e5ac3c489d987a11a313b41dee3e813f3

                  SHA256

                  ec30f1214fa645b8e436142acab6cc9a07f5c4e3414b5e539a832df9237a7bb3

                  SHA512

                  1ca9449dffa72b274b842b3a1f2008d3f13c6f423e7ac466e2efb97fe2103e1aea052a5e8a9839083061154fb61ec870fbe8e35164b386a3aa0aaaf8064a0ed4

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\sqlite3.dll

                  Filesize

                  640KB

                  MD5

                  842e8edbfbeffb9ef234a2da6d5980fe

                  SHA1

                  f76e944e5ac3c489d987a11a313b41dee3e813f3

                  SHA256

                  ec30f1214fa645b8e436142acab6cc9a07f5c4e3414b5e539a832df9237a7bb3

                  SHA512

                  1ca9449dffa72b274b842b3a1f2008d3f13c6f423e7ac466e2efb97fe2103e1aea052a5e8a9839083061154fb61ec870fbe8e35164b386a3aa0aaaf8064a0ed4

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\sqlite3.dll

                  Filesize

                  640KB

                  MD5

                  842e8edbfbeffb9ef234a2da6d5980fe

                  SHA1

                  f76e944e5ac3c489d987a11a313b41dee3e813f3

                  SHA256

                  ec30f1214fa645b8e436142acab6cc9a07f5c4e3414b5e539a832df9237a7bb3

                  SHA512

                  1ca9449dffa72b274b842b3a1f2008d3f13c6f423e7ac466e2efb97fe2103e1aea052a5e8a9839083061154fb61ec870fbe8e35164b386a3aa0aaaf8064a0ed4

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\stub64.exe

                  Filesize

                  395KB

                  MD5

                  bb57b707db8b3c3953a56c0d764a348c

                  SHA1

                  d9923fc1fa6816dfd4ca5d28ac58a3a528df83e6

                  SHA256

                  05cbc9e639d85942ac2d3302de8ac0ea2c5481bbdc8cb6fb6c2b7b0d8e91bbc7

                  SHA512

                  a2fcec54e4820925df90aa5f7d609496dfc1257ad4a54ed2a565685ad8c306daffa983e5872301a45962b7af213f85b3e0659dae71e6da4fcc9f3f1f9744ba88

                • C:\Program Files (x86)\PC HelpSoft Driver Updater\unins000.exe

                  Filesize

                  3.0MB

                  MD5

                  19e3ccd5f004e43edf59aaf2b406589f

                  SHA1

                  a1557758b7e546e7a7ceecad49d257c225ff577a

                  SHA256

                  43b535051cbeaaa2c02efbd012d49eed444cc6e53d8a8608257e87f8918471c1

                  SHA512

                  eef6ba9f4546ffbc1e68d37f8b70e74a737e8f729d8858a93c773fe624db403da0cf4802dc645eeddc82886a71f3eea468d21540401647bdb71b2c508cffa8d6

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_BACC6CD2B29F18349081C9FD2343833B

                  Filesize

                  2KB

                  MD5

                  50d38269c0874404973afbff194bbc1e

                  SHA1

                  13ffadf4516b1f01c68dc13e250a6e7ec5c93cb4

                  SHA256

                  ca33f6ab716b00b90f7616df505992b8178de6ee421452c5a9b7c24151f1a769

                  SHA512

                  52e5b3af0816c73d11d72c6b463bbb0f6640539a3bb5f50a79983815d7f8413566fdd29cd5ab0ba5aa74f7af74d9acd71914d713b189ae45c20536e919f58f79

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442

                  Filesize

                  1KB

                  MD5

                  e20d7280e8f88d270bbea1fe6cecd983

                  SHA1

                  2cbb30df23f7d03e7280127a57e6cc0fc84ffdf7

                  SHA256

                  4556a0cce338d79114ffb4a7d50e086937613a1739a4d0eb10599762a78796d5

                  SHA512

                  d578f7362182331d20c3d1a9a02a2378b69d7a952a9fe7251bd1cf3f66a2c3f6c756d99e3e0c5a14b4b0139a7bf93f42c4ae5336cf415c39f0706224973ce24a

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27

                  Filesize

                  1KB

                  MD5

                  64960f86e6d4a9b6df6c69f2f25e3093

                  SHA1

                  b3d84916216a7d9c8b770f87d6121e36a894e614

                  SHA256

                  21ad2a98d23c1ce74b25d24b8bf4d6d6d72ed687fe65f1342e5c7d2b26bbfcc5

                  SHA512

                  add2c9794c41a233613175eca6152d4dd7b5b52ef6482d5b0c1307214602750c06e265783e4b769aacb10d691272c3e00d0a6d9ddccf75742d4f43f8502a1d11

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\72BA427A91F50409B9EAC87F2B59B951_BEBC6F111170BA2A7392C6B19F21A6AA

                  Filesize

                  471B

                  MD5

                  7cc829e5b0777ef8494da627f27fa45b

                  SHA1

                  4e3eaadd5905e4a6f53cb5d82d5ec9b0f121f722

                  SHA256

                  890e5b8ef33feeb0ba4c0572e9c7d126ba8f888bd58986d3cf0870d13ea09d99

                  SHA512

                  d38c449e02adbe8227a8ffd002920a439ef7ceebf0ae6c3609eb9d1d245b50ba12b0dd321ec6cfd333f0951b7f7b3d1e61e49ef1576f97344711784bd01d7aad

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

                  Filesize

                  471B

                  MD5

                  891b5acf10b182162f05a8c36b7b0e22

                  SHA1

                  fed1a5048dffb073be946b34a2ec5d06c2834691

                  SHA256

                  e3b3d4764d28f69161d04db149d7eab78f50c84f00b21cf0013ff2a06da420ab

                  SHA512

                  74a15c06837d5a95adc89d6c48675d169e0f8bc14103874fe84f7a84e1e3b385f832a732543b9aa74fad45bf48335a0050d4d9df1f53945cc7caed1eefbe7679

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_BACC6CD2B29F18349081C9FD2343833B

                  Filesize

                  488B

                  MD5

                  d0f7d4f6f892a84acccfc2b3ab4677f7

                  SHA1

                  5e1defd9d60424b14e556e8a923342451bf7fd42

                  SHA256

                  54a1b324939323f4a3b23cc188baf17d7b001d66b302bc97ff7ccfc8cad16a43

                  SHA512

                  208ab1337b221c9b5525144afe24610a4ab27bfc4271b45b1b6807bec778b4be72f981e0ae4d6b23d43c1898993945a959714fba8df4ecc26142519cd6eab598

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442

                  Filesize

                  446B

                  MD5

                  4e0346a97d7f756e8655b42f2b6856c7

                  SHA1

                  9fd5fe069981fdd0dc46476cc04b33eaf5e4daa4

                  SHA256

                  2ab01ee85907366f31c6459da52b6deca2656bfad907d9cdd48225794ae55b5a

                  SHA512

                  8045ce06891a5d3b7be77e4f5878c4ddc6760b314da8b3f6174945229b72a99b0f860e0217fa091bc9c4a0ed6c2d215f42e62ff86d25f157e5f564be6fee2c2c

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27

                  Filesize

                  438B

                  MD5

                  68405c73824f7f34a8010cdda939e5b9

                  SHA1

                  2cc42acb5518b217480d57ee135431f6ecf8d969

                  SHA256

                  b6a56c98c5f5f1e0400edc1fac03e4deeb747c6d429313a714580dd53475bbf5

                  SHA512

                  bd3fb532d70359fde30c05fe622d767e5a66ead5855946c599cc2b02b52d66676d79999d98442d6a3bf26a3e4190543675bb6737b01c47a12db19c9306028e71

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\72BA427A91F50409B9EAC87F2B59B951_BEBC6F111170BA2A7392C6B19F21A6AA

                  Filesize

                  488B

                  MD5

                  fc06b579bd67fa05a62fac401a4812d0

                  SHA1

                  4a8597e222f2c4cd8e16960c8066bcb8af4eda14

                  SHA256

                  b4ac8b212f53b4a286e71c692531d32659658ee3675f6a443673ff40d8435e78

                  SHA512

                  c7c0e4cbc3876cfe549723b1c3cdcacca2cddc2b603cba54baf710009a69043d4fe371a2eabf9e496ee72915a2c37332617d4315a56b32712d64cc43164bdd87

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

                  Filesize

                  434B

                  MD5

                  d95fb46add5880e50faf7d9ba3669321

                  SHA1

                  43f05a4c959593a611c400866d1715831039c1a2

                  SHA256

                  cd2ceac3b3168e28047f978186fcaea49ab10cf6c9bbe47429c4329aa0ae4e00

                  SHA512

                  559fb5d6b261e15d745deb13313c19084b172a967134d5e5e0c2e95922d2ecb6010684efc21f40fdb729440cb5abeeb15e619101a3738f836aa9f15f3391851e

                • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\08HJN6H7\www.pchelpsoft[1].xml

                  Filesize

                  13B

                  MD5

                  c1ddea3ef6bbef3e7060a1a9ad89e4c5

                  SHA1

                  35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

                  SHA256

                  b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

                  SHA512

                  6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

                • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat

                  Filesize

                  1KB

                  MD5

                  a4888b10c324b409035ea7a6bbf04bba

                  SHA1

                  e04c0bb923f494e29d481a6d498db849bde656e7

                  SHA256

                  c137a61ccb5ea25d247addaef7782645b6833aa4f84c25baf58176947fbef189

                  SHA512

                  948bb91a6eac5d11e98281f8f230cdcc6215baf481c83cd1b4f21c61c11ccc7b5e149981b807f8cbb23fe262d69c9692785904785443dd0f1f1d57a2511a546d

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\Driver_Updater_5495.exe

                  Filesize

                  6.6MB

                  MD5

                  fad63b4d7777a019220a46bbbec4d00c

                  SHA1

                  751c4dcb3791e87b169ac38d57a2f255f5a276cb

                  SHA256

                  4d9e969b20a57983afe7ae6cb175dbf21ecfa6962983146911766fabc858f433

                  SHA512

                  89293e218a42f4b08948841ccd276cbed99246b5c9af5e93092d5eab6dc57f64c4c6dfb0b77ed1c44f05d6b03d29361abb6fbd015679ad158190ed04230860d7

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\Driver_Updater_5495.exe.706j9mi.partial

                  Filesize

                  6.6MB

                  MD5

                  fad63b4d7777a019220a46bbbec4d00c

                  SHA1

                  751c4dcb3791e87b169ac38d57a2f255f5a276cb

                  SHA256

                  4d9e969b20a57983afe7ae6cb175dbf21ecfa6962983146911766fabc858f433

                  SHA512

                  89293e218a42f4b08948841ccd276cbed99246b5c9af5e93092d5eab6dc57f64c4c6dfb0b77ed1c44f05d6b03d29361abb6fbd015679ad158190ed04230860d7

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\suggestions[1].en-US

                  Filesize

                  17KB

                  MD5

                  5a34cb996293fde2cb7a4ac89587393a

                  SHA1

                  3c96c993500690d1a77873cd62bc639b3a10653f

                  SHA256

                  c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

                  SHA512

                  e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\favicon[1].ico

                  Filesize

                  1KB

                  MD5

                  a5337019973d94aa8aed1abfd8f43861

                  SHA1

                  1c56a1c6d6d892c441423b9b8e129fe9521fcd8e

                  SHA256

                  ad763ce9e988f49279c62f2989aee788a5c6c53770b7addf9a678321efaaf4b9

                  SHA512

                  cd9c006e5abdf9b995cdf60710cb6ca8ffbb5ca0073a3e090016a51cab854a189aaa6d0b179ffcb2a82d5cacb976ce5ff69e513b0de96894d4f542de3bed655b

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\favicon[1].ico

                  Filesize

                  1KB

                  MD5

                  a5337019973d94aa8aed1abfd8f43861

                  SHA1

                  1c56a1c6d6d892c441423b9b8e129fe9521fcd8e

                  SHA256

                  ad763ce9e988f49279c62f2989aee788a5c6c53770b7addf9a678321efaaf4b9

                  SHA512

                  cd9c006e5abdf9b995cdf60710cb6ca8ffbb5ca0073a3e090016a51cab854a189aaa6d0b179ffcb2a82d5cacb976ce5ff69e513b0de96894d4f542de3bed655b

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\analytics[1].js

                  Filesize

                  49KB

                  MD5

                  54e51056211dda674100cc5b323a58ad

                  SHA1

                  26dc5034cb6c7f3bbe061edd37c7fc6006cb835b

                  SHA256

                  5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

                  SHA512

                  e305d190287c28ca0cc2e45b909a304194175bb08351ad3f22825b1d632b1a217fb4b90dfd395637932307a8e0cc01da2f47831fa4eda91a18e49efe6685b74b

                • C:\Users\Admin\AppData\Local\Temp\is-9DLPU.tmp\Driver_Updater_5495.tmp

                  Filesize

                  3.0MB

                  MD5

                  19e3ccd5f004e43edf59aaf2b406589f

                  SHA1

                  a1557758b7e546e7a7ceecad49d257c225ff577a

                  SHA256

                  43b535051cbeaaa2c02efbd012d49eed444cc6e53d8a8608257e87f8918471c1

                  SHA512

                  eef6ba9f4546ffbc1e68d37f8b70e74a737e8f729d8858a93c773fe624db403da0cf4802dc645eeddc82886a71f3eea468d21540401647bdb71b2c508cffa8d6

                • C:\Users\Admin\AppData\Local\Temp\is-9DLPU.tmp\Driver_Updater_5495.tmp

                  Filesize

                  3.0MB

                  MD5

                  19e3ccd5f004e43edf59aaf2b406589f

                  SHA1

                  a1557758b7e546e7a7ceecad49d257c225ff577a

                  SHA256

                  43b535051cbeaaa2c02efbd012d49eed444cc6e53d8a8608257e87f8918471c1

                  SHA512

                  eef6ba9f4546ffbc1e68d37f8b70e74a737e8f729d8858a93c773fe624db403da0cf4802dc645eeddc82886a71f3eea468d21540401647bdb71b2c508cffa8d6

                • memory/544-442-0x0000000001810000-0x0000000001811000-memory.dmp

                  Filesize

                  4KB

                • memory/544-441-0x00000000017E0000-0x00000000017E1000-memory.dmp

                  Filesize

                  4KB

                • memory/544-444-0x0000000060900000-0x0000000060993000-memory.dmp

                  Filesize

                  588KB

                • memory/544-443-0x0000000000670000-0x0000000000EF0000-memory.dmp

                  Filesize

                  8.5MB

                • memory/1680-526-0x00000000016B0000-0x00000000016B1000-memory.dmp

                  Filesize

                  4KB

                • memory/1680-521-0x0000000000670000-0x0000000000EF0000-memory.dmp

                  Filesize

                  8.5MB

                • memory/1680-522-0x0000000060900000-0x0000000060993000-memory.dmp

                  Filesize

                  588KB

                • memory/1680-492-0x00000000016B0000-0x00000000016B1000-memory.dmp

                  Filesize

                  4KB

                • memory/1680-563-0x0000000000670000-0x0000000000EF0000-memory.dmp

                  Filesize

                  8.5MB

                • memory/1680-518-0x0000000009470000-0x0000000009572000-memory.dmp

                  Filesize

                  1.0MB

                • memory/1680-494-0x0000000004A80000-0x0000000004A81000-memory.dmp

                  Filesize

                  4KB

                • memory/1680-493-0x0000000004D10000-0x0000000004D11000-memory.dmp

                  Filesize

                  4KB

                • memory/1680-564-0x0000000060900000-0x0000000060993000-memory.dmp

                  Filesize

                  588KB

                • memory/1684-488-0x0000000060900000-0x0000000060993000-memory.dmp

                  Filesize

                  588KB

                • memory/1684-487-0x0000000000400000-0x000000000091B000-memory.dmp

                  Filesize

                  5.1MB

                • memory/2296-496-0x0000000000400000-0x00000000004D3000-memory.dmp

                  Filesize

                  844KB

                • memory/2296-428-0x0000000000400000-0x00000000004D3000-memory.dmp

                  Filesize

                  844KB

                • memory/2296-334-0x0000000000400000-0x00000000004D3000-memory.dmp

                  Filesize

                  844KB

                • memory/3932-495-0x0000000000400000-0x000000000070D000-memory.dmp

                  Filesize

                  3.1MB

                • memory/3932-440-0x0000000000BC0000-0x0000000000BC1000-memory.dmp

                  Filesize

                  4KB

                • memory/3932-438-0x0000000000400000-0x000000000070D000-memory.dmp

                  Filesize

                  3.1MB

                • memory/3932-340-0x0000000000BC0000-0x0000000000BC1000-memory.dmp

                  Filesize

                  4KB