676cdb2b2dc08de0f4967e69904ee5b300b8ae5110a568a5eaac5075ea02e74b

Analysis

max time kernel
147s
max time network
33s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
18-04-2023 19:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DABCF15133A9AD6004371EAD9AAAB335.exe
Size

3.0MB
MD5

dabcf15133a9ad6004371ead9aaab335
SHA1

9c2492d5bfcf5f4142c3c5db7a3928ccbda3183a
SHA256

676cdb2b2dc08de0f4967e69904ee5b300b8ae5110a568a5eaac5075ea02e74b
SHA512

a7902fd7dbe2fefcbf610a69da1322c642dd42b753a54e9e7e05e0227d9fc228657ee452f0666696e23238c8c01808ad62f1fc32d88906e6cbc8792887e13151
SSDEEP

49152:GdUEgBtzdPpfkSH1CA78aMEyg4czC3p4Ppm/gfZkGDl+wvFowsghNvftask8t6Zf:GdUxBtvjQ58NC3p4Pygfp+AFPssVkMOz

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 3 IoCs

pid	Process
1988	Tactical COFDM.exe
2036	devcon.exe
2040	devcon.exe

Loads dropped DLL 13 IoCs

pid	Process
960	DABCF15133A9AD6004371EAD9AAAB335.exe
960	DABCF15133A9AD6004371EAD9AAAB335.exe
2036	devcon.exe
2036	devcon.exe
2036	devcon.exe
960	DABCF15133A9AD6004371EAD9AAAB335.exe
2040	devcon.exe
2040	devcon.exe
2040	devcon.exe
1812	regsvr32.exe
960	DABCF15133A9AD6004371EAD9AAAB335.exe
960	DABCF15133A9AD6004371EAD9AAAB335.exe
960	DABCF15133A9AD6004371EAD9AAAB335.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in System32 directory 46 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\SET73D9.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\SET7C81.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\CatRoot2\dberr.txt	Tactical COFDM.exe
File created	C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\SET203F.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\usb_ethernet_rndis.inf_amd64_neutral_c9b5096a0fb1e9d2\usb_ethernet_rndis.PNF	DrvInst.exe
File opened for modification	C:\Windows\System32\CatRoot2\dberr.txt	devcon.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\CDCSerial.cat	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\amd64\SET7C92.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\amd64\usbmodv4.sys	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\infpub.dat	DrvInst.exe
File created	C:\Windows\System32\DriverStore\FileRepository\usbmodv4.inf_amd64_neutral_c93b50a025384156\usbmodv4.PNF	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\USB_Ethernet_RNDIS.inf	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\usbmodv4.inf_amd64_neutral_c93b50a025384156\usbmodv4.PNF	DrvInst.exe
File created	C:\Windows\System32\DriverStore\INFCACHE.0	DrvInst.exe
File created	C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\SET203E.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\usb_ethernet_rndis.inf_amd64_neutral_c9b5096a0fb1e9d2\USB_Ethernet_RNDIS.PNF	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\usbmodv4amd64.cat	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\SET203F.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\cdcserial.inf_amd64_neutral_a4bcad7811865121\cdcserial.PNF	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\infstor.dat	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}	DrvInst.exe
File opened for modification	C:\Windows\System32\CatRoot2\dberr.txt	devcon.exe
File created	C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\SET73EA.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\SET7C82.tmp	DrvInst.exe
File created	C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\SET7C82.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\RNDIS.cat	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\infpub.dat	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\infstor.dat	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\infstrng.dat	DrvInst.exe
File created	C:\Windows\System32\DriverStore\FileRepository\cdcserial.inf_amd64_neutral_a4bcad7811865121\cdcserial.PNF	DrvInst.exe
File created	C:\Windows\System32\DriverStore\INFCACHE.0	DrvInst.exe
File created	C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\SET7C81.tmp	DrvInst.exe
File created	C:\Windows\System32\DriverStore\INFCACHE.0	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\SET73D9.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\SET73EA.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\cdcserial.inf	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\infstrng.dat	DrvInst.exe
File created	C:\Windows\System32\DriverStore\FileRepository\usb_ethernet_rndis.inf_amd64_neutral_c9b5096a0fb1e9d2\usb_ethernet_rndis.PNF	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\infpub.dat	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\usbmodv4.inf	DrvInst.exe
File created	C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\amd64\SET7C92.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\infstrng.dat	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\amd64	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\SET203E.tmp	DrvInst.exe
File opened for modification	C:\Windows\System32\DriverStore\infstor.dat	DrvInst.exe

Drops file in Program Files directory 33 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\rndis.cat	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\mfc80u.dll	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\msvcr80.dll	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\Microsoft.VC80.CRT.manifest	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\i386\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\CDC_driver\CDCSerial.inf	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_SHA1\amd64\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File opened for modification	C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\amd64\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File opened for modification	C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\i386\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File opened for modification	C:\Program Files (x86)\TacticalCOFDM\driver_pack_SHA1\amd64\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\difxapi.dll	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\v4sourcefilter03.dll	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\CDC_driver\cdcserial.cat	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_SHA1\usbmodv4.inf	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_SHA1\amd64\usbmodv4.sys	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\usbmodv4.inf	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\i386\usbmodv4.sys	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\usbmodv4x86.cat	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\amd64\usbmodv4.sys	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\amd64\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_SHA1\usbmodv4x86.cat	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_SHA1\i386\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\Microsoft.VC80.MFC.manifest	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_SHA1\usbmodv4amd64.cat	DABCF15133A9AD6004371EAD9AAAB335.exe
File opened for modification	C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File opened for modification	C:\Program Files (x86)\TacticalCOFDM\driver_pack_SHA1\i386\devcon.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\uninstall.exe	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_SHA1\i386\usbmodv4.sys	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\usbmodv4amd64.cat	DABCF15133A9AD6004371EAD9AAAB335.exe
File created	C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\USB_Ethernet_RNDIS.inf	DABCF15133A9AD6004371EAD9AAAB335.exe

Drops file in Windows directory 17 IoCs

description	ioc	Process
File created	C:\Windows\INF\oem1.PNF	Tactical COFDM.exe
File opened for modification	C:\Windows\INF\oem2.inf	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	DrvInst.exe
File created	C:\Windows\INF\oem4.inf	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	Tactical COFDM.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	DrvInst.exe
File opened for modification	C:\Windows\INF\oem3.inf	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.ev3	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.ev1	DrvInst.exe
File created	C:\Windows\INF\oem2.inf	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	DrvInst.exe
File opened for modification	C:\Windows\INF\oem4.inf	DrvInst.exe
File created	C:\Windows\INF\oem0.PNF	Tactical COFDM.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	devcon.exe
File created	C:\Windows\INF\oem3.inf	DrvInst.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	devcon.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies data under HKEY_USERS 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	DrvInst.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	DrvInst.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000	DrvInst.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs	DrvInst.exe

Modifies registry class 9 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9A80F195-3BBA-4821-B18B-21BB496F80F9}\ = "V4 Source Filter v03"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9A80F195-3BBA-4821-B18B-21BB496F80F9}\InprocServer32	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9A80F195-3BBA-4821-B18B-21BB496F80F9}\InprocServer32\ThreadingModel = "Both"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\Instance\{9A80F195-3BBA-4821-B18B-21BB496F80F9}\FriendlyName = "V4 Source Filter v03"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\Instance\{9A80F195-3BBA-4821-B18B-21BB496F80F9}\CLSID = "{9A80F195-3BBA-4821-B18B-21BB496F80F9}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9A80F195-3BBA-4821-B18B-21BB496F80F9}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\Instance\{9A80F195-3BBA-4821-B18B-21BB496F80F9}	regsvr32.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\Instance\{9A80F195-3BBA-4821-B18B-21BB496F80F9}\FilterData = 02000000000020000000000000000000	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9A80F195-3BBA-4821-B18B-21BB496F80F9}\InprocServer32\ = "C:\\Program Files (x86)\\TacticalCOFDM\\v4sourcefilter03.dll"	regsvr32.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	1988	Tactical COFDM.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	912	rundll32.exe
Token: SeRestorePrivilege	912	rundll32.exe
Token: SeRestorePrivilege	912	rundll32.exe
Token: SeRestorePrivilege	912	rundll32.exe
Token: SeRestorePrivilege	912	rundll32.exe
Token: SeRestorePrivilege	912	rundll32.exe
Token: SeRestorePrivilege	912	rundll32.exe
Token: SeBackupPrivilege	1380	vssvc.exe
Token: SeRestorePrivilege	1380	vssvc.exe
Token: SeAuditPrivilege	1380	vssvc.exe
Token: SeBackupPrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	956	DrvInst.exe
Token: SeRestorePrivilege	1120	DrvInst.exe
Token: SeRestorePrivilege	1120	DrvInst.exe
Token: SeRestorePrivilege	1120	DrvInst.exe
Token: SeRestorePrivilege	1120	DrvInst.exe
Token: SeRestorePrivilege	1120	DrvInst.exe
Token: SeRestorePrivilege	1120	DrvInst.exe
Token: SeRestorePrivilege	1120	DrvInst.exe
Token: SeLoadDriverPrivilege	1120	DrvInst.exe
Token: SeLoadDriverPrivilege	1120	DrvInst.exe
Token: SeLoadDriverPrivilege	1120	DrvInst.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe
Token: SeRestorePrivilege	2036	devcon.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1988	Tactical COFDM.exe

Suspicious use of WriteProcessMemory 34 IoCs

description	pid	Process	procid_target
PID 960 wrote to memory of 1988	960	DABCF15133A9AD6004371EAD9AAAB335.exe	27
PID 960 wrote to memory of 1988	960	DABCF15133A9AD6004371EAD9AAAB335.exe	27
PID 960 wrote to memory of 1988	960	DABCF15133A9AD6004371EAD9AAAB335.exe	27
PID 960 wrote to memory of 1988	960	DABCF15133A9AD6004371EAD9AAAB335.exe	27
PID 956 wrote to memory of 912	956	DrvInst.exe	29
PID 956 wrote to memory of 912	956	DrvInst.exe	29
PID 956 wrote to memory of 912	956	DrvInst.exe	29
PID 960 wrote to memory of 2036	960	DABCF15133A9AD6004371EAD9AAAB335.exe	33
PID 960 wrote to memory of 2036	960	DABCF15133A9AD6004371EAD9AAAB335.exe	33
PID 960 wrote to memory of 2036	960	DABCF15133A9AD6004371EAD9AAAB335.exe	33
PID 960 wrote to memory of 2036	960	DABCF15133A9AD6004371EAD9AAAB335.exe	33
PID 960 wrote to memory of 2036	960	DABCF15133A9AD6004371EAD9AAAB335.exe	33
PID 960 wrote to memory of 2036	960	DABCF15133A9AD6004371EAD9AAAB335.exe	33
PID 960 wrote to memory of 2036	960	DABCF15133A9AD6004371EAD9AAAB335.exe	33
PID 912 wrote to memory of 1540	912	DrvInst.exe	36
PID 912 wrote to memory of 1540	912	DrvInst.exe	36
PID 912 wrote to memory of 1540	912	DrvInst.exe	36
PID 960 wrote to memory of 2040	960	DABCF15133A9AD6004371EAD9AAAB335.exe	37
PID 960 wrote to memory of 2040	960	DABCF15133A9AD6004371EAD9AAAB335.exe	37
PID 960 wrote to memory of 2040	960	DABCF15133A9AD6004371EAD9AAAB335.exe	37
PID 960 wrote to memory of 2040	960	DABCF15133A9AD6004371EAD9AAAB335.exe	37
PID 960 wrote to memory of 2040	960	DABCF15133A9AD6004371EAD9AAAB335.exe	37
PID 960 wrote to memory of 2040	960	DABCF15133A9AD6004371EAD9AAAB335.exe	37
PID 960 wrote to memory of 2040	960	DABCF15133A9AD6004371EAD9AAAB335.exe	37
PID 956 wrote to memory of 1884	956	DrvInst.exe	40
PID 956 wrote to memory of 1884	956	DrvInst.exe	40
PID 956 wrote to memory of 1884	956	DrvInst.exe	40
PID 960 wrote to memory of 1812	960	DABCF15133A9AD6004371EAD9AAAB335.exe	41
PID 960 wrote to memory of 1812	960	DABCF15133A9AD6004371EAD9AAAB335.exe	41
PID 960 wrote to memory of 1812	960	DABCF15133A9AD6004371EAD9AAAB335.exe	41
PID 960 wrote to memory of 1812	960	DABCF15133A9AD6004371EAD9AAAB335.exe	41
PID 960 wrote to memory of 1812	960	DABCF15133A9AD6004371EAD9AAAB335.exe	41
PID 960 wrote to memory of 1812	960	DABCF15133A9AD6004371EAD9AAAB335.exe	41
PID 960 wrote to memory of 1812	960	DABCF15133A9AD6004371EAD9AAAB335.exe	41

Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Users\Admin\AppData\Local\Temp\DABCF15133A9AD6004371EAD9AAAB335.exe
"C:\Users\Admin\AppData\Local\Temp\DABCF15133A9AD6004371EAD9AAAB335.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:960
- C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe
  "C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe" /drvinstall
  2⤵
  - Executes dropped EXE
  - Drops file in System32 directory
  - Drops file in Windows directory
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of SetWindowsHookEx
  PID:1988
- C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe
  devcon.exe dp_add USB_Ethernet_RNDIS.inf
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Drops file in System32 directory
  - Drops file in Windows directory
  - Suspicious use of AdjustPrivilegeToken
  PID:2036
- C:\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe
  devcon.exe dp_add cdcserial.inf
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Drops file in System32 directory
  - Drops file in Windows directory
  PID:2040
- C:\Windows\SysWOW64\regsvr32.exe
  regsvr32.exe /s v4sourcefilter03.dll
  2⤵
  - Loads dropped DLL
  - Modifies registry class
  PID:1812

C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{317c0a48-214a-2bc0-cec6-9d0748fd5758}\usbmodv4.inf" "9" "6fd051d5b" "0000000000000558" "WinSta0\Default" "000000000000049C" "208" "C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual"
1⤵
- Drops file in System32 directory
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:956
- C:\Windows\system32\rundll32.exe
  rundll32.exe C:\Windows\system32\pnpui.dll,InstallSecurityPromptRunDllW 10 Global\{693862e4-6d32-03f4-1d33-a36ea49f6324} Global\{25515b26-df60-4b0f-f366-f25f4c9b6759} C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\usbmodv4.inf C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\usbmodv4amd64.cat
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  PID:912

C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1380

C:\Windows\system32\DrvInst.exe
DrvInst.exe "1" "200" "STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot19" "" "" "61530dda3" "0000000000000000" "00000000000005AC" "00000000000005B8"
1⤵
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
PID:1120

C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{11d0669e-0f2a-53d3-212d-b075c2f3e902}\USB_Ethernet_RNDIS.inf" "9" "69308d407" "000000000000049C" "WinSta0\Default" "00000000000003F4" "208" "C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver"
1⤵
- Drops file in System32 directory
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Suspicious use of WriteProcessMemory
PID:912
- C:\Windows\system32\rundll32.exe
  rundll32.exe C:\Windows\system32\pnpui.dll,InstallSecurityPromptRunDllW 10 Global\{75abd273-ab39-0a1c-2a57-9906a7d84f50} Global\{396adb4c-a447-2ef3-39b8-484c21bf1d0a} C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\USB_Ethernet_RNDIS.inf C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\RNDIS.cat
  2⤵
  PID:1540

C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{10c0c616-b707-0fee-1b56-0968e74e3f0c}\cdcserial.inf" "9" "6dbdb0d8b" "00000000000003F4" "WinSta0\Default" "000000000000055C" "208" "C:\Program Files (x86)\TacticalCOFDM\CDC_driver"
1⤵
- Drops file in System32 directory
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Suspicious use of WriteProcessMemory
PID:956
- C:\Windows\system32\rundll32.exe
  rundll32.exe C:\Windows\system32\pnpui.dll,InstallSecurityPromptRunDllW 10 Global\{76484d5b-e79d-4d1d-cc06-8338bf92b052} Global\{60dd61e6-e4d3-3c21-c00a-9e0ab6e81861} C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\cdcserial.inf C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\CDCSerial.cat
  2⤵
  PID:1884

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\PROGRA~2\TACTIC~1\DRIVER~2\amd64\usbmodv4.sys

Filesize
32KB

MD5
b2f3cf7363223aee2581b205f5668df5

SHA1
4f3ba20efca24dd0dd2c078030f9d920d91eef39

SHA256
6c6a49dd49c2035d85153a14eeb86f03a268ba9e8f038598ef687c79c9dfeac6

SHA512
a9129c2584d090af52a27ee02557d0969e9ea1fb936cf066599da0fd1212d1e8d12dda7865cb0cc05873220060cc4fd2e2b0e1bff19c7989b0c05ad382e9e9e3

Download Submit
C:\Program Files (x86)\TacticalCOFDM\CDC_driver\CDCSerial.cat

Filesize
6KB

MD5
f6fb978b072445fe0c302a3d6dae900a

SHA1
28e8c3d50726d7c7a0905f848825c3db9c4191eb

SHA256
5ce78e7e5837886396b4bbf0ead9fd6693a8ba3fdc4656e438331c354d81375c

SHA512
565b106d8abfec2e137ad752fb3b67e46065c090a0f790afc2a814789fde626de820254a64c3d48d842df610b32c4f8b3e7465165ba265392f5ee89ab1a17e97

Download Submit
C:\Program Files (x86)\TacticalCOFDM\CDC_driver\cdcserial.inf

Filesize
2KB

MD5
cb18007b3eb0dc3b11d32a37caed0a19

SHA1
00c5ce25fdcee3d0524ca6118a454a4b0f1dd67b

SHA256
3672fa93e47ec6bd083c6c0c73d49646b15673288cce8e2fc9c035f9c68566a7

SHA512
a0653372c284de001402267ba3356f6049eef5793033fa6516d6762e135d1279518b8203c445c69828b13adaa54d8a3530840ecab0b328c307a873c95f1cce10

Download Submit
C:\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
C:\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\RNDIS.cat

Filesize
6KB

MD5
c9b6dc8aa33e92702c755f22313bca7b

SHA1
0df0968ec9c6bbc09cb39e0dd2018927520db8d6

SHA256
857f6cb006633b31340c27b1f5f36b7b7f083d08fe324f6d07813c449e2e3392

SHA512
047d78aaa845a15154684eb5319a26d2289057fa2d2132878116620c5ba3eb1fea952d8168cc91e08746ee9a0ec897112ce70bcdbad63d8f3072d84e813eb8ff

Download Submit
C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\USB_Ethernet_RNDIS.inf

Filesize
2KB

MD5
47fa61919c61499ee42446af31c3ca0c

SHA1
3065b928f998533034f228d42f20d66bd6fdc781

SHA256
fa65fa6840cf83fa10d3eca9b1319a54843ee03ee91e1ff602b8ce094e4b933c

SHA512
fcfa77951a174c65ff19603a13d0eed7f2ababe7e5f570e94d17ecb65a7e0684d408fe7e8388b1ca61c4d932cd750e5cad9dbab534d8970019d0a3c1f395cd7a

Download Submit
C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe

Filesize
4.3MB

MD5
acb49ede3398f5faec662e13562904e5

SHA1
2584f33af1df6ebc5ccd38f17d938cce6448b1c7

SHA256
266439d646cead623e219e49cd7836a7af11fcfb50588df2d38b24e4992e17b8

SHA512
2b905fab3ea94d33c2109188791e8848a8ab9d2bacfc382c02c54ded83c30e2f995c553797f1df59c788c34fae568a55ca904c5fc66ffd15acf9a3dba6e70983

Download Submit
C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe

Filesize
4.3MB

MD5
acb49ede3398f5faec662e13562904e5

SHA1
2584f33af1df6ebc5ccd38f17d938cce6448b1c7

SHA256
266439d646cead623e219e49cd7836a7af11fcfb50588df2d38b24e4992e17b8

SHA512
2b905fab3ea94d33c2109188791e8848a8ab9d2bacfc382c02c54ded83c30e2f995c553797f1df59c788c34fae568a55ca904c5fc66ffd15acf9a3dba6e70983

Download Submit
C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\usbmodv4.inf

Filesize
4KB

MD5
65665cb1c2fe78ebe476e2a626f83569

SHA1
e2f958ccfe6db6f4ce5edabcd8bdd44296dab3d2

SHA256
6fe70b342bdd4796d8ec12df091724a3d61b097de7fadc693b714c9ab136129f

SHA512
b5b97d3666659fc8b8207969c567bc448adfec05259e3b76c62aa7f2532e9f22ad0c7940400cd33fd8296b58495b92a55ab493aad1a5e24957c2f44ccead6298

Download Submit
C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\usbmodv4amd64.cat

Filesize
17KB

MD5
faa6bfe5312e2dd6e46610d5169cba6a

SHA1
1e44e2f4907612e1f79601af718f62d310ec96a6

SHA256
845523653f2b403d94e5d5df935d0688720bde559336df02665ae5bda5944496

SHA512
7a07beb2f98be222c287a62036428b211e94fdd0a6b8d625b8a2170ae5da8a250443cf5bc3c771d1483a0d780f40efc2733bbff1a73f92c7b28eca4c3efe98f7

Download Submit
C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\usbmodv4x86.cat

Filesize
17KB

MD5
cb2ef6d09e828f3773d43350569a5a1f

SHA1
2cc81efccd1ada06d0117043580b636d7cf47086

SHA256
7a65e8e4f6314d565f31536a809ba9e0d0f9f20cfce76db9606b3335c9a95b25

SHA512
49e1627865030e7f09e5d76ae8a37e9c761568de23096245ee2e788dfd41034dc31d013155261c307a8042b483a41defc08a3ca157623c44a1c8342af493c4b1

Download Submit
C:\Program Files (x86)\TacticalCOFDM\v4sourcefilter03.dll

Filesize
44KB

MD5
a62e44e99973b17a94f659741705b71b

SHA1
b5b6772f0fce7bd18543712af1f5be6d982a053a

SHA256
5d89535994deedc66b02a00118f0adc93e37729548be7d611bfa0cabe22ec31d

SHA512
2df5e10c0dcab844dee41aa38043d43aece1c47216ccd80f8a2eb95beea2faa6c24ae2efb27aeef6bdb667e8008f28ded13e426945c99091dac8d86106617029

Download Submit
C:\Users\Admin\AppData\Local\Temp\{10c0c616-b707-0fee-1b56-0968e74e3f0c}\CDCSerial.cat

Filesize
6KB

MD5
f6fb978b072445fe0c302a3d6dae900a

SHA1
28e8c3d50726d7c7a0905f848825c3db9c4191eb

SHA256
5ce78e7e5837886396b4bbf0ead9fd6693a8ba3fdc4656e438331c354d81375c

SHA512
565b106d8abfec2e137ad752fb3b67e46065c090a0f790afc2a814789fde626de820254a64c3d48d842df610b32c4f8b3e7465165ba265392f5ee89ab1a17e97

Download Submit
C:\Users\Admin\AppData\Local\Temp\{10c0c616-b707-0fee-1b56-0968e74e3f0c}\cdcserial.inf

Filesize
2KB

MD5
cb18007b3eb0dc3b11d32a37caed0a19

SHA1
00c5ce25fdcee3d0524ca6118a454a4b0f1dd67b

SHA256
3672fa93e47ec6bd083c6c0c73d49646b15673288cce8e2fc9c035f9c68566a7

SHA512
a0653372c284de001402267ba3356f6049eef5793033fa6516d6762e135d1279518b8203c445c69828b13adaa54d8a3530840ecab0b328c307a873c95f1cce10

Download Submit
C:\Users\Admin\AppData\Local\Temp\{11d0669e-0f2a-53d3-212d-b075c2f3e902}\RNDIS.cat

Filesize
6KB

MD5
c9b6dc8aa33e92702c755f22313bca7b

SHA1
0df0968ec9c6bbc09cb39e0dd2018927520db8d6

SHA256
857f6cb006633b31340c27b1f5f36b7b7f083d08fe324f6d07813c449e2e3392

SHA512
047d78aaa845a15154684eb5319a26d2289057fa2d2132878116620c5ba3eb1fea952d8168cc91e08746ee9a0ec897112ce70bcdbad63d8f3072d84e813eb8ff

Download Submit
C:\Users\Admin\AppData\Local\Temp\{11d0669e-0f2a-53d3-212d-b075c2f3e902}\USB_Ethernet_RNDIS.inf

Filesize
2KB

MD5
47fa61919c61499ee42446af31c3ca0c

SHA1
3065b928f998533034f228d42f20d66bd6fdc781

SHA256
fa65fa6840cf83fa10d3eca9b1319a54843ee03ee91e1ff602b8ce094e4b933c

SHA512
fcfa77951a174c65ff19603a13d0eed7f2ababe7e5f570e94d17ecb65a7e0684d408fe7e8388b1ca61c4d932cd750e5cad9dbab534d8970019d0a3c1f395cd7a

Download Submit
C:\Users\Admin\AppData\Local\Temp\{317C0~1\amd64\usbmodv4.sys

Filesize
32KB

MD5
b2f3cf7363223aee2581b205f5668df5

SHA1
4f3ba20efca24dd0dd2c078030f9d920d91eef39

SHA256
6c6a49dd49c2035d85153a14eeb86f03a268ba9e8f038598ef687c79c9dfeac6

SHA512
a9129c2584d090af52a27ee02557d0969e9ea1fb936cf066599da0fd1212d1e8d12dda7865cb0cc05873220060cc4fd2e2b0e1bff19c7989b0c05ad382e9e9e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\{317c0a48-214a-2bc0-cec6-9d0748fd5758}\usbmodv4.inf

Filesize
4KB

MD5
65665cb1c2fe78ebe476e2a626f83569

SHA1
e2f958ccfe6db6f4ce5edabcd8bdd44296dab3d2

SHA256
6fe70b342bdd4796d8ec12df091724a3d61b097de7fadc693b714c9ab136129f

SHA512
b5b97d3666659fc8b8207969c567bc448adfec05259e3b76c62aa7f2532e9f22ad0c7940400cd33fd8296b58495b92a55ab493aad1a5e24957c2f44ccead6298

Download Submit
C:\Users\Admin\AppData\Local\Temp\{317c0a48-214a-2bc0-cec6-9d0748fd5758}\usbmodv4.inf

Filesize
4KB

MD5
65665cb1c2fe78ebe476e2a626f83569

SHA1
e2f958ccfe6db6f4ce5edabcd8bdd44296dab3d2

SHA256
6fe70b342bdd4796d8ec12df091724a3d61b097de7fadc693b714c9ab136129f

SHA512
b5b97d3666659fc8b8207969c567bc448adfec05259e3b76c62aa7f2532e9f22ad0c7940400cd33fd8296b58495b92a55ab493aad1a5e24957c2f44ccead6298

Download Submit
C:\Users\Admin\AppData\Local\Temp\{317c0a48-214a-2bc0-cec6-9d0748fd5758}\usbmodv4amd64.cat

Filesize
17KB

MD5
faa6bfe5312e2dd6e46610d5169cba6a

SHA1
1e44e2f4907612e1f79601af718f62d310ec96a6

SHA256
845523653f2b403d94e5d5df935d0688720bde559336df02665ae5bda5944496

SHA512
7a07beb2f98be222c287a62036428b211e94fdd0a6b8d625b8a2170ae5da8a250443cf5bc3c771d1483a0d780f40efc2733bbff1a73f92c7b28eca4c3efe98f7

Download Submit
C:\Windows\System32\CatRoot2\dberr.txt

Filesize
194KB

MD5
97f5acf3bbc023695188f2aa411f7b4c

SHA1
82b39d195ab67f4a7ed28d75365129c019634328

SHA256
2ec15e48e0cea04050a61a236d21d820464e4c0fa7933bc08c606f850d81f4b3

SHA512
1c53b6c51d231d0d554104716575d1b9654d82eaa917de9d9edea9bdb028c346217c9e1dc9577c19ee3241c264e346bc4f7a968e0bca12d3dd5588a8f5d1ae21

Download Submit
C:\Windows\System32\CatRoot2\dberr.txt

Filesize
194KB

MD5
945d4553f133c978aa9ef6c1ed7545dc

SHA1
d26a57ea78db84e13e6077e9e98492f9dba0c3d6

SHA256
013b45d98e2660b2e290c0deb5582b35f2e228c234477a6185eda099aa177808

SHA512
d017b95c6f79b4b52c3bac205190849110c123686ac5d0e6f1f24739f934da81a0a5729e9d0d55a2879f20e17b6c90663881b01ca4f7643d05886f1f43f36693

Download Submit
C:\Windows\System32\DriverStore\INFCACHE.1

Filesize
1.4MB

MD5
7ba7e37aaab28f83645e338b6a6c701e

SHA1
cdf186518cff2ab6bda62a20f3f04181a8e274e8

SHA256
860f45099391d3bb4fff1570df841c974d07c002b9d8e9bb1bf8dc5d3222ef2c

SHA512
076248f762b2e76cf79c262813d959f4820b036742785cc4246733ed4899d1ef539ecfcfce04e58f4622ee0b9d76a548f627b99475351e5b6d8ebc7e84e0da30

Download Submit
C:\Windows\System32\DriverStore\INFCACHE.1

Filesize
1.4MB

MD5
dcd8c593aaa688d7c490aaab9b270314

SHA1
84551cd74fcd5143dee2dea6afea0f2e1ff5a184

SHA256
50654b7e0ff258451a80a0a4e770771b0ba927378a3f4e6d7f60e91ce34bec2a

SHA512
9873cf59b66b3bc2c643e65fb7d241236a76eba0167fb554f505674213f6cabc3c336ef9c9a3846226ce2f62fc2ac72089c3e3b16e9275ec9c48f5cfccb8dc13

Download Submit
C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\SET203E.tmp

Filesize
2KB

MD5
47fa61919c61499ee42446af31c3ca0c

SHA1
3065b928f998533034f228d42f20d66bd6fdc781

SHA256
fa65fa6840cf83fa10d3eca9b1319a54843ee03ee91e1ff602b8ce094e4b933c

SHA512
fcfa77951a174c65ff19603a13d0eed7f2ababe7e5f570e94d17ecb65a7e0684d408fe7e8388b1ca61c4d932cd750e5cad9dbab534d8970019d0a3c1f395cd7a

Download Submit
C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\SET203F.tmp

Filesize
6KB

MD5
c9b6dc8aa33e92702c755f22313bca7b

SHA1
0df0968ec9c6bbc09cb39e0dd2018927520db8d6

SHA256
857f6cb006633b31340c27b1f5f36b7b7f083d08fe324f6d07813c449e2e3392

SHA512
047d78aaa845a15154684eb5319a26d2289057fa2d2132878116620c5ba3eb1fea952d8168cc91e08746ee9a0ec897112ce70bcdbad63d8f3072d84e813eb8ff

Download Submit
C:\Windows\System32\DriverStore\Temp\{16d115d2-4040-3b8a-ddff-d36170f8d203}\USB_Ethernet_RNDIS.inf

Filesize
2KB

MD5
47fa61919c61499ee42446af31c3ca0c

SHA1
3065b928f998533034f228d42f20d66bd6fdc781

SHA256
fa65fa6840cf83fa10d3eca9b1319a54843ee03ee91e1ff602b8ce094e4b933c

SHA512
fcfa77951a174c65ff19603a13d0eed7f2ababe7e5f570e94d17ecb65a7e0684d408fe7e8388b1ca61c4d932cd750e5cad9dbab534d8970019d0a3c1f395cd7a

Download Submit
C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\SET73D9.tmp

Filesize
6KB

MD5
f6fb978b072445fe0c302a3d6dae900a

SHA1
28e8c3d50726d7c7a0905f848825c3db9c4191eb

SHA256
5ce78e7e5837886396b4bbf0ead9fd6693a8ba3fdc4656e438331c354d81375c

SHA512
565b106d8abfec2e137ad752fb3b67e46065c090a0f790afc2a814789fde626de820254a64c3d48d842df610b32c4f8b3e7465165ba265392f5ee89ab1a17e97

Download Submit
C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\SET73EA.tmp

Filesize
2KB

MD5
cb18007b3eb0dc3b11d32a37caed0a19

SHA1
00c5ce25fdcee3d0524ca6118a454a4b0f1dd67b

SHA256
3672fa93e47ec6bd083c6c0c73d49646b15673288cce8e2fc9c035f9c68566a7

SHA512
a0653372c284de001402267ba3356f6049eef5793033fa6516d6762e135d1279518b8203c445c69828b13adaa54d8a3530840ecab0b328c307a873c95f1cce10

Download Submit
C:\Windows\System32\DriverStore\Temp\{3d7d626a-d6d1-37d8-eaa2-3f2c19add325}\cdcserial.inf

Filesize
2KB

MD5
cb18007b3eb0dc3b11d32a37caed0a19

SHA1
00c5ce25fdcee3d0524ca6118a454a4b0f1dd67b

SHA256
3672fa93e47ec6bd083c6c0c73d49646b15673288cce8e2fc9c035f9c68566a7

SHA512
a0653372c284de001402267ba3356f6049eef5793033fa6516d6762e135d1279518b8203c445c69828b13adaa54d8a3530840ecab0b328c307a873c95f1cce10

Download Submit
C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\SET7C81.tmp

Filesize
17KB

MD5
faa6bfe5312e2dd6e46610d5169cba6a

SHA1
1e44e2f4907612e1f79601af718f62d310ec96a6

SHA256
845523653f2b403d94e5d5df935d0688720bde559336df02665ae5bda5944496

SHA512
7a07beb2f98be222c287a62036428b211e94fdd0a6b8d625b8a2170ae5da8a250443cf5bc3c771d1483a0d780f40efc2733bbff1a73f92c7b28eca4c3efe98f7

Download Submit
C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\amd64\SET7C92.tmp

Filesize
32KB

MD5
b2f3cf7363223aee2581b205f5668df5

SHA1
4f3ba20efca24dd0dd2c078030f9d920d91eef39

SHA256
6c6a49dd49c2035d85153a14eeb86f03a268ba9e8f038598ef687c79c9dfeac6

SHA512
a9129c2584d090af52a27ee02557d0969e9ea1fb936cf066599da0fd1212d1e8d12dda7865cb0cc05873220060cc4fd2e2b0e1bff19c7989b0c05ad382e9e9e3

Download Submit
C:\Windows\System32\DriverStore\Temp\{7372cb31-775b-7b08-79fc-1d355de6a570}\usbmodv4.inf

Filesize
4KB

MD5
65665cb1c2fe78ebe476e2a626f83569

SHA1
e2f958ccfe6db6f4ce5edabcd8bdd44296dab3d2

SHA256
6fe70b342bdd4796d8ec12df091724a3d61b097de7fadc693b714c9ab136129f

SHA512
b5b97d3666659fc8b8207969c567bc448adfec05259e3b76c62aa7f2532e9f22ad0c7940400cd33fd8296b58495b92a55ab493aad1a5e24957c2f44ccead6298

Download Submit
C:\Windows\System32\catroot2\dberr.txt

Filesize
194KB

MD5
945d4553f133c978aa9ef6c1ed7545dc

SHA1
d26a57ea78db84e13e6077e9e98492f9dba0c3d6

SHA256
013b45d98e2660b2e290c0deb5582b35f2e228c234477a6185eda099aa177808

SHA512
d017b95c6f79b4b52c3bac205190849110c123686ac5d0e6f1f24739f934da81a0a5729e9d0d55a2879f20e17b6c90663881b01ca4f7643d05886f1f43f36693

Download Submit
C:\Windows\Temp\Cab7D7C.tmp

Filesize
29KB

MD5
d59a6b36c5a94916241a3ead50222b6f

SHA1
e274e9486d318c383bc4b9812844ba56f0cff3c6

SHA256
a38d01d3f024e626d579cf052ac3bd4260bb00c34bc6085977a5f4135ab09b53

SHA512
17012307955fef045e7c13bf0613bd40df27c29778ba6572640b76c18d379e02dc478e855c9276737363d0ad09b9a94f2adaa85da9c77ebb3c2d427aa68e2489

Download Submit
C:\Windows\Temp\Tar7DAE.tmp

Filesize
81KB

MD5
b13f51572f55a2d31ed9f266d581e9ea

SHA1
7eef3111b878e159e520f34410ad87adecf0ca92

SHA256
725980edc240c928bec5a5f743fdabeee1692144da7091cf836dc7d0997cef15

SHA512
f437202723b2817f2fef64b53d4eb67f782bdc61884c0c1890b46deca7ca63313ee2ad093428481f94edfcecd9c77da6e72b604998f7d551af959dbd6915809c

Download Submit
\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe

Filesize
76KB

MD5
19b6d352a9cec20029f0b88b019948f6

SHA1
f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

SHA256
5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

SHA512
e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

Download Submit
\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe

Filesize
4.3MB

MD5
acb49ede3398f5faec662e13562904e5

SHA1
2584f33af1df6ebc5ccd38f17d938cce6448b1c7

SHA256
266439d646cead623e219e49cd7836a7af11fcfb50588df2d38b24e4992e17b8

SHA512
2b905fab3ea94d33c2109188791e8848a8ab9d2bacfc382c02c54ded83c30e2f995c553797f1df59c788c34fae568a55ca904c5fc66ffd15acf9a3dba6e70983

Download Submit
\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe

Filesize
4.3MB

MD5
acb49ede3398f5faec662e13562904e5

SHA1
2584f33af1df6ebc5ccd38f17d938cce6448b1c7

SHA256
266439d646cead623e219e49cd7836a7af11fcfb50588df2d38b24e4992e17b8

SHA512
2b905fab3ea94d33c2109188791e8848a8ab9d2bacfc382c02c54ded83c30e2f995c553797f1df59c788c34fae568a55ca904c5fc66ffd15acf9a3dba6e70983

Download Submit
\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe

Filesize
4.3MB

MD5
acb49ede3398f5faec662e13562904e5

SHA1
2584f33af1df6ebc5ccd38f17d938cce6448b1c7

SHA256
266439d646cead623e219e49cd7836a7af11fcfb50588df2d38b24e4992e17b8

SHA512
2b905fab3ea94d33c2109188791e8848a8ab9d2bacfc382c02c54ded83c30e2f995c553797f1df59c788c34fae568a55ca904c5fc66ffd15acf9a3dba6e70983

Download Submit
\Program Files (x86)\TacticalCOFDM\uninstall.exe

Filesize
40KB

MD5
1e3a4aecfd590aa63088b6c1ffed4617

SHA1
ee5607607cafb3a222066d1a0759ef97a0a8ad8f

SHA256
07de1c9d14122763c55350f18321731ab96f7d6a12f106ac03f3ca2248f84cc7

SHA512
7b297c551575057f344afb75f35f6e46eb5cd7ac4d4cd1daab82dd4f8d2bf1504312e23415fa13262599882e7cbe1e433ba9b5801e997ad388e2845aa37b0f19

Download Submit
\Program Files (x86)\TacticalCOFDM\v4sourcefilter03.dll

Filesize
44KB

MD5
a62e44e99973b17a94f659741705b71b

SHA1
b5b6772f0fce7bd18543712af1f5be6d982a053a

SHA256
5d89535994deedc66b02a00118f0adc93e37729548be7d611bfa0cabe22ec31d

SHA512
2df5e10c0dcab844dee41aa38043d43aece1c47216ccd80f8a2eb95beea2faa6c24ae2efb27aeef6bdb667e8008f28ded13e426945c99091dac8d86106617029

Download Submit
memory/912-220-0x0000000001D20000-0x0000000001D21000-memory.dmp

Filesize
4KB

Download
memory/1540-345-0x0000000001BB0000-0x0000000001BB1000-memory.dmp

Filesize
4KB

Download
memory/1884-462-0x0000000000290000-0x0000000000291000-memory.dmp

Filesize
4KB

Download