Overview

overview

7

Static

static

1

DABCF15133...35.exe

windows7-x64

7

DABCF15133...35.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    112s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-04-2023 19:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DABCF15133A9AD6004371EAD9AAAB335.exe

  • Size

    3.0MB

  • MD5

    dabcf15133a9ad6004371ead9aaab335

  • SHA1

    9c2492d5bfcf5f4142c3c5db7a3928ccbda3183a

  • SHA256

    676cdb2b2dc08de0f4967e69904ee5b300b8ae5110a568a5eaac5075ea02e74b

  • SHA512

    a7902fd7dbe2fefcbf610a69da1322c642dd42b753a54e9e7e05e0227d9fc228657ee452f0666696e23238c8c01808ad62f1fc32d88906e6cbc8792887e13151

  • SSDEEP

    49152:GdUEgBtzdPpfkSH1CA78aMEyg4czC3p4Ppm/gfZkGDl+wvFowsghNvftask8t6Zf:GdUxBtvjQ58NC3p4Pygfp+AFPssVkMOz

Score
7/10
discovery

Malware Config

Signatures

  • Executes dropped EXE 4 IoCs
  • Loads dropped DLL 1 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in System32 directory 38 IoCs
  • Drops file in Program Files directory 33 IoCs
  • Drops file in Windows directory 16 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Program crash 1 IoCs
  • Checks SCSI registry key(s) 3 TTPs 58 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Modifies data under HKEY_USERS 64 IoCs
  • Modifies registry class 9 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DABCF15133A9AD6004371EAD9AAAB335.exe
    "C:\Users\Admin\AppData\Local\Temp\DABCF15133A9AD6004371EAD9AAAB335.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:516
    • C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe
      "C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe" /drvinstall
      2⤵
      • Executes dropped EXE
      • Drops file in Windows directory
      • Suspicious use of SetWindowsHookEx
      PID:4024
    • C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe
      devcon.exe dp_add USB_Ethernet_RNDIS.inf
      2⤵
      • Executes dropped EXE
      • Drops file in Windows directory
      PID:3328
    • C:\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe
      devcon.exe dp_add cdcserial.inf
      2⤵
      • Executes dropped EXE
      • Drops file in Windows directory
      PID:3780
    • C:\Windows\SysWOW64\regsvr32.exe
      regsvr32.exe /s v4sourcefilter03.dll
      2⤵
      • Loads dropped DLL
      • Modifies registry class
      PID:1356
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
    1⤵
    • Drops file in Windows directory
    • Checks SCSI registry key(s)
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Windows\system32\DrvInst.exe
      DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{288108f0-9db7-d048-b5df-f0159b31ece5}\usbmodv4.inf" "9" "4fd051d5b" "000000000000014C" "WinSta0\Default" "0000000000000160" "208" "C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual"
      2⤵
      • Drops file in System32 directory
      • Drops file in Windows directory
      • Checks SCSI registry key(s)
      • Modifies data under HKEY_USERS
      • Suspicious use of WriteProcessMemory
      PID:3180
      • C:\Windows\system32\rundll32.exe
        rundll32.exe C:\Windows\system32\pnpui.dll,InstallSecurityPromptRunDllW 20 Global\{215b1889-d88a-5548-a2a1-4e7109d371fb} Global\{81cc946a-0b18-6640-9560-4f464a263c2a} C:\Windows\System32\DriverStore\Temp\{89a64e73-c2e9-bb42-9a08-af67d0fba745}\usbmodv4.inf C:\Windows\System32\DriverStore\Temp\{89a64e73-c2e9-bb42-9a08-af67d0fba745}\usbmodv4amd64.cat
        3⤵
          PID:2212
      • C:\Windows\system32\DrvInst.exe
        DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{a9cced52-d5e1-0149-87d3-1a3f3e7752b8}\USB_Ethernet_RNDIS.inf" "9" "49308d407" "0000000000000160" "WinSta0\Default" "0000000000000104" "208" "C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver"
        2⤵
        • Drops file in System32 directory
        • Drops file in Windows directory
        • Checks SCSI registry key(s)
        • Modifies data under HKEY_USERS
        PID:2804
      • C:\Windows\system32\DrvInst.exe
        DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{c856119e-61b4-a242-aa1f-f3f20b2ee6d1}\cdcserial.inf" "9" "4dbdb0d8b" "0000000000000158" "WinSta0\Default" "000000000000014C" "208" "C:\Program Files (x86)\TacticalCOFDM\CDC_driver"
        2⤵
        • Drops file in System32 directory
        • Drops file in Windows directory
        • Checks SCSI registry key(s)
        • Modifies data under HKEY_USERS
        PID:3340
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 448 -p 404 -ip 404
      1⤵
        PID:2032
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 404 -s 1764
        1⤵
        • Program crash
        PID:4144
      • C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe
        "C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe"
        1⤵
        • Executes dropped EXE
        • Suspicious use of SetWindowsHookEx
        PID:4304

      Network

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\PROGRA~2\TACTIC~1\CDC_DR~1\CDCSER~1.CAT
        Filesize

        6KB

        MD5

        f6fb978b072445fe0c302a3d6dae900a

        SHA1

        28e8c3d50726d7c7a0905f848825c3db9c4191eb

        SHA256

        5ce78e7e5837886396b4bbf0ead9fd6693a8ba3fdc4656e438331c354d81375c

        SHA512

        565b106d8abfec2e137ad752fb3b67e46065c090a0f790afc2a814789fde626de820254a64c3d48d842df610b32c4f8b3e7465165ba265392f5ee89ab1a17e97

        Download Submit

      • C:\PROGRA~2\TACTIC~1\DRIVER~2\USBMOD~1.CAT
        Filesize

        17KB

        MD5

        faa6bfe5312e2dd6e46610d5169cba6a

        SHA1

        1e44e2f4907612e1f79601af718f62d310ec96a6

        SHA256

        845523653f2b403d94e5d5df935d0688720bde559336df02665ae5bda5944496

        SHA512

        7a07beb2f98be222c287a62036428b211e94fdd0a6b8d625b8a2170ae5da8a250443cf5bc3c771d1483a0d780f40efc2733bbff1a73f92c7b28eca4c3efe98f7

        Download Submit

      • C:\PROGRA~2\TACTIC~1\DRIVER~2\amd64\usbmodv4.sys
        Filesize

        32KB

        MD5

        b2f3cf7363223aee2581b205f5668df5

        SHA1

        4f3ba20efca24dd0dd2c078030f9d920d91eef39

        SHA256

        6c6a49dd49c2035d85153a14eeb86f03a268ba9e8f038598ef687c79c9dfeac6

        SHA512

        a9129c2584d090af52a27ee02557d0969e9ea1fb936cf066599da0fd1212d1e8d12dda7865cb0cc05873220060cc4fd2e2b0e1bff19c7989b0c05ad382e9e9e3

        Download Submit

      • C:\PROGRA~2\TACTIC~1\RNDIS_~1\RNDIS.cat
        Filesize

        6KB

        MD5

        c9b6dc8aa33e92702c755f22313bca7b

        SHA1

        0df0968ec9c6bbc09cb39e0dd2018927520db8d6

        SHA256

        857f6cb006633b31340c27b1f5f36b7b7f083d08fe324f6d07813c449e2e3392

        SHA512

        047d78aaa845a15154684eb5319a26d2289057fa2d2132878116620c5ba3eb1fea952d8168cc91e08746ee9a0ec897112ce70bcdbad63d8f3072d84e813eb8ff

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\CDC_driver\cdcserial.inf
        Filesize

        2KB

        MD5

        cb18007b3eb0dc3b11d32a37caed0a19

        SHA1

        00c5ce25fdcee3d0524ca6118a454a4b0f1dd67b

        SHA256

        3672fa93e47ec6bd083c6c0c73d49646b15673288cce8e2fc9c035f9c68566a7

        SHA512

        a0653372c284de001402267ba3356f6049eef5793033fa6516d6762e135d1279518b8203c445c69828b13adaa54d8a3530840ecab0b328c307a873c95f1cce10

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe
        Filesize

        76KB

        MD5

        19b6d352a9cec20029f0b88b019948f6

        SHA1

        f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

        SHA256

        5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

        SHA512

        e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe
        Filesize

        76KB

        MD5

        19b6d352a9cec20029f0b88b019948f6

        SHA1

        f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

        SHA256

        5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

        SHA512

        e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\CDC_driver\devcon.exe
        Filesize

        76KB

        MD5

        19b6d352a9cec20029f0b88b019948f6

        SHA1

        f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

        SHA256

        5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

        SHA512

        e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\USB_Ethernet_RNDIS.inf
        Filesize

        2KB

        MD5

        47fa61919c61499ee42446af31c3ca0c

        SHA1

        3065b928f998533034f228d42f20d66bd6fdc781

        SHA256

        fa65fa6840cf83fa10d3eca9b1319a54843ee03ee91e1ff602b8ce094e4b933c

        SHA512

        fcfa77951a174c65ff19603a13d0eed7f2ababe7e5f570e94d17ecb65a7e0684d408fe7e8388b1ca61c4d932cd750e5cad9dbab534d8970019d0a3c1f395cd7a

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe
        Filesize

        76KB

        MD5

        19b6d352a9cec20029f0b88b019948f6

        SHA1

        f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

        SHA256

        5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

        SHA512

        e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\RNDIS_driver\devcon.exe
        Filesize

        76KB

        MD5

        19b6d352a9cec20029f0b88b019948f6

        SHA1

        f5ea44bf5e99185bcd9f385b6c9a51ddfc5bfff1

        SHA256

        5523e10f9b9ba996f6addc2227b4f0ec21a269083709b149b6d3f0de847f0ad0

        SHA512

        e41d55205da18cd8a1ca7f70052eece84977fe0daf17e2ab6843fc34d5c9ec36279bb20427f77abf8815af5c527125420bf726e2f365acbe14a3b61ebdb0bbd5

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe
        Filesize

        4.3MB

        MD5

        acb49ede3398f5faec662e13562904e5

        SHA1

        2584f33af1df6ebc5ccd38f17d938cce6448b1c7

        SHA256

        266439d646cead623e219e49cd7836a7af11fcfb50588df2d38b24e4992e17b8

        SHA512

        2b905fab3ea94d33c2109188791e8848a8ab9d2bacfc382c02c54ded83c30e2f995c553797f1df59c788c34fae568a55ca904c5fc66ffd15acf9a3dba6e70983

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe
        Filesize

        4.3MB

        MD5

        acb49ede3398f5faec662e13562904e5

        SHA1

        2584f33af1df6ebc5ccd38f17d938cce6448b1c7

        SHA256

        266439d646cead623e219e49cd7836a7af11fcfb50588df2d38b24e4992e17b8

        SHA512

        2b905fab3ea94d33c2109188791e8848a8ab9d2bacfc382c02c54ded83c30e2f995c553797f1df59c788c34fae568a55ca904c5fc66ffd15acf9a3dba6e70983

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\Tactical COFDM.exe
        Filesize

        4.3MB

        MD5

        acb49ede3398f5faec662e13562904e5

        SHA1

        2584f33af1df6ebc5ccd38f17d938cce6448b1c7

        SHA256

        266439d646cead623e219e49cd7836a7af11fcfb50588df2d38b24e4992e17b8

        SHA512

        2b905fab3ea94d33c2109188791e8848a8ab9d2bacfc382c02c54ded83c30e2f995c553797f1df59c788c34fae568a55ca904c5fc66ffd15acf9a3dba6e70983

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\driver_pack_dual\usbmodv4.inf
        Filesize

        4KB

        MD5

        65665cb1c2fe78ebe476e2a626f83569

        SHA1

        e2f958ccfe6db6f4ce5edabcd8bdd44296dab3d2

        SHA256

        6fe70b342bdd4796d8ec12df091724a3d61b097de7fadc693b714c9ab136129f

        SHA512

        b5b97d3666659fc8b8207969c567bc448adfec05259e3b76c62aa7f2532e9f22ad0c7940400cd33fd8296b58495b92a55ab493aad1a5e24957c2f44ccead6298

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\v4sourcefilter03.dll
        Filesize

        44KB

        MD5

        a62e44e99973b17a94f659741705b71b

        SHA1

        b5b6772f0fce7bd18543712af1f5be6d982a053a

        SHA256

        5d89535994deedc66b02a00118f0adc93e37729548be7d611bfa0cabe22ec31d

        SHA512

        2df5e10c0dcab844dee41aa38043d43aece1c47216ccd80f8a2eb95beea2faa6c24ae2efb27aeef6bdb667e8008f28ded13e426945c99091dac8d86106617029

        Download Submit

      • C:\Program Files (x86)\TacticalCOFDM\v4sourcefilter03.dll
        Filesize

        44KB

        MD5

        a62e44e99973b17a94f659741705b71b

        SHA1

        b5b6772f0fce7bd18543712af1f5be6d982a053a

        SHA256

        5d89535994deedc66b02a00118f0adc93e37729548be7d611bfa0cabe22ec31d

        SHA512

        2df5e10c0dcab844dee41aa38043d43aece1c47216ccd80f8a2eb95beea2faa6c24ae2efb27aeef6bdb667e8008f28ded13e426945c99091dac8d86106617029

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{288108f0-9db7-d048-b5df-f0159b31ece5}\usbmodv4.inf
        Filesize

        4KB

        MD5

        65665cb1c2fe78ebe476e2a626f83569

        SHA1

        e2f958ccfe6db6f4ce5edabcd8bdd44296dab3d2

        SHA256

        6fe70b342bdd4796d8ec12df091724a3d61b097de7fadc693b714c9ab136129f

        SHA512

        b5b97d3666659fc8b8207969c567bc448adfec05259e3b76c62aa7f2532e9f22ad0c7940400cd33fd8296b58495b92a55ab493aad1a5e24957c2f44ccead6298

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{288108f0-9db7-d048-b5df-f0159b31ece5}\usbmodv4.inf
        Filesize

        4KB

        MD5

        65665cb1c2fe78ebe476e2a626f83569

        SHA1

        e2f958ccfe6db6f4ce5edabcd8bdd44296dab3d2

        SHA256

        6fe70b342bdd4796d8ec12df091724a3d61b097de7fadc693b714c9ab136129f

        SHA512

        b5b97d3666659fc8b8207969c567bc448adfec05259e3b76c62aa7f2532e9f22ad0c7940400cd33fd8296b58495b92a55ab493aad1a5e24957c2f44ccead6298

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{28810~1\amd64\usbmodv4.sys
        Filesize

        32KB

        MD5

        b2f3cf7363223aee2581b205f5668df5

        SHA1

        4f3ba20efca24dd0dd2c078030f9d920d91eef39

        SHA256

        6c6a49dd49c2035d85153a14eeb86f03a268ba9e8f038598ef687c79c9dfeac6

        SHA512

        a9129c2584d090af52a27ee02557d0969e9ea1fb936cf066599da0fd1212d1e8d12dda7865cb0cc05873220060cc4fd2e2b0e1bff19c7989b0c05ad382e9e9e3

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{28810~1\usbmodv4amd64.cat
        Filesize

        17KB

        MD5

        faa6bfe5312e2dd6e46610d5169cba6a

        SHA1

        1e44e2f4907612e1f79601af718f62d310ec96a6

        SHA256

        845523653f2b403d94e5d5df935d0688720bde559336df02665ae5bda5944496

        SHA512

        7a07beb2f98be222c287a62036428b211e94fdd0a6b8d625b8a2170ae5da8a250443cf5bc3c771d1483a0d780f40efc2733bbff1a73f92c7b28eca4c3efe98f7

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{A9CCE~1\RNDIS.cat
        Filesize

        6KB

        MD5

        c9b6dc8aa33e92702c755f22313bca7b

        SHA1

        0df0968ec9c6bbc09cb39e0dd2018927520db8d6

        SHA256

        857f6cb006633b31340c27b1f5f36b7b7f083d08fe324f6d07813c449e2e3392

        SHA512

        047d78aaa845a15154684eb5319a26d2289057fa2d2132878116620c5ba3eb1fea952d8168cc91e08746ee9a0ec897112ce70bcdbad63d8f3072d84e813eb8ff

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{C8561~1\CDCSerial.cat
        Filesize

        6KB

        MD5

        f6fb978b072445fe0c302a3d6dae900a

        SHA1

        28e8c3d50726d7c7a0905f848825c3db9c4191eb

        SHA256

        5ce78e7e5837886396b4bbf0ead9fd6693a8ba3fdc4656e438331c354d81375c

        SHA512

        565b106d8abfec2e137ad752fb3b67e46065c090a0f790afc2a814789fde626de820254a64c3d48d842df610b32c4f8b3e7465165ba265392f5ee89ab1a17e97

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{a9cced52-d5e1-0149-87d3-1a3f3e7752b8}\USB_Ethernet_RNDIS.inf
        Filesize

        2KB

        MD5

        47fa61919c61499ee42446af31c3ca0c

        SHA1

        3065b928f998533034f228d42f20d66bd6fdc781

        SHA256

        fa65fa6840cf83fa10d3eca9b1319a54843ee03ee91e1ff602b8ce094e4b933c

        SHA512

        fcfa77951a174c65ff19603a13d0eed7f2ababe7e5f570e94d17ecb65a7e0684d408fe7e8388b1ca61c4d932cd750e5cad9dbab534d8970019d0a3c1f395cd7a

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{c856119e-61b4-a242-aa1f-f3f20b2ee6d1}\cdcserial.inf
        Filesize

        2KB

        MD5

        cb18007b3eb0dc3b11d32a37caed0a19

        SHA1

        00c5ce25fdcee3d0524ca6118a454a4b0f1dd67b

        SHA256

        3672fa93e47ec6bd083c6c0c73d49646b15673288cce8e2fc9c035f9c68566a7

        SHA512

        a0653372c284de001402267ba3356f6049eef5793033fa6516d6762e135d1279518b8203c445c69828b13adaa54d8a3530840ecab0b328c307a873c95f1cce10

        Download Submit

      • C:\Windows\System32\CatRoot2\dberr.txt
        Filesize

        146KB

        MD5

        e3f9e9689ceb7de16e4abe9733158c0a

        SHA1

        37b547af471552323e4e1b2275a617a01ecada23

        SHA256

        a99b6029787a100a23dc66571004b6fd21d0b053b0ae331e23446b0bc4ac86f9

        SHA512

        b733fd486f7207d93a1f2adfc835f4d01c78a052cab07846a01bf8cd6814d8572c59fecf4ce682289637e71f5ac7b994104c804a8f75771276960620e042f910

        Download Submit

      • C:\Windows\System32\CatRoot2\dberr.txt
        Filesize

        146KB

        MD5

        ccee81435dfb21242ae140f163f71e0a

        SHA1

        07148769c1b6fa20c86ca23c166e2ec8a7a6bf63

        SHA256

        e1ec4b350bdcace1d4b1ecfef0aeba9b966b3e0a396261dbc25b8a5e3d5c38e7

        SHA512

        7fb9fd8403013f05cefc3b4c6beaa2596fb6f7781bb66ef34761febd01828397a67517c6df451c7f9e25bc2bcaab61d512451d5b0c45638b72255b34d3ab5422

        Download Submit

      • C:\Windows\System32\DriverStore\Temp\{48805a72-d993-ba4e-99ad-1e7af1898f01}\SET5A26.tmp
        Filesize

        6KB

        MD5

        f6fb978b072445fe0c302a3d6dae900a

        SHA1

        28e8c3d50726d7c7a0905f848825c3db9c4191eb

        SHA256

        5ce78e7e5837886396b4bbf0ead9fd6693a8ba3fdc4656e438331c354d81375c

        SHA512

        565b106d8abfec2e137ad752fb3b67e46065c090a0f790afc2a814789fde626de820254a64c3d48d842df610b32c4f8b3e7465165ba265392f5ee89ab1a17e97

        Download Submit

      • C:\Windows\System32\DriverStore\Temp\{48805a72-d993-ba4e-99ad-1e7af1898f01}\SET5A27.tmp
        Filesize

        2KB

        MD5

        cb18007b3eb0dc3b11d32a37caed0a19

        SHA1

        00c5ce25fdcee3d0524ca6118a454a4b0f1dd67b

        SHA256

        3672fa93e47ec6bd083c6c0c73d49646b15673288cce8e2fc9c035f9c68566a7

        SHA512

        a0653372c284de001402267ba3356f6049eef5793033fa6516d6762e135d1279518b8203c445c69828b13adaa54d8a3530840ecab0b328c307a873c95f1cce10

        Download Submit

      • C:\Windows\System32\DriverStore\Temp\{7cfb3417-2122-8e42-aa6b-2ba2fc27627b}\SET562E.tmp
        Filesize

        2KB

        MD5

        47fa61919c61499ee42446af31c3ca0c

        SHA1

        3065b928f998533034f228d42f20d66bd6fdc781

        SHA256

        fa65fa6840cf83fa10d3eca9b1319a54843ee03ee91e1ff602b8ce094e4b933c

        SHA512

        fcfa77951a174c65ff19603a13d0eed7f2ababe7e5f570e94d17ecb65a7e0684d408fe7e8388b1ca61c4d932cd750e5cad9dbab534d8970019d0a3c1f395cd7a

        Download Submit

      • C:\Windows\System32\DriverStore\Temp\{7cfb3417-2122-8e42-aa6b-2ba2fc27627b}\SET562F.tmp
        Filesize

        6KB

        MD5

        c9b6dc8aa33e92702c755f22313bca7b

        SHA1

        0df0968ec9c6bbc09cb39e0dd2018927520db8d6

        SHA256

        857f6cb006633b31340c27b1f5f36b7b7f083d08fe324f6d07813c449e2e3392

        SHA512

        047d78aaa845a15154684eb5319a26d2289057fa2d2132878116620c5ba3eb1fea952d8168cc91e08746ee9a0ec897112ce70bcdbad63d8f3072d84e813eb8ff

        Download Submit

      • C:\Windows\System32\DriverStore\Temp\{89a64e73-c2e9-bb42-9a08-af67d0fba745}\SET443D.tmp
        Filesize

        17KB

        MD5

        faa6bfe5312e2dd6e46610d5169cba6a

        SHA1

        1e44e2f4907612e1f79601af718f62d310ec96a6

        SHA256

        845523653f2b403d94e5d5df935d0688720bde559336df02665ae5bda5944496

        SHA512

        7a07beb2f98be222c287a62036428b211e94fdd0a6b8d625b8a2170ae5da8a250443cf5bc3c771d1483a0d780f40efc2733bbff1a73f92c7b28eca4c3efe98f7

        Download Submit

      • C:\Windows\System32\DriverStore\Temp\{89a64e73-c2e9-bb42-9a08-af67d0fba745}\amd64\SET445E.tmp
        Filesize

        32KB

        MD5

        b2f3cf7363223aee2581b205f5668df5

        SHA1

        4f3ba20efca24dd0dd2c078030f9d920d91eef39

        SHA256

        6c6a49dd49c2035d85153a14eeb86f03a268ba9e8f038598ef687c79c9dfeac6

        SHA512

        a9129c2584d090af52a27ee02557d0969e9ea1fb936cf066599da0fd1212d1e8d12dda7865cb0cc05873220060cc4fd2e2b0e1bff19c7989b0c05ad382e9e9e3

        Download Submit

      • C:\Windows\System32\DriverStore\Temp\{89a64e73-c2e9-bb42-9a08-af67d0fba745}\usbmodv4.inf
        Filesize

        4KB

        MD5

        65665cb1c2fe78ebe476e2a626f83569

        SHA1

        e2f958ccfe6db6f4ce5edabcd8bdd44296dab3d2

        SHA256

        6fe70b342bdd4796d8ec12df091724a3d61b097de7fadc693b714c9ab136129f

        SHA512

        b5b97d3666659fc8b8207969c567bc448adfec05259e3b76c62aa7f2532e9f22ad0c7940400cd33fd8296b58495b92a55ab493aad1a5e24957c2f44ccead6298

        Download Submit

      • C:\Windows\System32\DriverStore\Temp\{89a64e73-c2e9-bb42-9a08-af67d0fba745}\usbmodv4amd64.cat
        Filesize

        17KB

        MD5

        faa6bfe5312e2dd6e46610d5169cba6a

        SHA1

        1e44e2f4907612e1f79601af718f62d310ec96a6

        SHA256

        845523653f2b403d94e5d5df935d0688720bde559336df02665ae5bda5944496

        SHA512

        7a07beb2f98be222c287a62036428b211e94fdd0a6b8d625b8a2170ae5da8a250443cf5bc3c771d1483a0d780f40efc2733bbff1a73f92c7b28eca4c3efe98f7

        Download Submit

      • memory/4304-339-0x0000000017670000-0x0000000017680000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4304-340-0x0000000017670000-0x0000000017680000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4304-341-0x0000000017670000-0x0000000017680000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4304-342-0x0000000017670000-0x0000000017680000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4304-343-0x0000000017670000-0x0000000017680000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4304-344-0x0000000017670000-0x0000000017680000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4304-345-0x0000000017B80000-0x0000000017B90000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4304-346-0x0000000017B80000-0x0000000017B90000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4304-347-0x0000000017B80000-0x0000000017B90000-memory.dmp

        Filesize

        64KB

        Download