46b216fa188df75d97905a238ded1e1d9f55f11c03baf5c03588d4d86cb7b454

Analysis

max time kernel
137s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
05/05/2023, 18:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

260611E1E3E98651B740E4D29EB300F7.exe
Size

36.0MB
MD5

260611e1e3e98651b740e4d29eb300f7
SHA1

715b851c92334aa67089e4acf6ece063deca6009
SHA256

46b216fa188df75d97905a238ded1e1d9f55f11c03baf5c03588d4d86cb7b454
SHA512

a817d8be8c253509a46dfa01e6d6c75b84390a518dc15ca65aac69bdaa7ae8100bb63239931316d6d18449568cb0c9b05a5cb4889c37c54a56530826dacb148d
SSDEEP

786432:thFeuI6MbXbj4gk7g2Pa+Av28b9BQjKs6nfgH28hysetKj:heFbXn4g/6a+AVAuxfOsXq

Score

7^/10

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000\Control Panel\International\Geo\Nation	260611E1E3E98651B740E4D29EB300F7.exe

Executes dropped EXE 1 IoCs

pid	Process
1028	mbbrsyscheck.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
412	260611E1E3E98651B740E4D29EB300F7.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 412 wrote to memory of 1028	412	260611E1E3E98651B740E4D29EB300F7.exe	88
PID 412 wrote to memory of 1028	412	260611E1E3E98651B740E4D29EB300F7.exe	88
PID 412 wrote to memory of 1028	412	260611E1E3E98651B740E4D29EB300F7.exe	88
PID 412 wrote to memory of 4920	412	260611E1E3E98651B740E4D29EB300F7.exe	91
PID 412 wrote to memory of 4920	412	260611E1E3E98651B740E4D29EB300F7.exe	91
PID 412 wrote to memory of 4920	412	260611E1E3E98651B740E4D29EB300F7.exe	91

C:\Users\Admin\AppData\Local\Temp\260611E1E3E98651B740E4D29EB300F7.exe
"C:\Users\Admin\AppData\Local\Temp\260611E1E3E98651B740E4D29EB300F7.exe"
1⤵
- Checks computer location settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:412
- C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\win32\release\mbbrsyscheck.exe
  "C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\win32\release\mbbrsyscheck.exe" "C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\win32\release" "C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release" "C:\Users\Admin\AppData\Local\Temp"
  2⤵
  - Executes dropped EXE
  PID:1028
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\7ZSfx000.cmd" "
  2⤵
  PID:4920

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\7ZSfx000.cmd

Filesize
236B

MD5
10f98471187026a208cda9b7208fb868

SHA1
17b90b0d36c6071a78d9f17934f6999a2ef96a05

SHA256
2aafe84e49f7c124b515b0e8700068fcccc73ebe6423fdc4e8098b59ed50772b

SHA512
9b0e3f3230a387632f4360cd3f900666d412bf272ab4980032f89c12b18c6301867d0b6e13d660ab7988c87d2e672f9d5c36584c84aafb5988fcee9d8ec0d2be

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\ActionsAssociations

Filesize
3KB

MD5
0f9f9c709b17e377b598904b4c9e1630

SHA1
44387f6d28a21ca466c2168dbfe4e5791e9219a4

SHA256
db4a843813a8e250da2df209c173e366586ad7af006eaff015fd6c4c87c3a392

SHA512
cba6f0ee8eb4eaf3a953181116739565e3a442537f6e48f636a565a08b00f407702f275d97e184583fec99d99f855756a120c7de996a60dcabb875e07453b366

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\CleanControllerCOM.dll.manifest

Filesize
6KB

MD5
beaca8c1fe93250c675e237b0497fd74

SHA1
132b847a644774fc99c6979e5a89d9cfc22aab4e

SHA256
d522c8be68c6c7c7126c495cab12f07576f092c5b96688f28b730b55dff5feab

SHA512
6225461ac2f91e84fd9b4aee85eef11f7c720ebdf13393208b880e3b0eae5425012b4321f676e8db8fc22339bd0947b7501c4e51c007f266e977ee1179db0639

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\CloudControllerCOM.dll.manifest

Filesize
1KB

MD5
8b671a26c2370fab728e9c7b031d742f

SHA1
0553bb172b9d01be688066a117179f146ad07749

SHA256
a0b9a5a4494bb7c29cafe7ff3a1b29450b0a4fb16c3ee20f38951dcec5f1fd82

SHA512
7fad4e91b9ccaa20c260d70c98396788ea24d34e60a489bc59408eb477a12ff0c69af84eeac16bf3565e488b1260c42dde19a84ec12ca7b7afc7812dcef577c5

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\Doc\mbmrerr.h

Filesize
18KB

MD5
e91382472def25516e079b14ed18e02e

SHA1
470cee6b5505c3a6405b54eed71085990dda7e3f

SHA256
32d2f37084cb24cd476da2677d02411bad4892a200a5debf352c64ed06a97b22

SHA512
a2b15ce8271ba7fdb0cfe511aad3e9ada0057f643b72a0c2c203b3e7b7667d3ea2a598c253ec5324bb360b3a425d5328e9a8437c954503a7bbd4c76a7464e2a5

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\Global.sr

Filesize
9.7MB

MD5
01b7f9b1e6be21cef8e351e102295833

SHA1
e9235351408552deb712908555d5c9568e83fd66

SHA256
45b7dd4d2a5fec2ea7441a51cfb82d3d6b0034488ef73581e48ec8b02a489db7

SHA512
7bc51aab59fe2f8de0a5024515cfbf08d13dbe65c93c5ea8119d5e768d72791deb0f21c0d5ce52bfaf530acf99f4e7fa8ecc0708ea1d82fec4e348c210a10975

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\LicenseControllerCOM.dll.manifest

Filesize
4KB

MD5
bd34ce40cf8d5b6d5dfa156f9ee5d74f

SHA1
e2f59c7e215e6c70a4df133b2b425928ed48924f

SHA256
e0b4ce14304b7b073ec0ea1dbcdde35eb9e687dbe820f0e9de66aa8ced86fea0

SHA512
ddcb1e0968b8fb658c6c82f1fc99c8ee935d5d94a93f3760407fc510b412551ad95d8dfb8255bee3a9feba8ab746e2348476854aa6d42ea5b145512a727611c6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\LogControllerCOM.dll.manifest

Filesize
1KB

MD5
74d1cd94aee341acd8a8bc9c169fa693

SHA1
4bcedfd0c6740929412116e82625c3fc5e8d9345

SHA256
5e258dbfa196f598f7122669a82d0f40c8b0aba59e4729219c28c70d3a5e9814

SHA512
52f3d9c31ad5e08ca354d489f42854abbd8a9461cec5ec8388b99e6a9bab38fa8736ed700c590852dd0407832851bd2dda8f655bc0e4111dc42154b8135f90b1

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\PoliciesControllerCOM.dll.manifest

Filesize
4KB

MD5
84aa952c1092b4f21e7de772b2beb84b

SHA1
1cc4f00e877a63b4424f88704bb803c2c81e14d4

SHA256
f132b0928efd0cf60aa38c3b149661c2c8ca35c27741c20f21c7aca78735762c

SHA512
a925385671132d9a13a28f5522f7d32682fa3d2785026c7f6809367bbab2b3f1e17a7cd694ee7d78cb4d3f2583f1df71015cde3583a2d4c1071531b8536253ab

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\Readme.txt

Filesize
1KB

MD5
0d385c53dcf5e3967e52b88dab54ab1e

SHA1
0b3b3582bd8289983fc50622bf3e5a25a4a161fe

SHA256
2a91ed2432efaf5f6363021e2b22b09aa4c1e8935da7ac0ec3001d4ad88c4863

SHA512
6d464609073186a8b101d1ea8f0030b26c6a93ff5eb51fe5a39cce5a26323130b332f12f7532710c0f5000d781a413899a65e8de65f7f4a43e8e9098e961d345

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\SampleCustomRules.json

Filesize
1KB

MD5
4b4a0333c35c5c74fc2aa8e5b88306c9

SHA1
6df763dfffb8edb5252591c39b79caf1944d2b3b

SHA256
ecd0966a3207ab826c68900af9df643fda7924972c009f882d9af82d4373b56d

SHA512
fc1e38cf5cd38e5be31a4eb09e630276c6f5f3c013d35d3623e53ea8372126a36c465a1e2b844d2129d0992ba61f2651083375e3f5ea6720486834cc510405e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\SampleExclusionList.json

Filesize
724B

MD5
0e22b6df86157fec2e460e1acbc5e6d1

SHA1
5310ea3fc451cc21a146a781f1b217f6f522cfe8

SHA256
58402859a76113aac4c25d8d284a861149a9b23fe4a3dec6539e80e106a36147

SHA512
d892ba692b19c403b8656324bd204b4a293841e4a71796bb435934165d33f7e95681ade3806090aedee3bdf66ff84bf85a586bdd7ce7cf3adab508d74bb90062

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\ScanControllerCOM.dll.manifest

Filesize
15KB

MD5
368f781319a81a65014e1817d8fa359d

SHA1
0f66746242b3c9fb5712aa6ad057871ac1efb3aa

SHA256
fa335629c9cc42ff3a888576f482c209992229e74eace15ef05c251e6e956d0d

SHA512
4008aac402d8a2986bbab3aa74c986e61262835ffb174aee497c9c3fd9733d2168b59c9041e1f5494e6d293b466cabfa91643fda51f80c31b4cf11798d0a4777

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\TelemetryControllerCOM.dll.manifest

Filesize
4KB

MD5
bf66bdce08c789e1ecb38a845938affb

SHA1
364a50e881cd07d111d47888b3942b171640d39f

SHA256
881bfee2d3a04f279b1d9489e00aefc9c5d67bafc76c7aac1d9850065a833019

SHA512
1998129c73e169f634974bf180b12067f77b6d383d3dbd1997c39e627a2d3ef99bb45b570cffd97b8587dfc95b5698ffb5532d4a93c388de44701b62f10c5649

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\UpdateControllerCOM.dll.manifest

Filesize
4KB

MD5
cbe929df34a8b15bc4a680fadd91f331

SHA1
a0742098cceda05835a1ac816f0fbec6af87d153

SHA256
20d1948bd1fa732ab3296629f6d67a09a19336dbcec21ad1b8ae3b101caabbc3

SHA512
775d8f532cd1e9dfbed043d229d095b29ea09a72a03244592ed9111faf8a788e10e56282320961c30f171e4a27f44440988e77193323cea715364d836d4dcd14

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\cfg.bin

Filesize
650B

MD5
5fb3d7664741a602b36225731bb5ff10

SHA1
392569b660f8b0496de7d7a2211729b13ec285d6

SHA256
c1ff7d52b12c8c2280b3e11572bb97f0d084e40ceb9f575b7c21feb0f7c26180

SHA512
86c6897e877fa92c005b93550f3bd43395a643fa5d9340b527471a1ecbf3abd9216bd53b7c33a18a4466e320d301d52410b349c0891cf7fe1d6337600da99343

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\mbbrsyscheck.exe

Filesize
196KB

MD5
001a364164258c302a3121304e93e6b4

SHA1
a8acead2242ce06ae637b0f49639b9a9479a66e1

SHA256
6722d5d84bdf40bbf07f2201d0fac235b5d70e52f21de5c9a36a96bad0264e14

SHA512
388d2efc94a5f7882b12f07a8bb36bd1ecff13831b2b0e44c3e2d787326a0e5d21e8745b5b8137d01b76a721c66afbe674f3d4aa24cc2837ee8da8c1982cb744

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\Win32\Release\mbbrsyscheck.exe

Filesize
196KB

MD5
001a364164258c302a3121304e93e6b4

SHA1
a8acead2242ce06ae637b0f49639b9a9479a66e1

SHA256
6722d5d84bdf40bbf07f2201d0fac235b5d70e52f21de5c9a36a96bad0264e14

SHA512
388d2efc94a5f7882b12f07a8bb36bd1ecff13831b2b0e44c3e2d787326a0e5d21e8745b5b8137d01b76a721c66afbe674f3d4aa24cc2837ee8da8c1982cb744

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\win32\release\mbbrsyscheck.exe

Filesize
196KB

MD5
001a364164258c302a3121304e93e6b4

SHA1
a8acead2242ce06ae637b0f49639b9a9479a66e1

SHA256
6722d5d84bdf40bbf07f2201d0fac235b5d70e52f21de5c9a36a96bad0264e14

SHA512
388d2efc94a5f7882b12f07a8bb36bd1ecff13831b2b0e44c3e2d787326a0e5d21e8745b5b8137d01b76a721c66afbe674f3d4aa24cc2837ee8da8c1982cb744

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\7z.dll

Filesize
1.6MB

MD5
ab8f0c1a37c0df5c8924aab509db42c9

SHA1
53dba959124e6d740829bda2360e851bcb85cce8

SHA256
6e223b275b84d948cc5ae1f161f0bfff2adb34de04634c84d7dbe9305a4998d5

SHA512
ff8a26e8fd5a08c74e5ba93a564e0d3cd932754e7f06993a365bfad06670497889e69ec45bfba1378040b72f82d468e79682beba2439937bb29d2a41da940d4a

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\Actions.dll

Filesize
4.9MB

MD5
3145953b1343cd1e0e50aac256597f37

SHA1
8536cd7862518c12b265f3da53f59c89d4902328

SHA256
1f727e38144d1ef617f63d0ec26c9802f1c6947f9b87351d987265dec65521a7

SHA512
57f77fb925a36ede436d355543d633ff506fb127900e360c8acb317b0553e972888f946242cc7a7827272e4343a473db1252e818935ed177c3b2e446de066f44

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\ActionsAssociations

Filesize
3KB

MD5
0f9f9c709b17e377b598904b4c9e1630

SHA1
44387f6d28a21ca466c2168dbfe4e5791e9219a4

SHA256
db4a843813a8e250da2df209c173e366586ad7af006eaff015fd6c4c87c3a392

SHA512
cba6f0ee8eb4eaf3a953181116739565e3a442537f6e48f636a565a08b00f407702f275d97e184583fec99d99f855756a120c7de996a60dcabb875e07453b366

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\ActionsShim.dll

Filesize
2.4MB

MD5
ffdb25af2453f72844074916e2bd5e8c

SHA1
cf395d85022a20d86b80b67fa14c8c231a0b259a

SHA256
b628f35b554d3d351b1aef2865fb7d2de5bbe7d4da7376c0b7748780dd00945b

SHA512
0877b10c0c88d0d795bfe55cea93735b09545a9bc69161803321420b321f0b704b425ad28e855b5d1203256204f25850e70c0938af047d0e1001636961e86a4b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\BrowserSDKDLL.dll

Filesize
5.7MB

MD5
61078c78907477234c5441ea06ca2196

SHA1
435a3a780cc797f3a111a8bc01e163ebc73217fe

SHA256
35773aeecd154a83268ed7b2a93d972be9afeb4754483244256dc7dde4c25f0f

SHA512
ad3b1cacfe1ce0136cd35591fafeb6907f4a43b173d0171da418d6b176c2911d557d0763f97ac6170dcc9e2ebff3047375de80d02aadd12a8c50104faf52ebc8

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\BrowserSDKDLLShim.dll

Filesize
2.4MB

MD5
3445c9c926a5a46f0e3846af7c316e9a

SHA1
575eda84135a7e9c050e5faaa3b74ddb814ce597

SHA256
d481cb5ebd3c764db593185a39069555ca86e88c90fa38a86364ea4611700f2f

SHA512
db241fc45ac5be97c4e5719b103d2f62abaa1cbf1e94b48d5212b3ea1fe50c4788eb7981db784b6541da494efff227729057f9ba40efe6fb05a524a7bfde54e5

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\CleanControllerCOM.dll

Filesize
3.0MB

MD5
f7a3b0fa30bd9f2ff786431e5f3bcbe3

SHA1
d44a1f607d9c99c9be363d81d12406cee886e7dd

SHA256
e5c393934a2a4bb41db3d4e70154da44ec373dddea3486c79fcba2334eb85fb0

SHA512
0c6bae60c9156e295f4b176f776ba285e1bc3d34891927e21909fcfbc3f88e8df8406aab8ad61a3a02e9a1aa5d9d634b674e89f1b1ed873409a74d646d4ebbb8

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\CleanControllerCOM.dll.manifest

Filesize
6KB

MD5
beaca8c1fe93250c675e237b0497fd74

SHA1
132b847a644774fc99c6979e5a89d9cfc22aab4e

SHA256
d522c8be68c6c7c7126c495cab12f07576f092c5b96688f28b730b55dff5feab

SHA512
6225461ac2f91e84fd9b4aee85eef11f7c720ebdf13393208b880e3b0eae5425012b4321f676e8db8fc22339bd0947b7501c4e51c007f266e977ee1179db0639

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\CleanControllerImpl.dll

Filesize
6.8MB

MD5
4bdba516a3bf2dbec97b78acce7d206a

SHA1
6baa8a3327474ee9b5a0e2bb6448dfcdb9049daf

SHA256
0cf1c7ece4990c1fbde12ffa6cd39b4005ef984ed8ea8b1c36bc9b2010a49668

SHA512
86f7b73f8fe44c26c561053b78c42798399a1072e7f295efe23dc9106377ec02232fd53651d9eab402203a6a5ba1380c56afdf48fe5ca3d26f6e6b0a5a3df970

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\CloudControllerCOM.dll

Filesize
2.7MB

MD5
736583e0872524c7f251d28c9eecf401

SHA1
19194a16bfb7073ffb465e8da115e94a73c8765e

SHA256
9f23d83e6af696040d35131f076d6afa937dff604cbc24e31084b6e3e8aba1d4

SHA512
3e09f25f5b30841b2484ed981149e144a2e43bac2d83711805d6e7b99b70db0f6be7a7c52e7d9a07e3e7319498e9423583836a87a54925e59ad56e32d7f1370c

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\CloudControllerCOM.dll.manifest

Filesize
1KB

MD5
8b671a26c2370fab728e9c7b031d742f

SHA1
0553bb172b9d01be688066a117179f146ad07749

SHA256
a0b9a5a4494bb7c29cafe7ff3a1b29450b0a4fb16c3ee20f38951dcec5f1fd82

SHA512
7fad4e91b9ccaa20c260d70c98396788ea24d34e60a489bc59408eb477a12ff0c69af84eeac16bf3565e488b1260c42dde19a84ec12ca7b7afc7812dcef577c5

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\CloudControllerImpl.dll

Filesize
4.8MB

MD5
bc160d96eccab45f41ad4534dc742a54

SHA1
b114af1f10b1e6447801610698f68d00c3af7310

SHA256
e0813beca629c52671a59fcafd5c60b514e4858acd233d3aa047156bb59f234b

SHA512
184bee1df20c8c4765ef0f8dd1c0290df73fadc853561bace724d81da3dd5579d33c6d52446518c9d489dac3081837e19ccc3b68e616a3508cb0d920f16998a3

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\Doc\mbmrerr.h

Filesize
18KB

MD5
e91382472def25516e079b14ed18e02e

SHA1
470cee6b5505c3a6405b54eed71085990dda7e3f

SHA256
32d2f37084cb24cd476da2677d02411bad4892a200a5debf352c64ed06a97b22

SHA512
a2b15ce8271ba7fdb0cfe511aad3e9ada0057f643b72a0c2c203b3e7b7667d3ea2a598c253ec5324bb360b3a425d5328e9a8437c954503a7bbd4c76a7464e2a5

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\Global.sr

Filesize
9.7MB

MD5
01b7f9b1e6be21cef8e351e102295833

SHA1
e9235351408552deb712908555d5c9568e83fd66

SHA256
45b7dd4d2a5fec2ea7441a51cfb82d3d6b0034488ef73581e48ec8b02a489db7

SHA512
7bc51aab59fe2f8de0a5024515cfbf08d13dbe65c93c5ea8119d5e768d72791deb0f21c0d5ce52bfaf530acf99f4e7fa8ecc0708ea1d82fec4e348c210a10975

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\LicenseControllerCOM.dll

Filesize
2.9MB

MD5
9c9011054f73d98e830f16727f86f746

SHA1
7af7a486024b4fb583f9bec305b0f6253444b506

SHA256
9bad65821b7e7b281d34a340c6d5300342a97873693433b0e75c1c76e7e61af2

SHA512
5cb10858cccefd60b6721f11de02507861ff19f3b4548426547b47681f8122b0c6271f6da9316793a03f6e6bb3b39b8f8609fa1eae6ee1a1e5e8b441df4ab8be

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\LicenseControllerCOM.dll.manifest

Filesize
4KB

MD5
bd34ce40cf8d5b6d5dfa156f9ee5d74f

SHA1
e2f59c7e215e6c70a4df133b2b425928ed48924f

SHA256
e0b4ce14304b7b073ec0ea1dbcdde35eb9e687dbe820f0e9de66aa8ced86fea0

SHA512
ddcb1e0968b8fb658c6c82f1fc99c8ee935d5d94a93f3760407fc510b412551ad95d8dfb8255bee3a9feba8ab746e2348476854aa6d42ea5b145512a727611c6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\LicenseControllerImpl.dll

Filesize
4.4MB

MD5
4213dfffd3a6873da014561763fcf980

SHA1
f68b76a486b04471f27d76a27682be141f24067c

SHA256
fd3759bc5ed8588fd8aa19d42a1995230dc98e257fb9db5460011e717d0e019f

SHA512
f4de1e6ccb5cc290abc2d06df995ebf73b41276563e5ae9e12c2e8e237b386c0261b5e7047142748dfa3335532ef52d501b61e2155b456a59426b8bc853ccf71

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\LogControllerCOM.dll

Filesize
826KB

MD5
058a1299a9413bea6e9f203bd85bb1dd

SHA1
82c22dee21d64312bf494b0c0eafbcb4019118a6

SHA256
e36d903f521859c367cd8fdab777f81a0cf8a029d94ee74d8ad416c53fb611c5

SHA512
30da2bc70aab62ed23b51d5eebf202c845ddcc6ea4dfffe98912e9258dcc5ad6099f60a4a6d3524f02245788858ef38b2ccda416642db2f941cca045be95f48e

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\LogControllerCOM.dll.manifest

Filesize
1KB

MD5
74d1cd94aee341acd8a8bc9c169fa693

SHA1
4bcedfd0c6740929412116e82625c3fc5e8d9345

SHA256
5e258dbfa196f598f7122669a82d0f40c8b0aba59e4729219c28c70d3a5e9814

SHA512
52f3d9c31ad5e08ca354d489f42854abbd8a9461cec5ec8388b99e6a9bab38fa8736ed700c590852dd0407832851bd2dda8f655bc0e4111dc42154b8135f90b1

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\MBAMCore.dll

Filesize
6.2MB

MD5
fb06b35b3d1dfbc1266dc6ff8893ad2e

SHA1
2788393ff4684ee5e6e7d7f3ae0ffad6c111bbf7

SHA256
24d6b91b2870151c0cdfc0e8049ce02437b1173cbbf0701a786d8c7315774178

SHA512
95069b511c05d12e9cb1780f00a5df216837c08ef8338aa712f4a62c234b29b0e01c823c8db5d858386ec095c0e4fe4f9705803398091193edd8c5b9a5ac7e19

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\MBAMShim.dll

Filesize
2.9MB

MD5
e98091b0b9555fbf400894a47bfa805b

SHA1
3f0315efeb56ef595d3e7f922af932752e9bb810

SHA256
0f471aea80fc5e14a2e91abc76d277485d8484cbd02d0687f9f70f1077da90df

SHA512
70dd0e707ba1a19102b564dd5da74dec50c304ae7924c9485c948722af79969991fa883e00366859300b8fec6749cca7b110b02e34aa9f20affd9a36100fb7d8

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\PoliciesControllerCOM.dll

Filesize
2.8MB

MD5
8e7189e71e9c41b6657822658913c88f

SHA1
c01bbe430cc7536e0c49cd9aea57dfc9aa3e60fe

SHA256
9d997f46f0c6a185efcbc4197a4c7c3ee50af50d81f9b9d62bfc0dd95ded015b

SHA512
b69c0ab10b52f7a43c8850852dc47d1ac274de2cdf2330b62af20f777192c15f233ede79e5b1af5a9a4cfeba36189254a3bf2fb9f779cd08ba4bb4f47540c47e

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\PoliciesControllerCOM.dll.manifest

Filesize
4KB

MD5
84aa952c1092b4f21e7de772b2beb84b

SHA1
1cc4f00e877a63b4424f88704bb803c2c81e14d4

SHA256
f132b0928efd0cf60aa38c3b149661c2c8ca35c27741c20f21c7aca78735762c

SHA512
a925385671132d9a13a28f5522f7d32682fa3d2785026c7f6809367bbab2b3f1e17a7cd694ee7d78cb4d3f2583f1df71015cde3583a2d4c1071531b8536253ab

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\PoliciesControllerImpl.dll

Filesize
4.1MB

MD5
b4d8282a0263d1e0ca084bc8074591e4

SHA1
5543695b603aedd5e7f61b4466f3a35ba8303efc

SHA256
81fc208afe21d25dfe9c03d389e88f76905b6301f744b6bc1390ed23ef359bd0

SHA512
3590fd665e9d4ea466f39eb27024c845051ad42bb86682d6a7d68bc3068c4bf001162fe7f6b9c176ea9aec7e315c9a8c2e143ed536c43b4b04e8646647ecfff1

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\Readme.txt

Filesize
1KB

MD5
0d385c53dcf5e3967e52b88dab54ab1e

SHA1
0b3b3582bd8289983fc50622bf3e5a25a4a161fe

SHA256
2a91ed2432efaf5f6363021e2b22b09aa4c1e8935da7ac0ec3001d4ad88c4863

SHA512
6d464609073186a8b101d1ea8f0030b26c6a93ff5eb51fe5a39cce5a26323130b332f12f7532710c0f5000d781a413899a65e8de65f7f4a43e8e9098e961d345

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\SampleCustomRules.json

Filesize
1KB

MD5
4b4a0333c35c5c74fc2aa8e5b88306c9

SHA1
6df763dfffb8edb5252591c39b79caf1944d2b3b

SHA256
ecd0966a3207ab826c68900af9df643fda7924972c009f882d9af82d4373b56d

SHA512
fc1e38cf5cd38e5be31a4eb09e630276c6f5f3c013d35d3623e53ea8372126a36c465a1e2b844d2129d0992ba61f2651083375e3f5ea6720486834cc510405e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\SampleExclusionList.json

Filesize
724B

MD5
0e22b6df86157fec2e460e1acbc5e6d1

SHA1
5310ea3fc451cc21a146a781f1b217f6f522cfe8

SHA256
58402859a76113aac4c25d8d284a861149a9b23fe4a3dec6539e80e106a36147

SHA512
d892ba692b19c403b8656324bd204b4a293841e4a71796bb435934165d33f7e95681ade3806090aedee3bdf66ff84bf85a586bdd7ce7cf3adab508d74bb90062

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\ScanControllerCOM.dll

Filesize
3.2MB

MD5
0fd784ce7ddcd9600c99e90b53d761da

SHA1
4ce6761e65f0cafebe56d38a39b18a1b3cc564e9

SHA256
4f06ae72b510ad59550e7ee2972ef2c05803d2c2fe699502d34bfa1afd1d68c3

SHA512
e933aae18b961a9ed040a097a6c441dff11f83cf07225f80a1c489889a79b8960e35446f22036e5f51ef0cc08848fcd1a0146e3a67c8841a3e6a651b645b655c

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\ScanControllerCOM.dll.manifest

Filesize
15KB

MD5
368f781319a81a65014e1817d8fa359d

SHA1
0f66746242b3c9fb5712aa6ad057871ac1efb3aa

SHA256
fa335629c9cc42ff3a888576f482c209992229e74eace15ef05c251e6e956d0d

SHA512
4008aac402d8a2986bbab3aa74c986e61262835ffb174aee497c9c3fd9733d2168b59c9041e1f5494e6d293b466cabfa91643fda51f80c31b4cf11798d0a4777

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\ScanControllerImpl.dll

Filesize
5.6MB

MD5
6ae1a0b67168b0778ab21a2c1e3faeff

SHA1
e2cb94c742a0915206c1f2d9ccb61d1eb57420ec

SHA256
d161e5172414eecdda24f0b3a4f82eb45857292d93fba5203007e76b53b9bc2c

SHA512
cb7e16641b4fe31711d9cb7816103b8a2709ba8d0a70344936775d5601161fc0b060616f698a21506d1233b9a70a7c99550fab0aa18c86e72af450ddc183bcbf

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\SelfProtectionSdk.dll

Filesize
3.3MB

MD5
bc53aedbfb4d556014c31b55f2b0f93c

SHA1
de293e932c4b2bf0a223b9c5746db5e58594435b

SHA256
ce8ed991c44674cdd875883c815f7f450912052bade450334491a9b1570a8bd9

SHA512
7a280c2ca1457f079bf6b48e7ff952a63386be67c4da6caa80c57a777fb9b0c7a4a40a381ff739352ce70930e5023bf86294c761e5d38346c4e9b5fa23cbc54a

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\SelfProtectionShim.dll

Filesize
2.8MB

MD5
12b40c4b7e3fda181574e218e88e2e75

SHA1
138b6b1861b2f7007cff20a2e018641b969a9a05

SHA256
fb0fdf281b205a57ad60bd91752b58a79b4a80d87b770a548c384a51dc65f226

SHA512
1569b98632fea8337e3ac5ea95a74fcf89bc9633822295f3778ea9829671bd98d429ed8009848ffe5ae44b831ac79ce897ab71b2ac823d92bb8294e86ebba68b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\Swissarmy.dll

Filesize
3.9MB

MD5
57bd4edc00bfcc94c98bbd7efbc9a2bf

SHA1
07a75ab8181f095a22bd82c969b80692eddd484b

SHA256
159e18af914578759fd62e1eb27a7321febe89d52e93fd500813fa1f64ecc62b

SHA512
b736bd35eec30e30d70e25306ec51857e6da53068f21a5d2713de617c80f98c899d1e1be1636e873e629dca6d623bb000b4466ef0f1eaa2be1076049f3006776

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\SwissarmyShim.dll

Filesize
2.5MB

MD5
8d07eb27aadc92a85f8fbf3231c65f4e

SHA1
fd1334e5a75725d6478512faedeb880bdb5f9aab

SHA256
19d4b7529c8fc22176138cd16baf25eddbd6a31b656c6d59bfd67d39a7444e93

SHA512
f06ac3392f1a61800fd2823fb046af97185b7037fbda3bcb246fb0ba0f8d86222bb5094b6b2571ab5a0a0256643be9f500f5db3d312f7dd4ae3551ddf522c96c

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\TelemetryControllerCOM.dll

Filesize
2.8MB

MD5
bc6d8dc9bc78cc6e623e705ea12f36ee

SHA1
44247c2484de2ad4766c4fd74625f1ad71c52df2

SHA256
91e2911941ad4d5f4a550a59208aa8ef5e7c7431939aa6188f51ae9692dab485

SHA512
283443bd66feaa1a64a7c2999a3749ba797c8108e082edd2e0999ba816f1221fff1b7ed25676bcd376f13ec3303c745cbe3c3333ef966b74b5e0609cd358d3ae

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\TelemetryControllerCOM.dll.manifest

Filesize
4KB

MD5
bf66bdce08c789e1ecb38a845938affb

SHA1
364a50e881cd07d111d47888b3942b171640d39f

SHA256
881bfee2d3a04f279b1d9489e00aefc9c5d67bafc76c7aac1d9850065a833019

SHA512
1998129c73e169f634974bf180b12067f77b6d383d3dbd1997c39e627a2d3ef99bb45b570cffd97b8587dfc95b5698ffb5532d4a93c388de44701b62f10c5649

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\TelemetryControllerImpl.dll

Filesize
5.2MB

MD5
1682cb39775f058dd6e3440483219b44

SHA1
3ba5539331aef75aa75a7f823554860b369813c2

SHA256
71d2d8cf3d6690a5aa9a56b7124b289296dce407dd437de03ba9d6b1f96abf0b

SHA512
04b1421a25ab658a5b6093e2e3170fe51fca6775114fba24d96e09f75a063822ad2bf0343edeeb9654f8ac9723c961199a5a2b6702a29752f8bdd78a20062af1

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\UpdateControllerCOM.dll

Filesize
2.8MB

MD5
9de7afa5fdbbfb0df4eeccfd08fe16bd

SHA1
02a8687caca05a7f0dd29c1da482fb17c6fa3bfb

SHA256
cd8f160fc7dbd9d45c2e9c872789aba17d40a1fbc4a2ae58fc27aaffadc7e428

SHA512
537560478c871a9584e658898cfcd73fb9340ba70160029223e19fb5b5f446ce4b5b0d6caefb947ba768d2ad65ead168ed21c7bacc1fab90bfc8f131ba0d3182

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\UpdateControllerCOM.dll.manifest

Filesize
4KB

MD5
cbe929df34a8b15bc4a680fadd91f331

SHA1
a0742098cceda05835a1ac816f0fbec6af87d153

SHA256
20d1948bd1fa732ab3296629f6d67a09a19336dbcec21ad1b8ae3b101caabbc3

SHA512
775d8f532cd1e9dfbed043d229d095b29ea09a72a03244592ed9111faf8a788e10e56282320961c30f171e4a27f44440988e77193323cea715364d836d4dcd14

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\UpdateControllerImpl.dll

Filesize
4.3MB

MD5
11c9e68151d3eadb3c92f9c53ec0ecb6

SHA1
a94c1f41140735acca6266c613cc555371708da4

SHA256
ec8ca472e3e5dfb3128c48a970841e631a24ff099113b34a36f7f0f1a9568548

SHA512
2f68204343fa682671862ff5012df115424ea08b1ea1580086f811d5a4cee487a0bf6e4e5e48b165cce4f3da3ab8fa7d94d8d7414851cbb8f62890ce22992b48

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\cfg.bin

Filesize
650B

MD5
5fb3d7664741a602b36225731bb5ff10

SHA1
392569b660f8b0496de7d7a2211729b13ec285d6

SHA256
c1ff7d52b12c8c2280b3e11572bb97f0d084e40ceb9f575b7c21feb0f7c26180

SHA512
86c6897e877fa92c005b93550f3bd43395a643fa5d9340b527471a1ecbf3abd9216bd53b7c33a18a4466e320d301d52410b349c0891cf7fe1d6337600da99343

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\ig.exe

Filesize
3.5MB

MD5
30328041aa60db23c9841951357db874

SHA1
d3b2da835784c3dc7b30c40dd38c0f19a469f039

SHA256
f83555c55e648a0e236f32ace1b1009cec4be2694353207cf2c26bbb4fd9f6e5

SHA512
6e06ee1e9458ad1858ed5fea21193d02663e65bcd1806dc1cb987f7303dc5679e7ad85dbab213b05a757521396baaff2371762fc5ea819491eaf39a5395d51e1

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\mbbr.exe

Filesize
6.1MB

MD5
de6b258770c4204114c1433bf03c5169

SHA1
5a5e01c891edc076485f6744fd1f0c17369f7fcf

SHA256
1416498cee5672d5149f4907a63857714e628f6122a73a108e3ce1cd3e74cef3

SHA512
e547de27d8e6787f68ecbab0c713d1a2c9265886f3eb9305ed93b37104e816e1079f2f25078cb2eb541b7259a94a02297f1df5b9f7dc098a5896157106de2613

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\mbbrsyscheck.exe

Filesize
226KB

MD5
d726b8665c890b869f18bb08f9e6e159

SHA1
ff93983bd697ba1b3ea24350891ff65b8f9f3b00

SHA256
87efaf1e7bd56489c63707d285fdb693f2c8644480547b11cbf29f2bfbb74c83

SHA512
c89bb2c9868f580d122632b2688da8d8408ed814f8a063feeee058ae1ba7efb3f3a2ab1dd36feab1b2fa88e53e2c1ed525cdde93fb50287bdd9c72ee7b913eef

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\mbbrupdatr.exe

Filesize
2.6MB

MD5
d3079a012adac81369b77ceb4713b21a

SHA1
722175d5f6407c528fd3f327cab3438dceb9d8db

SHA256
4eede48d78bd1c4df75fc1ed1bc96a43e23a3304112893370e465809b28a739a

SHA512
617759115656d90c985b9d8faa901ddfb633676e5202a26daa4e6437bd21ccd325742e8986d1d4b140244cfba3e0bbdc20391a7760033b245b584657b3c644c6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\offreg.dll

Filesize
114KB

MD5
98541d3e458c4e99aaa4e577d9ae4f57

SHA1
a01ab10c6b2aed6e8bb3dee78bc3ee2529667409

SHA256
b92e71fd0617167d47ad9bfdeb3a52e0d521e62b0e1f13b3a8b848b9342bd6ad

SHA512
61703ea634d5f449c2d333bea3f310008d6b001b2a4b2f2496ee5ba47549ab5773acea5d0aaf52b329e54f304ef5d8e49841c0e2041f408ff0f785686f249677

Download Submit
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\x64\release\sample.dll

Filesize
500KB

MD5
2b313f0dcd3ac51a3917c4eaf93878f1

SHA1
d26d8908a507da898013139a55e607693ecaa2f5

SHA256
79d2389e5f5cf1b15aabe70838d7b4ba3cfecfee7500f51f55ef1b5d30394dfa

SHA512
090256513bc6337d53a8a3abf8ae54fc6faa522518495ce674980c4d3f739a5f1201f3df0f31fc3902ed37bdeab8f004fc30d2ccd0702df6dcc7de161ae772b0

Download Submit