87acaa1fb35b75e7a95fddc163b49482ce618709d6a4403773e154375d73fd71

Analysis

max time kernel
305s
max time network
308s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
09-05-2023 14:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

jetclean-setup.exe
Size

3.6MB
MD5

da369354de604fb590fd424db6e2e9ee
SHA1

5a54180c3a3b001974e7297f13fc3b8b5897e321
SHA256

8c0bc3ebb4330e5c886fe49acc8a631cfcc6a2c848d4b99fadde3a2dc213c56f
SHA512

028b537f2a4ec4a22faf6dc72e4534edc00886f8345cb13535905c9fb35cffea372c6cfa6724d1f5ad852f2deb1ae2b06b66030bc3ed89f6a7253e17833417de
SSDEEP

98304:u1LoJwvXuVix8l6GNh6FkRLaiqQKSshe/IPH:ufe8Slf22awXzIPH

Score

7^/10

bootkit discovery persistence spyware stealer

Malware Config

Signatures

Checks computer location settings 2 TTPs 3 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000\Control Panel\International\Geo\Nation	JetClean.exe
Key value queried	\REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000\Control Panel\International\Geo\Nation	jetclean-setup.tmp
Key value queried	\REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000\Control Panel\International\Geo\Nation	JetCleanInit.exe

Executes dropped EXE 6 IoCs

pid	Process
4032	jetclean-setup.tmp
4288	Upgrade.exe
4236	JetCleanInit.exe
4288	Install.exe
2296	JetClean.exe
400	AutoUpdate.exe

Loads dropped DLL 27 IoCs

pid	Process
4236	JetCleanInit.exe
4236	JetCleanInit.exe
4236	JetCleanInit.exe
2664	regsvr32.exe
4288	Install.exe
4288	Install.exe
4288	Install.exe
4288	Install.exe
4288	Install.exe
4288	Install.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
1040	Process not Found
400	AutoUpdate.exe
400	AutoUpdate.exe
400	AutoUpdate.exe
400	AutoUpdate.exe
400	AutoUpdate.exe

Modifies system executable filetype association 2 TTPs 2 IoCs

persistence

Modify Registry

T1112

Change Default File Association

T1042

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\JetClean Ext Menu	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\JetClean Ext Menu\ = "{4240801E-7B16-4A3F-A89A-E719BE3F9050}"	regsvr32.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081

Registers COM server for autorun 1 TTPs 3 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\InprocServer32	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\InprocServer32\ = "C:\\Program Files (x86)\\BlueSprig\\JetClean\\JetCleanExtMenu_64.dll"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\InprocServer32\ThreadingModel = "Apartment"	regsvr32.exe

Checks for any installed AV software in registry 1 TTPs 5 IoCs

Security Software Discovery

T1063

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Avira\AntiVir Desktop	JetClean.exe
Key opened	\REGISTRY\MACHINE\SOFTWARE\Avira\AntiVir Desktop	JetClean.exe
Key opened	\REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000\Software\Avast Software\Avast	JetClean.exe
Key opened	\REGISTRY\MACHINE\Software\WOW6432Node\Avast Software\Avast	JetClean.exe
Key opened	\REGISTRY\MACHINE\Software\Avast Software\Avast	JetClean.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1067

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	JetClean.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-KQ67P.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-RH8SH.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-P2VMK.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_amd64\is-4CBNJ.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_amd64\is-10J0F.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\unins000.dat	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-L2RHU.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-92PGD.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\Update\Update.tmp	AutoUpdate.exe
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-R69CV.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-CG457.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-Q1941.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-F5NIN.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-H8VPP.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-RD2NH.tmp	jetclean-setup.tmp
File opened for modification	C:\Program Files (x86)\BlueSprig\JetClean\Update\	AutoUpdate.exe
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-4VF8U.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-5T9KN.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-JQ3I9.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-CPNKT.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-VUJH9.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-SDA5Q.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-N01PP.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-6DSRS.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-B8O24.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_x86\is-PKROO.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-GOO5V.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-76I7J.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-4LNHC.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_amd64\is-R9G0T.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-477MH.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-01MPF.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-VLIPJ.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-6QUA8.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-KH8KM.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-HAJD3.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-0JQCP.tmp	jetclean-setup.tmp
File opened for modification	C:\Program Files (x86)\BlueSprig\JetClean\Update\Update.tmp	AutoUpdate.exe
File opened for modification	C:\Program Files (x86)\BlueSprig\JetClean\News.dat	JetClean.exe
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-4T9MQ.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-8RO9O.tmp	jetclean-setup.tmp
File opened for modification	C:\Program Files (x86)\BlueSprig\JetClean\JetCleanInstallBackWork.ini	Install.exe
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-9379I.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-DSUO1.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_x86\is-RJ9HF.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\Update\Update.Ini	AutoUpdate.exe
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-VMNO9.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-VN1S4.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-QDE2L.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-0MDMF.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-HHM1C.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-VMJAO.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-599RA.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-DSKN5.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-V4KLH.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_x86\is-GJSTE.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-LCVGV.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-R80A7.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_amd64\is-38EKC.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\language\is-BTB34.tmp	jetclean-setup.tmp
File opened for modification	C:\Program Files (x86)\BlueSprig\JetClean\unins000.dat	jetclean-setup.tmp
File opened for modification	C:\Program Files (x86)\BlueSprig\JetClean\Update\Update.Ini	AutoUpdate.exe
File created	C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_x86\is-P8I3F.tmp	jetclean-setup.tmp
File created	C:\Program Files (x86)\BlueSprig\JetClean\is-3DAM7.tmp	jetclean-setup.tmp

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win.ini	jetclean-setup.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 5 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\	JetClean.exe
Key queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor	JetClean.exe
Key enumerated	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor	JetClean.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	JetClean.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	JetClean.exe

Modifies registry class 51 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\ = "ImCleanExtMenu 1.0 Type Library"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\0	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\Programmable	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\ = "ICleanExtMenu Class"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\JetClean Ext Menu\ = "{4240801E-7B16-4A3F-A89A-E719BE3F9050}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu.1\CLSID	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\ProgID	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\VersionIndependentProgID	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\InprocServer32\ = "C:\\Program Files (x86)\\BlueSprig\\JetClean\\JetCleanExtMenu_64.dll"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\HELPDIR\ = "C:\\Program Files (x86)\\BlueSprig\\JetClean"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\TypeLib\ = "{BCA80402-76E0-49DD-A823-15DF6AB33FAC}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\TypeLib\Version = "1.0"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu\CurVer	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu\CurVer\ = "JetCleanExtMenu.ICleanExtMenu.1"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\TypeLib	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\TypeLib\Version = "1.0"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu\CLSID	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\VersionIndependentProgID\ = "JetCleanExtMenu.ICleanExtMenu"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\JetClean Ext Menu\ = "{4240801E-7B16-4A3F-A89A-E719BE3F9050}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\FLAGS	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\FLAGS\ = "0"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\0\win64	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu.1	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu\ = "ICleanExtMenu Class"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu\CLSID\ = "{4240801E-7B16-4A3F-A89A-E719BE3F9050}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\TypeLib\ = "{BCA80402-76E0-49DD-A823-15DF6AB33FAC}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\0\win64\ = "C:\\Program Files (x86)\\BlueSprig\\JetClean\\JetCleanExtMenu_64.dll"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\ProxyStubClsid32	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu.1\CLSID\ = "{4240801E-7B16-4A3F-A89A-E719BE3F9050}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\InprocServer32	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\HELPDIR	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\ProxyStubClsid32	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\ = "IICleanExtMenu"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\ProgID\ = "JetCleanExtMenu.ICleanExtMenu.1"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\InprocServer32\ThreadingModel = "Apartment"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\TypeLib	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\JetClean Ext Menu	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\JetClean Ext Menu	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\ = "IICleanExtMenu"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\TypeLib	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu.1\ = "ICleanExtMenu Class"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\TypeLib\ = "{BCA80402-76E0-49DD-A823-15DF6AB33FAC}"	regsvr32.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
4032	jetclean-setup.tmp
4032	jetclean-setup.tmp
4032	jetclean-setup.tmp
4032	jetclean-setup.tmp
4288	Upgrade.exe
4288	Upgrade.exe
4288	Install.exe
4288	Install.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
400	AutoUpdate.exe
400	AutoUpdate.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	4288	Upgrade.exe
Token: SeDebugPrivilege	4236	JetCleanInit.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4032	jetclean-setup.tmp
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe
2296	JetClean.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4288	Install.exe
4288	Install.exe

Suspicious use of WriteProcessMemory 20 IoCs

description	pid	Process	procid_target
PID 3892 wrote to memory of 4032	3892	jetclean-setup.exe	84
PID 3892 wrote to memory of 4032	3892	jetclean-setup.exe	84
PID 3892 wrote to memory of 4032	3892	jetclean-setup.exe	84
PID 4032 wrote to memory of 4288	4032	jetclean-setup.tmp	85
PID 4032 wrote to memory of 4288	4032	jetclean-setup.tmp	85
PID 4032 wrote to memory of 4288	4032	jetclean-setup.tmp	85
PID 4032 wrote to memory of 4236	4032	jetclean-setup.tmp	93
PID 4032 wrote to memory of 4236	4032	jetclean-setup.tmp	93
PID 4032 wrote to memory of 4236	4032	jetclean-setup.tmp	93
PID 4236 wrote to memory of 2664	4236	JetCleanInit.exe	94
PID 4236 wrote to memory of 2664	4236	JetCleanInit.exe	94
PID 4032 wrote to memory of 4288	4032	jetclean-setup.tmp	95
PID 4032 wrote to memory of 4288	4032	jetclean-setup.tmp	95
PID 4032 wrote to memory of 4288	4032	jetclean-setup.tmp	95
PID 4032 wrote to memory of 2296	4032	jetclean-setup.tmp	97
PID 4032 wrote to memory of 2296	4032	jetclean-setup.tmp	97
PID 4032 wrote to memory of 2296	4032	jetclean-setup.tmp	97
PID 2296 wrote to memory of 400	2296	JetClean.exe	102
PID 2296 wrote to memory of 400	2296	JetClean.exe	102
PID 2296 wrote to memory of 400	2296	JetClean.exe	102

C:\Users\Admin\AppData\Local\Temp\jetclean-setup.exe
"C:\Users\Admin\AppData\Local\Temp\jetclean-setup.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3892
- C:\Users\Admin\AppData\Local\Temp\is-SJKFV.tmp\jetclean-setup.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-SJKFV.tmp\jetclean-setup.tmp" /SL5="$8002A,3271862,132096,C:\Users\Admin\AppData\Local\Temp\jetclean-setup.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Drops file in Program Files directory
  - Drops file in Windows directory
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:4032
- - C:\Users\Admin\AppData\Local\Temp\is-34S4D.tmp\Upgrade.exe
    "C:\Users\Admin\AppData\Local\Temp\is-34S4D.tmp\Upgrade.exe" /Upgrade
    3⤵
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:4288
- - C:\Program Files (x86)\BlueSprig\JetClean\JetCleanInit.exe
    "C:\Program Files (x86)\BlueSprig\JetClean\JetCleanInit.exe" /Install
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:4236
  - - C:\Windows\System32\regsvr32.exe
      "C:\Windows\System32\regsvr32.exe" /s "C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64.dll"
      4⤵
      Loads dropped DLL
      Modifies system executable filetype association
      Registers COM server for autorun
      Modifies registry class
      PID:2664
- - C:\Program Files (x86)\BlueSprig\JetClean\Install.exe
    "C:\Program Files (x86)\BlueSprig\JetClean\Install.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Drops file in Program Files directory
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of SetWindowsHookEx
    PID:4288
- - C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe
    "C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe"
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - Checks for any installed AV software in registry
    - Writes to the Master Boot Record (MBR)
    - Drops file in Program Files directory
    - Checks processor information in registry
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SendNotifyMessage
    - Suspicious use of WriteProcessMemory
    PID:2296
  - - C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe
      "C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe" /Check
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Drops file in Program Files directory
      Suspicious behavior: EnumeratesProcesses
      PID:400

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3672

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

T1067

Change Default File Association

T1042

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Credentials in Files

T1081

Discovery

Query Registry

T1012

Security Software Discovery

T1063

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\BlueSprig\JetClean\Install.exe

Filesize
72KB

MD5
dfe5d872f8bfbc88a32e325717dcdc58

SHA1
0380d278e8c45210c8b40e85666429c7ecf30139

SHA256
952f0b73dd5c631693604ac4230e1245f6063393b1f470a794d0d0f95cdcd37a

SHA512
55cd9c70044245125c9f00eb384c7d6c8e3723c8ffa16df9f48903d39b168bf30e6797a2b8e6a432cc4fddeacf3e0c9d86e7c7fc063a8388c536e0a2ce9ec88c

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Install.exe

Filesize
72KB

MD5
dfe5d872f8bfbc88a32e325717dcdc58

SHA1
0380d278e8c45210c8b40e85666429c7ecf30139

SHA256
952f0b73dd5c631693604ac4230e1245f6063393b1f470a794d0d0f95cdcd37a

SHA512
55cd9c70044245125c9f00eb384c7d6c8e3723c8ffa16df9f48903d39b168bf30e6797a2b8e6a432cc4fddeacf3e0c9d86e7c7fc063a8388c536e0a2ce9ec88c

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Install.exe

Filesize
72KB

MD5
dfe5d872f8bfbc88a32e325717dcdc58

SHA1
0380d278e8c45210c8b40e85666429c7ecf30139

SHA256
952f0b73dd5c631693604ac4230e1245f6063393b1f470a794d0d0f95cdcd37a

SHA512
55cd9c70044245125c9f00eb384c7d6c8e3723c8ffa16df9f48903d39b168bf30e6797a2b8e6a432cc4fddeacf3e0c9d86e7c7fc063a8388c536e0a2ce9ec88c

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe

Filesize
3.3MB

MD5
281339b764cc89b87d29f1777cbb2ed8

SHA1
d824adbf1b419a6dc62e88e18058c1d31e70068d

SHA256
31bed96a90b56885a3505b1d9f04122877b4a6b33437a325c990d62b870ce9c1

SHA512
d816559424a23d06ea65ff38477315ca25d6ef8ef8e30d7c4f1cff2c534fdf17f1f7dc87f7b7a22879db24256253f73d5d0af820e9f7c02fc955541989998554

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe

Filesize
3.3MB

MD5
281339b764cc89b87d29f1777cbb2ed8

SHA1
d824adbf1b419a6dc62e88e18058c1d31e70068d

SHA256
31bed96a90b56885a3505b1d9f04122877b4a6b33437a325c990d62b870ce9c1

SHA512
d816559424a23d06ea65ff38477315ca25d6ef8ef8e30d7c4f1cff2c534fdf17f1f7dc87f7b7a22879db24256253f73d5d0af820e9f7c02fc955541989998554

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe

Filesize
3.3MB

MD5
281339b764cc89b87d29f1777cbb2ed8

SHA1
d824adbf1b419a6dc62e88e18058c1d31e70068d

SHA256
31bed96a90b56885a3505b1d9f04122877b4a6b33437a325c990d62b870ce9c1

SHA512
d816559424a23d06ea65ff38477315ca25d6ef8ef8e30d7c4f1cff2c534fdf17f1f7dc87f7b7a22879db24256253f73d5d0af820e9f7c02fc955541989998554

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetCleanComputerExtMenu_64_New.dll

Filesize
102KB

MD5
fa2c23cda373ebe10d0736c2c4bd0c0f

SHA1
c351d6e01c163e37e02ce1ab0b7da3e036b8c8a7

SHA256
d647ef15eb3a6e18bcdb6b3d12df32943a7392aeb4dbce4b60ec0fb8224b9d5c

SHA512
f233ededfe6522ecc0a958be39d98c55b671b1207644b8096d2d6092e6543276abe9b11854d6ad96f8af6ea11608ed11605a96654a2ca42f6b0352cfb86c1690

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetCleanComputerExtMenu_New.dll

Filesize
95KB

MD5
8b7c65e4514d9ac49615eaad7e42e108

SHA1
f29adb98f8f07eae9f0603e6e2560946ef0239ad

SHA256
92c8fdcd9f062f9e88ffea550267bccf8ce93558bf8725ef8d584fe2a4f8c1c3

SHA512
a5f89ded7b875f8b542c59b67326a780d9d23661858cdcc80e829d05fbd0ffb10fb20a1d3f9631d24b7e06a0880e9a7c7f55c21d05c35205e2a50fd0c57c1934

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64.dll

Filesize
113KB

MD5
790bc51683dea35619712c5051876df5

SHA1
7d4df665529c090a28ee2d4a9faf5dcb132c7c45

SHA256
3eb858e3d27d95c49c0a9144727a0ca405f77a1a17efe99f443bc7289500988f

SHA512
e9823e80841a1b2757cb50f9edbffbea0ea27a17eb7b6b852291e09162f5b1320c751cee03a8e90a7e7eb7597ab48f5274b95f9feaddfe3bfda4c6bf197c359b

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64_New.dll

Filesize
113KB

MD5
790bc51683dea35619712c5051876df5

SHA1
7d4df665529c090a28ee2d4a9faf5dcb132c7c45

SHA256
3eb858e3d27d95c49c0a9144727a0ca405f77a1a17efe99f443bc7289500988f

SHA512
e9823e80841a1b2757cb50f9edbffbea0ea27a17eb7b6b852291e09162f5b1320c751cee03a8e90a7e7eb7597ab48f5274b95f9feaddfe3bfda4c6bf197c359b

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_New.dll

Filesize
103KB

MD5
a57a6570cb243fe52cdaf6a2162205d7

SHA1
6a2da1d5403f14054f0ad5b344cf8e819d42ff30

SHA256
738dd81303b26a18b4306a9a28dce154b776c3a62d3a4199da76332bbe547655

SHA512
cbf4f27e6fedcd8f36c56dcb2043f0ddeef522061bcf3aa4efdc166aeb8a878a8ff9bbde5af78f11c0126faafd690e46ff412d5229ef3ddd3e3bef8c65de2664

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetCleanInit.exe

Filesize
40KB

MD5
f51016f539d8dc55eba4e49f43bf6d49

SHA1
64d5d28d28035e29c810e5cae71cac7b2019cc13

SHA256
4fca67a6c15fb99e068a29229bff406387928dd02d621d7129950d027119734c

SHA512
9fa8ab1cc5595039230719458d04551ec7106a72332764434e6d81306dbcd5a60234dd90f8ab55960c345be8f771835bac55ed7c26ba51423d22f171f777aa2c

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetCleanInit.exe

Filesize
40KB

MD5
f51016f539d8dc55eba4e49f43bf6d49

SHA1
64d5d28d28035e29c810e5cae71cac7b2019cc13

SHA256
4fca67a6c15fb99e068a29229bff406387928dd02d621d7129950d027119734c

SHA512
9fa8ab1cc5595039230719458d04551ec7106a72332764434e6d81306dbcd5a60234dd90f8ab55960c345be8f771835bac55ed7c26ba51423d22f171f777aa2c

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\JetCleanInit.exe

Filesize
40KB

MD5
f51016f539d8dc55eba4e49f43bf6d49

SHA1
64d5d28d28035e29c810e5cae71cac7b2019cc13

SHA256
4fca67a6c15fb99e068a29229bff406387928dd02d621d7129950d027119734c

SHA512
9fa8ab1cc5595039230719458d04551ec7106a72332764434e6d81306dbcd5a60234dd90f8ab55960c345be8f771835bac55ed7c26ba51423d22f171f777aa2c

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Arabic.lng

Filesize
66KB

MD5
44fea6c07475924452364ad6452699de

SHA1
f617010da08789d409ad3bc22d79eab827d5687a

SHA256
b8002aaa9d11ea632b9fe58e363bc622b15c5a43b2256a74f5f81f8918ee0a14

SHA512
f3c828b78e209de158179b5bf1aed07a6509e3ee8614ac9ff1db504c2ae146d801f6b089cff9968715fed77fde2a9f2b58e25765af8096e9f08edad5f29f29d8

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Bulgarian.lng

Filesize
73KB

MD5
a935011ab618c48e7fdbafdb970f5599

SHA1
d3f87579d9e73074db0f97a579c372d78ace4095

SHA256
afeb4d03f53f5010a6424097ca38ee6419d07f6ff5841b9a847ae65aea0f3edc

SHA512
4df4b5e8df47050908c73bf72fa59f6402b02aa340928aade903a8e13fa3c30b8f4af924ccd8b74a295f018decae9854537671de5b63964b78e338493f98ea33

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Catalan.lng

Filesize
78KB

MD5
7efd23d8f2fae81538e0f84f0b4a7e9e

SHA1
846692c18bbba792900c7469e77eb47cb374d046

SHA256
579505d12355496d7193457fd51293cee6c67d05cadce92a574f20ceac4fe933

SHA512
89169b81c8ab5bbe6b295f177e0d771e9301b0ccb47576cbe41e7cab9ad4c6c2c1796b3debd11e8069f1a0a74cd5c230ad0bb61d97a1455877a28353e7c70b7a

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\ChineseSimp.lng

Filesize
44KB

MD5
0ac80cc76888cf40f9ce7d721416a4d9

SHA1
eb8f43f46624aa4f8b5a912c6f60e49ff2047b4e

SHA256
a63cca61c84e5513d2522ed2a851ee459dafb35fd98df0056048cb56b7ee9f9b

SHA512
abcac1e7e69776c1dd53057ea33ab1275c475f42a3116a63c267880e368de7fd4e233d27892aed99e22faa48947bee41a5bc24dded8d5a432e6c9fe4e3cfd68a

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\ChineseTrad.lng

Filesize
44KB

MD5
3e5c0a95ada1b2c5e7e972f5131a1337

SHA1
77edd8a0f68afa7c2cee1cb47c0c661ac8316b28

SHA256
945ee6f7b967c836415866fa74e88e6e2210ddcfeaabae2ffab45f98f246c684

SHA512
0bb28b3acdb3da3f9ac2af9546668b60d4e9fa7e33e1e5768f65d6451cf9f607a9f8ac0dceddbd0ef6397e568b86d9fc7ffb79c60c49962fc497ff532fb115d6

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Croatian.lng

Filesize
71KB

MD5
bffeb08ef085b1d5e909e8f34cee7d58

SHA1
a2f50a848fdc0990d864fdeb7f66130051c67e31

SHA256
db5f8b9cdd6f345a55ab52fc498253e98f23435c5e2c3b77a87b39ea585f870d

SHA512
8a2471078daefda8ed9d759fa4853ef984cb04c469a5f86642803560a36d3a1f477e3a4b5541486ae948f4b8a273058ca5b7bf525625e414b807a572ab6ab1de

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Czech.lng

Filesize
69KB

MD5
e98972e0368eb80de08423831d7ceb29

SHA1
b325b7d6ad021a29457fed9ccb7409a0f8a96bb2

SHA256
7bf2e6f351ad5dba2c043995638cb748131c2b8ccd5a990656b4923d1557aa5d

SHA512
9417b27fc810b91667a8cf72ddf2d7a613cc460b8137aadc2784a95147d352d612932407a7310107bea0693d809f2956e47fb7781593260b9e2357503a19783e

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Dutch.lng

Filesize
72KB

MD5
02f7c9e3fee9fde21a58c3b304b253b4

SHA1
feb692e52ca6b0e91035fe001f53079c8053eb19

SHA256
c16b003b6b0ad61c4a521d921c3f3014ef2f45553eb86e360a0e6dae7d9c6928

SHA512
2933148deaeac69108f3f3e8c02696d0d64cd97a561f1a56cdbb7964b979799f881850a7a78daa8865d00481b02562b62f8762199583f3b29afe99de92b9138c

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\English.lng

Filesize
67KB

MD5
22eba2c5d215612056af6de02423a2ac

SHA1
e0bd11e968e6d59618ed6b4436f46458f88b50d8

SHA256
797b301cb30c7adee7564fb7725a40601397b561b7f2b867c173880073c408f3

SHA512
18b2ec78d9af43be4fd2fe5860aef6ca5faf184decc7bf57f05c2c81a29d453c5558c54ec606c2bdfe683bb187c909d6fbb53592b0688e53cad8b4e9ef69efbc

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Estonian.lng

Filesize
67KB

MD5
4571709548b68d0791aa23e9796ef81d

SHA1
7f3423018e17fb902321a7cf394ff732ae86767f

SHA256
f6b79d527c57ff45d55a45777cc53f6a4d71837a7b082762670b0f8c29606c9b

SHA512
d451e5e76e95534df408d5e98957b882e1156f6181a741be0d7cb55609e731d58f2ea25f8d7f05b04d3c00d3c1ea4efdf3e8fc9a0634e28ac86273a67430d84d

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Finnish.lng

Filesize
70KB

MD5
4a56e2ed34c7873068a9614aa6aeb469

SHA1
c76f5d65b0490230f8def58d326ddab4009c7e7e

SHA256
e2b915b0f2ce0f1646ce1d1315862f7443085114ba71e29f0a58aaa467489944

SHA512
0206c4d04c299dd73021bffbd8e02de1ed29f544c51f1a2eb12331a6f4118625cd0db171d9c6f7ba29e6a2a4d50f99ec41d5ab685eb7f50306baf2321cabb733

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\French.lng

Filesize
75KB

MD5
eff7f7cf90e8b0647dfe7a88974e9098

SHA1
e8b92d47e0688aef78b6921702120f56877c1dae

SHA256
10a5aff5d42852c65246936e373a8e246bb48ff78ea0a8a263ff628bc4eef3b0

SHA512
1bce4c64e09a0ac9ea23670680ee71599ba9a643e0b818d83cba81ae0bc31989260cb704b283f545c264a6170bd6a7b7a6f554894988ceb9671212938e01737f

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\German.lng

Filesize
71KB

MD5
db71d7b186f311b4c33ca54060b1b21b

SHA1
7ee3f1e97b43bc625b0af374845f1a289e06f274

SHA256
1cba9f223c59551a8576ebcca0fce593c9e7c4b003bef2fd3032bcc7de1ac191

SHA512
35707148f290a4c9a20f8f972b6ee6d0f380b7827bcdc78dc554be23edab181e6b73ce364e1395cae3647e31899b31f51662cf56877706c41b6813e80eedb6f2

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Greek.lng

Filesize
80KB

MD5
2434f612d0d195fecdba755a54ae858a

SHA1
7e51a3e3d60546daba1efc3b967c244bf6f51b3b

SHA256
ba640fb12b5d3dddfdd9dea8913467b7d37d0d4e655b70bb4751f10e02640449

SHA512
fab314f921a5acf97b9260b0789ffa1a6b110a6d8ca8ecd54b0a1a9b3834325407074702949d89f77d0fc9fc4756e3bedfec285dbcbae3e9d4ee137363cadf58

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Hungarian.lng

Filesize
74KB

MD5
87df6d4b6a93330e0e3a8cae9b880cdf

SHA1
36e87759c0e0049088adcfd7b73881cf97c36833

SHA256
7a508d2981b778cc631879a049a6fb03e29d6027d6f59f468e2afc121b601a15

SHA512
9c9a23aae398155622409aa5c21e0495cd148ec952f1ba13e4aadc5513ef500b47f3e626f6d8c06b606edb8d7695faba7ffd6622350587064b9678a78f1d1264

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Italian.lng

Filesize
73KB

MD5
9d6989f0bbcbcaabf67f6bb1fc454855

SHA1
5c8f7beb82218da0665162d2aae91e786f367c03

SHA256
7250e40dd0470b3c2892d30722fc80eb4fcc53601f2463e72bfbc9246ad63f5c

SHA512
c9374121e00066dd5c019a93568c715501e1f1dae9e02211677b317c957e536ca9f8cd12c22df2fd82f3eed3642459484a7e12cffbc9b119c2959fc959f429c9

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Japanese.lng

Filesize
51KB

MD5
fabba33c8417e0ed0bf75a357483a8a5

SHA1
f9a2154e8f60843a4a6640feb60a8bceb553e11a

SHA256
7788ca5d54a213e522646845d787fa591f04fdb4325044652440b5124e3d95c8

SHA512
cd745c450f943673836d4b657efebf27a81850ed32619e28192a339f5fb25e0f233c979d9ec756a7f8b3a82e63ec0443cc94752a71973ceddd21f1e9a08e3ebc

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Latin American Spanish.lng

Filesize
76KB

MD5
6f581798fbdf5bf85f951059a2b7bcc5

SHA1
6e55bc4bc5412cf120075ed8f4cf9293e179df35

SHA256
234e4ca8a343c05070edc9e9f7fe9bc940d1454b577dec5c87531b4d8cb7e472

SHA512
c4135f79f3044dff1e9946478706a1315434848581cb7a6c5d56c9f43698b7e88837f7b4084b364d3c61f0ac419fbea36bc8e55eb131ca66e0c182c2d36d4deb

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Polish.lng

Filesize
68KB

MD5
22db220be0fda4bfa58d503400214392

SHA1
8e77965827fc7b5bce4f522345a95c35b58e822e

SHA256
651a4425a6df30fa0f704765975421ce631b5d27d2bab80c2f1737bb017047b1

SHA512
61830a5b9bb47fc79ddcdda65fdb42f0673b68f77ff0b8ca62e772c710525c62a8bb0048100154202a84a8df0e11410e7aa8eda98e74804b5f58f8603ae9ac1f

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Portuguese (Brazil).lng

Filesize
71KB

MD5
2ec2c44b82bdc0275a1f5f91a8c1a1eb

SHA1
6428ad5aef99ef898369643bb54029d2050a1b28

SHA256
41a09dd9e4180d66b820b6e52177bd063f38a6c0552b957efbdf041ea055ed10

SHA512
0988d9f6a4523d954f15d29fbaab8ebd4ec3e23a595a831854139e557f1d9d033a7ca99ae09ca677e32bb751120c68460d33bd33270fe8605a1522633218c51e

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Russian.lng

Filesize
72KB

MD5
617fde8e82f3f98559e8d2fbf80c6ee0

SHA1
e6830638a34970cc1b9323f41a56b138d2611cb2

SHA256
2218e6318c35a6eededc7314c12dafe31acc38e0760daac034987c734ae26523

SHA512
a0447c7991dab7da12aff639e766d06e2659899eb57332ea8e0ea9b4c3bef36e0210894929386f9c7c75ab502aa4648679a6af708ed74b1d6fdc8250f92d8296

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Language\Serbian.lng

Filesize
71KB

MD5
6b4b5f830b119a7595a65e58fe5d8641

SHA1
75f515374d4e69eaf1c8f592f2fa79ebdf584d37

SHA256
1bfdf54a848e0f0779da2675ca0715a59120fee31eee2f5a29487485eb27efe0

SHA512
955f1999b432e2fec90cca505bba44ae2ebc9c6554f68c519eddde5dda67df6ceaf337bbae10c8e5d76390431acd702c89bf9637aba6c87883c7bdb12303490c

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\TaskSchedule.dll

Filesize
320KB

MD5
5535d82f9734f9b9668e06a315ee5f1a

SHA1
3a19d27a2eb59abdf8b6dcf15dc7b5b556fc2e23

SHA256
e526c2d1970b285b7870d7f04dd9ebdf21cfb2ef7fa7767bc73425b633d71cf2

SHA512
3c7214edb1f752776843d81cf3323fd61991b6d2f808ed716f1c72a73ada5609615b9c3d3679f4c6f518d16133aa86ec8945c93eaef9142bce8f3daa37c1f5df

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\TaskSchedule.dll

Filesize
320KB

MD5
5535d82f9734f9b9668e06a315ee5f1a

SHA1
3a19d27a2eb59abdf8b6dcf15dc7b5b556fc2e23

SHA256
e526c2d1970b285b7870d7f04dd9ebdf21cfb2ef7fa7767bc73425b633d71cf2

SHA512
3c7214edb1f752776843d81cf3323fd61991b6d2f808ed716f1c72a73ada5609615b9c3d3679f4c6f518d16133aa86ec8945c93eaef9142bce8f3daa37c1f5df

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\Update\Update.Ini

Filesize
604B

MD5
d51d4075d4f72b4d5d6640ccf1357fed

SHA1
f6c644cb520b536668d9ac35772b5a83adebab05

SHA256
06226c82fa3b12e246adca51808a42f060b0cd0eca4fa65cec30adbbe0089bd2

SHA512
35a07ce6e1a111b579564a499b3e3102c0ca7c82c34e698485cd358cdb648f9777ba003932bc14f305735d7409059b6a6576c6e09d3339d2aefa079dffca4563

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\language\Estonian.lng

Filesize
67KB

MD5
4571709548b68d0791aa23e9796ef81d

SHA1
7f3423018e17fb902321a7cf394ff732ae86767f

SHA256
f6b79d527c57ff45d55a45777cc53f6a4d71837a7b082762670b0f8c29606c9b

SHA512
d451e5e76e95534df408d5e98957b882e1156f6181a741be0d7cb55609e731d58f2ea25f8d7f05b04d3c00d3c1ea4efdf3e8fc9a0634e28ac86273a67430d84d

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\madBasic_.bpl

Filesize
183KB

MD5
7069077b487628852419dcb456dd9c60

SHA1
c600d738881a3080a6539373ebf9544889b218ff

SHA256
0b5bada74753a942a9430fe5673222c2e806086bf1fc548c4e9a06d36580bb7a

SHA512
dfab188900687e226a081b16e8cd72cb6c92c0ed8e4f6ecd90709113dfd911bf87d37fa7e0947168c7de6fd0a3f6b37516e2e2a546b2ab14d3ec3d87ef784efc

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\madDisAsm_.bpl

Filesize
50KB

MD5
5e5c9ce6a138768a52a2e4cf91efd0a5

SHA1
970d7a5dd4c119071345a1e65217caf90c9c910d

SHA256
fedb0099c1eece4f994776a96a8a48f16c5f4f45245ee14ec4030b59bd2fe4ef

SHA512
80c20a5522ac1caed634125e844347816e3c96c58b9510841b5a0495867dbc74444a2a6f690f3a2f6f6c976c04b4a5751f4d85a7a86e6ce8bfbb3ae8ded8d2c6

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\madExcept_.bpl

Filesize
354KB

MD5
cb212d0fc80a5491eb459dbce25995aa

SHA1
35ddd3584cf1174af4dfb076a7e07ae06e755eb1

SHA256
c1d93ff389c04983e84cd9b92f8d49a572264ccaf7cbc18ecec76a10ec5eaeb4

SHA512
df5bd6c9f6ae976755c9e340f1b1eb1dce109709c759d1117b253c08d15db5e14f2cf7a9c3e53105d9c482f4ca3309902e58d55fab295109d988c9aa04a3e6b0

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\madbasic_.bpl

Filesize
183KB

MD5
7069077b487628852419dcb456dd9c60

SHA1
c600d738881a3080a6539373ebf9544889b218ff

SHA256
0b5bada74753a942a9430fe5673222c2e806086bf1fc548c4e9a06d36580bb7a

SHA512
dfab188900687e226a081b16e8cd72cb6c92c0ed8e4f6ecd90709113dfd911bf87d37fa7e0947168c7de6fd0a3f6b37516e2e2a546b2ab14d3ec3d87ef784efc

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\madbasic_.bpl

Filesize
183KB

MD5
7069077b487628852419dcb456dd9c60

SHA1
c600d738881a3080a6539373ebf9544889b218ff

SHA256
0b5bada74753a942a9430fe5673222c2e806086bf1fc548c4e9a06d36580bb7a

SHA512
dfab188900687e226a081b16e8cd72cb6c92c0ed8e4f6ecd90709113dfd911bf87d37fa7e0947168c7de6fd0a3f6b37516e2e2a546b2ab14d3ec3d87ef784efc

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\maddisAsm_.bpl

Filesize
50KB

MD5
5e5c9ce6a138768a52a2e4cf91efd0a5

SHA1
970d7a5dd4c119071345a1e65217caf90c9c910d

SHA256
fedb0099c1eece4f994776a96a8a48f16c5f4f45245ee14ec4030b59bd2fe4ef

SHA512
80c20a5522ac1caed634125e844347816e3c96c58b9510841b5a0495867dbc74444a2a6f690f3a2f6f6c976c04b4a5751f4d85a7a86e6ce8bfbb3ae8ded8d2c6

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\maddisAsm_.bpl

Filesize
50KB

MD5
5e5c9ce6a138768a52a2e4cf91efd0a5

SHA1
970d7a5dd4c119071345a1e65217caf90c9c910d

SHA256
fedb0099c1eece4f994776a96a8a48f16c5f4f45245ee14ec4030b59bd2fe4ef

SHA512
80c20a5522ac1caed634125e844347816e3c96c58b9510841b5a0495867dbc74444a2a6f690f3a2f6f6c976c04b4a5751f4d85a7a86e6ce8bfbb3ae8ded8d2c6

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\maddisAsm_.bpl

Filesize
50KB

MD5
5e5c9ce6a138768a52a2e4cf91efd0a5

SHA1
970d7a5dd4c119071345a1e65217caf90c9c910d

SHA256
fedb0099c1eece4f994776a96a8a48f16c5f4f45245ee14ec4030b59bd2fe4ef

SHA512
80c20a5522ac1caed634125e844347816e3c96c58b9510841b5a0495867dbc74444a2a6f690f3a2f6f6c976c04b4a5751f4d85a7a86e6ce8bfbb3ae8ded8d2c6

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\madexcept_.bpl

Filesize
354KB

MD5
cb212d0fc80a5491eb459dbce25995aa

SHA1
35ddd3584cf1174af4dfb076a7e07ae06e755eb1

SHA256
c1d93ff389c04983e84cd9b92f8d49a572264ccaf7cbc18ecec76a10ec5eaeb4

SHA512
df5bd6c9f6ae976755c9e340f1b1eb1dce109709c759d1117b253c08d15db5e14f2cf7a9c3e53105d9c482f4ca3309902e58d55fab295109d988c9aa04a3e6b0

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\madexcept_.bpl

Filesize
354KB

MD5
cb212d0fc80a5491eb459dbce25995aa

SHA1
35ddd3584cf1174af4dfb076a7e07ae06e755eb1

SHA256
c1d93ff389c04983e84cd9b92f8d49a572264ccaf7cbc18ecec76a10ec5eaeb4

SHA512
df5bd6c9f6ae976755c9e340f1b1eb1dce109709c759d1117b253c08d15db5e14f2cf7a9c3e53105d9c482f4ca3309902e58d55fab295109d988c9aa04a3e6b0

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\rtl120.bpl

Filesize
1.0MB

MD5
d5ff9181332c3f6b810bb50487093aac

SHA1
8434d4c6679ee48da5c54d9af2c83734056ac24c

SHA256
fe0de697a010bb9600c88a61a2857321ccf054438ebc961a543489c487f3a108

SHA512
9a6a97506c656d7dab3c361559796f5eaffd28ca468e223e124a6819e6aef9c15ce26e5581602c1b8f4e94d0c9e4d34283b5bf8a6e9a5035a01ab0c4db35e7b5

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\rtl120.bpl

Filesize
1.0MB

MD5
d5ff9181332c3f6b810bb50487093aac

SHA1
8434d4c6679ee48da5c54d9af2c83734056ac24c

SHA256
fe0de697a010bb9600c88a61a2857321ccf054438ebc961a543489c487f3a108

SHA512
9a6a97506c656d7dab3c361559796f5eaffd28ca468e223e124a6819e6aef9c15ce26e5581602c1b8f4e94d0c9e4d34283b5bf8a6e9a5035a01ab0c4db35e7b5

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\rtl120.bpl

Filesize
1.0MB

MD5
d5ff9181332c3f6b810bb50487093aac

SHA1
8434d4c6679ee48da5c54d9af2c83734056ac24c

SHA256
fe0de697a010bb9600c88a61a2857321ccf054438ebc961a543489c487f3a108

SHA512
9a6a97506c656d7dab3c361559796f5eaffd28ca468e223e124a6819e6aef9c15ce26e5581602c1b8f4e94d0c9e4d34283b5bf8a6e9a5035a01ab0c4db35e7b5

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\rtl120.bpl

Filesize
1.0MB

MD5
d5ff9181332c3f6b810bb50487093aac

SHA1
8434d4c6679ee48da5c54d9af2c83734056ac24c

SHA256
fe0de697a010bb9600c88a61a2857321ccf054438ebc961a543489c487f3a108

SHA512
9a6a97506c656d7dab3c361559796f5eaffd28ca468e223e124a6819e6aef9c15ce26e5581602c1b8f4e94d0c9e4d34283b5bf8a6e9a5035a01ab0c4db35e7b5

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\rtl120.bpl

Filesize
1.0MB

MD5
d5ff9181332c3f6b810bb50487093aac

SHA1
8434d4c6679ee48da5c54d9af2c83734056ac24c

SHA256
fe0de697a010bb9600c88a61a2857321ccf054438ebc961a543489c487f3a108

SHA512
9a6a97506c656d7dab3c361559796f5eaffd28ca468e223e124a6819e6aef9c15ce26e5581602c1b8f4e94d0c9e4d34283b5bf8a6e9a5035a01ab0c4db35e7b5

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\sqlite3.dll

Filesize
563KB

MD5
1088cd9f04933e8252d27fa9e143a8a3

SHA1
41057d60e989b0680bab87feda418ad316124828

SHA256
3c7ab7c15a7481b0d4e41e35af893d91801b5a27469f868a4f9e5d54b035fa7a

SHA512
bdbf8df8e728bd24e47f17d8091aabb895877735fc687786b49e436e40219a7be9dbeba739a58475d7beb9fdd0d25d7f5fb532eb551cad6f9da8c222474970f2

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\sqlite3.dll

Filesize
563KB

MD5
1088cd9f04933e8252d27fa9e143a8a3

SHA1
41057d60e989b0680bab87feda418ad316124828

SHA256
3c7ab7c15a7481b0d4e41e35af893d91801b5a27469f868a4f9e5d54b035fa7a

SHA512
bdbf8df8e728bd24e47f17d8091aabb895877735fc687786b49e436e40219a7be9dbeba739a58475d7beb9fdd0d25d7f5fb532eb551cad6f9da8c222474970f2

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\vcl120.bpl

Filesize
1.9MB

MD5
b416e01e0c53e3247cf05a017aa855cb

SHA1
4d8814bfba9bd8fab7c4302b130d477b3cd87461

SHA256
81e562e394da8ab00f6f9330ae12c01c4d610e5d86bcabebe87363fae25ea6b7

SHA512
87cf6f691a405f0b0cc05bb5fe0e480cc9f58988ff4f07dfc93bb9a5abcd4e6c62f9819b70b2b1863d948df13d0f022ab7fec21daea553e6f4847debfb815805

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\vcl120.bpl

Filesize
1.9MB

MD5
b416e01e0c53e3247cf05a017aa855cb

SHA1
4d8814bfba9bd8fab7c4302b130d477b3cd87461

SHA256
81e562e394da8ab00f6f9330ae12c01c4d610e5d86bcabebe87363fae25ea6b7

SHA512
87cf6f691a405f0b0cc05bb5fe0e480cc9f58988ff4f07dfc93bb9a5abcd4e6c62f9819b70b2b1863d948df13d0f022ab7fec21daea553e6f4847debfb815805

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\vcl120.bpl

Filesize
1.9MB

MD5
b416e01e0c53e3247cf05a017aa855cb

SHA1
4d8814bfba9bd8fab7c4302b130d477b3cd87461

SHA256
81e562e394da8ab00f6f9330ae12c01c4d610e5d86bcabebe87363fae25ea6b7

SHA512
87cf6f691a405f0b0cc05bb5fe0e480cc9f58988ff4f07dfc93bb9a5abcd4e6c62f9819b70b2b1863d948df13d0f022ab7fec21daea553e6f4847debfb815805

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\vcl120.bpl

Filesize
1.9MB

MD5
b416e01e0c53e3247cf05a017aa855cb

SHA1
4d8814bfba9bd8fab7c4302b130d477b3cd87461

SHA256
81e562e394da8ab00f6f9330ae12c01c4d610e5d86bcabebe87363fae25ea6b7

SHA512
87cf6f691a405f0b0cc05bb5fe0e480cc9f58988ff4f07dfc93bb9a5abcd4e6c62f9819b70b2b1863d948df13d0f022ab7fec21daea553e6f4847debfb815805

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\vcl120.bpl

Filesize
1.9MB

MD5
b416e01e0c53e3247cf05a017aa855cb

SHA1
4d8814bfba9bd8fab7c4302b130d477b3cd87461

SHA256
81e562e394da8ab00f6f9330ae12c01c4d610e5d86bcabebe87363fae25ea6b7

SHA512
87cf6f691a405f0b0cc05bb5fe0e480cc9f58988ff4f07dfc93bb9a5abcd4e6c62f9819b70b2b1863d948df13d0f022ab7fec21daea553e6f4847debfb815805

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\vclx120.bpl

Filesize
210KB

MD5
2cccf0e0c522a7faa65c0347cdfb410a

SHA1
aa3aa425b7a11e63cacb9a378b7ca2daa0dc4c26

SHA256
9b2eb6f1f46f33e0162d1601b3b18875918c142496514c27040a1e4eed2ba6fe

SHA512
f5848cf57159dde8d59813a8bf67aed297c26f328125b8e7c281bdb604662e7377dbd41e5bd29e2b27772db82d4a56f7475b7bfca1680fa5ebcfb666a7800428

Download Submit
C:\Program Files (x86)\BlueSprig\JetClean\vclx120.bpl

Filesize
210KB

MD5
2cccf0e0c522a7faa65c0347cdfb410a

SHA1
aa3aa425b7a11e63cacb9a378b7ca2daa0dc4c26

SHA256
9b2eb6f1f46f33e0162d1601b3b18875918c142496514c27040a1e4eed2ba6fe

SHA512
f5848cf57159dde8d59813a8bf67aed297c26f328125b8e7c281bdb604662e7377dbd41e5bd29e2b27772db82d4a56f7475b7bfca1680fa5ebcfb666a7800428

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-34S4D.tmp\Upgrade.exe

Filesize
520KB

MD5
304f79a27a3d7815f18a001497ebe499

SHA1
1cfc544b9edc4e1b01977ed05dbc01b624ef9390

SHA256
7f7744e98b3836f11433d6b0a7f75a6aa896bdacf6081c0587f12fbd2d2fc96b

SHA512
7591f22c3c3ee9fa4158cbafa22172134df847b1ce560a35b2f84eca68ed511ac3b068cf87ec65cf69d0cbf5c8d451efb79663a66b047befcbecf3866eb011d4

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-34S4D.tmp\Upgrade.exe

Filesize
520KB

MD5
304f79a27a3d7815f18a001497ebe499

SHA1
1cfc544b9edc4e1b01977ed05dbc01b624ef9390

SHA256
7f7744e98b3836f11433d6b0a7f75a6aa896bdacf6081c0587f12fbd2d2fc96b

SHA512
7591f22c3c3ee9fa4158cbafa22172134df847b1ce560a35b2f84eca68ed511ac3b068cf87ec65cf69d0cbf5c8d451efb79663a66b047befcbecf3866eb011d4

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-34S4D.tmp\Upgrade.exe

Filesize
520KB

MD5
304f79a27a3d7815f18a001497ebe499

SHA1
1cfc544b9edc4e1b01977ed05dbc01b624ef9390

SHA256
7f7744e98b3836f11433d6b0a7f75a6aa896bdacf6081c0587f12fbd2d2fc96b

SHA512
7591f22c3c3ee9fa4158cbafa22172134df847b1ce560a35b2f84eca68ed511ac3b068cf87ec65cf69d0cbf5c8d451efb79663a66b047befcbecf3866eb011d4

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-SJKFV.tmp\jetclean-setup.tmp

Filesize
1.1MB

MD5
515916fe3d90ed815237b586da31a560

SHA1
176a9b467966ffee6d18a5d77a980c6e0d412ba6

SHA256
7f937433ca6ee358f8bc4d7318c28713f1ed53174e49743e3c9e4fabeb091b5e

SHA512
b275441e3f705f1f66a9325d0482e5ec88703f399fa3e673cf7e9a07642bf4448db5f56c25517974fb0481ba22ccfd6996e5a5577e16f4fb903e5076f34cca0e

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-SJKFV.tmp\jetclean-setup.tmp

Filesize
1.1MB

MD5
515916fe3d90ed815237b586da31a560

SHA1
176a9b467966ffee6d18a5d77a980c6e0d412ba6

SHA256
7f937433ca6ee358f8bc4d7318c28713f1ed53174e49743e3c9e4fabeb091b5e

SHA512
b275441e3f705f1f66a9325d0482e5ec88703f399fa3e673cf7e9a07642bf4448db5f56c25517974fb0481ba22ccfd6996e5a5577e16f4fb903e5076f34cca0e

Download Submit
C:\Users\Admin\AppData\Roaming\BlueSprig\JetClean\Config.ini

Filesize
89B

MD5
bf61737f67011b40c63f64f56be35c73

SHA1
02c4d0104f70fd62597a2b8e314e0f2c2915d00e

SHA256
b1e6450e6dd3aa646aa7a6809003ca66e16c2545d9650271ef34041817b47df3

SHA512
4fcd692d8e444e72f3add29b54e87b108096f032be3aecf0cbc56938bc330b4d965ef9a74a5116681607dd31924189a04e0761b29b7932d84a5cb7aac5ebecb3

Download Submit
C:\Users\Admin\AppData\Roaming\BlueSprig\JetClean\Config.ini

Filesize
89B

MD5
90246532dfd179e427601ebe8bd0fc0d

SHA1
052b69a3306e9eacd04f66cead7e6c4db9dcb554

SHA256
94447ba47990d6bb71d77f6bf8ab7c0288df65bae40c24aa462b008ede15b518

SHA512
4ca832ed2cfa90602ec609e2262b16dcf9b0fbd3e7eecdcb27d8f8302a6219d4feb3c205d6ba802572cef966a61a2cd90aade6591a8649e1e042c7c59ceb97a6

Download Submit
C:\Users\Admin\AppData\Roaming\BlueSprig\JetClean\Ignore.ini

Filesize
578B

MD5
0f6c3f01adc3707dc6e51e49b2c5cf6e

SHA1
0cda8a0704833c64b0f81efbcb63fd5678fa0b80

SHA256
cc152776a06c1c00cfc6ad36e8c9819ae01f5751b61f2d3279d566fdc3bc9273

SHA512
8ac3e1cda1bb18c10ddf538225a5ff7c77f970c7e40a96ee146a9e130408ceb8ce0f2c959797afb5ac6b2cab145f96359d972fa68704ef15ec065313d66796b4

Download Submit
C:\Users\Admin\AppData\Roaming\BlueSprig\JetClean\Ignore.ini

Filesize
785B

MD5
45119273f841fc37397c374d15f37918

SHA1
5841be080fdcbe51cae6d37424a5c55786d9b5a7

SHA256
0479d1b1dfcb3b8bd87dea79238b7a9777c4ca26cbc7d751d79891166b3d74c5

SHA512
5584fbb076c502402310d4bfa017401fdbac843e414ac926d712fcddcc38ce031f41d70ef8d7cb1ec47e0f90beaf067fb8bda94905ae637fd3326ba1194c7f7a

Download Submit
C:\Users\Admin\AppData\Roaming\BlueSprig\JetClean\Ignore.ini

Filesize
1KB

MD5
4e5fd63f1df7748add5fc724d2807cfe

SHA1
d4b1ff2fc0c129d1728ace4dd7e45f2efd34a8b4

SHA256
8265a30155192796a20eb069af51d110cbb6559eb5fa4e67ef88baa2990438f4

SHA512
bd1b770c2e466c8c7acd0e7fcbbca17a5c9c17009516e824e62fb381c0d3bde1fb80de77c11933006d562f55418e1f221fe51ead0862722f96e8a63e16b6d890

Download Submit
C:\Users\Admin\AppData\Roaming\BlueSprig\JetClean\Ignore.ini

Filesize
1KB

MD5
785b1e8e1a2d364511d8969ed0607218

SHA1
f4cc1ccdba4a9206c6c762bfca0e825d52efe181

SHA256
f13247b9f7f87ea6df2d3ca8e32f3dc0b92d73284e413c87e8fd9bf813877899

SHA512
a381d67a51efbf0b65eb9196a063e6861337772f5c68bdab7bf94ff5b5e57f262b5740f644e72529a8d1f6eb270e051682bb39e77106aed8bfb054b476a395f6

Download Submit
C:\Users\Admin\AppData\Roaming\BlueSprig\JetClean\Ignore.ini

Filesize
2KB

MD5
75a00f8422514e6333ee7d9eceb43f36

SHA1
00af6e3c3c98e063841a92842266634a3882f52f

SHA256
5fd1482010a155a8e5b62d16324117d8d43429b2e28d71861ba5565a44d8c946

SHA512
ee0be7fdf5529889e102b2661c9a93ffaf8b53dceb1fdc06ec27c86068806629ea5069245b3a91e8d7a3c71b433f1d5293a3c9e7523452e99634cde996532e05

Download Submit
C:\Users\Admin\AppData\Roaming\BlueSprig\JetClean\Ignore.ini

Filesize
2KB

MD5
948098ac2a4d6f57d4f2119818b8d0ac

SHA1
b369f43d952fdfdcf45b85fb8bf2992de44ca67a

SHA256
0193d525f56634457f501cf5fde00831521a90e396b8dd370f497d5c0c690733

SHA512
e3111dcee3a027ec81dd990da59d4ee6e5c88e76fa953bd8134020a188cfbbdd3dbbe297a12e246b2aa5afa722cac7179131eaaadf35fa2b32dc76208b9ada43

Download Submit
C:\Users\Admin\AppData\Roaming\BlueSprig\JetClean\Ignore.ini

Filesize
3KB

MD5
4771220daab58540b8967cdc5972ee55

SHA1
1af0248a52fb674ffa11f9dbd4e285e04b461afe

SHA256
ec7fcaf3cebf2fffb59c31c65afb434f4a96d3be6eb36fdf757bc98211234d9c

SHA512
009acbc0cc7b1100e72559e613f1f4b96f7339eb709052b1e6ed7e3e1e684186c000fb2a3f000b5fedb801c6cfdb90e590391cdba4feff0f3c5870c05d41ad45

Download Submit
C:\Users\Admin\AppData\Roaming\BlueSprig\JetClean\Ignore.ini

Filesize
6KB

MD5
85fbe0a439f806aa093fb4b4073e001a

SHA1
0e3325e8ccda0f7eda363dcf31d3346ea377b578

SHA256
e517bb0a3ba44a58e6c01ca0f3cc60ed15ce27299307d9ea441ef2e19d7c9f26

SHA512
bcc61b7592c52db26e01e1697506091eb51c788f9d37ba1104647f0ead699bc976b52c7ca0f813896ddf010f49d66500792587a41a13e1a502b73dcb85e9f4cc

Download Submit
memory/400-1453-0x0000000003B90000-0x0000000003B91000-memory.dmp

Filesize
4KB

Download
memory/2296-431-0x0000000005F90000-0x0000000005F91000-memory.dmp

Filesize
4KB

Download
memory/2296-900-0x0000000060900000-0x0000000060983000-memory.dmp

Filesize
524KB

Download
memory/2296-895-0x0000000059800000-0x000000005985D000-memory.dmp

Filesize
372KB

Download
memory/2296-894-0x0000000000400000-0x000000000077A000-memory.dmp

Filesize
3.5MB

Download
memory/2296-898-0x0000000050120000-0x000000005030D000-memory.dmp

Filesize
1.9MB

Download
memory/2296-899-0x0000000050310000-0x0000000050349000-memory.dmp

Filesize
228KB

Download
memory/2296-896-0x0000000057000000-0x000000005703B000-memory.dmp

Filesize
236KB

Download
memory/2296-901-0x0000000050000000-0x0000000050116000-memory.dmp

Filesize
1.1MB

Download
memory/2296-1356-0x0000000000400000-0x000000000077A000-memory.dmp

Filesize
3.5MB

Download
memory/2296-902-0x0000000003E00000-0x0000000003E01000-memory.dmp

Filesize
4KB

Download
memory/2296-400-0x0000000003E00000-0x0000000003E01000-memory.dmp

Filesize
4KB

Download
memory/2296-1081-0x0000000005F90000-0x0000000005F91000-memory.dmp

Filesize
4KB

Download
memory/2296-906-0x0000000006B90000-0x0000000006BA5000-memory.dmp

Filesize
84KB

Download
memory/3892-406-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3892-134-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3892-160-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/4032-367-0x0000000000400000-0x000000000052F000-memory.dmp

Filesize
1.2MB

Download
memory/4032-405-0x0000000000400000-0x000000000052F000-memory.dmp

Filesize
1.2MB

Download
memory/4032-143-0x00000000007E0000-0x00000000007E1000-memory.dmp

Filesize
4KB

Download
memory/4032-162-0x00000000007E0000-0x00000000007E1000-memory.dmp

Filesize
4KB

Download
memory/4032-161-0x0000000000400000-0x000000000052F000-memory.dmp

Filesize
1.2MB

Download
memory/4236-337-0x0000000050120000-0x000000005030D000-memory.dmp

Filesize
1.9MB

Download
memory/4236-336-0x0000000050000000-0x0000000050116000-memory.dmp

Filesize
1.1MB

Download
memory/4236-335-0x0000000000400000-0x000000000040D000-memory.dmp

Filesize
52KB

Download
memory/4236-334-0x00000000022E0000-0x00000000022E1000-memory.dmp

Filesize
4KB

Download
memory/4288-891-0x0000000057800000-0x0000000057812000-memory.dmp

Filesize
72KB

Download
memory/4288-890-0x0000000050120000-0x000000005030D000-memory.dmp

Filesize
1.9MB

Download
memory/4288-889-0x0000000057000000-0x000000005703B000-memory.dmp

Filesize
236KB

Download
memory/4288-888-0x0000000059800000-0x000000005985D000-memory.dmp

Filesize
372KB

Download
memory/4288-887-0x0000000050000000-0x0000000050116000-memory.dmp

Filesize
1.1MB

Download
memory/4288-712-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/4288-156-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download
memory/4288-369-0x0000000003AA0000-0x0000000003AA1000-memory.dmp

Filesize
4KB

Download