Analysis
-
max time kernel
120s -
max time network
366s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-es -
resource tags
-
submitted
24-05-2023 15:10
General
-
Target
SpyHunter-5.13-70-8584-Installer.exe
-
Size
6.6MB
-
MD5
3ce9158024e74733de9ab2232fb73dcb
-
SHA1
5fc8ed33206ab5b93f736114ba99bf47f81bfef6
-
SHA256
e7dd3449cb2fd81c06e0f5c19e20b280c80fc4533356f3bf67fdfcb6ce238056
-
SHA512
ac2e9d45a992513d8f4efee73f5a7166071b837302fc91888122d6a211b0437de75776d509b308809751b7c9fad69ebca5f8c6835d66b6fcb467f4cd434f06bb
-
SSDEEP
98304:qzCgxMDk3jEO+F7qxBO7j/11ajr5pJ+9PbES9qCJV03oJT2wIZx3oIODbhHMxvTk:qHMOjEO++CqFpJ+9PbxXV0YJzD9HMxvY
Malware Config
Signatures
-
Creates new service(s) 1 TTPs
-
Drops file in Drivers directory 1 IoCs
-
Patched UPX-packed file 2 IoCs
Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks whether UAC is enabled 1 TTPs 1 IoCs
-
Drops file in System32 directory 1 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 51 IoCs
-
Drops file in Windows directory 1 IoCs
-
Executes dropped EXE 3 IoCs
-
Launches sc.exe 8 IoCs
Sc.exe is a Windows utlilty to control services on the system.
-
Loads dropped DLL 1 IoCs
-
Registers COM server for autorun 1 TTPs 3 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Checks SCSI registry key(s) 3 TTPs 3 IoCs
SCSI information is often read in order to detect sandboxing environments.
-
Checks processor information in registry 2 TTPs 10 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 50 IoCs
-
Modifies registry class 19 IoCs
-
Suspicious behavior: EnumeratesProcesses 44 IoCs
-
Suspicious behavior: LoadsDriver 1 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
-
Suspicious use of AdjustPrivilegeToken 19 IoCs
-
Suspicious use of FindShellTrayWindow 50 IoCs
-
Suspicious use of SendNotifyMessage 46 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\SpyHunter-5.13-70-8584-Installer.exe"C:\Users\Admin\AppData\Local\Temp\SpyHunter-5.13-70-8584-Installer.exe"1⤵
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\sc.exeC:\Windows\System32\sc.exe create EsgShKernel start= demand binPath= "\"C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe\"" DisplayName= "SpyHunter 5 Kernel"2⤵
- Launches sc.exe
-
C:\Windows\System32\sc.exeC:\Windows\System32\sc.exe description EsgShKernel "SpyHunter 5 Kernel"2⤵
- Launches sc.exe
-
C:\Windows\System32\sc.exeC:\Windows\System32\sc.exe create ShMonitor start= demand binPath= "\"C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe\"" DisplayName= "SpyHunter 5 Kernel Monitor"2⤵
- Launches sc.exe
-
C:\Windows\System32\sc.exeC:\Windows\System32\sc.exe description ShMonitor "SpyHunter 5 Kernel Monitor"2⤵
- Launches sc.exe
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.enigmasoftware.com/congratulations-spyhunter-installed/?hwx=900bf010a80653f09274033330ccb72f&lang=ES&sid=anti%2Dspyware%2D101%2Ecom2⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd25f346f8,0x7ffd25f34708,0x7ffd25f347183⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:23⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2512 /prefetch:33⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --lang=es --service-sandbox-type=utility --mojo-platform-channel-handle=2768 /prefetch:83⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:13⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:13⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:83⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:83⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings3⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x224,0x228,0x22c,0x220,0x230,0x7ff65d295460,0x7ff65d295470,0x7ff65d2954804⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --disable-gpu-compositing --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:13⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --disable-gpu-compositing --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:13⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --disable-gpu-compositing --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:13⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --disable-gpu-compositing --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:13⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3944 /prefetch:23⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --disable-gpu-compositing --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:13⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --disable-gpu-compositing --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3980 /prefetch:13⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,9720096434460236162,12491223153352346249,131072 --disable-gpu-compositing --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:13⤵
-
C:\Windows\System32\sc.exeC:\Windows\System32\sc.exe config ShMonitor start= auto2⤵
- Launches sc.exe
-
C:\Windows\System32\sc.exeC:\Windows\System32\sc.exe config EsgShKernel start= auto2⤵
- Launches sc.exe
-
C:\Windows\System32\regsvr32.exeC:\Windows\System32\regsvr32.exe /s "C:\Program Files\EnigmaSoft\SpyHunter\ShShellExt.dll"2⤵
- Loads dropped DLL
- Registers COM server for autorun
- Modifies registry class
-
C:\Windows\System32\sc.exeC:\Windows\System32\sc.exe start EsgShKernel -tt_on2⤵
- Launches sc.exe
-
C:\Windows\System32\sc.exeC:\Windows\System32\sc.exe start ShMonitor2⤵
- Launches sc.exe
-
C:\Windows\system32\taskmgr.exe"C:\Windows\system32\taskmgr.exe" /41⤵
- Checks SCSI registry key(s)
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
-
C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe"C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe"1⤵
- Drops file in Drivers directory
- Checks whether UAC is enabled
- Drops file in System32 directory
- Drops file in Program Files directory
- Executes dropped EXE
- Checks processor information in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: LoadsDriver
- Suspicious use of AdjustPrivilegeToken
- System policy modification
-
C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe"C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe" /hide2⤵
- Drops file in Program Files directory
- Executes dropped EXE
- Checks processor information in registry
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
-
C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe"C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe"1⤵
- Drops file in Program Files directory
- Executes dropped EXE
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\system32\vssvc.exeC:\Windows\system32\vssvc.exe1⤵
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\EnigmaSoft\SpyHunter\Defs\2023052303.json.ecfFilesize
53.8MB
MD5dbf83e3bd5a2a0094336e95954a8ed0d
SHA18a813021f4f68088404801dd2d19c2be7bd36697
SHA256b4120db924e74f679fc0302cb1535d6603aff50adcbcb92b6f12c085248d5815
SHA512dc295dc5b4f0c69bdb3bc6fb5414d5b92ab5efbedd22d2ced4dc9cef8c2bdb605bfd21525def62e6614c4f0e19f0fe3f7c750ea0a8d1090ef7d6718cb14ac51f
-
C:\Program Files\EnigmaSoft\SpyHunter\Defs\full.defFilesize
53.4MB
MD579f6bec33c2aea103f948394fe08910d
SHA1263363c31900df2cee92c693a73999b26a2934a8
SHA256699c494f676d52d53624596b81ff3fc27c05489e46294ca8f9345e680325c00a
SHA51263ac4aec5252eace42294a4a7d400b78b68a14f47c4d16b2658cfa4996d6d06c2c802e7c22d54cb6a5f59769a38d34ccfe36c35c028998cc29442a9fc9758267
-
C:\Program Files\EnigmaSoft\SpyHunter\Defs\rh\Full.datFilesize
60KB
MD5a52adf86b1feaa15e899c1fe3d6a68a3
SHA1210b997dba1b4719070f9b54bcdab517e1e8b84f
SHA256ad87ab7a47d55a45c946efd9caa4658a0c2d622389cccbe91dea450aebc07674
SHA5120c3b23ad43f973869bfefea5021481b0754f944ce2fc56514ebb8ff60e20c431f18acf051ba833e536536e3940b0717178a08794285d86b7e50b1313967d6029
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Albanian.lngFilesize
51KB
MD590c91c63366c84205db147f653fe990e
SHA1892fc8a86cb901ddaefc9cda270772793bf71f10
SHA25675624a118da254f8cda29a2721c5d059b366b55e1e856c305853ca5fb673611c
SHA512b84aa4108edeb40b9438e48e6b60b97cc658952d2341e2f3f19422dc7beba8c8697c8c189d31030d39e6ea81426f18ec1e6807c426ad265d74719e2d34c2a577
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Bulgarian.lngFilesize
57KB
MD58c6786c0eb601c927726a82b00abe71b
SHA18a8176790e048dc7f160e8fa89dc9a8cacdd957f
SHA256619dbd90661af33653af3f3253c76d594ffd24060bbff2d1a0e51461f72477b8
SHA5124fb9125ed007b260104dec96460e52aff722e97d381bc6b62c9de9135d625f7cc1f8c3a5f7cabf930ea03bce60b7237463d227d21083e4215abf035f04b02235
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Chinese (Simplified).lngFilesize
45KB
MD56303be5f5fb7e47aab74a59f164bc47b
SHA1ffc11ae266f87e5ec96c24fef30e900c8ac0c9c8
SHA2563007e3430673593c393174d8dd7dcf6cb4d2f4ac31fa40dcbca1d6daf8e167cc
SHA512bab0ac40bc70a52e837e399865b8682fe1c033e1967988a3b8dd6727a38d6f59369daf68b4f28437bb337abb0a8d2fa3dda63cc645221b56afcaac9d2a93a32c
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Chinese (Traditional).lngFilesize
45KB
MD58c2b1108892b6a901557e69b29bd1275
SHA11167f17fe98448d482080c7a3c7658a8d90d5a9d
SHA2565f6c0a5c27e15c6f8c9bceb442719165f44c34ada0d83f972789efaa830b7d48
SHA5123f1188a08785f55a48eb97a17b21378a2a0db32ddada73821d048cb4da64d4c6a46849deabe2c4dd411035590c6b9bc6be11c267710a34f3fb0afcceef2273b0
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Croatian.lngFilesize
49KB
MD54efd67bfcbbad1719019b81345b9efaa
SHA15b7e9bb695db6b1ed4745baeaf1510c696cbc3d0
SHA2563585c57b6738b83d30c3836ad605c1d43add6267cff37c1f7c680fbfdae79978
SHA5123e3afafaf846a8c6637fd0a451a6bd1cb52e0e8c0b791c6cb8ba838c56ae5e3164ee313cdac0aa2524962bfe9b60c82a17cb4f5be2c445f6e86c44a8c8023a8b
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Czech.lngFilesize
51KB
MD526b44a8271eeff5dd93ac3a2e3cdd5c1
SHA178bb59215629882cabbe33d316f358bbae14f10b
SHA256e98fba37a14e85e91ebc434ab038635b7315d95cddd24f750b43afe67924d99d
SHA5124e17c07b8973a50fde83c1c5f4f553b35eacd842928a43bc079db459a6e53e0dd53ed5d164bc77ade40511c9fcf390087a25280213d4c9b3c4c96390e0a97428
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Danish.lngFilesize
47KB
MD5b40466ac91b2225ad8efbd4ed13dc0ad
SHA10cf517ca273d3d482b48fed4658e8329f2f4c251
SHA25621c3b60a058b3b4b8d08b05a50c99ec7eaf6cb9b67ed0f87082484ad35684d96
SHA5121ba36e8f5ec5624f55d9505543391bf527cf8ae9510191a52d364d85517b564e59486f798b111c4977d473bc440516bc171588383c886e68a87d7ec38badcfce
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Dutch.lngFilesize
48KB
MD5aaefb39af8a0d8d1cb3f6aa2bca4d8bb
SHA1ab74cb66c2beb08414ebc65bef7cbda14aba31a8
SHA25629f07174db85bfbc19199050f0718de18f145ed8639de0db9f09d0da4f715493
SHA512f92e8ef060903295ad4ad1dbcf117e1cee25cb9c92dfae03f642c9ebd65d63d3c4a6bf274e8ebb24572e7a018e59238977a6f61acbb00a5ea1745e9803da33cc
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\English.lngFilesize
43KB
MD5a518975338d6353d40ff7966f9f58ede
SHA17fbf81bc867aadcc86aab38ae41375113146654a
SHA2561bfdbf5e6349531bd5ef573a7f18f528a974dd554148e465182d37bc6e1a713c
SHA51298ee9bccba39d5cae25fea8f68cfe009cabd6f694197565ba4ed32a58da940ee2d1011df36710e3e62235dee5ccfe305af42c480e2f270526747418115f3230a
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Finnish.lngFilesize
49KB
MD547e3cbffaee3bf2534814de8fb5175ff
SHA146ca75da34a88c2bf9c40674133a06abedeb5135
SHA2566c8322fbde9eb5e9caff970f934a4de08f38ef7b9cb1f835583144c01b65fa6e
SHA5127b880963eed7abc084b35b9513953cf4f638cd45e298ada33ab405889b18c7b6e78811d2a202cd1d660e0eacf112e143c8019b4df738fe269a34842273edc634
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\French.lngFilesize
49KB
MD56cf18c301e54e22935ecb7693f275a53
SHA1eba53f207a5fc16610cb080cc1d1403034925a5c
SHA2568b6fbed1cda947e03cfb8f0de53a1a10f36f21f291edf1b1c065a4f32d5a3615
SHA512dd3e7ad0f749b7de4fb026b7dc3a6acbd0833893dbb7d8fa05881dee01b68df41c2432609af927c2bf8a0a636c725f25a2ff6bcfc1e94df3804fe2a875f6df8b
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\German.lngFilesize
50KB
MD550df8720319b1836b5450a4b7d1bcf81
SHA11a9560a99a00fd5b3c77085d29f3f1812933a27b
SHA256cc953c4cd224c0c1697347d6ad6937501f5de976c838b09250cc1e0045e3b1fb
SHA5123d6df1f4a63e114a4e8f7cc39a0329ce9c029168ec09dc0e0119a8c9cb69ff25e9ac3a4f7a3d1dbfccc8819deac6856ec4dbe39f18d838f4fb9dad7db4ae76cc
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Greek.lngFilesize
60KB
MD592ce5a29b736b828d5c722fca9ddb1eb
SHA1dd77ec892967d389222efec1d4c6654ed44b3896
SHA256e6fb15077bac86fbcff2651681fedfc85aad4d996cc6c70c73101402a6ff50a8
SHA512b6376c084ab45083c7f226b6526520561fea7530a332610c2d2e3c29db29a298f8b8b9faef68c2d2dcbb7c04c1d9d9847b46ede451bbd5fb606bb796a7c98447
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Hungarian.lngFilesize
52KB
MD53a9edacd16014ba67c969f19df844dad
SHA19b87f2d7cd77b019d859c1d2bc886839c27d1dce
SHA2568be226d27806f7485369a1a9f12354204003b55c193f5838596300a696f8d3e4
SHA51270affaa3e9450055c9ced66a4ec7c67e1c8140a42b9e42e5c8e3ade6f0bb2e174608a26841abd0e9bde1c243717fd81f11601415de05d3a45cdc523d6b222c9b
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Indonesian.lngFilesize
45KB
MD57b62e789c121f9269a1bc92899c07a75
SHA13d0ef8536c2662b9884cd644034c9db89fe1d2cb
SHA256be899594223a099c0dce89b911c1a40b8a1b0bf8df3b1647836fb3da3fe0e830
SHA512a14749ff91b608045c1378ae5e8932b0ba5ed7da59f9cf17ca1679b26cfc6405e853a5e43d32ad093eb81e7da5f6fe0fb0520997cdb13a57cd619858e59966ef
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Italian.lngFilesize
48KB
MD501a01c7ba8bd9866073ca5d179c66166
SHA1f7db554b50b8ef3fc9b2808309f8df9f1d1c0dbc
SHA256ed26a07f9d412ec35fe77608e3696b4435855f666add56e6ea798f4300070f34
SHA51270c937f3d39f21bd2e5bafaa8e5a5b7effbf0f159826c45cf745f99c09e9308f60f7de1553272d35c0191bcb181cbd45a41c99923d1d0f5e5509b07da5793fe7
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Japanese.lngFilesize
51KB
MD50160e54ce0eb548182ee6aed440d4164
SHA1e1880a9474e83aa71dfada62e540f9dbdaf45fcf
SHA256acaae001e5b773df479ecf60150d08f962dd88c86182720a4edb9ffb13d4385a
SHA512509d2ba7d7387ab5d97edfe6f4c40ae8022dbd65e69497aea6f73e29a7512a5dd1e50c935e0ca38b18f206ce7cb6e06576ab6da3a96c0196c54d1d498b8735c4
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Korean.lngFilesize
47KB
MD5be030a3659558c19a4a9ef9aa541b915
SHA104d12e1244c690e76a93750848543d987453f8df
SHA2569ed074bec18cdfcd3dd68e0ed78bccdeb81f9ad57749213a0fe7f1ce245d4d5a
SHA5124d7ae82f60c26014d24b9dbab64885fd9c26ace1fda58b92bf4cb605312b959a00b6f67b6095e707ec5926aaf11610835523f9b34ff6d985cdf8ff539b7a18c8
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Lithuanian.lngFilesize
50KB
MD59d2390bd1cf46ce6180df52a83fa1998
SHA1e015c43088e4ee88eb2a041cc58b5bc07567a3d7
SHA2565c7bc6e484645b241db387a50e8364726a7b133bf89d4b086e7612f158cd4950
SHA51289751a591609db4177626586138a73ec8a018cae2ee73533b94e192a1ec46460e7eaade6f158deb052644891a70dd90e9c236f9b6724ecb9571491e74452c402
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Norwegian.lngFilesize
46KB
MD5873d9536658d18f37dc6136255708ba0
SHA1d464c703463d181ac6bdb9d2de4e2674128f0912
SHA2562c0b81ae46e174ae566ff8ef766152fcd9cfd0ce9a8d91bc7a562232489cb9e1
SHA512d7a87253b554c3c38a367a725b0e503532ffd01b38e498bfb07f33a4f5738752a519d26dfd5c32c40bd97e4f240a2f964b81a3d1ef822a6a555d242dee6b67eb
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Polish.lngFilesize
51KB
MD51a59bae06a02479306fe2294842d8ae4
SHA12037071693ad4998ba33204e9ed960d294d9e9d9
SHA2560e8dd387db9d1350f6b1ffad5b8a9719ea2954b12d107070fa356b2550e1c571
SHA5126e19e1cc368534697f254dbdea8ebb29cccdf0015a454dee648316a5a797594a1f46c08abf7f0b26bc31d0db206b9d91dc64be70655932943fcd56a42ab220aa
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Portuguese (Brazil).lngFilesize
48KB
MD5a472b075c3b8b08ed76a42cdaf0c319f
SHA15880fa64a917de1736171e71b60b241cce4f059b
SHA256d4512b07d845c89b1a253c8559d85ccc2cfe156c86110b74d3d22f9325981838
SHA512fbcf961d3a1536ce747b3f99b0def88d6d16eff75b6898a67290c85c96b6ad7839a1ec384f5d570efefde4910b4011d75f9f8b8a4f092cd25c36078372f6fe3e
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Portuguese (Portugal).lngFilesize
48KB
MD5e2691bf96e82ebc952ebb146bc70d3fb
SHA1fa5e3557aa56bdfe550de86b69b1e636bc3a7271
SHA256ebf980d438532975da5970dc5934a1ffcf447f905e5c3fd9137ca5561b91ba21
SHA5129c6fe3f24fb3ad8559489aea766e9d47d7c43625d348535736a1f8ff0953b0a3b28cd3fcd177bd9c391cf89e883fdd82901020636319f1b77d1e1a743e6ab3dc
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Romanian.lngFilesize
50KB
MD51076a42570a7e06b1e02a7173e7b4465
SHA1966a8e8fd552778a66b84c4b70ecb6dc559cdcbd
SHA25613b3574ad7746c30e9777d884deec1f0c75551cb16245105daede7f525f4deb7
SHA5122b81a3bb0f86b30f5a133ee22b36f56696f9e2611f090891fc3fe2863bbc95d078e8435d86cc177f3683a7c6394a7f4720a263d14dbd1aaebc80118ce90c0523
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Russian.lngFilesize
57KB
MD543a5f6e364555a5daecee67bfd43b9e5
SHA1d1219bbc6925d570fba7195497b478ac9c6002cd
SHA2562febb47993196fb3f0835b0800755602e8011314f4fdd7bccb307accc194ab58
SHA512c2d207be8dbac98f32a45e17bb6cde0c99296220eb033a6d72f97344bbc9733b422d96fd55cb8e8889d4a6c7fe644dd0191bbb4674d7c3c78adce3db5dbda77e
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Serbian.lngFilesize
51KB
MD596b9804891338c27d8acfe39abf309fe
SHA1b14bf327e78f496e8023a0cef5d4a6855794a885
SHA256cf070d67a82212cce53c98bddfc3fc129a3a9e860fa78df81823bda8f1664bb5
SHA512d8d0518fd5c3d98d1d2465edf0b44a826a274a7974a0336e78026aab938db1ab1f3d7318b1700e7d16f2841f3d10086e706b270850c83df49ce2d3bde6a34b8f
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Slovene.lngFilesize
49KB
MD5a2fcd4d47727c583d1f760a67774272b
SHA10471e603529130e3b1b8a0828924e8affd245b4a
SHA256147dad85e6a3de90350df750765a71828bcaccf753ed2754108c2df5b5c4ec94
SHA51287cdbd574328a6cfff8977d21f37de8e41608d19430dabda552bcbb3058fc56ab938a4e3fe672511aeb58a79f7a1dab08ac54a6ddcf5505575b316c28f79e600
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Spanish.lngFilesize
48KB
MD5cccf9aa3c8f7e0fa86d66f2a39b4db6a
SHA162b0b308c74ee787400508ac2c96fd6bee5a9ef4
SHA256917de266d1217716c8d03ea7ccd4b8602204cef18fa2214be71341a2190ef2b1
SHA5123841b0768c672fb9a7045573395e79292f9acbfdd308cf86c0211500231913cffb6668554fd522fce622b25b3a17d994f75531238997215d2a29c20e2865b20b
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Swedish.lngFilesize
47KB
MD571a71f521ab85d964b463d59a9872a1e
SHA170d46076a360bcedff90cc7c4d9c6eebd05af0f4
SHA25606573d5d57daea00c3e55471b90d484e4a98957bba7d45020f038213bc443213
SHA512df37ca76e0450afdfa03737ae5394fa7d0052193fb7ad9ad1eed3224e3039bb1931cbdeb0c9d1995c4baf64f8cab1e293bf9f6773b1aaaea61e17c409ad7390e
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Turkish.lngFilesize
49KB
MD5c1dc60f5fe8f6267f21663a746cede36
SHA1f0492758631e6ffcf4a4b05ae439171a5872aac1
SHA256ad58066bed5da405695d16e8338174a7a5c0e54a620c00546e622a32689b2d7f
SHA512bd73f46989fb207c76d4d63cf7f402540d10d7919ba545a9911207545e2349de7a46f8459cd2c86d4ad196c3952f26bf70ddeb5411910a5818eedc4608dd998b
-
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Ukrainian.lngFilesize
57KB
MD5eced67a6f493263550449fcb3c82468b
SHA1976040e03060b2abfc2cdac872bdf5f01662e00f
SHA256646f0eccba1e4a0f9c3c4215575c893a477012c1875287bd099aa1d614ab7fcb
SHA512b740ed69fbefec733bbc2930ddde968cf9dc626c1de29c4dae74173fd05cd4d749f370e4e208b8162905e54e66a1308834fe043b313487c030952dafa02fac38
-
C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exeFilesize
16.7MB
MD5f41ddae0e0b2c7a41af8a8cdd55f496d
SHA10b0592fd132f936a4524cea80830c078df18a3cb
SHA25663d7e86b9910873b2194d67eca3676e1f7ee6fcc2243e636744fc82eea51dba6
SHA5127a724b6434d2b9fe3ad658164d24196807a3809e96b27c4933c4835dff9feb13951ab2ec20197bd97d1c506f79b9a6150d02ce7881098e513003efff12c5d12c
-
C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exeFilesize
2.4MB
MD5fb859bc132e505b34dcaa5c61b80f453
SHA16be1de63044c2e601dc0b0bc34c78c5a5d92c108
SHA256ae46a269540d1613836856b2302bdb6de23d845cbd94cc6f31535505f3677789
SHA512a03800ec3d0231aa07396ef0580828a5d5b6001a493200e1d38d98374b63020a9d304f511c70d2148e51b0d61d90e2cef7aa7968c868f88113e10da95096f927
-
C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exeFilesize
2.4MB
MD5fb859bc132e505b34dcaa5c61b80f453
SHA16be1de63044c2e601dc0b0bc34c78c5a5d92c108
SHA256ae46a269540d1613836856b2302bdb6de23d845cbd94cc6f31535505f3677789
SHA512a03800ec3d0231aa07396ef0580828a5d5b6001a493200e1d38d98374b63020a9d304f511c70d2148e51b0d61d90e2cef7aa7968c868f88113e10da95096f927
-
C:\Program Files\EnigmaSoft\SpyHunter\ShShellExt.dllFilesize
2.7MB
MD5a4e31f28495f99e122b85368980bc018
SHA1fb93e5764a1e8d63630c5bf9fde2165b8c501659
SHA25686cd689df140ead7d35f4988e53c0364fda958d1ddbce3203fc8dbf86c15a0d6
SHA5122b966e310bfbcedec09645ca1199235c8db46d675ef49fea6b069f927bfe8849fc3fabf327a6013c3634538792ed2c7e1b4d79a81499b3a66d05e946bffdcfdd
-
C:\Program Files\EnigmaSoft\SpyHunter\ShShellExt.dllFilesize
2.7MB
MD5a4e31f28495f99e122b85368980bc018
SHA1fb93e5764a1e8d63630c5bf9fde2165b8c501659
SHA25686cd689df140ead7d35f4988e53c0364fda958d1ddbce3203fc8dbf86c15a0d6
SHA5122b966e310bfbcedec09645ca1199235c8db46d675ef49fea6b069f927bfe8849fc3fabf327a6013c3634538792ed2c7e1b4d79a81499b3a66d05e946bffdcfdd
-
C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exeFilesize
18.6MB
MD5ddb3b388e11050ccd206d6bdbdbfe570
SHA137cdbd5e0d73406d8274ad8eb3650c1bc0905dcd
SHA2564749bab2e67bcc83a8e171cee5cb357788d5e24da4e8d275ba7533943accf43e
SHA512e69c9bb913b4ac4d476adca9589c75cdf42c2bb693d2b0d6b0d83de32f6e8f03eeb7ecb28e1f5f8ced0912d1784b13da4ba9a382732acc5122478f8a111ba1ef
-
C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exeFilesize
18.6MB
MD5ddb3b388e11050ccd206d6bdbdbfe570
SHA137cdbd5e0d73406d8274ad8eb3650c1bc0905dcd
SHA2564749bab2e67bcc83a8e171cee5cb357788d5e24da4e8d275ba7533943accf43e
SHA512e69c9bb913b4ac4d476adca9589c75cdf42c2bb693d2b0d6b0d83de32f6e8f03eeb7ecb28e1f5f8ced0912d1784b13da4ba9a382732acc5122478f8a111ba1ef
-
C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exeFilesize
18.6MB
MD5ddb3b388e11050ccd206d6bdbdbfe570
SHA137cdbd5e0d73406d8274ad8eb3650c1bc0905dcd
SHA2564749bab2e67bcc83a8e171cee5cb357788d5e24da4e8d275ba7533943accf43e
SHA512e69c9bb913b4ac4d476adca9589c75cdf42c2bb693d2b0d6b0d83de32f6e8f03eeb7ecb28e1f5f8ced0912d1784b13da4ba9a382732acc5122478f8a111ba1ef
-
C:\Program Files\EnigmaSoft\SpyHunter\purl.datFilesize
64B
MD5fe5e29fb288b8916929b1e5f386138e0
SHA1ce08a85fc1046e4b1495863d163855dc579ff70a
SHA256f14afa85cfbc3c8def11c580390349640979f5d2bdbbf90b43edd0cb8b5db4ce
SHA512a764ae43e29792b597eb3106f36f39e8f656d4796bb65196e96a7c5dcc64e5db7c2b1f5ad819b321bad295714fe2f8e8a71de8ac240654e62bb8c805c155422c
-
C:\ProgramData\Start Menu\Programs\EnigmaSoft\SpyHunter5.lnkFilesize
1KB
MD53369a596e5966a37dc5a400a92185b59
SHA19d8a09324418c16187c778116b97605fe27c7fa3
SHA2564995f8fbf7c3fc3f062869083ec291ab1224b9160544f65382e7784c0ed38dec
SHA5123af2c39b9117b6d132b39ef5f90173f3ad5893b3fbedf59af41715179f631093fbf4aff4ab3290a7c34736b4272333be62ac3f8ecfc0836e9f6ea5739f7a9472
-
C:\ProgramData\Start Menu\Programs\EnigmaSoft\Uninstall.lnkFilesize
699B
MD593e202092b751cef2f05efd627e914cf
SHA1e7c4a20225df7b1ae3e43bb3f75e5cc4cb507e68
SHA256b75d9ec4075cdfcf7347b21fd789b3428631ef816a1699231cd23d2aecd2c04b
SHA512355eb1b59d319966fd91f511099a8e41ea658f160273590008a5e25c868bb6463b2df5fd6abb6fdacbddb992952e6c5d0e50d9ade7aeeaa32774b1f24fedecc2
-
C:\ProgramData\Start Menu\Programs\SpyHunter5.lnkFilesize
1KB
MD5ba50c6a8b0f163aa86823b1308e3622a
SHA1071e5ed418bbc0d2508df783a053eb4761aa470b
SHA256e0e117f4da2f9c8f107656ef6e71c2adee7a2f68b7df9b6ffee607f26d164855
SHA5128a81ee6f79899c49b38661dcce8514c205ff6d97a9eaae04b3bf1ca09d0a2a5b22f0a34c8b75f89798af17bc3538efece2200e0f6e22133c61df22cc0cdc0d1f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD578c7656527762ed2977adf983a6f4766
SHA121a66d2eefcb059371f4972694057e4b1f827ce6
SHA256e1000099751602ae1adcec6f1c74e1d65f472936817b45239dfed4b043984296
SHA5120a8e58ae95163b3cdf8e81b5085887761e73cb7c836a1a6a972e837fb3df69b2ac70cfd6311d06d40656344ec35eb48e512f007561480f0345486ac2b329be0b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD5099b4ba2787e99b696fc61528100f83f
SHA106e1f8b7391e1d548e49a1022f6ce6e7aa61f292
SHA256cdb1db488e260ed750edfe1c145850b57ee8ab819d75237a167e673116a33ee8
SHA5124309375e10785564ceb03e0127ced414e366a5b833f16a60d796471d871b479e4c044db5268902d9dfd14715ca577cb26042bab8f7b0f31fe8abf33947feb9d1
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
576B
MD583610a3e00656265b81cf87cad3d12b6
SHA182de1c8351d50c9dd46033ba3b3d447f0c131b08
SHA256ad037d4829ccab979877a8523834abc739cd9bc5f9c2a12030a3803d1faa35bb
SHA51261f220b8526bd9c7923ae95def6072814fda60d8222528b7eb3af810d13e51c37902d60a7cd01180e403400c0feff49fe60ea968bc600848c2b57114147b8ed6
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
48B
MD5b008e9a8569d5346cfa693ec133d9ed1
SHA18beea062d5bfe39df4d894ef75b4de6e1f9086bc
SHA2562ce69899aed9c31095b7bdcc2422bb83e85279d0ad37e27f2b7c8ffd66d7a7d8
SHA5122f9e05bbd6ebd01609674aaf41f070ef03b686da78daea3a15ccf4e71c399e4d593d65c233acbec3861e6fe7e63a19cb846d76849e148d6ae292b36076caef0a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.icoFilesize
70KB
MD5e5e3377341056643b0494b6842c0b544
SHA1d53fd8e256ec9d5cef8ef5387872e544a2df9108
SHA256e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25
SHA51283f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\CURRENTFilesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001Filesize
41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HistoryFilesize
124KB
MD5dae2a445eba4d0853fd90cc3dc9a99de
SHA179e2075545f7c4ea95c7d01463f66b1415096063
SHA256ba5e3acaa3a9aac16ab53f7b66dffc12b819705ccf8c7313cf8a750b1a822a43
SHA5123ab029eacd057672f973036c32b33bc3bbb6b6b1f8c7a917b0c23d23eb7534b1d12815a51f081812e8adf917feeee1ea41f5df2f56911b10bbc2ea4332e10235
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnkFilesize
2KB
MD57f065eefbdc218d482a582f815ed6e13
SHA1fcefe6b62e43af43fb55ed48b1d5e5f97b12f7d1
SHA2565e83d0380cf5e99650d2bf0f2f78505e183d9df6fe5a4e52edb6c0d6a68b5e5c
SHA51208abe6b2e1115c0f5f401b4677c85e1fb339755164cc894f2174bcafa80aac0953297026b3268da55675278ca65ad40310a26a58a098365ff150962232067cbb
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
1KB
MD5e0c133c8a489ab3a2ec33ba2d36b3f2f
SHA1f2ff886ba80c77c6185d2d731b572987636864df
SHA256979260a879d801b5d7f28c23aa1b4e71073f5d832bf181e5f30a59ed2ae0ad72
SHA512b5e2b7dd8e458c59fac2b49e73a666e5c024f8da8e1af757c26c3f3ff37bd5d0b7892adc15858fc8b2cc8dd6f7ad128f51f1bc438ae52707e18808d614453f0f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
1KB
MD538dd79f9bd9472eecff580f1180cd87b
SHA184a09651359dd24b7c99cb59011af6368a73ae00
SHA256b0a08e884b31d720884f1f8f525bb271b343e278727b664d6bf94ca7c5579c39
SHA51258abe8ac8ccae6ea4f21abaada01f2871d051da24c81cff98b7f32203f55a793affd9e58886394ebf2460575ce19993a8820d2b4e2ada05c2b16f06c534b882f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
4KB
MD5e5e38f9ffe4aa7cc46eb2dc5154cc1d3
SHA19f69c4c3efca4acd04d3c9bb706249c62cf37768
SHA256e38bd1ecbc6cca6c1b7dbd7d3ca097f774f5a787f1c49d58423601f9d53e9df6
SHA51266cd16844d6bb658ac578e163efb7a037f55c61dfc051cd7bcbf31ffa8e388ea5c981fe7a3c2253c4c60b019522c56fa52a194402eefe3228027078a19c73689
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
7KB
MD5343be7edf6d48b7c3ba41318dce955ef
SHA156add273b622e183d6a6277ca034e11dcf05244d
SHA256fedcf1ac0bede32f51aa3c2ca96f3696dd62f025f35c90e29c049064c5a8c4b2
SHA512309e8c7e423afae9ac7c2c6eac723dc8a8f45fcdd8a2fda3ce11e56dd5b34d726d2ee3b9622214a7ad55164b5bcd18808b18063b2ed135bc7c2d7d60cd054d49
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
8KB
MD539041a9b7f03132800d4019af9345ef7
SHA1e90b1535165b038774c3a83b6ab81f421112369a
SHA256abf86eaf172f0d28d58e4d5e15cc40721baf0577a39970dcb60e34eeeff2f5d0
SHA5128113f57eba76bcae0f360f87db7c760d43524bc38aee69d760e275f5f4a3930b9ddf135a6d1b6fb7d626c0ede616ce94cf50780962f80d9ea6ebce7409ef1431
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD5b6156c9e9756d3b08829d66f7a96a9ab
SHA16b554877509318e5082d5b44841d0faac95be518
SHA25669364e7c70e28f21a598477bae00cbcc301e9e5ee75bd21221519118b94c0a1b
SHA512480bbd9523f654b5c37b662fed1a9105647a816d2b4d7ff9e79c906124a0914175468a98a924c643c3081407005bc59bba5fde6e105718557d19972ee7a78dd6
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
7KB
MD563cf4ebabfb0d47c6afdf83d6ac976bb
SHA12a612ba42f2cb22dc2e2daca0aa10f4fcaab555f
SHA25627bd18998aee9c67255c59457f461c0209be1e1db578fbeb28f380a592f84538
SHA512927945fcaac79f177f265d2d45224f52fd7e72a1f23c1985d23f6907c82518b348007841611b0eb77f4c8234a837df669270e3f359b4b1f77650cb4dd23d1ffb
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure PreferencesFilesize
24KB
MD502ee7addc9e8a2d07af55556ebf0ff5c
SHA1020161bb64ecb7c6e6886ccc055908984dc651d8
SHA256552d3ed359b7a52278ce621674d16428d8a7969f6cd5663df18e240cce66aadc
SHA512567989543c3848a0c3276d96b96ca761f750e4b71fb74f36d809f590ffe16a72fd5ece251737a8b1ffe65f0051e211bd7ad19d2b8b0b7ca1b7ffc86dd2a52883
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure PreferencesFilesize
24KB
MD53966348bbd403f0d73c498b32b42c474
SHA1e831a80dc7540db9afced875d230530380ec5119
SHA25685295f1484a81c8e36f1287dbb3d8c2ff4f80a5b2dc0985b88abcf49850d7542
SHA51275a7fe567b809507d121ecfccd5cb85d7dc8e64609f916a450345a1ba959f7535767619970de25f9474c498666ad1b08250697222d5696f7a589f663a035c41c
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure PreferencesFilesize
24KB
MD53966348bbd403f0d73c498b32b42c474
SHA1e831a80dc7540db9afced875d230530380ec5119
SHA25685295f1484a81c8e36f1287dbb3d8c2ff4f80a5b2dc0985b88abcf49850d7542
SHA51275a7fe567b809507d121ecfccd5cb85d7dc8e64609f916a450345a1ba959f7535767619970de25f9474c498666ad1b08250697222d5696f7a589f663a035c41c
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web DataFilesize
116KB
MD5f70aa3fa04f0536280f872ad17973c3d
SHA150a7b889329a92de1b272d0ecf5fce87395d3123
SHA2568d782aa65de6db3538a14da82216e96d5e0a3c60496726e3541a8165bccc65f8
SHA51230675c5c610d9aa32a4c4a4d9c3af7570823cd197f8d2a709222c78e2cd15304bbed80e233e3674ec2f6e33d1961c67fd6a46dc8ba8b1a301cd0722932c03c84
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENTFilesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1Filesize
264KB
MD5f1e37a65ba2750afa117496619c5db71
SHA18be107049637e8fd1bd76282d04c800bf637acc6
SHA256f71d87ded08e654155c0fec02062eef488fc149b2dd6c0095f5613204e617629
SHA5121b12ea118436136049cb747822b9e0e6ce20b1de7e16678b6d1a512d0b2f91042702e2573e650c2ba036b5048626ddd6cd59f2f3d9b8473b3afd2cc9ecc83569
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
9KB
MD516269f76362e89a3020f41f8ab2c0b46
SHA1e39719d4726d6179534b186bcef458b75b32635e
SHA256b388a6dd9a2116710c2506cd0d1786403eaf577441c3d46f540646afc97ee615
SHA5123e45bfd1c47c958e348e9c39268fc9f08c0dbb5c2a841e53d7a5da44994768a7615abc527835a73af5976796756609f59708b1c1c0fea000d7391e44fb9a7b16
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
12KB
MD553748ab0080962ee302ecf34abd543d5
SHA1ec7fdcc76e77a001882961429eb82e4aee309dbe
SHA25659c2edbe13c4bab5fdca8a153ab83a5f5833edf263421b43a3338475cab392c2
SHA512fc21a1748d3207ac0f3570df43305eddca5b0fe73e85408ebdcbd874909002d33296954398a36f157eb948dbe7a6e2053c1eab0e67d543a2255fbf839a5a1566
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
13KB
MD546d4c9a1020c9925011432f964855cf8
SHA11798a8b1e4f9c92cfea60c2675ecee53d89c175b
SHA25651d329e748d1154a04e3de7790873c53fa0c9906547b35d8d10b580108a8ce54
SHA512a58766069dbb8490ea243eb757c7ddaf54b82ab140e624c7f3a3098f63540d0552d505c997f11eab6107d2d55fdb1c854db5419e42ee9ada8b017bc330dd34d9
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.dbFilesize
28KB
MD5bedef1d23751a13cf8d302636471157a
SHA13299ca16be18bae48c040d0287c79f62951b9a61
SHA256dec2cb0fe11c3ca8a954e13e28b2a8a3ed694a204d1fec697de9d9cb958995d6
SHA512159a94a9b6fcd23bfc33fe7b1beff636e911060fdb2deb39f1d8f3b50279a132422ac9fbeab11dfb9ae3ec2b23074ea4b79d637017db496ae8a93f2548838c3f
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-msFilesize
3KB
MD52afc828fd8da886ef6cca68d2c0b56ab
SHA1da266b28c79a4293330a3ae52140f2c56ec1a240
SHA2563305c4a9e821fd60a1f11f3213a51d6da3291117b3208d54d4ae8237c6077ccf
SHA512d2e5d9fe597217daa9e279362b013e1ee642dcd2d29ef266fbc9035f38866906fb562df03d241a4e201e181db91627107d4b123081759385e4e894a27a0226a7
-
C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnkFilesize
2KB
MD5310d02d59ee9229c313e96dac5496ab8
SHA146f9f9a73239a0a14d1183269e87b7cad78d7f6f
SHA256855dda1d37b4cdf8bef75219b78d98a3cff2172f673361ffcadc5878c2b96d59
SHA512e5435b528875b8b35520fab7da872a1d2d911cfa2e88c388a9558c97c7a75efcc58d493199fa7333a624340547a05279a77d920cc4be82089c3c618d773742d1
-
C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnkFilesize
2KB
MD57f065eefbdc218d482a582f815ed6e13
SHA1fcefe6b62e43af43fb55ed48b1d5e5f97b12f7d1
SHA2565e83d0380cf5e99650d2bf0f2f78505e183d9df6fe5a4e52edb6c0d6a68b5e5c
SHA51208abe6b2e1115c0f5f401b4677c85e1fb339755164cc894f2174bcafa80aac0953297026b3268da55675278ca65ad40310a26a58a098365ff150962232067cbb
-
C:\Users\Admin\Desktop\Microsoft Edge.lnkFilesize
2KB
MD557f6c52b343c9dcdfa343db8a5e8d509
SHA1d7ef52d64620f0b4f82e7b37c3d161e1dd3db2af
SHA256a6705dd598a9181250559c29c7fcf03e4e52550514a115d32b8e3eb61ecad016
SHA512c8fe7c089eee31b53f38876d1bdd5d8dc5b900414e70570a6773bdebb42a7d5c4c6e862f76b6120f4d3c6c377928749364e3b98c3adba8613aaeb894724f9663
-
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAEBE581FCB73249406FC21094EA252E_BC0CE803EF41A748738619ED7838EEFCFilesize
5B
MD55bfa51f3a417b98e7443eca90fc94703
SHA18c015d80b8a23f780bdd215dc842b0f5551f63bd
SHA256bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128
SHA5124cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399
-
C:\Windows\System32\drivers\EnigmaFileMonDriver.sysFilesize
82KB
MD535023b3cf6e48d1a4cc9901afd8da844
SHA1e50576e17e472f27d057a2f52986116fffbf4b19
SHA256029b8d7749b9f904919710a787ebcffbe0b1960310cc7c2bb65f4c0f3453fc4b
SHA512ea41f31efd7ff272ff0803ecd459cf5712afa41472a26252dc2e9cf042bee981f1b037f43e35d8e4599df144eaad44b8d1a29846c9c23cad5fc4a7cd7dd57562
-
\??\c:\program files\enigmasoft\spyhunter\shkernel.exeFilesize
16.7MB
MD5f41ddae0e0b2c7a41af8a8cdd55f496d
SHA10b0592fd132f936a4524cea80830c078df18a3cb
SHA25663d7e86b9910873b2194d67eca3676e1f7ee6fcc2243e636744fc82eea51dba6
SHA5127a724b6434d2b9fe3ad658164d24196807a3809e96b27c4933c4835dff9feb13951ab2ec20197bd97d1c506f79b9a6150d02ce7881098e513003efff12c5d12c
-
\??\c:\programdata\enigmasoft limited\sh5_installer.exeFilesize
6.6MB
MD53ce9158024e74733de9ab2232fb73dcb
SHA15fc8ed33206ab5b93f736114ba99bf47f81bfef6
SHA256e7dd3449cb2fd81c06e0f5c19e20b280c80fc4533356f3bf67fdfcb6ce238056
SHA512ac2e9d45a992513d8f4efee73f5a7166071b837302fc91888122d6a211b0437de75776d509b308809751b7c9fad69ebca5f8c6835d66b6fcb467f4cd434f06bb
-
\??\c:\users\public\desktop\spyhunter5.lnkFilesize
1KB
MD5ffe8d9c898a6ecb5311e8fc668f33a18
SHA1d3287f34af87ce578f78d70a3f47fae35bffcdcd
SHA256a6cc148ec1ede229ef0f46e4e706843831b3a0b6121a8ec0a4c0bad94f73416d
SHA512b734562696ace22dac1b162ecb66a7db0220e74bd734366f6c37458a6af6a3e4857db1cd6efd5424397d78601c40459f63f624a1bf6f1dd11251b4afa32cccdb
-
memory/652-192-0x000001D7AE5E0000-0x000001D7AE5E1000-memory.dmpFilesize
4KB
-
memory/652-191-0x000001D7AE5E0000-0x000001D7AE5E1000-memory.dmpFilesize
4KB
-
memory/652-202-0x000001D7AE5E0000-0x000001D7AE5E1000-memory.dmpFilesize
4KB
-
memory/652-201-0x000001D7AE5E0000-0x000001D7AE5E1000-memory.dmpFilesize
4KB
-
memory/652-197-0x000001D7AE5E0000-0x000001D7AE5E1000-memory.dmpFilesize
4KB
-
memory/652-196-0x000001D7AE5E0000-0x000001D7AE5E1000-memory.dmpFilesize
4KB
-
memory/652-198-0x000001D7AE5E0000-0x000001D7AE5E1000-memory.dmpFilesize
4KB
-
memory/652-199-0x000001D7AE5E0000-0x000001D7AE5E1000-memory.dmpFilesize
4KB
-
memory/652-200-0x000001D7AE5E0000-0x000001D7AE5E1000-memory.dmpFilesize
4KB
-
memory/652-190-0x000001D7AE5E0000-0x000001D7AE5E1000-memory.dmpFilesize
4KB