fa24ed7496834aae986ae5e13d0161383fc064a0d0a042432069c168b41a868b

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231025-en
resource tags

arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
submitted
26/11/2023, 17:01

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Commissions_open_20231004_Commissions_open_20231004pdf.exe
Size

917KB
MD5

47add7b37faf9e1bd6c843beafd83be7
SHA1

60afc00716e5701380671fb61121dd53c7715d0d
SHA256

fa24ed7496834aae986ae5e13d0161383fc064a0d0a042432069c168b41a868b
SHA512

71297103740f926dbb387d90c800faf6ba6956fe6db5b1c5b12c2a28bd8b98d74c614db1c2338ee4ea686103a0f5cee31337622f49dcfe245886be4fcb1d4cf4
SSDEEP

24576:lgZXoZUTVdt7KEA1oZsflCxjah+6Vr2x3aAq12JQf85y:QAoclC4AxKAB+E5y

Score

7^/10

bootkit persistence

Malware Config

Signatures

Checks BIOS information in registry 2 TTPs 1 IoCs

BIOS information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\Control Panel\International\Geo\Nation	Commissions_open_20231004_Commissions_open_20231004pdf.exe

Executes dropped EXE 28 IoCs

pid	Process
1436	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
900	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
4196	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
3992	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
832	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
2240	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
3608	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
4996	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
2020	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
3892	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
424	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
2800	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
3336	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
3992	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
1536	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
3452	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
2384	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
5036	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
2468	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
2316	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
2104	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
3040	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
5076	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
1980	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
3472	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
4116	hcs.exe
2076	hcs.exe
3836	hcs.exe

Loads dropped DLL 3 IoCs

pid	Process
3472	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
3472	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
3472	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PHYSICALDRIVE0	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Drops file in Program Files directory 6 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Sep\__tmp_rar_sfx_access_check_240612218	Commissions_open_20231004_Commissions_open_20231004pdf.exe
File created	C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	Commissions_open_20231004_Commissions_open_20231004pdf.exe
File opened for modification	C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	Commissions_open_20231004_Commissions_open_20231004pdf.exe
File created	C:\Program Files (x86)\Sep\Commissions_open_20231004_Commissions_open_20231004.pdf	Commissions_open_20231004_Commissions_open_20231004pdf.exe
File opened for modification	C:\Program Files (x86)\Sep\Commissions_open_20231004_Commissions_open_20231004.pdf	Commissions_open_20231004_Commissions_open_20231004pdf.exe
File opened for modification	C:\Program Files (x86)\Sep	Commissions_open_20231004_Commissions_open_20231004pdf.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	AcroRd32.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	AcroRd32.exe

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	AcroRd32.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-177160434-2093019976-369403398-1000_Classes\Local Settings	Commissions_open_20231004_Commissions_open_20231004pdf.exe

Suspicious behavior: EnumeratesProcesses 20 IoCs

pid	Process
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: SeIncBasePriorityPrivilege	4116	hcs.exe
Token: SeIncBasePriorityPrivilege	2076	hcs.exe
Token: SeIncBasePriorityPrivilege	3836	hcs.exe
Token: SeIncBasePriorityPrivilege	3472	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4204	AcroRd32.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe
4204	AcroRd32.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4072 wrote to memory of 4204	4072	Commissions_open_20231004_Commissions_open_20231004pdf.exe	86
PID 4072 wrote to memory of 4204	4072	Commissions_open_20231004_Commissions_open_20231004pdf.exe	86
PID 4072 wrote to memory of 4204	4072	Commissions_open_20231004_Commissions_open_20231004pdf.exe	86
PID 4072 wrote to memory of 1436	4072	Commissions_open_20231004_Commissions_open_20231004pdf.exe	88
PID 4072 wrote to memory of 1436	4072	Commissions_open_20231004_Commissions_open_20231004pdf.exe	88
PID 4072 wrote to memory of 1436	4072	Commissions_open_20231004_Commissions_open_20231004pdf.exe	88
PID 900 wrote to memory of 4196	900	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	90
PID 900 wrote to memory of 4196	900	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	90
PID 900 wrote to memory of 4196	900	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	90
PID 3992 wrote to memory of 832	3992	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	92
PID 3992 wrote to memory of 832	3992	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	92
PID 3992 wrote to memory of 832	3992	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	92
PID 2240 wrote to memory of 3608	2240	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	95
PID 2240 wrote to memory of 3608	2240	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	95
PID 2240 wrote to memory of 3608	2240	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	95
PID 4996 wrote to memory of 2020	4996	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	98
PID 4996 wrote to memory of 2020	4996	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	98
PID 4996 wrote to memory of 2020	4996	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	98
PID 4204 wrote to memory of 5060	4204	AcroRd32.exe	100
PID 4204 wrote to memory of 5060	4204	AcroRd32.exe	100
PID 4204 wrote to memory of 5060	4204	AcroRd32.exe	100
PID 3892 wrote to memory of 424	3892	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	103
PID 3892 wrote to memory of 424	3892	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	103
PID 3892 wrote to memory of 424	3892	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	103
PID 2800 wrote to memory of 3336	2800	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	105
PID 2800 wrote to memory of 3336	2800	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	105
PID 2800 wrote to memory of 3336	2800	tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe	105
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106
PID 5060 wrote to memory of 3372	5060	RdrCEF.exe	106

C:\Users\Admin\AppData\Local\Temp\Commissions_open_20231004_Commissions_open_20231004pdf.exe
"C:\Users\Admin\AppData\Local\Temp\Commissions_open_20231004_Commissions_open_20231004pdf.exe"
1⤵
- Checks computer location settings
- Drops file in Program Files directory
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:4072
- C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Program Files (x86)\Sep\Commissions_open_20231004_Commissions_open_20231004.pdf"
  2⤵
  - Checks processor information in registry
  - Modifies Internet Explorer settings
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:4204
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:5060
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=F76508E87C07DA51C62D8A5B8A9833A8 --mojo-platform-channel-handle=1748 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:3372
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=5EC8F168CAE79CFDD0AF06674C1B4BDF --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=5EC8F168CAE79CFDD0AF06674C1B4BDF --renderer-client-id=2 --mojo-platform-channel-handle=1772 --allow-no-sandbox-job /prefetch:1
      4⤵
      PID:100
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=8E9387C561D4E5B6418DFE5E8018E143 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=8E9387C561D4E5B6418DFE5E8018E143 --renderer-client-id=4 --mojo-platform-channel-handle=2168 --allow-no-sandbox-job /prefetch:1
      4⤵
      PID:3552
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=4E0646391697FE92AC8B12549A1F25E7 --mojo-platform-channel-handle=2548 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:3488
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=66F82580918C1FD367A6CC066D10F4FF --mojo-platform-channel-handle=1884 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:4072
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=86B961C651152E167149F637C2C05CC5 --mojo-platform-channel-handle=1736 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:3772
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe"
  2⤵
  - Executes dropped EXE
  PID:1436

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:900
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:4196

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:3992
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:832

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:2240
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:3608

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:4996
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:2020

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:3892
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:424

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:2800
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:3336

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:724

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
PID:3992
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:1536

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
PID:3452
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:2384

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
PID:5036
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:2468

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
PID:2316
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:2104

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
PID:3040
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Executes dropped EXE
  PID:5076

C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
"C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe" /service
1⤵
- Executes dropped EXE
PID:1980
- C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe
  "" "/runsupportversion"
  2⤵
  - Checks BIOS information in registry
  - Executes dropped EXE
  - Loads dropped DLL
  - Writes to the Master Boot Record (MBR)
  - Suspicious use of AdjustPrivilegeToken
  PID:3472
- - C:\ProgramData\Anyplace Control Support\hcs.exe
    "C:\ProgramData\Anyplace Control Support\hcs.exe" "/effects=onC:\ProgramData\Anyplace?Control?Support\apc-settings.ini"
    3⤵
    - Executes dropped EXE
    - Suspicious use of AdjustPrivilegeToken
    PID:4116
- - C:\ProgramData\Anyplace Control Support\hcs.exe
    "C:\ProgramData\Anyplace Control Support\hcs.exe" "/theme=onC:\ProgramData\Anyplace?Control?Support\apc-settings.ini"
    3⤵
    - Executes dropped EXE
    - Suspicious use of AdjustPrivilegeToken
    PID:2076
- - C:\ProgramData\Anyplace Control Support\hcs.exe
    "C:\ProgramData\Anyplace Control Support\hcs.exe" "/wallpaper=on"
    3⤵
    - Executes dropped EXE
    - Suspicious use of AdjustPrivilegeToken
    PID:3836

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Sep\Commissions_open_20231004_Commissions_open_20231004.pdf

Filesize
30KB

MD5
d033511d0d69d7c6e3a64eb523370f52

SHA1
71a5bc6e6d1b7300a5c0cfdcfa303c9568bf772b

SHA256
849476bfafb0481bd33b970e6a2cc312d0bdcb8f52a7baff083691bcfd096162

SHA512
836671e248b3c003b8909626927cbb285f8dcaff5c8dc4930771976d4744c0a800d2ba1a963f8ed886de873daef2926edeb34c53f385a80ce11d7235d7defd25

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\Program Files (x86)\Sep\tengofeendios-Y3Jpc2dvbjg3QGdtYWlsLmNvbSAzODQ1MjMgYnJ1dGFsbW9ydGFs.exe

Filesize
1.4MB

MD5
e1d228f6e0f0c3ae48209a4cbc9bd0cd

SHA1
6709981fa5dc059059fa34fbdf9fd1df814684b7

SHA256
e77efb3fa3e19fed95448cde1862f72dd2458a01aaf1cd703930296aee7e5630

SHA512
5b805a43256fffda6ef6023ebf1438e70cef88a10d3a8759ad60b4e7c1a02a65096d9cb4de3ff99ab22288ea2e63687b4cc0b10aef1352d78e6c22ef94998055

Download Submit
C:\ProgramData\Anyplace Control Support\apcErrorsLog.txt

Filesize
738B

MD5
0785e85df3e2edfc5aa2fcfb89941e70

SHA1
ace9d08774ba05e7c1ebe25639762b2072a97c0a

SHA256
b14c1066948c668c811a9280449689957b7abda1f23c6a47e59dd6b8ca2c6088

SHA512
cd2ed57aef7a22566ceabd648365cbcfcd78e8ff33b1d07d816cb6755a3546f4eb5c94a0e8189cc6ff4381dc53fe52844ed5280e1e53430123f1f2eb5a699e53

Download Submit
C:\ProgramData\Anyplace Control Support\apcErrorsLog.txt

Filesize
861B

MD5
f7338f154b60fa168154fcc99672a44d

SHA1
cf2d1fba4a74a03cf498a647a76c7f307650953b

SHA256
a6418f5a61c34e4d5324e88ee6091f413e04116506a869f0c0d3c261a0bef233

SHA512
743bd383903ddc5a9f20653e1128381e06ca2a5770d09465378053da73a57abad273b2bd8d1817b1db852fc9294d6b6988ea240467c13f1031997392d6599481

Download Submit
C:\ProgramData\Anyplace Control Support\apcErrorsLog.txt

Filesize
984B

MD5
971003efd23bf57bc4fbfea1f8676132

SHA1
59c4ec71649220966519407ad89fdf8d03114faa

SHA256
1ed3da1b4e1f8f0dc4ea92d2199251fce09aa353182aff45a146b9889c69790f

SHA512
a0fdaa407fad8b22a4143416eb8e56f66d4a7abf16c793aaf06bd129aabf21626dd997630dd2f81d848c7450adc67431c357b14ca09517f6f97f1c1a42c52639

Download Submit
C:\ProgramData\Anyplace Control Support\apcErrorsLog.txt

Filesize
1KB

MD5
b364aad8b1b0e776f44ac2df11deba61

SHA1
64688c58134b35dde370e781c55fa3b7cb1402a3

SHA256
61e3a4edfd5b399794d9855a282e9921f0909ca8c91b081f6697099e51ea98ae

SHA512
5ca1ffdab6b7e697f82a2dd332c7f8bc2a0085a409a6ef1ee3b48b48f15387c3e4667c958ec7638e15d415b6d1f4cc973fb2bd89ae19bda3750bb77534382d62

Download Submit
C:\ProgramData\Anyplace Control Support\apcErrorsLog.txt

Filesize
246B

MD5
d189ac9d72799d762a6042c4e5afaa77

SHA1
75848191889bba0f8bec660e591a86c62d195075

SHA256
df30929d32bac0af954115d42acbfab0f979fb304d23360884b905a8acd51baa

SHA512
233beb7ff4d07a043359344647b7dc33bc5efb90d21fa862d3d9c1eeb9495a7dee80c605cc53f3d62683ba62106d87e356abbaee1f78c1bbd1eb59d4706a72ff

Download Submit
C:\ProgramData\Anyplace Control Support\apcErrorsLog.txt

Filesize
369B

MD5
ec17b58e14e7aa728b7180af6c70abea

SHA1
977092cb8b7b11a3b7a69c7cc36c53e5c265955f

SHA256
d45abf42ae125275cdb6fa1a40588eddba44b0404abbd90cde1eec0c3c05c6cc

SHA512
8c9525037676bbdd07d2b4730665d7b9a78f787a0afd9d3fff41e7b9039d3ae3e4e5812ce4c02593e2f2111657a58f808763bd62e38b7b19f2a9c5fa27a61b43

Download Submit
C:\ProgramData\Anyplace Control Support\apcErrorsLog.txt

Filesize
492B

MD5
19ead3a87a1e4297668814d8fe33c950

SHA1
6d7e35c99743b4f16d63e225277d08b9e217eb5f

SHA256
fc83bf5fed64ceb6b947bea73f5e9bfff64a7e802a4712451c3708330ddd2ab9

SHA512
11311327484498084d49e5c4fb09c7f194c1a87392fd4ebdec9fc29e1d64d2db5a2b33bf69e3ea78f9f10b7803c95eba3ce6d928318b2ede7ba11efdb3987822

Download Submit
C:\ProgramData\Anyplace Control Support\apcErrorsLog.txt

Filesize
615B

MD5
f9f758a8f602c0d2ba89b4c03ce64c71

SHA1
1b0a1709117c6077dce75918dae9406c07869247

SHA256
1ca2c353965f9af14118382484dc99a80d46970019ba36776de594dd0569bb94

SHA512
011ff3e26de21715cb4f2f2804d388c3158f8d4e8fec36cba7f16626a30e99869c4d18fd660cdfcd0fe937f5e96b0de326ccd08bfb79d753333712081ae71f3a

Download Submit
C:\ProgramData\Anyplace Control Support\hcs.exe

Filesize
104KB

MD5
ac5933067b2c38299ae1443331a61511

SHA1
f1176f9bd6540bb4c1d9a7b723a42ff12c98b8b9

SHA256
8c305bb4c07fac5c88ad1906e6195dd8176f7b6e5014e8fb3e081a45161cf72a

SHA512
c53d784fd5d37e1b753b3397711e36aa3f6d323d1c9f82a7a8c6ae4947b21c125a64517ac76278350beee30faa53ef985c975f19007a43766594423bca4f1727

Download Submit
C:\ProgramData\Anyplace Control Support\hcs.exe

Filesize
104KB

MD5
ac5933067b2c38299ae1443331a61511

SHA1
f1176f9bd6540bb4c1d9a7b723a42ff12c98b8b9

SHA256
8c305bb4c07fac5c88ad1906e6195dd8176f7b6e5014e8fb3e081a45161cf72a

SHA512
c53d784fd5d37e1b753b3397711e36aa3f6d323d1c9f82a7a8c6ae4947b21c125a64517ac76278350beee30faa53ef985c975f19007a43766594423bca4f1727

Download Submit
C:\ProgramData\Anyplace Control Support\hcs.exe

Filesize
104KB

MD5
ac5933067b2c38299ae1443331a61511

SHA1
f1176f9bd6540bb4c1d9a7b723a42ff12c98b8b9

SHA256
8c305bb4c07fac5c88ad1906e6195dd8176f7b6e5014e8fb3e081a45161cf72a

SHA512
c53d784fd5d37e1b753b3397711e36aa3f6d323d1c9f82a7a8c6ae4947b21c125a64517ac76278350beee30faa53ef985c975f19007a43766594423bca4f1727

Download Submit
C:\ProgramData\Anyplace Control Support\hcs.exe

Filesize
104KB

MD5
ac5933067b2c38299ae1443331a61511

SHA1
f1176f9bd6540bb4c1d9a7b723a42ff12c98b8b9

SHA256
8c305bb4c07fac5c88ad1906e6195dd8176f7b6e5014e8fb3e081a45161cf72a

SHA512
c53d784fd5d37e1b753b3397711e36aa3f6d323d1c9f82a7a8c6ae4947b21c125a64517ac76278350beee30faa53ef985c975f19007a43766594423bca4f1727

Download Submit
C:\ProgramData\Anyplace Control Support\hcs.exe

Filesize
104KB

MD5
ac5933067b2c38299ae1443331a61511

SHA1
f1176f9bd6540bb4c1d9a7b723a42ff12c98b8b9

SHA256
8c305bb4c07fac5c88ad1906e6195dd8176f7b6e5014e8fb3e081a45161cf72a

SHA512
c53d784fd5d37e1b753b3397711e36aa3f6d323d1c9f82a7a8c6ae4947b21c125a64517ac76278350beee30faa53ef985c975f19007a43766594423bca4f1727

Download Submit
C:\ProgramData\Anyplace Control Support\hcs.exe

Filesize
104KB

MD5
ac5933067b2c38299ae1443331a61511

SHA1
f1176f9bd6540bb4c1d9a7b723a42ff12c98b8b9

SHA256
8c305bb4c07fac5c88ad1906e6195dd8176f7b6e5014e8fb3e081a45161cf72a

SHA512
c53d784fd5d37e1b753b3397711e36aa3f6d323d1c9f82a7a8c6ae4947b21c125a64517ac76278350beee30faa53ef985c975f19007a43766594423bca4f1727

Download Submit
C:\ProgramData\Anyplace Control Support\hcs.exe

Filesize
104KB

MD5
ac5933067b2c38299ae1443331a61511

SHA1
f1176f9bd6540bb4c1d9a7b723a42ff12c98b8b9

SHA256
8c305bb4c07fac5c88ad1906e6195dd8176f7b6e5014e8fb3e081a45161cf72a

SHA512
c53d784fd5d37e1b753b3397711e36aa3f6d323d1c9f82a7a8c6ae4947b21c125a64517ac76278350beee30faa53ef985c975f19007a43766594423bca4f1727

Download Submit
C:\ProgramData\Anyplace Control Support\hcs.exe

Filesize
104KB

MD5
ac5933067b2c38299ae1443331a61511

SHA1
f1176f9bd6540bb4c1d9a7b723a42ff12c98b8b9

SHA256
8c305bb4c07fac5c88ad1906e6195dd8176f7b6e5014e8fb3e081a45161cf72a

SHA512
c53d784fd5d37e1b753b3397711e36aa3f6d323d1c9f82a7a8c6ae4947b21c125a64517ac76278350beee30faa53ef985c975f19007a43766594423bca4f1727

Download Submit
C:\ProgramData\Anyplace Control Support\hcs.exe

Filesize
104KB

MD5
ac5933067b2c38299ae1443331a61511

SHA1
f1176f9bd6540bb4c1d9a7b723a42ff12c98b8b9

SHA256
8c305bb4c07fac5c88ad1906e6195dd8176f7b6e5014e8fb3e081a45161cf72a

SHA512
c53d784fd5d37e1b753b3397711e36aa3f6d323d1c9f82a7a8c6ae4947b21c125a64517ac76278350beee30faa53ef985c975f19007a43766594423bca4f1727

Download Submit
C:\ProgramData\Anyplace Control Support\hcs.exe

Filesize
104KB

MD5
ac5933067b2c38299ae1443331a61511

SHA1
f1176f9bd6540bb4c1d9a7b723a42ff12c98b8b9

SHA256
8c305bb4c07fac5c88ad1906e6195dd8176f7b6e5014e8fb3e081a45161cf72a

SHA512
c53d784fd5d37e1b753b3397711e36aa3f6d323d1c9f82a7a8c6ae4947b21c125a64517ac76278350beee30faa53ef985c975f19007a43766594423bca4f1727

Download Submit
C:\ProgramData\Anyplace Control Support\hostaccount.ini

Filesize
173B

MD5
93bf2c91163fa269396d6306795c5596

SHA1
a48d49d96bcc8f89475ca44ddd56b0b70d0ada8a

SHA256
245846301eef83184337f4a29fc603ef5c39a4a021a03071b242ca37f5df7c77

SHA512
2281d56ae04728b6ccd00dc56c966f4bbb25e21037c47543e3bcbe36890a9b6d243cea0e4d1a0757e025918375e9251521dbcf611fff0e2eb865fb11a412651a

Download Submit
C:\ProgramData\Anyplace Control Support\hostaccount.ini

Filesize
166B

MD5
9ba7829ecb751f7494fcaac4bc240ef6

SHA1
5cd6899d4f4a56544ff17d02fe6d76c73f681443

SHA256
5edeafafdd1f80e1c5219645c93077adae84637ffa9e68f548d460d5e8c2140c

SHA512
303849f68b2764de7273d0a8684a4d137dc8005179aa997c8d626e61958944937e327935bb754ee245e90011ac9676813ae8c3a7dadcba78e403a96ce2d4f786

Download Submit
C:\ProgramData\Anyplace Control Support\hoststate.dat

Filesize
67B

MD5
633effab2e017c9eb53aeb94756d2a67

SHA1
37fedc3e552b5cc558844523c626211af90851d5

SHA256
321b509184b50734b014538a58e336d802dc4a81033c723da1c49242811a3690

SHA512
ebec8b46c6a57163975b083de4589570996c819aa6fb1ced60f15340b5ea542c512789e027bf737ce735ff4eeeda4c78f34d74479eaa1e8bda57fa602557dc1c

Download Submit
C:\ProgramData\Anyplace Control Support\hoststate.dat

Filesize
46B

MD5
e211696a2de61daa2dd28ff12447b7ae

SHA1
21a276f5723d849e8aa1b28cc66f001c1811b6bd

SHA256
91c1ece3a9a2f0be4b84a9e209a88def0323ef7c42f2d476a6e5af0ac6a1d2bd

SHA512
9b470387a1a828df2f986d5066911199b1a2e89e0a857518ccb6104b5e49ef57cd2947005b5c77898b62529b6eeff808d23f71c52ccb1c1745f84015fee57446

Download Submit
C:\ProgramData\Anyplace Control Support\libspeex.dll

Filesize
166KB

MD5
e10db82c997a756a01b6f954e86b83e0

SHA1
411fca36d8639b0ba78d8b3cfe1421626a33e6b4

SHA256
65a9bbd5b3b9161c0dd61a9e185e391cfa68f31171e1a5fcfad20bcc9eb09480

SHA512
ad3915a619e139a39d9587975f20374852255437fbb31621be94252794beb553ac710ce5fd15ea562be753788c47ff49babd7f5361cb4665e748c8aada01ac8b

Download Submit
C:\ProgramData\Anyplace Control Support\libspeex.dll

Filesize
166KB

MD5
e10db82c997a756a01b6f954e86b83e0

SHA1
411fca36d8639b0ba78d8b3cfe1421626a33e6b4

SHA256
65a9bbd5b3b9161c0dd61a9e185e391cfa68f31171e1a5fcfad20bcc9eb09480

SHA512
ad3915a619e139a39d9587975f20374852255437fbb31621be94252794beb553ac710ce5fd15ea562be753788c47ff49babd7f5361cb4665e748c8aada01ac8b

Download Submit
C:\ProgramData\Anyplace Control Support\libspeex.dll

Filesize
166KB

MD5
e10db82c997a756a01b6f954e86b83e0

SHA1
411fca36d8639b0ba78d8b3cfe1421626a33e6b4

SHA256
65a9bbd5b3b9161c0dd61a9e185e391cfa68f31171e1a5fcfad20bcc9eb09480

SHA512
ad3915a619e139a39d9587975f20374852255437fbb31621be94252794beb553ac710ce5fd15ea562be753788c47ff49babd7f5361cb4665e748c8aada01ac8b

Download Submit
C:\ProgramData\Anyplace Control Support\libspeex.dll

Filesize
166KB

MD5
e10db82c997a756a01b6f954e86b83e0

SHA1
411fca36d8639b0ba78d8b3cfe1421626a33e6b4

SHA256
65a9bbd5b3b9161c0dd61a9e185e391cfa68f31171e1a5fcfad20bcc9eb09480

SHA512
ad3915a619e139a39d9587975f20374852255437fbb31621be94252794beb553ac710ce5fd15ea562be753788c47ff49babd7f5361cb4665e748c8aada01ac8b

Download Submit
C:\ProgramData\Anyplace Control Support\libspeex.dll

Filesize
166KB

MD5
e10db82c997a756a01b6f954e86b83e0

SHA1
411fca36d8639b0ba78d8b3cfe1421626a33e6b4

SHA256
65a9bbd5b3b9161c0dd61a9e185e391cfa68f31171e1a5fcfad20bcc9eb09480

SHA512
ad3915a619e139a39d9587975f20374852255437fbb31621be94252794beb553ac710ce5fd15ea562be753788c47ff49babd7f5361cb4665e748c8aada01ac8b

Download Submit
C:\ProgramData\Anyplace Control Support\libspeex.dll

Filesize
166KB

MD5
e10db82c997a756a01b6f954e86b83e0

SHA1
411fca36d8639b0ba78d8b3cfe1421626a33e6b4

SHA256
65a9bbd5b3b9161c0dd61a9e185e391cfa68f31171e1a5fcfad20bcc9eb09480

SHA512
ad3915a619e139a39d9587975f20374852255437fbb31621be94252794beb553ac710ce5fd15ea562be753788c47ff49babd7f5361cb4665e748c8aada01ac8b

Download Submit
C:\ProgramData\Anyplace Control Support\libspeex.dll

Filesize
166KB

MD5
e10db82c997a756a01b6f954e86b83e0

SHA1
411fca36d8639b0ba78d8b3cfe1421626a33e6b4

SHA256
65a9bbd5b3b9161c0dd61a9e185e391cfa68f31171e1a5fcfad20bcc9eb09480

SHA512
ad3915a619e139a39d9587975f20374852255437fbb31621be94252794beb553ac710ce5fd15ea562be753788c47ff49babd7f5361cb4665e748c8aada01ac8b

Download Submit
C:\ProgramData\Anyplace Control Support\libspeex.dll

Filesize
166KB

MD5
e10db82c997a756a01b6f954e86b83e0

SHA1
411fca36d8639b0ba78d8b3cfe1421626a33e6b4

SHA256
65a9bbd5b3b9161c0dd61a9e185e391cfa68f31171e1a5fcfad20bcc9eb09480

SHA512
ad3915a619e139a39d9587975f20374852255437fbb31621be94252794beb553ac710ce5fd15ea562be753788c47ff49babd7f5361cb4665e748c8aada01ac8b

Download Submit
C:\ProgramData\Anyplace Control Support\libspeex.dll

Filesize
166KB

MD5
e10db82c997a756a01b6f954e86b83e0

SHA1
411fca36d8639b0ba78d8b3cfe1421626a33e6b4

SHA256
65a9bbd5b3b9161c0dd61a9e185e391cfa68f31171e1a5fcfad20bcc9eb09480

SHA512
ad3915a619e139a39d9587975f20374852255437fbb31621be94252794beb553ac710ce5fd15ea562be753788c47ff49babd7f5361cb4665e748c8aada01ac8b

Download Submit
C:\ProgramData\Anyplace Control Support\libspeex.dll

Filesize
166KB

MD5
e10db82c997a756a01b6f954e86b83e0

SHA1
411fca36d8639b0ba78d8b3cfe1421626a33e6b4

SHA256
65a9bbd5b3b9161c0dd61a9e185e391cfa68f31171e1a5fcfad20bcc9eb09480

SHA512
ad3915a619e139a39d9587975f20374852255437fbb31621be94252794beb553ac710ce5fd15ea562be753788c47ff49babd7f5361cb4665e748c8aada01ac8b

Download Submit
C:\ProgramData\Anyplace Control Support\libspeexdsp.dll

Filesize
153KB

MD5
9a8608bb0b654c650743221914d87ac2

SHA1
bc4dde9361fe4170a93e6e9af80cb8a2aaf70f66

SHA256
f15b0408096eafc700fe069b716ffa921854b4e95bed33ad08524a59cc8ad57b

SHA512
ceac4b5b61528832eedfc98c050fda907df88ad9ad342257c2fb2e15d8e185cc1b7f73e0c773950b7a63a5266c900d3ada4d96a2135fa2b791b4577e0f27258f

Download Submit
C:\ProgramData\Anyplace Control Support\libspeexdsp.dll

Filesize
153KB

MD5
9a8608bb0b654c650743221914d87ac2

SHA1
bc4dde9361fe4170a93e6e9af80cb8a2aaf70f66

SHA256
f15b0408096eafc700fe069b716ffa921854b4e95bed33ad08524a59cc8ad57b

SHA512
ceac4b5b61528832eedfc98c050fda907df88ad9ad342257c2fb2e15d8e185cc1b7f73e0c773950b7a63a5266c900d3ada4d96a2135fa2b791b4577e0f27258f

Download Submit
C:\ProgramData\Anyplace Control Support\libspeexdsp.dll

Filesize
153KB

MD5
9a8608bb0b654c650743221914d87ac2

SHA1
bc4dde9361fe4170a93e6e9af80cb8a2aaf70f66

SHA256
f15b0408096eafc700fe069b716ffa921854b4e95bed33ad08524a59cc8ad57b

SHA512
ceac4b5b61528832eedfc98c050fda907df88ad9ad342257c2fb2e15d8e185cc1b7f73e0c773950b7a63a5266c900d3ada4d96a2135fa2b791b4577e0f27258f

Download Submit
C:\ProgramData\Anyplace Control Support\libspeexdsp.dll

Filesize
153KB

MD5
9a8608bb0b654c650743221914d87ac2

SHA1
bc4dde9361fe4170a93e6e9af80cb8a2aaf70f66

SHA256
f15b0408096eafc700fe069b716ffa921854b4e95bed33ad08524a59cc8ad57b

SHA512
ceac4b5b61528832eedfc98c050fda907df88ad9ad342257c2fb2e15d8e185cc1b7f73e0c773950b7a63a5266c900d3ada4d96a2135fa2b791b4577e0f27258f

Download Submit
C:\ProgramData\Anyplace Control Support\libspeexdsp.dll

Filesize
153KB

MD5
9a8608bb0b654c650743221914d87ac2

SHA1
bc4dde9361fe4170a93e6e9af80cb8a2aaf70f66

SHA256
f15b0408096eafc700fe069b716ffa921854b4e95bed33ad08524a59cc8ad57b

SHA512
ceac4b5b61528832eedfc98c050fda907df88ad9ad342257c2fb2e15d8e185cc1b7f73e0c773950b7a63a5266c900d3ada4d96a2135fa2b791b4577e0f27258f

Download Submit
C:\ProgramData\Anyplace Control Support\libspeexdsp.dll

Filesize
153KB

MD5
9a8608bb0b654c650743221914d87ac2

SHA1
bc4dde9361fe4170a93e6e9af80cb8a2aaf70f66

SHA256
f15b0408096eafc700fe069b716ffa921854b4e95bed33ad08524a59cc8ad57b

SHA512
ceac4b5b61528832eedfc98c050fda907df88ad9ad342257c2fb2e15d8e185cc1b7f73e0c773950b7a63a5266c900d3ada4d96a2135fa2b791b4577e0f27258f

Download Submit
C:\ProgramData\Anyplace Control Support\libspeexdsp.dll

Filesize
153KB

MD5
9a8608bb0b654c650743221914d87ac2

SHA1
bc4dde9361fe4170a93e6e9af80cb8a2aaf70f66

SHA256
f15b0408096eafc700fe069b716ffa921854b4e95bed33ad08524a59cc8ad57b

SHA512
ceac4b5b61528832eedfc98c050fda907df88ad9ad342257c2fb2e15d8e185cc1b7f73e0c773950b7a63a5266c900d3ada4d96a2135fa2b791b4577e0f27258f

Download Submit
C:\ProgramData\Anyplace Control Support\libspeexdsp.dll

Filesize
153KB

MD5
9a8608bb0b654c650743221914d87ac2

SHA1
bc4dde9361fe4170a93e6e9af80cb8a2aaf70f66

SHA256
f15b0408096eafc700fe069b716ffa921854b4e95bed33ad08524a59cc8ad57b

SHA512
ceac4b5b61528832eedfc98c050fda907df88ad9ad342257c2fb2e15d8e185cc1b7f73e0c773950b7a63a5266c900d3ada4d96a2135fa2b791b4577e0f27258f

Download Submit
C:\ProgramData\Anyplace Control Support\libspeexdsp.dll

Filesize
153KB

MD5
9a8608bb0b654c650743221914d87ac2

SHA1
bc4dde9361fe4170a93e6e9af80cb8a2aaf70f66

SHA256
f15b0408096eafc700fe069b716ffa921854b4e95bed33ad08524a59cc8ad57b

SHA512
ceac4b5b61528832eedfc98c050fda907df88ad9ad342257c2fb2e15d8e185cc1b7f73e0c773950b7a63a5266c900d3ada4d96a2135fa2b791b4577e0f27258f

Download Submit
C:\ProgramData\Anyplace Control Support\sessionID.txt

Filesize
3B

MD5
a5ea0ad9260b1550a14cc58d2c39b03d

SHA1
f0aedf295071ed34ab8c6a7692223d22b6a19841

SHA256
f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04

SHA512
7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74

Download Submit
C:\ProgramData\Anyplace Control Support\sessionID.txt

Filesize
3B

MD5
a5ea0ad9260b1550a14cc58d2c39b03d

SHA1
f0aedf295071ed34ab8c6a7692223d22b6a19841

SHA256
f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04

SHA512
7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74

Download Submit
C:\ProgramData\Anyplace Control Support\sessionID.txt

Filesize
3B

MD5
a5ea0ad9260b1550a14cc58d2c39b03d

SHA1
f0aedf295071ed34ab8c6a7692223d22b6a19841

SHA256
f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04

SHA512
7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74

Download Submit
C:\ProgramData\Anyplace Control Support\sessionID.txt

Filesize
3B

MD5
a5ea0ad9260b1550a14cc58d2c39b03d

SHA1
f0aedf295071ed34ab8c6a7692223d22b6a19841

SHA256
f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04

SHA512
7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74

Download Submit
C:\ProgramData\Anyplace Control Support\sessionID.txt

Filesize
3B

MD5
a5ea0ad9260b1550a14cc58d2c39b03d

SHA1
f0aedf295071ed34ab8c6a7692223d22b6a19841

SHA256
f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04

SHA512
7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74

Download Submit
C:\ProgramData\Anyplace Control Support\sessionID.txt

Filesize
3B

MD5
a5ea0ad9260b1550a14cc58d2c39b03d

SHA1
f0aedf295071ed34ab8c6a7692223d22b6a19841

SHA256
f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04

SHA512
7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74

Download Submit
C:\ProgramData\Anyplace Control Support\sessionID.txt

Filesize
3B

MD5
a5ea0ad9260b1550a14cc58d2c39b03d

SHA1
f0aedf295071ed34ab8c6a7692223d22b6a19841

SHA256
f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04

SHA512
7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74

Download Submit
C:\ProgramData\Anyplace Control Support\sessionID.txt

Filesize
3B

MD5
a5ea0ad9260b1550a14cc58d2c39b03d

SHA1
f0aedf295071ed34ab8c6a7692223d22b6a19841

SHA256
f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04

SHA512
7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74

Download Submit
C:\ProgramData\Anyplace Control Support\sessionID.txt

Filesize
3B

MD5
a5ea0ad9260b1550a14cc58d2c39b03d

SHA1
f0aedf295071ed34ab8c6a7692223d22b6a19841

SHA256
f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04

SHA512
7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74

Download Submit
C:\ProgramData\Anyplace Control Support\sessionID.txt

Filesize
3B

MD5
a5ea0ad9260b1550a14cc58d2c39b03d

SHA1
f0aedf295071ed34ab8c6a7692223d22b6a19841

SHA256
f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04

SHA512
7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

Filesize
36KB

MD5
b30d3becc8731792523d599d949e63f5

SHA1
19350257e42d7aee17fb3bf139a9d3adb330fad4

SHA256
b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3

SHA512
523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

Filesize
56KB

MD5
752a1f26b18748311b691c7d8fc20633

SHA1
c1f8e83eebc1cc1e9b88c773338eb09ff82ab862

SHA256
111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131

SHA512
a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

Filesize
64KB

MD5
b3d861edcac12c851b6967d34ecaec0a

SHA1
9acfced60507cbc0eb9aedd5daf2d4ce45d1f0c6

SHA256
1ef7744974452401e868e6809e937362a1e24eaa776a0388199741d5a85e305c

SHA512
2986f1acad0fa0d8a41fd1979e7e776d90a1feb65b75e604c69217803e642d94f65f71713430f22af97cbc9968d94d60e1908cc3228cadeab7c9e92b85d3b37e

Download Submit
memory/424-138-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/424-97-0x0000000000870000-0x0000000000871000-memory.dmp

Filesize
4KB

Download
memory/832-66-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/832-42-0x0000000002220000-0x0000000002221000-memory.dmp

Filesize
4KB

Download
memory/900-24-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/900-22-0x0000000000720000-0x0000000000721000-memory.dmp

Filesize
4KB

Download
memory/1436-15-0x0000000002340000-0x0000000002341000-memory.dmp

Filesize
4KB

Download
memory/1436-58-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/1536-184-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/1536-145-0x0000000000740000-0x0000000000741000-memory.dmp

Filesize
4KB

Download
memory/1980-212-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/1980-211-0x0000000000FA0000-0x0000000000FA1000-memory.dmp

Filesize
4KB

Download
memory/2020-75-0x0000000002210000-0x0000000002211000-memory.dmp

Filesize
4KB

Download
memory/2020-117-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/2076-235-0x0000000000400000-0x000000000041F000-memory.dmp

Filesize
124KB

Download
memory/2104-216-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/2104-195-0x0000000002100000-0x0000000002101000-memory.dmp

Filesize
4KB

Download
memory/2240-52-0x0000000000D90000-0x0000000000D91000-memory.dmp

Filesize
4KB

Download
memory/2240-54-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/2316-194-0x0000000000D50000-0x0000000000D51000-memory.dmp

Filesize
4KB

Download
memory/2316-192-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/2384-172-0x00000000020C0000-0x00000000020C1000-memory.dmp

Filesize
4KB

Download
memory/2384-202-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/2468-182-0x0000000002100000-0x0000000002101000-memory.dmp

Filesize
4KB

Download
memory/2468-215-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/2800-102-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/2800-99-0x0000000000EA0000-0x0000000000EA1000-memory.dmp

Filesize
4KB

Download
memory/3040-203-0x0000000000EA0000-0x0000000000EA1000-memory.dmp

Filesize
4KB

Download
memory/3040-204-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/3336-183-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/3336-105-0x0000000002100000-0x0000000002101000-memory.dmp

Filesize
4KB

Download
memory/3452-161-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/3452-159-0x0000000000D50000-0x0000000000D51000-memory.dmp

Filesize
4KB

Download
memory/3472-214-0x00000000021E0000-0x00000000021E1000-memory.dmp

Filesize
4KB

Download
memory/3472-245-0x0000000003050000-0x000000000307B000-memory.dmp

Filesize
172KB

Download
memory/3472-551-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/3472-420-0x00000000021E0000-0x00000000021E1000-memory.dmp

Filesize
4KB

Download
memory/3472-389-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/3608-55-0x0000000002110000-0x0000000002111000-memory.dmp

Filesize
4KB

Download
memory/3608-112-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/3836-239-0x0000000000400000-0x000000000041F000-memory.dmp

Filesize
124KB

Download
memory/3892-85-0x0000000000E90000-0x0000000000E91000-memory.dmp

Filesize
4KB

Download
memory/3892-87-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/3992-39-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/3992-141-0x0000000000D60000-0x0000000000D61000-memory.dmp

Filesize
4KB

Download
memory/3992-143-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/3992-37-0x0000000000660000-0x0000000000661000-memory.dmp

Filesize
4KB

Download
memory/4116-231-0x0000000000400000-0x000000000041F000-memory.dmp

Filesize
124KB

Download
memory/4196-25-0x0000000000750000-0x0000000000751000-memory.dmp

Filesize
4KB

Download
memory/4196-69-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/4204-406-0x000000000B5F0000-0x000000000B89B000-memory.dmp

Filesize
2.7MB

Download
memory/4204-408-0x000000000B5F0000-0x000000000B73D000-memory.dmp

Filesize
1.3MB

Download
memory/4996-71-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/4996-70-0x00000000006E0000-0x00000000006E1000-memory.dmp

Filesize
4KB

Download
memory/5036-178-0x00000000006F0000-0x00000000006F1000-memory.dmp

Filesize
4KB

Download
memory/5036-179-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/5076-226-0x0000000000400000-0x0000000000577000-memory.dmp

Filesize
1.5MB

Download
memory/5076-210-0x0000000002410000-0x0000000002411000-memory.dmp

Filesize
4KB

Download