purelogs | 5f46f75e0a33092d50ba6a006e156b043c6fb9c5c41d31ed10e249eea92dbc34

Analysis

max time kernel
76s
max time network
142s
platform
windows7_x64
resource
win7-20231023-en
resource tags

arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
submitted
01-12-2023 11:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

vaultFile15424294622004715451.exe
Size

553KB
MD5

fd69739463b4e2a22b5b6144bda57c4c
SHA1

c169e5643baae3aa615523c7d4b05b9fa2b0736b
SHA256

5f46f75e0a33092d50ba6a006e156b043c6fb9c5c41d31ed10e249eea92dbc34
SHA512

e206520741a1f01e3db35e5d057cea363ca7e2e8978a0e495b7f12dae9f3e9085a66149a10231725372756eb1ac88e047e22f550073d727dd5c9d1253f2e807c
SSDEEP

12288:wG5knZfFKeXZbTUoaws89d99m7pSRGzDP5SAkvv:wG50ZfFKglL9m7e2jUf

Score

10^/10

purelogs discovery persistence spyware stealer

Malware Config

Signatures

Detect PureLogs payload 4 IoCs

resource	yara_rule
behavioral1/files/0x000900000001860c-1113.dat	family_purelogs
behavioral1/files/0x000900000001860c-1115.dat	family_purelogs
behavioral1/files/0x000900000001860c-1114.dat	family_purelogs
behavioral1/files/0x000900000001860c-1266.dat	family_purelogs

PureLogs
PureLogs is an infostealer written in C#.
stealer purelogs
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Windows\CurrentVersion\Run\Web Companion = "C:\\Users\\Admin\\AppData\\Roaming\\Lavasoft\\Web Companion\\Application\\WebCompanion.exe --minimize "	WebCompanion.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 2 IoCs

description	ioc	Process
File created	C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\security.config.cch.new	WebCompanion.exe
File created	C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\enterprisesec.config.cch.new	WebCompanion.exe

Executes dropped EXE 3 IoCs

pid	Process
2644	WebCompanionInstaller.exe
1620	WebCompanion.exe
3048	WebCompanion.exe

Loads dropped DLL 64 IoCs

pid	Process
2220	vaultFile15424294622004715451.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
3048	WebCompanion.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies system certificate store 2 TTPs 4 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474	WebCompanion.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 0f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f0b0000000100000034000000420061006c00740069006d006f007200650020004300790062006500720054007200750073007400200052006f006f007400000053000000010000002400000030223020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c09000000010000000c000000300a06082b06010505070301030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9	WebCompanion.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 19000000010000001000000068cb42b035ea773e52ef50ecf50ec529030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47409000000010000000c000000300a06082b060105050703011d0000000100000010000000918ad43a9475f78bb5243de886d8103c140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df053000000010000002400000030223020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c00b0000000100000034000000420061006c00740069006d006f007200650020004300790062006500720054007200750073007400200052006f006f00740000000f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f20000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9	WebCompanion.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 040000000100000010000000acb694a59c17e0d791529bb19706a6e40f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f0b0000000100000034000000420061006c00740069006d006f007200650020004300790062006500720054007200750073007400200052006f006f007400000053000000010000002400000030223020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c09000000010000000c000000300a06082b06010505070301030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47419000000010000001000000068cb42b035ea773e52ef50ecf50ec52920000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9	WebCompanion.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
2644	WebCompanionInstaller.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
1620	WebCompanion.exe
2804	chrome.exe
2804	chrome.exe

Suspicious use of AdjustPrivilegeToken 16 IoCs

description	pid	Process
Token: SeDebugPrivilege	2644	WebCompanionInstaller.exe
Token: SeDebugPrivilege	1620	WebCompanion.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe
Token: SeShutdownPrivilege	2804	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe
2804	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2220 wrote to memory of 2644	2220	vaultFile15424294622004715451.exe	28
PID 2220 wrote to memory of 2644	2220	vaultFile15424294622004715451.exe	28
PID 2220 wrote to memory of 2644	2220	vaultFile15424294622004715451.exe	28
PID 2220 wrote to memory of 2644	2220	vaultFile15424294622004715451.exe	28
PID 2220 wrote to memory of 2644	2220	vaultFile15424294622004715451.exe	28
PID 2220 wrote to memory of 2644	2220	vaultFile15424294622004715451.exe	28
PID 2220 wrote to memory of 2644	2220	vaultFile15424294622004715451.exe	28
PID 2644 wrote to memory of 2112	2644	WebCompanionInstaller.exe	30
PID 2644 wrote to memory of 2112	2644	WebCompanionInstaller.exe	30
PID 2644 wrote to memory of 2112	2644	WebCompanionInstaller.exe	30
PID 2644 wrote to memory of 2112	2644	WebCompanionInstaller.exe	30
PID 2112 wrote to memory of 1092	2112	cmd.exe	32
PID 2112 wrote to memory of 1092	2112	cmd.exe	32
PID 2112 wrote to memory of 1092	2112	cmd.exe	32
PID 2112 wrote to memory of 1092	2112	cmd.exe	32
PID 2644 wrote to memory of 1620	2644	WebCompanionInstaller.exe	33
PID 2644 wrote to memory of 1620	2644	WebCompanionInstaller.exe	33
PID 2644 wrote to memory of 1620	2644	WebCompanionInstaller.exe	33
PID 2644 wrote to memory of 1620	2644	WebCompanionInstaller.exe	33
PID 1620 wrote to memory of 1924	1620	WebCompanion.exe	36
PID 1620 wrote to memory of 1924	1620	WebCompanion.exe	36
PID 1620 wrote to memory of 1924	1620	WebCompanion.exe	36
PID 1620 wrote to memory of 1924	1620	WebCompanion.exe	36
PID 1924 wrote to memory of 1928	1924	csc.exe	38
PID 1924 wrote to memory of 1928	1924	csc.exe	38
PID 1924 wrote to memory of 1928	1924	csc.exe	38
PID 1924 wrote to memory of 1928	1924	csc.exe	38
PID 2644 wrote to memory of 3048	2644	WebCompanionInstaller.exe	39
PID 2644 wrote to memory of 3048	2644	WebCompanionInstaller.exe	39
PID 2644 wrote to memory of 3048	2644	WebCompanionInstaller.exe	39
PID 2644 wrote to memory of 3048	2644	WebCompanionInstaller.exe	39
PID 2644 wrote to memory of 2804	2644	WebCompanionInstaller.exe	40
PID 2644 wrote to memory of 2804	2644	WebCompanionInstaller.exe	40
PID 2644 wrote to memory of 2804	2644	WebCompanionInstaller.exe	40
PID 2644 wrote to memory of 2804	2644	WebCompanionInstaller.exe	40
PID 2804 wrote to memory of 1888	2804	chrome.exe	41
PID 2804 wrote to memory of 1888	2804	chrome.exe	41
PID 2804 wrote to memory of 1888	2804	chrome.exe	41
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42
PID 2804 wrote to memory of 2460	2804	chrome.exe	42

C:\Users\Admin\AppData\Local\Temp\vaultFile15424294622004715451.exe
"C:\Users\Admin\AppData\Local\Temp\vaultFile15424294622004715451.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2220
- C:\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\WebCompanionInstaller.exe
  .\WebCompanionInstaller.exe --savename=Setup_WebCompanion.exe --partner=IN230401 --nonadmin --direct --tych --campaign=19746138190 --version=10.901.2.519
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:2644
- - C:\Windows\SysWOW64\cmd.exe
    "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:2112
  - - C:\Windows\SysWOW64\netsh.exe
      netsh http add urlacl url=http://+:9007/ user=Everyone
      4⤵
      PID:1092
- - C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
    "C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --install --geo=
    3⤵
    - Adds Run key to start application
    - Drops file in Windows directory
    - Executes dropped EXE
    - Loads dropped DLL
    - Modifies system certificate store
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:1620
  - - C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
      "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\cz98p71j.cmdline"
      4⤵
      Suspicious use of WriteProcessMemory
      PID:1924
    - - C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
        
        C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES2167.tmp" "c:\Users\Admin\AppData\Local\Temp\CSC2166.tmp"
        5⤵
        
        PID:1928
- - C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
    "C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --afterinstall
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:3048
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" https://webcompanion.com/en/install.php?partner=IN230401&campaign=19746138190
    3⤵
    - Enumerates system info in registry
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SendNotifyMessage
    - Suspicious use of WriteProcessMemory
    PID:2804
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef68a9758,0x7fef68a9768,0x7fef68a9778
      4⤵
      PID:1888
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1152 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:2
      4⤵
      PID:2460
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1484 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:2320
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1572 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:1288
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2324 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:1
      4⤵
      PID:2152
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2312 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:1
      4⤵
      PID:240
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1444 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:2
      4⤵
      PID:2880
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3788 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:2680
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3748 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:1
      4⤵
      PID:1860
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3756 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:1
      4⤵
      PID:1928
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3960 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:2708
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3952 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:2508
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3932 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:928
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4148 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:3040
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4252 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:1
      4⤵
      PID:1900
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3468 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:1
      4⤵
      PID:1876
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2412 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:1968
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2820 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:1
      4⤵
      PID:1668
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3600 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:2496
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3976 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:2136
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4016 --field-trial-handle=1204,i,14692946059927323487,17380903495501338916,131072 /prefetch:8
      4⤵
      PID:1892

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2E248BEDDBB2D85122423C41028BFD4

Filesize
1KB

MD5
78f2fcaa601f2fb4ebc937ba532e7549

SHA1
ddfb16cd4931c973a2037d3fc83a4d7d775d05e4

SHA256
552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988

SHA512
bcad73a7a5afb7120549dd54ba1f15c551ae24c7181f008392065d1ed006e6fa4fa5a60538d52461b15a12f5292049e929cffde15cc400dec9cdfca0b36a68dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2E248BEDDBB2D85122423C41028BFD4

Filesize
1KB

MD5
78f2fcaa601f2fb4ebc937ba532e7549

SHA1
ddfb16cd4931c973a2037d3fc83a4d7d775d05e4

SHA256
552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988

SHA512
bcad73a7a5afb7120549dd54ba1f15c551ae24c7181f008392065d1ed006e6fa4fa5a60538d52461b15a12f5292049e929cffde15cc400dec9cdfca0b36a68dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c3b533cdb4eb19e6bc8754bdd557743c

SHA1
7e06388bac4774b3793128920b964edd8fc262b4

SHA256
838574154f88fd03ada92e8f22d43a993f3b97294c9d3d2abc0876e1891d42c4

SHA512
bb7a391f4bbc972cc30bec2ff3731e76ffa77242233ed231071c4c6f39628b2b69cb2f9840653a71a819b677372c1c4ccc99c5d29978418de158256edb3a93f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
918c3d2506db53dc0d75d2d498c733b9

SHA1
8bdad4fd8d6be47c64c25c7984f3190476c74713

SHA256
a4d541c4a036f36e3b5767fdbb48db61a1f6becfcc614690b44869afdc4a422d

SHA512
0497583cf399d63700f6f730f5d0e588a7fd50ad6e56331c5acdffb0d6c74d52408138b941c88956cf4f6256748287fedeb34fed3563e0683dba4a75d1015b55

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
32e3dc7b7a4ad18de486476cc28ce08b

SHA1
00af813514ab4c9968fd54227479973dc805440c

SHA256
adb8cc6af1a2c7f4aa3e709af51b6b539f7032fdaee0247591d2659a1c409659

SHA512
a89a6f3789a2616b1f33d5dee712834dcc77e584703f2c085befcea8d9dca50d60142838f020fb3db1d7fb11b8e3f8bcc3f74663f17911f5e4f9406dd7fd4cb7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
54b8b8f368f1667f1fd7a5e7f9bc5cc3

SHA1
44b831c24745ef2095be7479b147df775f446b47

SHA256
c078cdcb78f07991e8a35695116aa8290340fb4369a22f28c5fb51034d8888a1

SHA512
bcf782edbd7bd5cd10aff65ba09c343e5053edfdd1b526f70550a7bf12ed2b958d36033cf6554a6ac982d57b55a8a0f806dcadd6a1d1ae8e684a70587ee9a299

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c368bea8eb15e5757c424a6afefa01a0

SHA1
75596eb7af14843d4c306f7cd5e27c22398c6bff

SHA256
02dca1fa0130880021935990b8ace173f10d15f903ddce32d4a53500b232a998

SHA512
ce8d186f5f88bce7a8d409b10232a6f531457ce08cfd72f81ee84230fd9953fdd407f3e01f23afeedced2db8864732309fee615d8865032beb785c05d8492df7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7a0314c4fbcea3dbca3f7af4db95af64

SHA1
2c2b6878ba4c40f75eb93e92cc990c628c7b2461

SHA256
519c112a2c5c1c7870857eb132cdf002b714bf33150ccff3d252efc3c948f88b

SHA512
a3ed984542987209d7215c64429358a77cf870264b0fe705b9211359bb195b721605a206b0c65d9f23efd55bd8d7c3f46fce7c1ad14d16369e367412b41fc473

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ab580a8906c975b4fc8d554b496d360a

SHA1
084840966a5905ada93a93d6919a00a399e32b44

SHA256
7a15be7b8efc97ab3057af1fc4d57c55253e08fdbdaaf25890897871de38eb8d

SHA512
bff8d2f4ae5eaf8575d107e96720ce80b7a0bd2ca163a3e987dbf9d7cd13729a534455fdc75725f3ba6072c0060c649016949b1f7529b31fb414aa0f0fcb0892

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c0b839338f5fd9ec359eaf52ca5ce359

SHA1
7df56c1233246c042515cfe8aefbbd8f0412abac

SHA256
6ca8151a366dd09a73eba8d7d68540d3dcff1475b8b1e668147b7f3ebfe77022

SHA512
1ad5fee67c7de5d4ffce6fcdcf3c4b37cf92911f51d4e17485b2d73d6a513a1d4b7a6a980655c824940fdacd3ad2610d754e7e4109130d76fefda73b33883c43

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e6aab885b1d05c9800fafecadbe584ea

SHA1
845149ef1b09dc613a93a84a00269e954c58c29f

SHA256
1f7afb5f2ddf5922098609e6a8820aa94300df056fa070d410ed94471421d8aa

SHA512
e560b68be51a309c7ac63afeeaf5ac450204bb53543d3d72fe829d34bc03eb76067a91785ba35e01d426c0cd86e6680a21a882281323b6bad64177ad12a942fc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5dfab79703a180a340092c03f0583fa9

SHA1
f203f72b153535da4a0f75d04afa46db276dab18

SHA256
a9bba83e9ca75ce35fe64196b9708fa85f9195aca2d100a97bdd29ddba7dfc21

SHA512
944777d231c78f68b5b6e82791f147fbd4eac28ac80c73a71ca54e50ccbbd2c870f4fac3267721e48204f9405d17c1bc7aa4050584e373151d000f2c7d02f6c5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1ac310ec15bb00cbdc145d65dd6fb3f8

SHA1
95a5be02290c602879e2f14f13a1183675c0c49d

SHA256
37d8cccc3045bc3157cfb0753e2e7b6c5f0ad8f4931a8c3a50b2bdbe07f88e78

SHA512
8a2cf9b03d3621ba85da3d13ccfb11b1e9ad26ea0d0b28600eb9c42ed5bfc638d7bce3ac953aeeddbef62b782939951f2198ca330f9efb4e209e84d6b7101427

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cd5779104c98255c56d7a49a60578d35

SHA1
a09f1a535318a1a4fb11a1f6fd9e91c7240ee52d

SHA256
a0b609b64b91bdc7ce4f0917c3675442719f1d4cfc96f2c7b0b68f4beb77dca2

SHA512
271df83872aaf07beb8000f238c2b82b2d8e591f98d93e311a2f69061509d2036b51db49b40ec3c087c7809bc832c55a3e4b3ef65658e57e53be804896a7e156

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
71e0e1ee8f2ed9da813a78899ba7507b

SHA1
da457ce3507c09f4351acd6eab673d5850a4ad54

SHA256
5df89f7f8b0ea39fbed0b2f77ea7379dd53cd6eb4bcc0274244e4ac61c89060b

SHA512
9c12b952676c9ae10dc39b653fbfad748814529f940fdf43ad0cd9b5d437f8b649c08a922133098419cb249bfeb69aee65b6a606b78d1f754fa17c882a673a15

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c80602fdbc0611b6d0a47aefbe55f090

SHA1
8795be701ee7eb6361fa06413b4f42967a39ca6f

SHA256
d7320f55f71f7edf40dc8d35d035d604603299f66a007baa73057b42d801db17

SHA512
83ec64dc010229b752f9936a236358c0f416b2d360080a3de8a4db78cea90267dead9560c6ec3036ba2ef5fe87d27b008584dd0c893bc208533f17f0f775dad6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6a8a3d0935bcaa3a7abb07e6fd587349

SHA1
ef827dcae2804a9ff077044e119dc319f4063b11

SHA256
9e898b10c266c36eaad3a73284d87da4726d7c750cc4ce1bd988d359e11446d4

SHA512
5e9a3f21a92ffef0b3fe655eba657d8cf8aac019850b3ca9684ad9045a47d588dbc6189488b8dce429ae173c7d2fe6652e50ec43306d94f70c0fec458bb4ceaa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
43361050683b9630b80a4d7fb39fc8e0

SHA1
fb0651a13e497e3d67f9adcfdd2022ab609be386

SHA256
3669f2549cdc0f744ba2fce12968755b4fd6d1abb0d713ad7302c85d5f72a68a

SHA512
8ef849a8f0d099ee888b16a079109fe46bebf0ce5dfdd461c1a9e32226877d48380b8c06d380855acbbfbed209d5a6e5db27c34fa7242a4777e415e779692603

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
90ca9dac700839d83c6305f4c97df093

SHA1
8553b97d57c55ea2242dea86a659fc7b31c4a155

SHA256
d86792c8b776fee8caa065716ccc6620ad2c81c9a1d2d8da809444a4f53bf3de

SHA512
4c8c36311f39a438459ca23426437d92214d6232e781c0dc2f35da73cc8fef0e0fe852fe04d5702cc7baa63b798f4bd6a2a6a42f9c1213cefa76784050b38dae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
308688885308f12cb455e52464471fd6

SHA1
0240675083035c12628840f75a78e8712619bb6f

SHA256
68fcb1bd926e2b75343ae87216a9d3c7da2a04e4c1079381fa8aa3d72c090123

SHA512
3c738089a4459e914c780a3add3054e13e9cec96285575e18e1c1082b73515d86470d5c34b16e84ab538806f95048e5af663f003bf9c3b9d663640c5c841911d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
53431b371a05a4f6ca00dc883f48ec15

SHA1
383515f8a446bf7805cf346ebf68a85aa1257bb2

SHA256
5e835383b2734d7e07a0b1d3a0cc9e751a88e61caa494fae851e8cdee319748c

SHA512
7ec861c1576af95559a8fc024a31613e6b53b383e8c5fc2ee139fd594059fb6fe8712c158d67a3eefcdaf697a685fcdcca2e879b6c4319c53b626f834487b408

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4ddafd9533571e1798f6fe9792573d6f

SHA1
6d9eda644c56e332116d94ffaddc3c39faab15d6

SHA256
e692d276bd3f16e4d538e6c96f4c4ad230024b10e0fc1880090a676e6304ed22

SHA512
b0bc9d266da42531453f65a97ff3760f57b2a21d2f91ef3b2704812c9df8451886b186b189903d68b2773a30500794b2a5a6faca90c28d1bf6287c7bf15a316b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e6269b26477192601ab3e44c0b95eb61

SHA1
737286e391c0e0a2352dd14da78c43cda59e9d66

SHA256
d60492e1fe8bf843a2248c01a967d3a9d0e204592fd1ab95b4581df7c9beaa86

SHA512
aab9198f3ddc31e5d78696b9b7fdace445c1449042525f37eae8e7735d9dc0ff606172a11f03017c4aab1dbce753cf5c48c3e41dfb6bb41ac94df77d65ee3615

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ecb5aa70331007fae0841990bddb1e0a

SHA1
e83b76c4420373a69c0e8777d9dc2bb569f20b6a

SHA256
6932b2bee93ad104be3c41672d269d57a6d99bd3ab31fd2fbe16fe250eac0d77

SHA512
5f73dd1948df2256bfdf50ffad3ef392e6a458298bb0f4c7d4d61b2c09820fc0cb423af94b525bbdf2dcd3356c84cfedb861ad526f1fdad38be0ef99c9e01ada

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ead5fc2756571ead238c8ae17d2f0ac5

SHA1
e95b63d9e020758167201bec3041c40201e1c0cd

SHA256
90a23797c6c6a703bcc8a5bea84978f98887d40b56d788041637ec354eac48d8

SHA512
03bae3e2c5de9603ca7f733bfac68275b27694dd77970b33c7fcfe888dac3d3fe026d09f12b518a3f6025456f9143c525942e655ea0105e1f115311080320d12

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bfcbd7a279c70fe7cbe2e6514aec8c71

SHA1
1fa1d5b09e83fc6e3329d502c76903cb6bd3b150

SHA256
663cf13bd6763c646b073302b940c02642402010274863dc220fcc35e2f77c5e

SHA512
0e746a5392dff3d280eeb0e09f4d9cd71a8eb4f6a78bc8374def59de9ae9e75c850251d8839154cc07cf1295490e02b95c79d6c00de0bd8cf835e2daa0dc5e72

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
629c31633fa1d2cc448aff2d62285729

SHA1
d8c4178d9393b79d662d5eb8d7d37b9782b0f475

SHA256
2d0e6d751139c0d60016c058c0f2d7c264b0973587497b41165ec54051df1eaa

SHA512
f64fa4cdf06f795ac90671e9318cca8535e5607a55f0b1e6c93b3b49f1a905737ed4ecdafa9d82a95c4bd55bfe4900832df5302d5f50f1024ed42a83782b30ee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a53ccb8b19a7d2a0daab7211d6f6664e

SHA1
8d8a5cb6c67de22f1c72eb3625fddd875e47a8f1

SHA256
4be6749d9d38d79c3beba2f0878c25d3cde157bc9ac16cb1360296dba18ccc3d

SHA512
f1de215543e05841cd8dd660cbb42c4aa9e87f22d71c54272bc43d9a84f1bc294c3dfa95537b0f1298af8b48e2baaedf1ed270ebe604499b01deeea57586a225

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
320f0c3a4c9cc528bb9e02b1b9ee77b6

SHA1
9350eb7d0aadc91f3e0c3c300138064fe06b6150

SHA256
ddc1d1342a3c6201717376ff878ab496584585b87d6823130495cef2ac0c4f53

SHA512
07e07399ce1a74b56f7885aa47e6af7d6420982faa782a703f1702732eb1ecae646c369478e4662f9f3e7498c1e679fdc054008458c4b93fb799cf6f2bc39be9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ecc6699a7056c3ef9c8338014953204f

SHA1
ee8d935bfa01769079b29767fa5b7c44682ea238

SHA256
8c1770e1b2fb7bae164fdeec0d174b4faa46aec6b700c298b0f1ecb4f6c2b580

SHA512
9566fc9fa0cb91099af44d4c448c30a73c72e5c0de387d245d7831a382e3c6dfc499adbc9807e78448b6231b10f7006693b2634bb8f4f2b34d3c380b6b8b85a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
474ea3c6e7865044a1086fbdaaa89662

SHA1
74ade54cf845e6ee6b966d8dc4186d33fc73c973

SHA256
c599f4bbb71dcf200701cb7787d12b2f62338fb40888a32b5b61e689d07309bd

SHA512
d9cf6f97f05ba471f6a556e103117dc7b7cde9e0ff03fbc11328882a632911ae29fd22181be247408deeaa6c312012fea905dea0d10973a41673f1d56ef6e0d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d072759bc101026f33ac7d2211c8c2ee

SHA1
d09b28d518c091ae6b8a2120f9c4f08612a1b5dd

SHA256
25fb62c9c8fca4de82fb90ee3a534c048e1783262944f64fb6069bd37df3aa1d

SHA512
4795ec57a1f3aad8f153d85631bb7849e83375b8d327942fcaebfa37034bc6b2cc5cf73efdd283c2ef872d49d5ef98fef106d767241bc1788a82147e08e87690

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
638f3df91e5f8dccda7e7a27266dd6b2

SHA1
0869c3510090cdf614586ad9900f8194aa61e918

SHA256
a838be2845367763d3c7c01322b0af429f2e38f5308eef56c3b0724b0cdc2a67

SHA512
4f79cfa27096cb4321ab06ab9dcf817402629822f1c4072ad7cc6ef27f5733db1fb4ac71dbef39299fa70c8687021a3e664dbd9ebd1ae25abdeff802b3dd93e2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c9fc01637b2bd53a225b9f4d44cf5326

SHA1
e2d0fb9a6c1c891a15425675b11ec7ec7f9962ff

SHA256
1b988d0eca662c4359b81d62718da18b1770ab489ff4e184857eae7abcb113c1

SHA512
e7066fbe862de5144bf0e09762cd7dbedcad5961faca9de9392922411a916568f810b501089023ee5b5d5d3dcf0813c1d82757266b3d133b2d40c7563ae285e0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4189224eaa5a0d78e0cef903c65b5a8c

SHA1
e5aa2d975548a6494dfa4285c373b93cb2869feb

SHA256
77e6ee2d1dc59b79aa87478c916e40044672a4da2e33e7986c4e2e97c3c2d57a

SHA512
47df7e39239add4d1756a323de707f0532c00b574c0705081e0ecec0588a7f01b9fb7456eec0fda582eb0705ea78dfbc6af8f6f30ac3630af4bc0e9adb75515a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ed7808143c02ca83829d2b323952da31

SHA1
49032dbead76b181b1e7532dae829dffc0bd3536

SHA256
d034d18b178fdede6bd7e5be4152e1d2a1607dcac5eddfa1bda095b17cd9d51a

SHA512
42a3af3780a0b020cb0fb0d1c00c8a5549cc3297a06dc15f3eea4750b36da66de870aea370e5f3f819496c6ae508327c064bdb3732fe403a2a72bc275a9c304d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e5ff9ccdee8bedff5bafb614600ea2c6

SHA1
98118723b9e313ac276da0e5acd363fa9834ed98

SHA256
b8178e60b6709fc6be06d25bf980de29e46b7511ed2eb0bf44262d5b073d0b75

SHA512
0b8ea1d44bb3094d279688e1239ec3bc91b55a627a72289c2b6dc09ea7cae8a4c75b3f282c5482838307211a9acbb612ba737ff6bdd15f6ed5e7d89d7890d50b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2E248BEDDBB2D85122423C41028BFD4

Filesize
254B

MD5
303c8d37ceb938c69fd5907d2db5a996

SHA1
577372c7d0946ba09d98ae0a80af39cde32963e0

SHA256
a20052ce137214e4e66697ae94148aa91c04133840d6bb907847290e3ad45334

SHA512
fe1ec40ff8c3e059bb54c252cc991c82d7bd7d1773cd6b121c8625b39b0a231d02eba5d1b734124644ea12c1c40b3590a1e4c74f8411cab154bc0848b97657ee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2E248BEDDBB2D85122423C41028BFD4

Filesize
254B

MD5
303c8d37ceb938c69fd5907d2db5a996

SHA1
577372c7d0946ba09d98ae0a80af39cde32963e0

SHA256
a20052ce137214e4e66697ae94148aa91c04133840d6bb907847290e3ad45334

SHA512
fe1ec40ff8c3e059bb54c252cc991c82d7bd7d1773cd6b121c8625b39b0a231d02eba5d1b734124644ea12c1c40b3590a1e4c74f8411cab154bc0848b97657ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\434f042d-1705-4ee9-893a-f04c9aa994a9.tmp

Filesize
5KB

MD5
923ad8fc8dfe0b83a7bac5c959b4bed5

SHA1
4feae296ed1ac23e0cdba3c17423d2f17d02b674

SHA256
06ee54cfb4ac2766d5e01b22a29db3b571cf19dce3af76a10f95f9abe5785a25

SHA512
6265bfb1555ed5638fb335517b0f7c225a2f324299c0107e3621f8ee7803d969debbfcb09cd51e39bc1dee42158a8f0bcb5e37266a046bb4fb54e51f8d9d64c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
40KB

MD5
929729aa7cff46b3dad2f748a57af24c

SHA1
81aa5db7dd63c79e23ccd23bf2520ab994295f2e

SHA256
3c63e6c7fa25849799d08bf54988bfb3b77b1d1eebb1e55a94b64995850cba2f

SHA512
a10eaa6f2708b683bd43295b9c3da5840c0eb6d8a6b9e1922a534270fecbc0dcdb4cdcc28768df292a06f6210885b510254bdca17e5b3c507b0337fe7dc3d743

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
3f1480a8d50fc96cfc6172fe9ed92370

SHA1
2bd515cfa1a42b98cee6b9cbac5653696d10ee24

SHA256
edf1f9bd70f4a8f94255f882cd0c1597e68cd9d4259776e567273329dcf0e554

SHA512
1d5475b89082b4414e02119f2ec9e4db8112aca02ba72abc43494a1d945361b006fe6c160bfe4385e86d1029da2e732c321049c05a9bc52e845f0c683e4b513d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
61e210f2a2cdede73e8a2de99a9f0fff

SHA1
4a3915f6c300c3055da1388886d68dc9dc36d9d1

SHA256
f4531620b467d5fc03cfcaaaff1d230390c68987529024148c26f2194738276a

SHA512
8f60b3095a7a9e30134226bd97be5dd46f96764ee016d32f8be6f0077b78d9470385853e522763a045717c6e12e4c6bc5d3c446cdfa0798b64ffe2bbdb999890

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
19b6d76f65e29d00900e4a4a1fe41860

SHA1
9f1cb0e00bdfa54a876d377689d4909811ed1675

SHA256
0f96a020391bbaddd46c74658645d8bc6b01fc88693098cfea0579af773bcb1a

SHA512
3eb38e227bebc7c24a71bc442afc24bb10bd37f73d132482b553ed4732a505acc05a748fc0beed96a0064e2c88913de768cd9f6e95edfb0a1664a5741989c2b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
73b519c7e7c13097b76c64af04e80c50

SHA1
9410e52f7db034846e05a2208ed8a2b8e1f705a2

SHA256
ae7ffa0b83483df0ef087e3b14052b541c44066528d42772ef82e5438c76543a

SHA512
03ceabe2a00c41df2467bafa4317e0e0d5ee64aea3b6807f1613c861dded82cbb9fe9900c802067eee2093140cf3e6de4ed99103f5e18b76072ce8a6a58e1610

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
221KB

MD5
fc6a1352d560f355b0a4de0b2a8eda8a

SHA1
e1625d6a904525c3d5616932ecbad0cb9c353219

SHA256
7afe39f9d337839ce44af62caff7d10bf620aca22aa2ff7fbd46129c519f20b2

SHA512
3984ed677e59ab2ead4ab5df263245f69283a2d44b0db3946593a8f33d1aaaf5293b050af342a01ae615a87bd524e4e8726f1f4bf64a035cc8b65f000d4b763d

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log

Filesize
4KB

MD5
59826903acaf5158518652a283a25f61

SHA1
15738dcc5c983e02bab0aa98d4dcca6b2c59438f

SHA256
5b8ce437fda3ad5a29793e8e0e8f98729d1e76978256bbe4e76e73fc40f42135

SHA512
b28fac9d622f7eedacc5681acf18240a2d6f76b7d60e1fd47809f84673c545a2323f1d69e4fd97935116b479f3edc0b846126015677ef49e3c51c44d58e9e138

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\6taela7c.newcfg

Filesize
1KB

MD5
7c1e2fa646b4cd024f84780eab71fa96

SHA1
8eaa1cfbce0b2741db17bcd7e82d1a2e683e7b95

SHA256
344e20ec032dd49019f57186186c0144eaffd6db89e0f082c7b29fee6123b8cf

SHA512
a6071c3b62f479fe4b3fc04ccfafd776c27774722a1537b343a6fb9eb6748cfbcc51a2aff378498959a14908ae6053cec29c9d71044e47edaa1929f098d7783f

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\gy2e0i-z.newcfg

Filesize
4KB

MD5
0ec1a43d6d50cabe8c79b7f9b85101ac

SHA1
0343d6f15441f3a849643c9d925e23753222119a

SHA256
9947d8566901f2c644d385a7d0e3011e9825c7abc8e12fdbd355d1c52452801a

SHA512
6005f44668c0c88490c4672357a80db3a501e109c5e00546ff818aae294be483d20cf11d7d446c9181163caf7f4945a87169e33e530d62ed4ba415cd40c70e4e

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\h8dfvzgk.newcfg

Filesize
4KB

MD5
ee060a95056f56437d62dd820dbf05cb

SHA1
fe70055b6a76b67453d2389ef9b3ea66ba40eb1a

SHA256
6e8d7efbd7d3bb95304132404b1082df11696eb520f62a2f932960b0d02cbba8

SHA512
b3c57374bd7ca9ad2158457168c05195db67d8d62b47200d1c82890daf8cc44dec23653d23cb67116b6e0391bddab0b1aed3210709a8b58422e1724b1e8bb26b

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\igasi714.newcfg

Filesize
4KB

MD5
607e66dfdd2a9a397ebf8542086ac6e2

SHA1
be16cef80b941146724d7109a64466caada985a3

SHA256
d3e15d7dbade23a54fa6a612ee9307b643dbeb8f4cbfadad9f956bfefdb44efb

SHA512
86fafb90cf0d9384bee3986409e509cff434b7ccddc00e42c5a4743429748d00892fa3c60f04fda53e4d4850dd55578307b232d1bc703d72d193e58fa9cc794c

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\lcoyhjvr.newcfg

Filesize
4KB

MD5
60b65ff755293fa96ee43ef32ba64764

SHA1
d8226f9795b07dcf562438f7dc57e74c37862dd8

SHA256
1ee36fadf20bac5256b5d95c35e703653e6e92443e985d73f07e2dd400ace0ed

SHA512
629e58d7714b16beeee22f20e362bb807ba5f5e7330d8037750667f590eb839b289d506b5208f780b30f7e5bbddbd5e3580ea43376a62e8d3b62a58c82d71195

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\pekaah_p.newcfg

Filesize
2KB

MD5
5379e252776bd9d3800bf2ddd43d381b

SHA1
a8c0fa94547f32bf0f7dab392364027d92a54248

SHA256
ce748af458e9e0d65bbaad3fb230b8f9196c17314a4eb9dcf4001134f33706b2

SHA512
e350cb6b50a3e16edac6a5b950ea18aef5611414cbd9d5f7b164d9d2cfc4f95333d3fcbf96912ac740797075dbea3253cd5d60e84a0c4e45dbf380dd9eb8a4d7

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\snnc7aiw.newcfg

Filesize
3KB

MD5
71581e4dafa5cc1cea0dd2e149060b3a

SHA1
e22704545fae8f029ce69a450a77ec53f5cc4810

SHA256
3020f1841956c7764208410f690635d072b96abced01a3eed8bcf7b041abad5d

SHA512
ceae455aa6a449a99ac5db9d3e67ff517be394606a9befe72dc98293899d17823e178d3e673962589a92c231a81f857d81cc7d598b2ef37fe2d8436532a001b8

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\user.config

Filesize
341B

MD5
173c8e5d53012fcd93034042f8464a19

SHA1
226fafb255a07ee20e0522a8902638844afb88f1

SHA256
5ba3803c178a75c84f9868bae53edb497f63869de941dc21578546185c269d77

SHA512
d1ca7efbb86066cc8e1d0dc91b122d3b7f98c56f49f449da405d36304e73905986eb697604360ec4bf6b2fa6603ad3020624428d2a67db050cd141e23780eeb5

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\user.config

Filesize
2KB

MD5
efbf09de0ca277aa357c007dca29b09e

SHA1
49f1bb34fcadcefd40ed3f676846747fdd668b1c

SHA256
2a81c805d9e997dd73d71feb0e22025160bb83bfd889d946d14fda7b416ba122

SHA512
db3b07c69e010b9d23df47ed739e66d78dc64f148342710aab221b36ab4c5d3b3bb4b3e9f25764ea890d81d7236490dd632d31ba1993ce00c8de9ed1009b2755

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\user.config

Filesize
2KB

MD5
3bd722c7582cd92781e831e2b39db100

SHA1
cbaa034c00db7c5631a1eebadaf6fce83215ca75

SHA256
6384689d6f04ffcbc8cacfc8e430082fe675d06dba5a323156254d46aa638ed1

SHA512
51c51a3d5fcb8f7638ee04810380306b6ece5bf0c9bbabfad4e0b5f2a0b58f761dcb7936a1063b9201ce4a18edba6d4b5d270c0fc1e358d987115f64eaf89ff0

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\user.config

Filesize
2KB

MD5
ebb6da30ac62a98949f28cba67467a35

SHA1
cb8b26a0bc67fa6a801b6154943a7ff7aa81f73c

SHA256
92a18332f4f5a456671a80ed8e8bbc89294d10271c65c8b78bed70680fd115ae

SHA512
95df5adf6a9fba832b568675dd402bc3cac3bb4a16e477891e8fde2cfa1fd9a33582e3570240f460f7a6e1cc3b57ef3fbf42e2b6910c212a2455e8f2934c9ca0

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\user.config

Filesize
2KB

MD5
dc46cd158d7a554741cd93bb9fe4b034

SHA1
720aa56c23c2266ea91de79bbc1b24a9ce36d497

SHA256
0cb58f6953324230b3d5e54b81b8238a5c3d5f13c65ea7776ef0f9f1c23eb452

SHA512
7817d741087203456f46a5f113e2ed6af997e21af5424b4a579a5d00e8d9a239a3cf95bde38b9b27093b2dcbb529460faa04e4f3ebb16caf8798a4c0b666e393

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\user.config

Filesize
470B

MD5
64c71bbabbada7b8824b3c637b404ae6

SHA1
58908d0f0a3dca96ffed1ff36da5bdf761f56338

SHA256
58b78f4ef263136491df59bcf5c510b03116bd7c18ae319c868367296c7041a7

SHA512
e8fdd3ff659bd7c1b581b6245dd059247bd382c0971411347bbbc8adc75c1108671a3b019021d615739ad8aabef92acf342b72316647ea324eef78f2b3161337

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\ww1bdxva.newcfg

Filesize
4KB

MD5
355a110b8ebc27c446afbfdc90d6750f

SHA1
820f7c5e48983ad2581d174347ec097f21a5864c

SHA256
8bf42570c0e638d2c9cf4ebaf45dcca3196b6f026b29710c79208433a775d4d8

SHA512
b9804e1ca1de3ebb3ca69581192aba968d369915b5d52d7934ab5937c59d060fccb98d3fa13c9fddc08847a4298cb5f2a9929cc93e658a24fcd0305627c0a9c6

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_gmu1m0gq0rh5o2nzjzcq3icmpmnmdp5h\10.1.2.519\yw2ktboa.newcfg

Filesize
4KB

MD5
a88f925b6390f7ebcca5f24a1c55cdaf

SHA1
9b366a04c951435c2879b6bcfee62c34e55d9ac6

SHA256
7d6bd8859ddcf8cc67de8d39518e8c4910fcccace6e20dda6a4e6e78bade9235

SHA512
bcde91838519a49dcbcb64a1e82358bd98d2c35520bde3c76991747b9fe90374be72d5bd27145377498d77103cfaa22f9ec838ecf2b2941b97b7df47ac24dbd0

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\ICSharpCode.SharpZipLib.dll

Filesize
207KB

MD5
1e16bad4f6a563c46161bb4fb0cfec4f

SHA1
e86ee8b835814ff6e6d6709a00694d0308cc83f3

SHA256
c7b5080ea8b2753751cb6252a3e9edd2a292d8a141de9e65cd3d0005ebe041e9

SHA512
a0a52c24bde70dfd22d0c7b57a2ae53927a5efd2a6dd18a325f7d03a6fd94eeb6c5885b63c7e135bac786bc4bde82640584e76ab04d9a9e6bf24923b9f05e7e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\Newtonsoft.Json.dll

Filesize
426KB

MD5
6fe086f542ae0dde2ab0162a87b63192

SHA1
a940664ce30f1938fed543d23e3715732315ab2f

SHA256
484a60598618c20e518c0acb0a2d5296fb64d15dea2edda698a178caba16ce27

SHA512
ca4c8682b169385a2b2795a3c128b985123d40670a55b8d5d5545e3377568be396d370808d14d099c583991e3ca438e1d48963c4e1620131e1ba4691f8f40ca2

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\WebCompanionInstaller.exe

Filesize
461KB

MD5
4a5b051edbc60c58d0fa08810ab2fa0a

SHA1
0430c9096463c70cfabd1e831df7121fc39ba811

SHA256
4f388b54e9ba62572013722783938e1603fe3e76b5b02031ed33df09c1c73eaa

SHA512
9a9e0e5f85ff379d5927fe0525592b8378b40b6237e8f0b9c34fa667246140ebe26883575d3d8e0c437e3a2571cd0bc39337f3fac88694537c4fefe227ad63cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\WebCompanionInstaller.exe

Filesize
461KB

MD5
4a5b051edbc60c58d0fa08810ab2fa0a

SHA1
0430c9096463c70cfabd1e831df7121fc39ba811

SHA256
4f388b54e9ba62572013722783938e1603fe3e76b5b02031ed33df09c1c73eaa

SHA512
9a9e0e5f85ff379d5927fe0525592b8378b40b6237e8f0b9c34fa667246140ebe26883575d3d8e0c437e3a2571cd0bc39337f3fac88694537c4fefe227ad63cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\WebCompanionInstaller.exe.config

Filesize
2KB

MD5
ebacec1e9929bd429c709a9fd0c210ac

SHA1
a6a847fd94fa1d243108ecac6eb75e14033a93c0

SHA256
ae0e80f5549f5ad5ef0996882a2e0f997ff3724e63a35c9bca9001b10f58dee6

SHA512
8a7f4dccf0fd9888d19f01358c751a917d707c5b2ce01852224a4d3f70440d0e026dd824ac51f07942ad7722d07e949798cc044dccd32559f35651f01efcd196

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\en-US\WebCompanionInstaller.resources.dll

Filesize
9KB

MD5
d3105e9db5aac25193d6c6d2d99349f6

SHA1
551362c83428f52837a97a9c988d993e4b9dc573

SHA256
86b3513221f9d1edac50afb7a43cdeee1599cdc69f37d6c52be7f2a0bf014e66

SHA512
79a10cb9383f07cb17b16af8cea52b28a0e5c7d01aed21ed0cff05ae669abb4d9ad3585cd117407e272d98c52524f115a4b93bac8fb42d6574533b243f5935cb

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3526.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar3548.tmp

Filesize
163KB

MD5
9441737383d21192400eca82fda910ec

SHA1
725e0d606a4fc9ba44aa8ffde65bed15e65367e4

SHA256
bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

SHA512
7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar39D1.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll

Filesize
207KB

MD5
22db60594f6616ad45b65f0597ad2cf8

SHA1
dde71da23461bf73b75c30427bd19050ba013d43

SHA256
2bd8cef6c24f303a4d43e8af6c157d13c5e68ae12499231abdb96500e2a119cc

SHA512
294e6c2325dee79a3ad629b138c6f0ac5e307f001a288dd1078a75a5e0f275aa1a6a48fbd1c0c60eb7b8e60aff33e035d5cc46f85aa9a97b2e809a10947df9c9

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll

Filesize
55KB

MD5
d050df18bd18bf81abc997ff64e04fa0

SHA1
90c106a3e2a58c2e6e4ab3e0b14e32520a0e34d8

SHA256
7b5f7bbf5c1585f596b2a9bb5b67e70696a66f07ac645acbd9b9451f33c4beda

SHA512
e79a7dbb4474768741dabb5c41885d2f684e6c9c3244657f017c534754ecac9a5001e251282d087d503cb598aea836330e8b12612cd6317f8c20dc9318e70a5f

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Ionic.Zip.dll

Filesize
462KB

MD5
3d8bf84f10ef47ee50c437c255bc3958

SHA1
5aa8f0319dcc0d1ce6fb4577fedca2d8a66610f2

SHA256
8006bfce39927b96a0642d51bba0cf7a449bb2b09c62f5f5cb1618e748468356

SHA512
db73c6fe81c57b71c2587baaaed00a092f4476f2ee8268a83da95f4e3ac5755e801d18b137ebadf118e1b6b89b660dadcbd793647c24e432c0c9a1df40fbd677

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll

Filesize
199KB

MD5
719abfcdfe4a420ed8db4b1f407b27c0

SHA1
d8b5b8b670e10a00c3b2b21d147568b6c4a68edd

SHA256
4fd95a547d9604810e3ec80d63a564492a1a2d050f985bc228a191e3fdf5631c

SHA512
b970be97e23a5f97d70d9ae87512a596e0bec22ec6e76e8198318ec0c8a2b36cfa9064ed6e7bf514ab44d6dfde07a0c37c67167c54bfebded1ecb3b94d9ce7e6

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Events.dll

Filesize
131KB

MD5
c86dfe367017deba7a77a6724d0cf387

SHA1
c97b810c9755275e45128299a422040544f73422

SHA256
bc57b7acaed475fa37a63d0d9167ddf55331a228905e18027c0cbee30eae4417

SHA512
438fe3cd085b0b05e809b85a43e0a721a9ba7790d7fc464b9aa0184d19eb1224277f3dfb95f1aaf104d28e79d07faf12155d4fb80c02476c0cdcfe9015dcb205

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll

Filesize
528KB

MD5
06057dd6faec821061f244d51c3269c0

SHA1
676aebe7f974d88dc034bf8741688a6ef4653687

SHA256
7d73db43d134121301d16fccd6c0d9d3a56782b275ac38d3cf039340f1f7d209

SHA512
ff931525b9264aaee4b67122c1f11b891e8b5a92c8e53a5df1cb63b889df581c465a747521723e1c18aca5109f101799edc1247277c1b06086739c8bfeb7244d

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll

Filesize
104KB

MD5
ec4b2852e620fb8977b4ca209d7787d1

SHA1
b59eda2724522814e2f5d1dba675c3c1efaa9579

SHA256
82ef634b9216b2a72248f3dfe22c7f26ee119021d06ce71cdee4193e940a2956

SHA512
f2a233407bb1752fb9d6f0ff99f6b21fe514c29128302b34db5dfa28b00b429d23e0f5dba6226298b655ef2194861baa05f349f00e4636934ef2d07fd57ffa73

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll

Filesize
426KB

MD5
8646baeed20310f7b687789e58e183e2

SHA1
3fd09e9f654331f031e88fbe61d99a42dd10c1d7

SHA256
193c95270430347cd2c0677cbff40e5c812e0b49f7fe539b8b37b9427079986c

SHA512
537bb871c727d7345a47016b0628b4628b3f0414a1c4002d9f7ab3165751c2185143c565358a659ccf522b7917929fbbbfab03d488833b70d1bc14ef1b3c6f2b

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe

Filesize
9.2MB

MD5
7bb65bb24e9a4a04e8d3423d12cf4665

SHA1
29a28ec509fd7e46eead9730d910bc9261babd1e

SHA256
263d145e44bbef5f1a7b33d5d22ea33a941ef339a567d853e257e5b07540049e

SHA512
893a9538efc74bf9c2f55c537abc6a227e02a992d42321d29e81b45bd7394cb1b4729371dbc1536fa8e75442b4f48cfdce1b09af829c8a381e848527f52aa01e

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe

Filesize
9.2MB

MD5
7bb65bb24e9a4a04e8d3423d12cf4665

SHA1
29a28ec509fd7e46eead9730d910bc9261babd1e

SHA256
263d145e44bbef5f1a7b33d5d22ea33a941ef339a567d853e257e5b07540049e

SHA512
893a9538efc74bf9c2f55c537abc6a227e02a992d42321d29e81b45bd7394cb1b4729371dbc1536fa8e75442b4f48cfdce1b09af829c8a381e848527f52aa01e

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe

Filesize
9.2MB

MD5
7bb65bb24e9a4a04e8d3423d12cf4665

SHA1
29a28ec509fd7e46eead9730d910bc9261babd1e

SHA256
263d145e44bbef5f1a7b33d5d22ea33a941ef339a567d853e257e5b07540049e

SHA512
893a9538efc74bf9c2f55c537abc6a227e02a992d42321d29e81b45bd7394cb1b4729371dbc1536fa8e75442b4f48cfdce1b09af829c8a381e848527f52aa01e

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe.config

Filesize
19KB

MD5
1f6d2003038e80d41622133f99babbfb

SHA1
15d65abfa15dcca59ea4b31dac689377497e4596

SHA256
00686f103e7774f6ec676fd9fecfe5424bdfb31cd1dd82625fd8c7d3e2f427f7

SHA512
87b61780297fe072e2054269d7effd69ea85bf414279d12c0232cecebefb07435a727bc69a234681e7a2be862699a73ca79a83b1354406936cf9286d96cc8fd0

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\log4net.dll

Filesize
315KB

MD5
1d468bb4ca5c3664f208dea11633d570

SHA1
2ea73e477abd6ae06fde8aebd1bd72ebd569fb2b

SHA256
73c4b4c46095f46aa422f0caf810bb053704c3ca6cc938a8c74b8db2ab1e5318

SHA512
7a7b8f34a4797c02bed552cce89db5a02a4952355dd45be4ac4bab6a8f283a1c7036f343516a1778243a978745537d23e3e382c9dc9e496b79cf909aefd5ba7e

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip

Filesize
404B

MD5
b9900844e1edfff5cdb706cfc91214ec

SHA1
77ab762f35ee969ac1e01604133212cc403ae6d5

SHA256
6e7478879b4ea6450e8ad2b0f264a884aa8879c0fa4e58661ea7235157bea048

SHA512
0d107f8cd82281cb8a25a2dc6a9e53a078a0e9eb4cc52ae5a3ea602f8fd37cf522e5707dd89ca847eaa14fa8828f4e4e272c31c617337f5addd8812e91140256

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip

Filesize
404B

MD5
70d4329c8e9a847dd24de02c13904109

SHA1
539e7dca0d7851f83e0e6302201b9fcc681a4985

SHA256
25ffc5848690abc3746c9f27c423f29c8ae0a20bd7b1c61e88cf20ec278fe938

SHA512
a93ca7531e706d6ba3760152e2efa3b58c859ca20f696b4e3bd036c619c653c2af68b2581a5444efc34468b3685c084fa50dd5bcdfd69208c364038cc72de809

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\AppSettings.txt

Filesize
310B

MD5
d1c66668d86b8017500d2a93977e2dc5

SHA1
6e86edc442ff9e0fc8c1664a4ee3bb02b66c6f68

SHA256
8b48ce0254b019bde1cd7e308828b71a8e70e22296cde4edd73292644ffdecff

SHA512
5f9db5e9a50744c6d9ac5111f939907592cff292c46684415578cbe2a0ad91673e90db8a9290572766ec5c86e7d8b357546186e7be6fd1a000a1678e08d28be8

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FeatureActions.zip

Filesize
630B

MD5
b58ae2a7ade697b922f66911c50bf70b

SHA1
4a692cb525bf488ca2b2ed925c84926b86d9c541

SHA256
2a9c2bb3a115b42b489ae7e842631aece08bc6723bbaa878b68897fdc9a9239a

SHA512
91d8153a8880655ad3097814c0e43fb781a93d1e2a6f4d2df3aa4296d650d3f241d72fa71666d413db200368cd186fed5178cbaff6ff3df51b779f5a6b31e8f0

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\LatestReleaseNotes.txt

Filesize
6B

MD5
f5bd57c383ba95f77ad910dd0200e081

SHA1
0595d53ee4839cc59f5883fb1bc42098024f9b7b

SHA256
abdfbffecbe18ed94df9829819e596ee285b52a94aa108514452a9121721c789

SHA512
f9f0a2040f85cc0338b9fb6770180d3d7cdf0f12d8e3bdf01b9a27c1c03f6653a768ba73fa427813561ea8b221b349e11f64221366841b602c3618f7197f283b

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\Partner.txt

Filesize
59B

MD5
5a7d607c80dd72e6a06b152a84bf41f2

SHA1
0ad33af6e6e1220a142dc953166bb951bb2b266a

SHA256
de463d9e85b2bd9e25dce0757527fb4433f5182e190d015773b046fb7d4754ab

SHA512
0aa3a81637cc9558ff81bc37ff7c1ad346036e9f51670303ac2df9dcbe6bb0f568b9efab8415725079ca859da22b240b784df7573572c33cdbadea0be1eea3bd

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt

Filesize
187B

MD5
bad0f4a6d3408c2ab3085ac5a3b4d1c0

SHA1
c8217c271348d16dc594b5098cb5639b2f9e69c9

SHA256
cfb36a9eebcc5610ba8da68f19ede3a258f1af5089a644ab5a1f5e6f392f7930

SHA512
cf1270ea9ad1b7b813756e9f33f4595db2036e7d1e6ef58a3dbdaf3d7fb6fa66e700781f2c226dffeaa6fdb379aecaf9f507d5c654281b1bad5b87ef7046d349

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\Statistics.txt

Filesize
56B

MD5
203ee264f7d3b8e4c7123aafd2ce48e7

SHA1
25a7a16713b73e90e5a59ca5c8b6f023b965d051

SHA256
a15df0ad84cb4e6e40095902e6a2e8db4b679287ff3bcc98e70012e65a09da9d

SHA512
4dbc76f12223cc76539d32e1b0365d55cf707f3cd9c4c4cb263b4ac67c6fa164b7e4b6f49e3c8ca0db5a4efe0bdb1e62c889a51e1a12e60f2176d404670f3434

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\WebProtectionConfig.txt

Filesize
308B

MD5
0cb1cc6ebd3113ffa4d08cb8e611b0c1

SHA1
c084178a890875d41c400e8950537e1f8a58a50f

SHA256
b578ec7cfe4cdf6690c83daa66b068fc585a8b35fc3a8722e29f2dc0fabb26e2

SHA512
c86f4c9a16249313e1a4e0561dc6241e931c5d382a830b64e3aa9d1447734716417bc2f08e4860edc0d2945cc5091170b90039194c90985395d33a36662fffec

Download Submit
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new

Filesize
466B

MD5
49bdff6b71fdb88bfb18f81b9882e420

SHA1
fa66370488d275d877643e9ad73ad45f4fb74898

SHA256
4aa57d2d31224fc6a07d6ce47fdc14f720f724ece4e5aadd529f76d599ea2e6c

SHA512
32af2750a0a5358531ebcfee2e5f7892519f93ec31ed0c61cc42d303328b9dffb6b3dd75a7bafed4dc7ab79d90accad8ab97e3e193d46dd76eb7ab2f0600591e

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\ICSharpCode.SharpZipLib.dll

Filesize
207KB

MD5
1e16bad4f6a563c46161bb4fb0cfec4f

SHA1
e86ee8b835814ff6e6d6709a00694d0308cc83f3

SHA256
c7b5080ea8b2753751cb6252a3e9edd2a292d8a141de9e65cd3d0005ebe041e9

SHA512
a0a52c24bde70dfd22d0c7b57a2ae53927a5efd2a6dd18a325f7d03a6fd94eeb6c5885b63c7e135bac786bc4bde82640584e76ab04d9a9e6bf24923b9f05e7e3

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\ICSharpCode.SharpZipLib.dll

Filesize
207KB

MD5
1e16bad4f6a563c46161bb4fb0cfec4f

SHA1
e86ee8b835814ff6e6d6709a00694d0308cc83f3

SHA256
c7b5080ea8b2753751cb6252a3e9edd2a292d8a141de9e65cd3d0005ebe041e9

SHA512
a0a52c24bde70dfd22d0c7b57a2ae53927a5efd2a6dd18a325f7d03a6fd94eeb6c5885b63c7e135bac786bc4bde82640584e76ab04d9a9e6bf24923b9f05e7e3

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\ICSharpCode.SharpZipLib.dll

Filesize
207KB

MD5
1e16bad4f6a563c46161bb4fb0cfec4f

SHA1
e86ee8b835814ff6e6d6709a00694d0308cc83f3

SHA256
c7b5080ea8b2753751cb6252a3e9edd2a292d8a141de9e65cd3d0005ebe041e9

SHA512
a0a52c24bde70dfd22d0c7b57a2ae53927a5efd2a6dd18a325f7d03a6fd94eeb6c5885b63c7e135bac786bc4bde82640584e76ab04d9a9e6bf24923b9f05e7e3

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\Newtonsoft.Json.dll

Filesize
426KB

MD5
6fe086f542ae0dde2ab0162a87b63192

SHA1
a940664ce30f1938fed543d23e3715732315ab2f

SHA256
484a60598618c20e518c0acb0a2d5296fb64d15dea2edda698a178caba16ce27

SHA512
ca4c8682b169385a2b2795a3c128b985123d40670a55b8d5d5545e3377568be396d370808d14d099c583991e3ca438e1d48963c4e1620131e1ba4691f8f40ca2

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\Newtonsoft.Json.dll

Filesize
426KB

MD5
6fe086f542ae0dde2ab0162a87b63192

SHA1
a940664ce30f1938fed543d23e3715732315ab2f

SHA256
484a60598618c20e518c0acb0a2d5296fb64d15dea2edda698a178caba16ce27

SHA512
ca4c8682b169385a2b2795a3c128b985123d40670a55b8d5d5545e3377568be396d370808d14d099c583991e3ca438e1d48963c4e1620131e1ba4691f8f40ca2

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\Newtonsoft.Json.dll

Filesize
426KB

MD5
6fe086f542ae0dde2ab0162a87b63192

SHA1
a940664ce30f1938fed543d23e3715732315ab2f

SHA256
484a60598618c20e518c0acb0a2d5296fb64d15dea2edda698a178caba16ce27

SHA512
ca4c8682b169385a2b2795a3c128b985123d40670a55b8d5d5545e3377568be396d370808d14d099c583991e3ca438e1d48963c4e1620131e1ba4691f8f40ca2

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\WebCompanionInstaller.exe

Filesize
461KB

MD5
4a5b051edbc60c58d0fa08810ab2fa0a

SHA1
0430c9096463c70cfabd1e831df7121fc39ba811

SHA256
4f388b54e9ba62572013722783938e1603fe3e76b5b02031ed33df09c1c73eaa

SHA512
9a9e0e5f85ff379d5927fe0525592b8378b40b6237e8f0b9c34fa667246140ebe26883575d3d8e0c437e3a2571cd0bc39337f3fac88694537c4fefe227ad63cf

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\en-US\WebCompanionInstaller.resources.dll

Filesize
9KB

MD5
d3105e9db5aac25193d6c6d2d99349f6

SHA1
551362c83428f52837a97a9c988d993e4b9dc573

SHA256
86b3513221f9d1edac50afb7a43cdeee1599cdc69f37d6c52be7f2a0bf014e66

SHA512
79a10cb9383f07cb17b16af8cea52b28a0e5c7d01aed21ed0cff05ae669abb4d9ad3585cd117407e272d98c52524f115a4b93bac8fb42d6574533b243f5935cb

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\en-US\WebCompanionInstaller.resources.dll

Filesize
9KB

MD5
d3105e9db5aac25193d6c6d2d99349f6

SHA1
551362c83428f52837a97a9c988d993e4b9dc573

SHA256
86b3513221f9d1edac50afb7a43cdeee1599cdc69f37d6c52be7f2a0bf014e66

SHA512
79a10cb9383f07cb17b16af8cea52b28a0e5c7d01aed21ed0cff05ae669abb4d9ad3585cd117407e272d98c52524f115a4b93bac8fb42d6574533b243f5935cb

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCA8AEF16\en-US\WebCompanionInstaller.resources.dll

Filesize
9KB

MD5
d3105e9db5aac25193d6c6d2d99349f6

SHA1
551362c83428f52837a97a9c988d993e4b9dc573

SHA256
86b3513221f9d1edac50afb7a43cdeee1599cdc69f37d6c52be7f2a0bf014e66

SHA512
79a10cb9383f07cb17b16af8cea52b28a0e5c7d01aed21ed0cff05ae669abb4d9ad3585cd117407e272d98c52524f115a4b93bac8fb42d6574533b243f5935cb

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll

Filesize
207KB

MD5
22db60594f6616ad45b65f0597ad2cf8

SHA1
dde71da23461bf73b75c30427bd19050ba013d43

SHA256
2bd8cef6c24f303a4d43e8af6c157d13c5e68ae12499231abdb96500e2a119cc

SHA512
294e6c2325dee79a3ad629b138c6f0ac5e307f001a288dd1078a75a5e0f275aa1a6a48fbd1c0c60eb7b8e60aff33e035d5cc46f85aa9a97b2e809a10947df9c9

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll

Filesize
207KB

MD5
22db60594f6616ad45b65f0597ad2cf8

SHA1
dde71da23461bf73b75c30427bd19050ba013d43

SHA256
2bd8cef6c24f303a4d43e8af6c157d13c5e68ae12499231abdb96500e2a119cc

SHA512
294e6c2325dee79a3ad629b138c6f0ac5e307f001a288dd1078a75a5e0f275aa1a6a48fbd1c0c60eb7b8e60aff33e035d5cc46f85aa9a97b2e809a10947df9c9

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll

Filesize
207KB

MD5
22db60594f6616ad45b65f0597ad2cf8

SHA1
dde71da23461bf73b75c30427bd19050ba013d43

SHA256
2bd8cef6c24f303a4d43e8af6c157d13c5e68ae12499231abdb96500e2a119cc

SHA512
294e6c2325dee79a3ad629b138c6f0ac5e307f001a288dd1078a75a5e0f275aa1a6a48fbd1c0c60eb7b8e60aff33e035d5cc46f85aa9a97b2e809a10947df9c9

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll

Filesize
55KB

MD5
d050df18bd18bf81abc997ff64e04fa0

SHA1
90c106a3e2a58c2e6e4ab3e0b14e32520a0e34d8

SHA256
7b5f7bbf5c1585f596b2a9bb5b67e70696a66f07ac645acbd9b9451f33c4beda

SHA512
e79a7dbb4474768741dabb5c41885d2f684e6c9c3244657f017c534754ecac9a5001e251282d087d503cb598aea836330e8b12612cd6317f8c20dc9318e70a5f

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll

Filesize
55KB

MD5
d050df18bd18bf81abc997ff64e04fa0

SHA1
90c106a3e2a58c2e6e4ab3e0b14e32520a0e34d8

SHA256
7b5f7bbf5c1585f596b2a9bb5b67e70696a66f07ac645acbd9b9451f33c4beda

SHA512
e79a7dbb4474768741dabb5c41885d2f684e6c9c3244657f017c534754ecac9a5001e251282d087d503cb598aea836330e8b12612cd6317f8c20dc9318e70a5f

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll

Filesize
55KB

MD5
d050df18bd18bf81abc997ff64e04fa0

SHA1
90c106a3e2a58c2e6e4ab3e0b14e32520a0e34d8

SHA256
7b5f7bbf5c1585f596b2a9bb5b67e70696a66f07ac645acbd9b9451f33c4beda

SHA512
e79a7dbb4474768741dabb5c41885d2f684e6c9c3244657f017c534754ecac9a5001e251282d087d503cb598aea836330e8b12612cd6317f8c20dc9318e70a5f

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Ionic.Zip.dll

Filesize
462KB

MD5
3d8bf84f10ef47ee50c437c255bc3958

SHA1
5aa8f0319dcc0d1ce6fb4577fedca2d8a66610f2

SHA256
8006bfce39927b96a0642d51bba0cf7a449bb2b09c62f5f5cb1618e748468356

SHA512
db73c6fe81c57b71c2587baaaed00a092f4476f2ee8268a83da95f4e3ac5755e801d18b137ebadf118e1b6b89b660dadcbd793647c24e432c0c9a1df40fbd677

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Ionic.Zip.dll

Filesize
462KB

MD5
3d8bf84f10ef47ee50c437c255bc3958

SHA1
5aa8f0319dcc0d1ce6fb4577fedca2d8a66610f2

SHA256
8006bfce39927b96a0642d51bba0cf7a449bb2b09c62f5f5cb1618e748468356

SHA512
db73c6fe81c57b71c2587baaaed00a092f4476f2ee8268a83da95f4e3ac5755e801d18b137ebadf118e1b6b89b660dadcbd793647c24e432c0c9a1df40fbd677

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Ionic.Zip.dll

Filesize
462KB

MD5
3d8bf84f10ef47ee50c437c255bc3958

SHA1
5aa8f0319dcc0d1ce6fb4577fedca2d8a66610f2

SHA256
8006bfce39927b96a0642d51bba0cf7a449bb2b09c62f5f5cb1618e748468356

SHA512
db73c6fe81c57b71c2587baaaed00a092f4476f2ee8268a83da95f4e3ac5755e801d18b137ebadf118e1b6b89b660dadcbd793647c24e432c0c9a1df40fbd677

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll

Filesize
199KB

MD5
719abfcdfe4a420ed8db4b1f407b27c0

SHA1
d8b5b8b670e10a00c3b2b21d147568b6c4a68edd

SHA256
4fd95a547d9604810e3ec80d63a564492a1a2d050f985bc228a191e3fdf5631c

SHA512
b970be97e23a5f97d70d9ae87512a596e0bec22ec6e76e8198318ec0c8a2b36cfa9064ed6e7bf514ab44d6dfde07a0c37c67167c54bfebded1ecb3b94d9ce7e6

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll

Filesize
199KB

MD5
719abfcdfe4a420ed8db4b1f407b27c0

SHA1
d8b5b8b670e10a00c3b2b21d147568b6c4a68edd

SHA256
4fd95a547d9604810e3ec80d63a564492a1a2d050f985bc228a191e3fdf5631c

SHA512
b970be97e23a5f97d70d9ae87512a596e0bec22ec6e76e8198318ec0c8a2b36cfa9064ed6e7bf514ab44d6dfde07a0c37c67167c54bfebded1ecb3b94d9ce7e6

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll

Filesize
199KB

MD5
719abfcdfe4a420ed8db4b1f407b27c0

SHA1
d8b5b8b670e10a00c3b2b21d147568b6c4a68edd

SHA256
4fd95a547d9604810e3ec80d63a564492a1a2d050f985bc228a191e3fdf5631c

SHA512
b970be97e23a5f97d70d9ae87512a596e0bec22ec6e76e8198318ec0c8a2b36cfa9064ed6e7bf514ab44d6dfde07a0c37c67167c54bfebded1ecb3b94d9ce7e6

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Events.dll

Filesize
131KB

MD5
c86dfe367017deba7a77a6724d0cf387

SHA1
c97b810c9755275e45128299a422040544f73422

SHA256
bc57b7acaed475fa37a63d0d9167ddf55331a228905e18027c0cbee30eae4417

SHA512
438fe3cd085b0b05e809b85a43e0a721a9ba7790d7fc464b9aa0184d19eb1224277f3dfb95f1aaf104d28e79d07faf12155d4fb80c02476c0cdcfe9015dcb205

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Events.dll

Filesize
131KB

MD5
c86dfe367017deba7a77a6724d0cf387

SHA1
c97b810c9755275e45128299a422040544f73422

SHA256
bc57b7acaed475fa37a63d0d9167ddf55331a228905e18027c0cbee30eae4417

SHA512
438fe3cd085b0b05e809b85a43e0a721a9ba7790d7fc464b9aa0184d19eb1224277f3dfb95f1aaf104d28e79d07faf12155d4fb80c02476c0cdcfe9015dcb205

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Events.dll

Filesize
131KB

MD5
c86dfe367017deba7a77a6724d0cf387

SHA1
c97b810c9755275e45128299a422040544f73422

SHA256
bc57b7acaed475fa37a63d0d9167ddf55331a228905e18027c0cbee30eae4417

SHA512
438fe3cd085b0b05e809b85a43e0a721a9ba7790d7fc464b9aa0184d19eb1224277f3dfb95f1aaf104d28e79d07faf12155d4fb80c02476c0cdcfe9015dcb205

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll

Filesize
528KB

MD5
06057dd6faec821061f244d51c3269c0

SHA1
676aebe7f974d88dc034bf8741688a6ef4653687

SHA256
7d73db43d134121301d16fccd6c0d9d3a56782b275ac38d3cf039340f1f7d209

SHA512
ff931525b9264aaee4b67122c1f11b891e8b5a92c8e53a5df1cb63b889df581c465a747521723e1c18aca5109f101799edc1247277c1b06086739c8bfeb7244d

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll

Filesize
528KB

MD5
06057dd6faec821061f244d51c3269c0

SHA1
676aebe7f974d88dc034bf8741688a6ef4653687

SHA256
7d73db43d134121301d16fccd6c0d9d3a56782b275ac38d3cf039340f1f7d209

SHA512
ff931525b9264aaee4b67122c1f11b891e8b5a92c8e53a5df1cb63b889df581c465a747521723e1c18aca5109f101799edc1247277c1b06086739c8bfeb7244d

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll

Filesize
528KB

MD5
06057dd6faec821061f244d51c3269c0

SHA1
676aebe7f974d88dc034bf8741688a6ef4653687

SHA256
7d73db43d134121301d16fccd6c0d9d3a56782b275ac38d3cf039340f1f7d209

SHA512
ff931525b9264aaee4b67122c1f11b891e8b5a92c8e53a5df1cb63b889df581c465a747521723e1c18aca5109f101799edc1247277c1b06086739c8bfeb7244d

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll

Filesize
104KB

MD5
ec4b2852e620fb8977b4ca209d7787d1

SHA1
b59eda2724522814e2f5d1dba675c3c1efaa9579

SHA256
82ef634b9216b2a72248f3dfe22c7f26ee119021d06ce71cdee4193e940a2956

SHA512
f2a233407bb1752fb9d6f0ff99f6b21fe514c29128302b34db5dfa28b00b429d23e0f5dba6226298b655ef2194861baa05f349f00e4636934ef2d07fd57ffa73

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll

Filesize
104KB

MD5
ec4b2852e620fb8977b4ca209d7787d1

SHA1
b59eda2724522814e2f5d1dba675c3c1efaa9579

SHA256
82ef634b9216b2a72248f3dfe22c7f26ee119021d06ce71cdee4193e940a2956

SHA512
f2a233407bb1752fb9d6f0ff99f6b21fe514c29128302b34db5dfa28b00b429d23e0f5dba6226298b655ef2194861baa05f349f00e4636934ef2d07fd57ffa73

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll

Filesize
104KB

MD5
ec4b2852e620fb8977b4ca209d7787d1

SHA1
b59eda2724522814e2f5d1dba675c3c1efaa9579

SHA256
82ef634b9216b2a72248f3dfe22c7f26ee119021d06ce71cdee4193e940a2956

SHA512
f2a233407bb1752fb9d6f0ff99f6b21fe514c29128302b34db5dfa28b00b429d23e0f5dba6226298b655ef2194861baa05f349f00e4636934ef2d07fd57ffa73

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll

Filesize
426KB

MD5
8646baeed20310f7b687789e58e183e2

SHA1
3fd09e9f654331f031e88fbe61d99a42dd10c1d7

SHA256
193c95270430347cd2c0677cbff40e5c812e0b49f7fe539b8b37b9427079986c

SHA512
537bb871c727d7345a47016b0628b4628b3f0414a1c4002d9f7ab3165751c2185143c565358a659ccf522b7917929fbbbfab03d488833b70d1bc14ef1b3c6f2b

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll

Filesize
426KB

MD5
8646baeed20310f7b687789e58e183e2

SHA1
3fd09e9f654331f031e88fbe61d99a42dd10c1d7

SHA256
193c95270430347cd2c0677cbff40e5c812e0b49f7fe539b8b37b9427079986c

SHA512
537bb871c727d7345a47016b0628b4628b3f0414a1c4002d9f7ab3165751c2185143c565358a659ccf522b7917929fbbbfab03d488833b70d1bc14ef1b3c6f2b

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll

Filesize
426KB

MD5
8646baeed20310f7b687789e58e183e2

SHA1
3fd09e9f654331f031e88fbe61d99a42dd10c1d7

SHA256
193c95270430347cd2c0677cbff40e5c812e0b49f7fe539b8b37b9427079986c

SHA512
537bb871c727d7345a47016b0628b4628b3f0414a1c4002d9f7ab3165751c2185143c565358a659ccf522b7917929fbbbfab03d488833b70d1bc14ef1b3c6f2b

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe

Filesize
9.2MB

MD5
7bb65bb24e9a4a04e8d3423d12cf4665

SHA1
29a28ec509fd7e46eead9730d910bc9261babd1e

SHA256
263d145e44bbef5f1a7b33d5d22ea33a941ef339a567d853e257e5b07540049e

SHA512
893a9538efc74bf9c2f55c537abc6a227e02a992d42321d29e81b45bd7394cb1b4729371dbc1536fa8e75442b4f48cfdce1b09af829c8a381e848527f52aa01e

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe

Filesize
9.2MB

MD5
7bb65bb24e9a4a04e8d3423d12cf4665

SHA1
29a28ec509fd7e46eead9730d910bc9261babd1e

SHA256
263d145e44bbef5f1a7b33d5d22ea33a941ef339a567d853e257e5b07540049e

SHA512
893a9538efc74bf9c2f55c537abc6a227e02a992d42321d29e81b45bd7394cb1b4729371dbc1536fa8e75442b4f48cfdce1b09af829c8a381e848527f52aa01e

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe

Filesize
9.2MB

MD5
7bb65bb24e9a4a04e8d3423d12cf4665

SHA1
29a28ec509fd7e46eead9730d910bc9261babd1e

SHA256
263d145e44bbef5f1a7b33d5d22ea33a941ef339a567d853e257e5b07540049e

SHA512
893a9538efc74bf9c2f55c537abc6a227e02a992d42321d29e81b45bd7394cb1b4729371dbc1536fa8e75442b4f48cfdce1b09af829c8a381e848527f52aa01e

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\log4net.dll

Filesize
315KB

MD5
1d468bb4ca5c3664f208dea11633d570

SHA1
2ea73e477abd6ae06fde8aebd1bd72ebd569fb2b

SHA256
73c4b4c46095f46aa422f0caf810bb053704c3ca6cc938a8c74b8db2ab1e5318

SHA512
7a7b8f34a4797c02bed552cce89db5a02a4952355dd45be4ac4bab6a8f283a1c7036f343516a1778243a978745537d23e3e382c9dc9e496b79cf909aefd5ba7e

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\log4net.dll

Filesize
315KB

MD5
1d468bb4ca5c3664f208dea11633d570

SHA1
2ea73e477abd6ae06fde8aebd1bd72ebd569fb2b

SHA256
73c4b4c46095f46aa422f0caf810bb053704c3ca6cc938a8c74b8db2ab1e5318

SHA512
7a7b8f34a4797c02bed552cce89db5a02a4952355dd45be4ac4bab6a8f283a1c7036f343516a1778243a978745537d23e3e382c9dc9e496b79cf909aefd5ba7e

Download Submit
\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\log4net.dll

Filesize
315KB

MD5
1d468bb4ca5c3664f208dea11633d570

SHA1
2ea73e477abd6ae06fde8aebd1bd72ebd569fb2b

SHA256
73c4b4c46095f46aa422f0caf810bb053704c3ca6cc938a8c74b8db2ab1e5318

SHA512
7a7b8f34a4797c02bed552cce89db5a02a4952355dd45be4ac4bab6a8f283a1c7036f343516a1778243a978745537d23e3e382c9dc9e496b79cf909aefd5ba7e

Download Submit
memory/1620-3245-0x00000000088E0000-0x00000000088F2000-memory.dmp

Filesize
72KB

Download
memory/1620-3698-0x00000000661C0000-0x00000000661E2000-memory.dmp

Filesize
136KB

Download
memory/1620-3267-0x0000000000180000-0x00000000001C0000-memory.dmp

Filesize
256KB

Download
memory/1620-2617-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/1620-3247-0x000000006C120000-0x000000006C80E000-memory.dmp

Filesize
6.9MB

Download
memory/1620-2618-0x0000000000180000-0x00000000001C0000-memory.dmp

Filesize
256KB

Download
memory/1620-812-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/1620-3246-0x000000006CA30000-0x000000006CA42000-memory.dmp

Filesize
72KB

Download
memory/1620-809-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/1620-3705-0x000000006C120000-0x000000006C80E000-memory.dmp

Filesize
6.9MB

Download
memory/1620-3704-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/1620-811-0x0000000000180000-0x00000000001C0000-memory.dmp

Filesize
256KB

Download
memory/1620-3703-0x00000000661C0000-0x00000000661E2000-memory.dmp

Filesize
136KB

Download
memory/2644-56-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/2644-799-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/2644-1004-0x00000000003E0000-0x0000000000420000-memory.dmp

Filesize
256KB

Download
memory/2644-5032-0x00000000003E0000-0x0000000000420000-memory.dmp

Filesize
256KB

Download
memory/2644-803-0x00000000003E0000-0x0000000000420000-memory.dmp

Filesize
256KB

Download
memory/2644-57-0x00000000003E0000-0x0000000000420000-memory.dmp

Filesize
256KB

Download
memory/2644-5033-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/2644-3810-0x00000000003E0000-0x0000000000420000-memory.dmp

Filesize
256KB

Download
memory/2644-35-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/2644-541-0x00000000003E0000-0x0000000000420000-memory.dmp

Filesize
256KB

Download
memory/2644-542-0x00000000003E0000-0x0000000000420000-memory.dmp

Filesize
256KB

Download
memory/2644-719-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/3048-6487-0x0000000000190000-0x00000000001D0000-memory.dmp

Filesize
256KB

Download
memory/3048-6472-0x0000000000190000-0x00000000001D0000-memory.dmp

Filesize
256KB

Download
memory/3048-5722-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/3048-6681-0x00000000661C0000-0x00000000661E2000-memory.dmp

Filesize
136KB

Download
memory/3048-6686-0x0000000009F60000-0x0000000009F72000-memory.dmp

Filesize
72KB

Download
memory/3048-6687-0x000000006CF50000-0x000000006CF62000-memory.dmp

Filesize
72KB

Download
memory/3048-5963-0x0000000000190000-0x00000000001D0000-memory.dmp

Filesize
256KB

Download
memory/3048-3708-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download
memory/3048-5723-0x0000000000190000-0x00000000001D0000-memory.dmp

Filesize
256KB

Download
memory/3048-3707-0x0000000000190000-0x00000000001D0000-memory.dmp

Filesize
256KB

Download
memory/3048-6824-0x0000000000190000-0x00000000001D0000-memory.dmp

Filesize
256KB

Download
memory/3048-3706-0x00000000743B0000-0x000000007495B000-memory.dmp

Filesize
5.7MB

Download