396cb9e17c57f09c4afab97f91e72011e3f115b15e764c39d26473d92fe2c45e

Analysis

max time kernel
149s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20231130-en
resource tags

arch:x64arch:x86image:win10v2004-20231130-enlocale:en-usos:windows10-2004-x64system
submitted
05-12-2023 14:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Setup_DriverDoc_2024.exe
Size

6.0MB
MD5

c65a354ac28f2f45c7ca8a38e4f778d6
SHA1

42d84f6be5cfa1503dc7bd8275073872d71a4fc0
SHA256

396cb9e17c57f09c4afab97f91e72011e3f115b15e764c39d26473d92fe2c45e
SHA512

7acba2651fb1378a97c47ce6723808235ddd74d2cb736f5fb6f28a241f3b33188e9a511c6be2eb3ca8e7cad68c05a76a0c853edc5a417a16aacd5c0388950017
SSDEEP

98304:KSi1jH0UJukUYMwioEgGU9KM+ZFNIO05p0oO2gz8+fyTx:MUvkUMiij9KM+7Npc0R4+KTx

Score

5^/10

discovery

Malware Config

Signatures

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1791582586-1997866593-3795608343-1000\Control Panel\International\Geo\Nation	Setup_DriverDoc_2024.tmp
Key value queried	\REGISTRY\USER\S-1-5-21-1791582586-1997866593-3795608343-1000\Control Panel\International\Geo\Nation	DriverDoc.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\DriverDoc\is-6MFTA.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\stub64.exe	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-6CTS4.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-8K6JP.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Brazilian.chm	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-KVFG1.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-RQQK2.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-9L6IN.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\Dutch.ini	DriverPro.exe
File opened for modification	C:\Program Files (x86)\DriverDoc\Spanish.chm	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Polish.chm	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-IJI7N.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\DriverDoc.exe	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-CQBGQ.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\Settings.ini	DriverPro.exe
File created	C:\Program Files (x86)\DriverDoc\is-CN5SP.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\Japanese.ini	DriverPro.exe
File created	C:\Program Files (x86)\DriverDoc\is-QLJLF.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-ABIS0.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-P7VEH.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-NL7RI.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-S10HD.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\Portuguese.ini	DriverPro.exe
File created	C:\Program Files (x86)\DriverDoc\Extra\is-5Q8RS.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Swedish.chm	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\unins000.dat	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-KH4LV.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-4L6UP.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Italian.chm	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\German.ini	DriverPro.exe
File created	C:\Program Files (x86)\DriverDoc\Extra\is-SJINM.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-1KE8N.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\Brazilian.ini	DriverPro.exe
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\Russian.ini	DriverPro.exe
File opened for modification	C:\Program Files (x86)\DriverDoc\sqlite3.dll	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\German.chm	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-7ENRA.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Dutch.chm	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Japanese.chm	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\English.ini	DriverPro.exe
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\Italian.ini	DriverPro.exe
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\DriverPro.exe	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-PRENN.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-8S1G0.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-F717D.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Danish.chm	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-34QAP.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-CDMC1.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-3F4OG.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-D3458.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-PC7HM.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\English.chm	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Finnish.chm	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-6DLMO.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-IRPVA.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\DOCSchedule.exe	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\is-2925D.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-B75E1.tmp	Setup_DriverDoc_2024.tmp
File opened for modification	C:\Program Files (x86)\DriverDoc\Extra\Norwegian.ini	DriverPro.exe
File opened for modification	C:\Program Files (x86)\DriverDoc\Russian.chm	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-EOB8F.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-G6I5C.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-H26FL.tmp	Setup_DriverDoc_2024.tmp
File created	C:\Program Files (x86)\DriverDoc\Extra\is-1HTNA.tmp	Setup_DriverDoc_2024.tmp

Executes dropped EXE 4 IoCs

pid	Process
1624	Setup_DriverDoc_2024.tmp
2972	DriverDoc.exe
4272	DriverDoc.exe
4264	DriverPro.exe

Loads dropped DLL 3 IoCs

pid	Process
2972	DriverDoc.exe
4272	DriverDoc.exe
4264	DriverPro.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Kills process with taskkill 4 IoCs

evasion

pid	Process
2788	taskkill.exe
3244	taskkill.exe
4772	taskkill.exe
4908	taskkill.exe

Suspicious behavior: EnumeratesProcesses 30 IoCs

pid	Process
1624	Setup_DriverDoc_2024.tmp
1624	Setup_DriverDoc_2024.tmp
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
2972	DriverDoc.exe
4264	DriverPro.exe
4264	DriverPro.exe
3792	msedge.exe
3792	msedge.exe
1400	msedge.exe
1400	msedge.exe
4180	identity_helper.exe
4180	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe

Suspicious use of AdjustPrivilegeToken 12 IoCs

description	pid	Process
Token: SeDebugPrivilege	2788	taskkill.exe
Token: SeDebugPrivilege	3244	taskkill.exe
Token: SeDebugPrivilege	4772	taskkill.exe
Token: SeDebugPrivilege	4908	taskkill.exe
Token: SeDebugPrivilege	2972	DriverDoc.exe
Token: SeIncreaseQuotaPrivilege	2972	DriverDoc.exe
Token: SeImpersonatePrivilege	2972	DriverDoc.exe
Token: SeLoadDriverPrivilege	2972	DriverDoc.exe
Token: SeDebugPrivilege	4272	DriverDoc.exe
Token: SeIncreaseQuotaPrivilege	4272	DriverDoc.exe
Token: SeImpersonatePrivilege	4272	DriverDoc.exe
Token: SeLoadDriverPrivilege	4272	DriverDoc.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1624	Setup_DriverDoc_2024.tmp
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe
1400	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 1624	2356	Setup_DriverDoc_2024.exe	86
PID 2356 wrote to memory of 1624	2356	Setup_DriverDoc_2024.exe	86
PID 2356 wrote to memory of 1624	2356	Setup_DriverDoc_2024.exe	86
PID 1624 wrote to memory of 2788	1624	Setup_DriverDoc_2024.tmp	89
PID 1624 wrote to memory of 2788	1624	Setup_DriverDoc_2024.tmp	89
PID 1624 wrote to memory of 2788	1624	Setup_DriverDoc_2024.tmp	89
PID 1624 wrote to memory of 3244	1624	Setup_DriverDoc_2024.tmp	92
PID 1624 wrote to memory of 3244	1624	Setup_DriverDoc_2024.tmp	92
PID 1624 wrote to memory of 3244	1624	Setup_DriverDoc_2024.tmp	92
PID 1624 wrote to memory of 4772	1624	Setup_DriverDoc_2024.tmp	94
PID 1624 wrote to memory of 4772	1624	Setup_DriverDoc_2024.tmp	94
PID 1624 wrote to memory of 4772	1624	Setup_DriverDoc_2024.tmp	94
PID 1624 wrote to memory of 4908	1624	Setup_DriverDoc_2024.tmp	96
PID 1624 wrote to memory of 4908	1624	Setup_DriverDoc_2024.tmp	96
PID 1624 wrote to memory of 4908	1624	Setup_DriverDoc_2024.tmp	96
PID 1624 wrote to memory of 2972	1624	Setup_DriverDoc_2024.tmp	100
PID 1624 wrote to memory of 2972	1624	Setup_DriverDoc_2024.tmp	100
PID 1624 wrote to memory of 2972	1624	Setup_DriverDoc_2024.tmp	100
PID 1624 wrote to memory of 4272	1624	Setup_DriverDoc_2024.tmp	101
PID 1624 wrote to memory of 4272	1624	Setup_DriverDoc_2024.tmp	101
PID 1624 wrote to memory of 4272	1624	Setup_DriverDoc_2024.tmp	101
PID 1624 wrote to memory of 4264	1624	Setup_DriverDoc_2024.tmp	102
PID 1624 wrote to memory of 4264	1624	Setup_DriverDoc_2024.tmp	102
PID 1624 wrote to memory of 4264	1624	Setup_DriverDoc_2024.tmp	102
PID 4272 wrote to memory of 2404	4272	DriverDoc.exe	105
PID 4272 wrote to memory of 2404	4272	DriverDoc.exe	105
PID 4272 wrote to memory of 2404	4272	DriverDoc.exe	105
PID 4272 wrote to memory of 3596	4272	DriverDoc.exe	104
PID 4272 wrote to memory of 3596	4272	DriverDoc.exe	104
PID 4272 wrote to memory of 3596	4272	DriverDoc.exe	104
PID 4272 wrote to memory of 1400	4272	DriverDoc.exe	108
PID 4272 wrote to memory of 1400	4272	DriverDoc.exe	108
PID 1400 wrote to memory of 4536	1400	msedge.exe	107
PID 1400 wrote to memory of 4536	1400	msedge.exe	107
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111
PID 1400 wrote to memory of 3908	1400	msedge.exe	111

C:\Users\Admin\AppData\Local\Temp\Setup_DriverDoc_2024.exe
"C:\Users\Admin\AppData\Local\Temp\Setup_DriverDoc_2024.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2356
- C:\Users\Admin\AppData\Local\Temp\is-5GNE9.tmp\Setup_DriverDoc_2024.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-5GNE9.tmp\Setup_DriverDoc_2024.tmp" /SL5="$110044,5347251,879104,C:\Users\Admin\AppData\Local\Temp\Setup_DriverDoc_2024.exe"
  2⤵
  - Checks computer location settings
  - Drops file in Program Files directory
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:1624
- - C:\Windows\SysWOW64\taskkill.exe
    "C:\Windows\System32\taskkill.exe" /f /im "DriverDoc.exe"
    3⤵
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:2788
- - C:\Windows\SysWOW64\taskkill.exe
    "C:\Windows\System32\taskkill.exe" /f /im "DriverPro.exe"
    3⤵
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:3244
- - C:\Windows\SysWOW64\taskkill.exe
    "C:\Windows\System32\taskkill.exe" /f /im "DOCSchedule.exe"
    3⤵
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:4772
- - C:\Windows\SysWOW64\taskkill.exe
    "C:\Windows\System32\taskkill.exe" /f /im "DOCTray.exe"
    3⤵
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:4908
- - C:\Program Files (x86)\DriverDoc\DriverDoc.exe
    "C:\Program Files (x86)\DriverDoc\DriverDoc.exe" /INSTALL
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:2972
- - C:\Program Files (x86)\DriverDoc\DriverDoc.exe
    "C:\Program Files (x86)\DriverDoc\DriverDoc.exe" /START /INSTALLED
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:4272
  - - C:\Windows\SysWOW64\schtasks.exe
      "C:\Windows\System32\schtasks.exe" /Delete /TN "DriverDoc Monitoring" /F
      4⤵
      PID:3596
  - - C:\Windows\SysWOW64\schtasks.exe
      "C:\Windows\System32\schtasks.exe" /Delete /TN "DriverDoc Schedule" /F
      4⤵
      PID:2404
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.solvusoft.com/en/driverdoc/install/
      4⤵
      Enumerates system info in registry
      Suspicious behavior: EnumeratesProcesses
      Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      Suspicious use of FindShellTrayWindow
      Suspicious use of SendNotifyMessage
      Suspicious use of WriteProcessMemory
      PID:1400
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8
        5⤵
        
        PID:3152
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:3792
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
        5⤵
        
        PID:3908
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
        5⤵
        
        PID:2464
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
        5⤵
        
        PID:4228
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
        5⤵
        
        PID:1712
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4160 /prefetch:1
        5⤵
        
        PID:2248
    - - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4868 /prefetch:8
        5⤵
        
        PID:3420
    - - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4868 /prefetch:8
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:4180
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4420 /prefetch:1
        5⤵
        
        PID:408
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4348 /prefetch:1
        5⤵
        
        PID:4276
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4340 /prefetch:1
        5⤵
        
        PID:4792
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
        5⤵
        
        PID:4216
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1944 /prefetch:1
        5⤵
        
        PID:4348
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5539335114839769456,15315139898677069382,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4440 /prefetch:1
        5⤵
        
        PID:3128
- - C:\Program Files (x86)\DriverDoc\Extra\DriverPro.exe
    "C:\Program Files (x86)\DriverDoc\Extra\DriverPro.exe"
    3⤵
    - Drops file in Program Files directory
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious behavior: EnumeratesProcesses
    PID:4264

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb4aed46f8,0x7ffb4aed4708,0x7ffb4aed4718
1⤵
PID:4536

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1468

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4860

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\DriverDoc\DriverDoc.exe

Filesize
6.9MB

MD5
593731ec5ad57f5556ba30fbfab0d715

SHA1
f1134e4ee01c4a38888193130ea5255f6a782685

SHA256
5a5c40820ef02808d9d3759d915d8f8ff52dc6a3fc2590584f4c36a9ad3c1de4

SHA512
8d28fcbe6f9b044648c730a189dc860e6fd6330fed4c60feb973b8f296358b83a1977ebe57fcfb22837cffd7a649d0f2d963b77982436e38b344d613c2b3df1f

Download Submit
C:\Program Files (x86)\DriverDoc\DriverDoc.exe

Filesize
6.9MB

MD5
593731ec5ad57f5556ba30fbfab0d715

SHA1
f1134e4ee01c4a38888193130ea5255f6a782685

SHA256
5a5c40820ef02808d9d3759d915d8f8ff52dc6a3fc2590584f4c36a9ad3c1de4

SHA512
8d28fcbe6f9b044648c730a189dc860e6fd6330fed4c60feb973b8f296358b83a1977ebe57fcfb22837cffd7a649d0f2d963b77982436e38b344d613c2b3df1f

Download Submit
C:\Program Files (x86)\DriverDoc\DriverDoc.exe

Filesize
6.9MB

MD5
593731ec5ad57f5556ba30fbfab0d715

SHA1
f1134e4ee01c4a38888193130ea5255f6a782685

SHA256
5a5c40820ef02808d9d3759d915d8f8ff52dc6a3fc2590584f4c36a9ad3c1de4

SHA512
8d28fcbe6f9b044648c730a189dc860e6fd6330fed4c60feb973b8f296358b83a1977ebe57fcfb22837cffd7a649d0f2d963b77982436e38b344d613c2b3df1f

Download Submit
C:\Program Files (x86)\DriverDoc\DriverDoc.exe

Filesize
6.9MB

MD5
593731ec5ad57f5556ba30fbfab0d715

SHA1
f1134e4ee01c4a38888193130ea5255f6a782685

SHA256
5a5c40820ef02808d9d3759d915d8f8ff52dc6a3fc2590584f4c36a9ad3c1de4

SHA512
8d28fcbe6f9b044648c730a189dc860e6fd6330fed4c60feb973b8f296358b83a1977ebe57fcfb22837cffd7a649d0f2d963b77982436e38b344d613c2b3df1f

Download Submit
C:\Program Files (x86)\DriverDoc\English.ini

Filesize
49KB

MD5
648ecf1406143431e9e7441a0e360e69

SHA1
97c6738339ac673d2aa8a4bb9d024f6d82f35dd4

SHA256
8389687dfb442db46dd861e2e9f9753c5aa206b177e3f139d854d9366a37fef3

SHA512
ebd86c1e5f6a671397705ab2f23449e73ef151fa02d34dbf8c8c6a6aeb9c9e7873c4dbdede18b0bd1e65ab26806c60c9d17337f9a16e23f571f86ca98be1cdd5

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Brazilian.ini

Filesize
12KB

MD5
b24c70f0951a902d62e97321ee12be9d

SHA1
759555b579c811eaa2bc123edbf49fa6fdc0ab72

SHA256
226b01c08d3cd2f0099c6138d97e4ec3096207e220d0203400c9dbeabdf1a446

SHA512
b521e94e80d4d97ce6bbc76e954ed3cacfe06fbe9408e8228a442e71c1672218033ba10191083a8dec90e8f5eed475b59c8ad9112c4648099bd1c51778260ee0

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Danish.ini

Filesize
12KB

MD5
c4e19798b19173eca54cc2f615a0b99e

SHA1
6638701c7b4991227e1f883414bcd1315b7b0864

SHA256
01539234b53ddc8ac82665ea18daeadd1edd2b4b918b21fa72f3848b6639a301

SHA512
4c976fc3282531d5ad32f5ec1f436378cf73f068c650c578e54b25cbe2911a4709bd14c46ebc74ef395afb771e8f8d9f28798b204d5f2a89589f8119ea7c8d20

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\DriverPro.exe

Filesize
4.9MB

MD5
5a1d85fb3c9062304547475d6bd383ed

SHA1
dc8722d155277e841ea9404beabb1c012c7eefc0

SHA256
de9a6adbda9378230f1a4caff8c23d208a0d19114dcec00391869a83e129787f

SHA512
681b4341548c34e2b7dce6731ef7cd35a2271ef482984e4f706b44c07962ee4673d5b2596020c2d2dd1f92867e7001ea84549ac517032f25b3e899313c758e3f

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Dutch.ini

Filesize
12KB

MD5
cba424ebfd76fbab92e4c611ebbc6bdf

SHA1
9678ae22d9585dd12d692522c30aebc5b92a2249

SHA256
6951d18ba89c4875983cce91305f802f0f690675d76fd14fa0cb0f792b0aaea3

SHA512
22967f3bdd097fa5ffa06945a69d5d39c26b9bd21892a19e9efa234b24349fed7d7e62187506c8d18475055041af15e9b3a877f56ac7eae29478253bc31cc8dc

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\English.ini

Filesize
11KB

MD5
2e509dd5f4217be553fbe379a0a90c23

SHA1
9dd8f007d11ad0f4cf30cbc555bb3cf36d4c2a02

SHA256
a1e376b66a11846fd448708b81a894d279032d0247bd5c0f79f606c945397162

SHA512
6c11872669e593d77dbcefc4a5bd5257c49329bfa8a5260fcb743855d5e7dcfeaf48a69bbe16b81057b049957fca263c7efca630a257fc5813edb687467063cf

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Finnish.ini

Filesize
12KB

MD5
d140f9ae6ca875d2f8bcec576bb2c203

SHA1
871cc1e85dde0d2b4bdab5566defbe8483348fcf

SHA256
39fca6cb75735a2bc2abe2b35ca94cde8da856955de641c165c7e1e1f8b5b516

SHA512
5815e0d2e5f9242f587d6d79679232c32a9279b25fde308763f210a4cf365430e76d259b714de0aed9904277b586380fbb04a057dd66ae143cca0eef1329362c

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\French.ini

Filesize
13KB

MD5
637686253a68504cc01fe055a25346f7

SHA1
59e36e5a2e71887acb4eac090e1cdb8d240379b1

SHA256
f008522a75e279cdb23489e24b4835ce6516cf2a669df705c072b23f311b7a3a

SHA512
16377b987a8ede42a379a39b641cf3a6c2dc11c454e9cc460808ab3dc8dab5c5782de26923ce524eaeaa5d389bfce5ba46561791424a65b08de2a69b71652fda

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\German.ini

Filesize
13KB

MD5
cae7b08264859d094eccbcd1686e4b58

SHA1
31e000b5f93a4af158e3211e9ef6ee24a43df6ed

SHA256
1cdef54fcbaf02d46fb31cee5738e2e1f9d5bcd89b58f49ef98c011329266e69

SHA512
31646eba2f4e4d312fafe191608c5fa963c4ed1753cc55340314c9c6142424b36d819f67bd9218ad41c2627c8289c5764a752ebc449d3e8e43aa5ab833631771

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Italian.ini

Filesize
12KB

MD5
49c62ebd53b8d40b961ab63d16d1b18c

SHA1
b002185abcc6f84fb272445a3579cfe96972e19a

SHA256
9f47adfacf4d1855d0de2b806149084cf6051de2b6de09692fbf17a93b149343

SHA512
7895f99d82f95cb3f6c0f91a0c283472205f052c81e8321cd01ebae20d94813a9139262815a0d4258bd719e4cba63e5a2ae9457902f10244affaebed33e72d24

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Japanese.ini

Filesize
15KB

MD5
4cc34523cefbe42b62cf1839c0f54663

SHA1
fdaa0ad16c693906978f7e1364b1c850869354bf

SHA256
94c1b8fc0bda3ba585e92b4ed812421bc6dea4da29b2321b1286d27615571b79

SHA512
c0ffb819229709cc3bc340c859330da8c5c91763fb5ccccbaed073ed282150dbcefd329fbab440e88dafe30c39e8055be0009113a1400d9170a6701ba63b2824

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Norwegian.ini

Filesize
11KB

MD5
3285372c3ad0355bd7eec8488f40629d

SHA1
48288694c5a5724e8c56339d675666d8476741aa

SHA256
2c402fd6e6aab9d8ffc93ca29f07fc55420a598ed1368ec2ad381cb4808195f2

SHA512
ea6bd5c5274deb99c4c70f29f17e324649139b5b47cc054a52a2e3b3c4f0e4b1fd80cd105fd32d0b3ab29af115cc09ced4c7f8529bd651f7a6d265dd3d00acab

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Polish.ini

Filesize
13KB

MD5
92bfc521b92d8ac30cb6fdb31ee37fb2

SHA1
14f04856f4a3661007fabb846b83499ebc34cdf7

SHA256
357ac44df2a8fa996a78061bc67531b8dd5d2770a3a4aa7ed1aad3c5c52e4050

SHA512
4dfc21cdaa3c00e93008ad55061bbb02d31504cec26271cb040356a1e04408fa766b12425aea0e91adb230fe0d231466de4392f0b48c1477b9f083e795ab9b66

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Portuguese.ini

Filesize
12KB

MD5
d8bd59eb5dcd48a976d2ae97c2edb6a3

SHA1
a03eea088611d0acb75aa0d02f14b7c1e5a24e32

SHA256
2cb3920f6b44c3c0915c4b7e8f5f24b9c4e3ea0932e14c8c0742fafd07a992e2

SHA512
74fca4cd378009775c0eef179ee1e0961591e5ab0b3551dbb91e858edca9437bb1d99f581ced11752adee2c2d8b9c6dfc4329d9a0fdeb0385c09ba1012ba8109

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Russian.ini

Filesize
21KB

MD5
b4b289047fd327d99e5809234174736b

SHA1
c9f2e45efa8ce22720f2dc49bc85764dee49025d

SHA256
eb0f8c2bfd6f0d3744e16ddd7db56590e5c9a4f1960b4ea9c2240f691b2504e4

SHA512
dccac50a017bb1482e7657f5b166f0316336d049ef446ecc26b1a3cd38ca7e90cbb713bdac3b59414f8e2800fd0b25d25d3ccd4641993213052329e272b96f9a

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Settings.ini

Filesize
73B

MD5
4dfd24933bec370032a0fde1452d9b14

SHA1
f3c3bc92eabe67c9072a0a29968322adad9489c2

SHA256
035c7dd8eef04f652d7d7b6b28c27ddb0b867502d088c1cba12319b5718fb1b6

SHA512
85ccd0c6cf38ee620b0a4a2289c4161fcb01fcd3546e1cf3ebfe83a087133972661e8b3854db5643caaadded1fcb3d621141a8f39490866d21b53b947f42d97f

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Spanish.ini

Filesize
12KB

MD5
3eb3ce7cb9d27f10c18ba319882cc7ed

SHA1
7e09a5a88f46570f0d95d19602f38379ae01742e

SHA256
419ef75a40cc8d0ae3ae7767bc87f9c967b0068afa8bb03cd67b697c00f40cea

SHA512
5ec29890eaf47e4ea91dc948811bd1f9dc7dac27b8b116a620b634baf8e33ee605a6e815da04df45478c1460f4cca371ae469f7e4093e12184e24a3a934ef059

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\Swedish.ini

Filesize
12KB

MD5
45b6b39f4009ef7a14dde07ceb42647a

SHA1
5372f2432e6a110ee2fff3b37e30a1443132f38f

SHA256
1388b135d43d916af79f2630308b7a28e010fb5e32205c70e796130c0828c7fb

SHA512
48936b2885b73c0c7841d237a78ad38b0c60f63cac5746e4da87342fbc3b234e7feb437e7456dcb5824c06d022e5351c237819231b3f0d013762c34a2c0844ec

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\sqlite3.dll

Filesize
633KB

MD5
094c675f4e0bfb27c2e77457cbcd9cc7

SHA1
9026248bd7802de39282653b0f56d68edfef30a1

SHA256
d3dd110c4d330332a37f06268013e4595705981bc74e577f946485416651b83b

SHA512
f1730b831df2805e10d78dc984e6e877e437de57cd20488ebfe48f92db8ced1889c369e70d17aee5eb366aa2c7baa14d426cf6c30324b527fa303b1bfccfe0a7

Download Submit
C:\Program Files (x86)\DriverDoc\Extra\sqlite3.dll

Filesize
633KB

MD5
094c675f4e0bfb27c2e77457cbcd9cc7

SHA1
9026248bd7802de39282653b0f56d68edfef30a1

SHA256
d3dd110c4d330332a37f06268013e4595705981bc74e577f946485416651b83b

SHA512
f1730b831df2805e10d78dc984e6e877e437de57cd20488ebfe48f92db8ced1889c369e70d17aee5eb366aa2c7baa14d426cf6c30324b527fa303b1bfccfe0a7

Download Submit
C:\Program Files (x86)\DriverDoc\sqlite3.dll

Filesize
633KB

MD5
094c675f4e0bfb27c2e77457cbcd9cc7

SHA1
9026248bd7802de39282653b0f56d68edfef30a1

SHA256
d3dd110c4d330332a37f06268013e4595705981bc74e577f946485416651b83b

SHA512
f1730b831df2805e10d78dc984e6e877e437de57cd20488ebfe48f92db8ced1889c369e70d17aee5eb366aa2c7baa14d426cf6c30324b527fa303b1bfccfe0a7

Download Submit
C:\Program Files (x86)\DriverDoc\sqlite3.dll

Filesize
633KB

MD5
094c675f4e0bfb27c2e77457cbcd9cc7

SHA1
9026248bd7802de39282653b0f56d68edfef30a1

SHA256
d3dd110c4d330332a37f06268013e4595705981bc74e577f946485416651b83b

SHA512
f1730b831df2805e10d78dc984e6e877e437de57cd20488ebfe48f92db8ced1889c369e70d17aee5eb366aa2c7baa14d426cf6c30324b527fa303b1bfccfe0a7

Download Submit
C:\Program Files (x86)\DriverDoc\sqlite3.dll

Filesize
633KB

MD5
094c675f4e0bfb27c2e77457cbcd9cc7

SHA1
9026248bd7802de39282653b0f56d68edfef30a1

SHA256
d3dd110c4d330332a37f06268013e4595705981bc74e577f946485416651b83b

SHA512
f1730b831df2805e10d78dc984e6e877e437de57cd20488ebfe48f92db8ced1889c369e70d17aee5eb366aa2c7baa14d426cf6c30324b527fa303b1bfccfe0a7

Download Submit
C:\Program Files (x86)\DriverDoc\sqlite3.dll

Filesize
633KB

MD5
094c675f4e0bfb27c2e77457cbcd9cc7

SHA1
9026248bd7802de39282653b0f56d68edfef30a1

SHA256
d3dd110c4d330332a37f06268013e4595705981bc74e577f946485416651b83b

SHA512
f1730b831df2805e10d78dc984e6e877e437de57cd20488ebfe48f92db8ced1889c369e70d17aee5eb366aa2c7baa14d426cf6c30324b527fa303b1bfccfe0a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
330c53ed8d8829bd4caf2c392a894f6b

SHA1
dc4f3eea00d78949be4aded712fcbfe85e6b06a5

SHA256
bbca8b0343812fb9db9b3c59655a18772c7c40bc77f497b89067a82d5e4ce8a5

SHA512
37674d84e4ea2079e8fe9bc45b0ea8fd93ffc8d206547835e4211046ad310ba3e5a397cf444b17a4322f9513cbd91bd92c0b106776b879cb0388ca9386ebd44d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4349864aff3ed22789eac4deb92d92d3

SHA1
c6b9ad9d2f4f58a270e8943fd9f24de56ca2eb44

SHA256
824f01a50adb6f407e0022e242aa8556e77371145074faebd6983b65f06de0c1

SHA512
86c652f2c5729d615ebbaa785844785ffa7785d131dfde120a68c8142dbe84353786773e1afd863e03588036af03ed59522b9aea7a4e189e1bfd8700b8fc8aec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
fd7e225bb9f179f3f5ded7003a4678cc

SHA1
b72e904846f27bb8e68e737f68da51edd6cf88d4

SHA256
c80ca0d0fbd66ac459bdda4e0abaed91abfa48f7be506def92c4c78879aae554

SHA512
f7617fb6bcbd571b75919392f0f74bb1b281b62f98a6b922166823e5228f9ff06b5f7f4f19cc20afcd1fb3f3db85d8838782ea94fe1fc4866b041c3f4c9bb05e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b21b36e19ac6d1d31bf7060d24ed98a1

SHA1
f0a37613641bb86850afbfefe8f23e65e5d6fa01

SHA256
2721177bf7ffc96c7132b49cebf7255587b59036f2d679940a1e1dd8fdac795e

SHA512
c613b5dd1e8e80d8d0eaf1a57bbbaa5776c48346bdbfa5028c4dcfabe31605013ce60b846be6179d1f377f6c2f5ac95babfe5cf94f27e535c31f0c97a1be25c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
4KB

MD5
4d12e1038588ce1c968660a33331e407

SHA1
3b75799e3b1993b1e6ce3388178b678409c13c68

SHA256
e67f9f24fb0267f61fa558cb85c97b838ac75c05ac2f0c41addf4aad540e426e

SHA512
8f7c285da36bf423638fed7f6e39155c37f0ea20329e189367dbb604fb506e861eda94c89db81a9a7e311ca948097d8ab573a377ff92ab80dd62ea042dca91a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
4KB

MD5
8df4addc61b91a60f8b88d6dbad1f3c6

SHA1
57a4a3f053984f12e096712a5888ad3eec5886dc

SHA256
beb3e718512c6b9f1d074c0d2cbd5ab3a35796dec9db68dd648265b7355ef7b1

SHA512
9e4434f7da687689e34c0799289ead43444a4cc18236008c6c8505c3388634521c927d597daa47fa4fe4f216ae35f5c20ac67a242098368665bdf332a0daefa3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
4KB

MD5
b4c67da613b9dc13859d56a5edec5290

SHA1
8e84a658792fa1e92d00ccc47c23a529d142e8de

SHA256
9ea5e09638a8975f301578f4c4661a63c535834ea16a98a34b82357950c2e32f

SHA512
4b127f443a1a3358d3c3b86af4d6b5c49c0f39e3377ee3ae8086adb18732dcad2ee9024595e688ecfe8baa329d978ecb68e6beb31eb53505b19bb179a9872484

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
4KB

MD5
c6ba3bbf3d89a241889de5bb9fd74a15

SHA1
f4b4171bb042cd040dfb3447dafa71be81f34bdf

SHA256
8236d6fc61f9ef0f678c790fe5a50359cfde0d1d784766664ede4324292960a4

SHA512
cd20fc1849196359c9341fb1c564436682e26bebd5bbdaeb10cb07b03b3946c1b7ff706dfdc28295a13fcb8bf71e3ce5d82bab68af3d222c76709e0b81dc028e

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-5GNE9.tmp\Setup_DriverDoc_2024.tmp

Filesize
3.1MB

MD5
d70a98daf7a810ee18ce451ec673e399

SHA1
274dff37313f3fbdf82dfc4afd94582359b79fee

SHA256
9621346beee2a257b1966b6dc3f1f850d54ae0746bf1718d35c966649ac9b340

SHA512
a246aa8979a7bc1a8ae6d1c5ac637939e7ab3380484cb78a3fc98fe9ceccb51cb5d6dfe787ece6bb1420450741c0734a049849dac7242679b8660e71acf00e60

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-5GNE9.tmp\Setup_DriverDoc_2024.tmp

Filesize
3.1MB

MD5
d70a98daf7a810ee18ce451ec673e399

SHA1
274dff37313f3fbdf82dfc4afd94582359b79fee

SHA256
9621346beee2a257b1966b6dc3f1f850d54ae0746bf1718d35c966649ac9b340

SHA512
a246aa8979a7bc1a8ae6d1c5ac637939e7ab3380484cb78a3fc98fe9ceccb51cb5d6dfe787ece6bb1420450741c0734a049849dac7242679b8660e71acf00e60

Download Submit
C:\Users\Admin\AppData\Roaming\DriverDoc\program.log

Filesize
2KB

MD5
f4153ff73cc7dc5443601949631dfab2

SHA1
8fcfa64c0f45188521a70cda5c2c35d841fafac3

SHA256
cf4d89d971ba77c820c7298248f2580b43c5eb8c6f32b7eca5f1db9491665b95

SHA512
bdad9936d1edffa7350c9f0bfba43fb3cee126c9250b6609862819ac2a6d76d929fedd66e481a9c4c64fd076ed201a2e986d26c8ea35c282c5096f1b26f09bb0

Download Submit
C:\Users\Admin\AppData\Roaming\DriverDoc\program.log

Filesize
5KB

MD5
2a5e0a8ac868a5a014b6ffef39fe10e7

SHA1
5bda1bcc91d4fba290e3d9ada1a213d4c00b4e94

SHA256
c3814009b1531bddc60c3ed8a329e868a8a8834d9eb065277ca5a95f4dcec34b

SHA512
6ec08bd4c3e77223d961156a67334283e5ee78ee7a2f57b1aa5d57099a4c067eca3c40c2be7f4039d0d15a8a4a16aea291b4f146b0b3c8dddef75cbf088f9c4f

Download Submit
memory/1624-13-0x0000000000D20000-0x0000000000D21000-memory.dmp

Filesize
4KB

Download
memory/1624-5-0x0000000000D20000-0x0000000000D21000-memory.dmp

Filesize
4KB

Download
memory/1624-10-0x0000000000400000-0x000000000071E000-memory.dmp

Filesize
3.1MB

Download
memory/1624-12-0x0000000000400000-0x000000000071E000-memory.dmp

Filesize
3.1MB

Download
memory/1624-207-0x0000000000400000-0x000000000071E000-memory.dmp

Filesize
3.1MB

Download
memory/1624-15-0x0000000000400000-0x000000000071E000-memory.dmp

Filesize
3.1MB

Download
memory/2356-9-0x0000000000400000-0x00000000004E4000-memory.dmp

Filesize
912KB

Download
memory/2356-209-0x0000000000400000-0x00000000004E4000-memory.dmp

Filesize
912KB

Download
memory/2356-0-0x0000000000400000-0x00000000004E4000-memory.dmp

Filesize
912KB

Download
memory/2972-155-0x0000000001820000-0x0000000001821000-memory.dmp

Filesize
4KB

Download
memory/2972-157-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/2972-158-0x0000000060900000-0x0000000060993000-memory.dmp

Filesize
588KB

Download
memory/4264-206-0x0000000000400000-0x00000000008F9000-memory.dmp

Filesize
5.0MB

Download
memory/4264-208-0x0000000060900000-0x0000000060993000-memory.dmp

Filesize
588KB

Download
memory/4264-202-0x00000000028F0000-0x00000000028F1000-memory.dmp

Filesize
4KB

Download
memory/4272-338-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/4272-346-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/4272-307-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/4272-309-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/4272-269-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/4272-330-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/4272-270-0x0000000060900000-0x0000000060993000-memory.dmp

Filesize
588KB

Download
memory/4272-306-0x0000000001920000-0x0000000001921000-memory.dmp

Filesize
4KB

Download
memory/4272-295-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/4272-163-0x0000000001920000-0x0000000001921000-memory.dmp

Filesize
4KB

Download
memory/4272-374-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/4272-376-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/4272-378-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download
memory/4272-380-0x0000000000C40000-0x0000000001333000-memory.dmp

Filesize
6.9MB

Download