3ec03e19c13b02605fd575e0cd04f7e350946101a209f58378dd87b963a6714d

Analysis

max time kernel
121s
max time network
154s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
18/01/2024, 00:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

GIGABYTE Control Center_2023_Oct_release_All_Setup_B23102301.exe
Size

708.1MB
MD5

f281789630f263a875a83228f24f592a
SHA1

20f37aac4195888ab4e8aa9e43c1fe180e9f0873
SHA256

3ec03e19c13b02605fd575e0cd04f7e350946101a209f58378dd87b963a6714d
SHA512

b6e51e9130ddbf241fe54c3e7af27e0b53dd7f18a3d04ff86866bf1ab31088c821ac648443a368dc9eb239038d449aabaf36d102ad6367cd86cffe1440509cb8
SSDEEP

12582912:4Ug0zGgCUoBxuDJtpauOKh4xMVRDqzXCKnhOLA8Aqhi/CTtPxME/UvlB4ywo3397:z0gWuDJtIuKoqzJnhOLxAaoCxpMwIBH3

Score

7^/10

discovery persistence

Malware Config

Signatures

Executes dropped EXE 4 IoCs

pid	Process
2544	InstUpd.exe
2784	GBT_RGB_Sync_Control_23.10.27.01.exe
980	GIGABYTE Control Center_23.10.23.01.exe
1304	GCC.exe

Loads dropped DLL 8 IoCs

pid	Process
2336	GIGABYTE Control Center_2023_Oct_release_All_Setup_B23102301.exe
2784	GBT_RGB_Sync_Control_23.10.27.01.exe
2784	GBT_RGB_Sync_Control_23.10.27.01.exe
980	GIGABYTE Control Center_23.10.23.01.exe
980	GIGABYTE Control Center_23.10.23.01.exe
980	GIGABYTE Control Center_23.10.23.01.exe
980	GIGABYTE Control Center_23.10.23.01.exe
980	GIGABYTE Control Center_23.10.23.01.exe

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\GCC = "C:\\Program Files\\GIGABYTE\\Control Center\\GCC.exe"	GIGABYTE Control Center_23.10.23.01.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 56 IoCs

description	ioc	Process
File created	C:\Program Files\GIGABYTE\Control Center\Lib\GBT_RGB_Sync_Control\uninst.exe	GBT_RGB_Sync_Control_23.10.27.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\FileDropLib.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\GBT_Comm_Fun.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Uninstall_Package.exe	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\GBT_RGB_Sync_Control\RGB_Sync_Pattern.dll	GBT_RGB_Sync_Control_23.10.27.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\UIEffect.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Device.ini	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\WindowsFirewallHelper.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\Update_Center\FlashBios.exe	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\RgbCommon.dll	GBT_RGB_Sync_Control_23.10.27.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\Update_Center\dmLib.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\EULA\GigabyteEULA-zh-CN.txt	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\Color_Setting_Usercontrol.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\runtimes\win-x64\native\WebView2Loader.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\sp.xml	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\Update_Center\YccDrvv3.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\MB.CPNT.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\Pattern_Args_Usercontrol.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\GHidApi.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Search_Device_Lib.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\license.txt	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\CalssMapJson.txt	GIGABYTE Control Center_23.10.23.01.exe
File opened for modification	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\RGBFI.dll	GIGABYTE Control Center_23.10.23.01.exe
File opened for modification	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\RgbCommon.dll	GIGABYTE Control Center_23.10.23.01.exe
File opened for modification	C:\Program Files\GIGABYTE\Control Center\GIGABYTE Control Center.url	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\GvLoader.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\Pattern_But_Usercontrol.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\GBT_RGB_Sync_Control\GBT_RGB_Sync_Control.dll	GBT_RGB_Sync_Control_23.10.27.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\SMBCtrl.dll	GBT_RGB_Sync_Control_23.10.27.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\usdata1.xml	GBT_RGB_Sync_Control_23.10.27.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\GCC_Main_COMM_Fun.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Install_info.xml	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\GCC.CommonResources.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\EULA\GigabyteEULA-en-US.txt	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\GCC.exe	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Microsoft.Web.WebView2.Core.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Microsoft.Web.WebView2.Wpf.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\Gigabyte.IC.Profile.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\HTTP_LIB.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\rgbcfg.xml	GBT_RGB_Sync_Control_23.10.27.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Microsoft.Web.WebView2.WinForms.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\SMBCtrl.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\Update_Center\Flash.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\sp.xml	GBT_RGB_Sync_Control_23.10.27.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\GCC.exe.config	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\YccDrvv3.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\Update_Center\Update_Center.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\ExtLIB_Loader_Lib.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\uninst.exe	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\Update_Center\FBIOS.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\GBT_Comm_Fun.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\RGBFI.dll	GBT_RGB_Sync_Control_23.10.27.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Microsoft.Win32.TaskScheduler.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\Newtonsoft.Json.dll	GIGABYTE Control Center_23.10.23.01.exe
File created	C:\Program Files\GIGABYTE\Control Center\EULA\GigabyteEULA-zh-TW.txt	GIGABYTE Control Center_23.10.23.01.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies system certificate store 2 TTPs 2 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436	InstUpd.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 04000000010000001000000079e4a9840d7d3a96d7c04fe2434c892e0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde	InstUpd.exe

Runs net.exe

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
2544	InstUpd.exe
2544	InstUpd.exe
2544	InstUpd.exe
2544	InstUpd.exe
1304	GCC.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	2544	InstUpd.exe
Token: SeDebugPrivilege	1304	GCC.exe

Suspicious use of WriteProcessMemory 30 IoCs

description	pid	Process	procid_target
PID 2336 wrote to memory of 2544	2336	GIGABYTE Control Center_2023_Oct_release_All_Setup_B23102301.exe	30
PID 2336 wrote to memory of 2544	2336	GIGABYTE Control Center_2023_Oct_release_All_Setup_B23102301.exe	30
PID 2336 wrote to memory of 2544	2336	GIGABYTE Control Center_2023_Oct_release_All_Setup_B23102301.exe	30
PID 2336 wrote to memory of 2544	2336	GIGABYTE Control Center_2023_Oct_release_All_Setup_B23102301.exe	30
PID 2544 wrote to memory of 2784	2544	InstUpd.exe	32
PID 2544 wrote to memory of 2784	2544	InstUpd.exe	32
PID 2544 wrote to memory of 2784	2544	InstUpd.exe	32
PID 2544 wrote to memory of 2784	2544	InstUpd.exe	32
PID 2544 wrote to memory of 2784	2544	InstUpd.exe	32
PID 2544 wrote to memory of 2784	2544	InstUpd.exe	32
PID 2544 wrote to memory of 2784	2544	InstUpd.exe	32
PID 2544 wrote to memory of 980	2544	InstUpd.exe	33
PID 2544 wrote to memory of 980	2544	InstUpd.exe	33
PID 2544 wrote to memory of 980	2544	InstUpd.exe	33
PID 2544 wrote to memory of 980	2544	InstUpd.exe	33
PID 2544 wrote to memory of 980	2544	InstUpd.exe	33
PID 2544 wrote to memory of 980	2544	InstUpd.exe	33
PID 2544 wrote to memory of 980	2544	InstUpd.exe	33
PID 2544 wrote to memory of 1304	2544	InstUpd.exe	34
PID 2544 wrote to memory of 1304	2544	InstUpd.exe	34
PID 2544 wrote to memory of 1304	2544	InstUpd.exe	34
PID 1304 wrote to memory of 596	1304	GCC.exe	37
PID 1304 wrote to memory of 596	1304	GCC.exe	37
PID 1304 wrote to memory of 596	1304	GCC.exe	37
PID 596 wrote to memory of 1300	596	net.exe	38
PID 596 wrote to memory of 1300	596	net.exe	38
PID 596 wrote to memory of 1300	596	net.exe	38
PID 1304 wrote to memory of 1708	1304	GCC.exe	39
PID 1304 wrote to memory of 1708	1304	GCC.exe	39
PID 1304 wrote to memory of 1708	1304	GCC.exe	39

C:\Users\Admin\AppData\Local\Temp\GIGABYTE Control Center_2023_Oct_release_All_Setup_B23102301.exe
"C:\Users\Admin\AppData\Local\Temp\GIGABYTE Control Center_2023_Oct_release_All_Setup_B23102301.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2336
- C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\InstUpd.exe
  .\InstUpd.exe
  2⤵
  - Executes dropped EXE
  - Modifies system certificate store
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:2544
- - C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GBT_RGB_Sync_Control_23.10.27.01.exe
    "C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GBT_RGB_Sync_Control_23.10.27.01.exe" /S
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Drops file in Program Files directory
    PID:2784
- - C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GIGABYTE Control Center_23.10.23.01.exe
    "C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GIGABYTE Control Center_23.10.23.01.exe" /S
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Adds Run key to start application
    - Drops file in Program Files directory
    PID:980
- - C:\Program Files\GIGABYTE\Control Center\GCC.exe
    "C:\Program Files\GIGABYTE\Control Center\GCC.exe" -u
    3⤵
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:1304
  - - C:\Windows\system32\net.exe
      "net.exe" user
      4⤵
      Suspicious use of WriteProcessMemory
      PID:596
    - - C:\Windows\system32\net1.exe
        
        C:\Windows\system32\net1 user
        5⤵
        
        PID:1300
  - - C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1304 -s 996
      4⤵
      PID:1708

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\GIGABYTE\Control Center\ExtLIB_Loader_Lib.dll

Filesize
37KB

MD5
b7d743cbe1888c426d7dc09be70fb415

SHA1
875473bbedd1ee1bbf1f808718092419b474b0bb

SHA256
cdfc9f15dcf40075ee91119380ec228f01ebd80498201f55421b3625b481c1ad

SHA512
95df421f1e436920efaaa754fac8ba78a1fde8357eb161d1486f5e4b61773cb773cac74dda1e8137f168eeedd344dbf4da1a2de6ade4125f8023c9119f7f13b0

Download Submit
C:\Program Files\GIGABYTE\Control Center\FileDropLib.dll

Filesize
150KB

MD5
4322bf3792a790116ff8ee711ce6d94a

SHA1
df25481d26dde9f92651c632ad55a880490cdfc8

SHA256
5fa22ac26dca1c768529c26b2af4b55648aeef07cd70f5915ffb3ab5d086702d

SHA512
9842d270e618cb6ebc0a244d1d71ed1c85ce56e4f4453195dab6e2e215ecc2ebcc2abc54ef3e89f6357c464ad3589b83c1041ee2789c712b8ab5a2b767bb876c

Download Submit
C:\Program Files\GIGABYTE\Control Center\GBT_Comm_Fun.dll

Filesize
28KB

MD5
7807242e2ed7c4c8e22b7446843ae71e

SHA1
326548346d14f3f3e48aa9ee446cb38f93460135

SHA256
3b2bc8a0cd0c1ad2005e329041cf7dea271580c81e15c11bd57a3fc92c8cbb8d

SHA512
17c224097c5f1a6c075531a316fe8ff665154e8669f9ca769f0d378c11b874b052bf8899932f3d929de1296ce238a8b3168410f282ab4d4655edc1b3e6c56bc2

Download Submit
C:\Program Files\GIGABYTE\Control Center\GCC.exe

Filesize
392KB

MD5
8fcb06e0484f7751f6e319162c5fd233

SHA1
a3928f01380c20620706182050477b12a69a0822

SHA256
f6f907837350de5d8682fda1bbb2c6364ac6b18d8439fda3b518871df01ef096

SHA512
39ae32569304b6f50a25fd417dbaa5ed0c4f16b237ba1ecd813bc88ef84eb5572bae840141f50f6160f0fb1eb09118ea8dd8ab4165adc3eb9737269433480785

Download Submit
C:\Program Files\GIGABYTE\Control Center\GCC.exe

Filesize
335KB

MD5
de856917b9e3d110a47a70fdc0f60345

SHA1
573e29a2a546983b03b101680fb80b0c6a7166aa

SHA256
0f23045c6e93b73372269d1785a9ae26384918e16e2569ed341c08a825b1424c

SHA512
22be6cc5013df9c38c76c3c732f346c07df6ae5bda4a00e7cb8332ecdf420d8fdb2bf87a793c53bfbe1ebdf41ed90f9412717c8e3d19edab954c37e5ea00ef1e

Download Submit
C:\Program Files\GIGABYTE\Control Center\GCC.exe

Filesize
344KB

MD5
7b493b1b1dd6f5257011eb85d947bf86

SHA1
91ec50d4694a07ab2c367df9b7f89b8d19310f00

SHA256
80ca0c5b11207a56d7370873612554a7e62448dede0685b21425f1bc1df2f609

SHA512
e997c1fe39850696aec128424895712e9c30ffa728937284c00e5cfc6ba006adf0613880cbb79d8ed0dbddf37cae9ad0d93d0416b08b2ca5a73dae63ae9fca7d

Download Submit
C:\Program Files\GIGABYTE\Control Center\GCC.exe.config

Filesize
547B

MD5
7b30cdcb95f60ae4be2c8edbf54d2d83

SHA1
2bad8ca8b41576ed29395cf5659e6f3994028f7b

SHA256
402af8214615de549ca42d3c44f74f0c030cb9e66fe3cdcd53f2af06f7c7af04

SHA512
ee4850cc46ff2318b71f6dd35ff4ce77b33bc40081b00903c2dc5634353f59aeb6301805ab401002e052559fe801236967ad1d2639483f8cffb845cb1aed839a

Download Submit
C:\Program Files\GIGABYTE\Control Center\GCC_Main_COMM_Fun.dll

Filesize
38KB

MD5
5c56f23948de89f42110c80bf9fb3bff

SHA1
20e7563fd4aeaa1aa0789fb54e0ad744350d6200

SHA256
e53ff542878e2e3c615eaa27c2c86cf67dd0ac92a0443e48d1c0d28b7e2e15ec

SHA512
82b7dd26784b101fa8727bb039885f09d2877aa03bf7f0429695f0cb88cc91cd63e67926773f0281bd6c12542c699fecf06bbff4c73d24690250d7e1df04a213

Download Submit
C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\GCC.CommonResources.dll

Filesize
1KB

MD5
2b3f747c429297d27e7c1762d354682b

SHA1
fc7cc388659cf9659b415ab7e7e356c273c25062

SHA256
f1a51af0c13876f08d7d51de75ef08c0fdb639cd39046bfaf5ea11d06f340986

SHA512
1716fec5fb9565ad4f9a0734d7172a7517cb9e558f5686bba5457e05fb8e2c69a657a90f1b8e5ba438cf9f1d49110d984f27592aeccc0e61c353416663139f43

Download Submit
C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\RGBFI.dll

Filesize
20KB

MD5
d275d23a6e0c7db400c4772aa8f12a4f

SHA1
5c420eafcf60285f633fdbf5033bbf4e843529c6

SHA256
20dc58b32028bd6e0b8374412260f6ff7ca6a8dda23c00a73e8b1be850d24976

SHA512
dafcb5457fdb03f796b10116a685e0e1c602fdb48234ee7bdf380f66d252481ea3a6619d40e8529111129b6c3a3e5560c80ba71fbb51ec3be808a2f3274006cd

Download Submit
C:\Program Files\GIGABYTE\Control Center\Lib\COMMDLL\RgbCommon.dll

Filesize
31KB

MD5
99cfe72a270e3135b556ca80b6ee46c3

SHA1
468d7bf557e1238a3c12fccfcd585c42e43b3dd5

SHA256
276c4b615fde8a40ef7cb5b4c81799f76bf61f4bc19c286addaef023f326d1cf

SHA512
fda2e4ce970cde379d88e3dd27c3eaeefa21692370e8953e9559c564fc68eeaa1c3332ae214e1d1ae390ebf94b38b5e0186286df4e1da639876493012cbdca20

Download Submit
C:\Program Files\GIGABYTE\Control Center\Search_Device_Lib.dll

Filesize
38KB

MD5
c64279435e7d7c9dfa62c1eda1aacd4a

SHA1
3ce73c3d431da30a2fc221823ac76406aea893e5

SHA256
979d25df4095d1fd4e04eff944f857b7b4bb2696605523e5ea88df522fb679c4

SHA512
875306aae4658205725b07de7aebf287a61b8568689f2b64f223c0d978636112b41352a6d0247859809cff286af9081d08a47fe6e8de0e36d942fa946b8be705

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\CalssMapJson.txt

Filesize
7KB

MD5
827a861dd8d6d21494cc9472c6da13f4

SHA1
c198d3aa09c95c72a64222d30e3f65377941a40d

SHA256
65d67cd3a8f6e0a93fd36e7cb89a6c9eb87f007db2ca41b7925507d84d24b97c

SHA512
cd3d191cba94d9b664d4a3f10dea7a154bc59038b72f2fc29c464f01436c1ee628c56d9411a46d78b93063811cf72c7a988376fad2f78d83392fc484d00d54a7

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\Device.ini

Filesize
54KB

MD5
f9afb93c1031a2d21e209cb07b44ea06

SHA1
c418014f3425c2b7cf052fda37efb8c015dc092d

SHA256
e0bb5a3b4dede7eac4ef562f673a5c50e6cd8540335060797841166e34e89494

SHA512
4888a2a7a1b41736dae52c7c0932403714afa5413e22223a6e942e6d1ef247d3249c9bfd30fea7659126a6dff08f924c399a19659893843732ae2b6fd4146926

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\ExtLIB_Loader_Lib.dll

Filesize
37KB

MD5
54b72210b4a8997e3ee2a0db22640672

SHA1
9a401e72fe5df405288aedaf1df22b26e35814db

SHA256
32cc3c75f185942dff71d8dc5da773e0a693bdbbe28900b17d988d2cf0c714c1

SHA512
64acce922276c5376f6a17afe72ef952aa2f9816c1104706d3ee2a2584dee99ebe62fefe8f033c6ebd39254c67a77cc59a5d69cbcc2c2a5af8007968ae7a1d67

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GBT_Comm_Fun.dll

Filesize
28KB

MD5
0297b036684b0a26c1c0db98c679e229

SHA1
b4298a817fb0e8abbe29f7c025a8be82c5fd7b0b

SHA256
7527b7e3316ad7319926ee647e67cdcf81ee791027174d76c235991fa5089532

SHA512
cf6d3805852bd279440c9032dac9ee650debfb7834a68b6d51c3606cadf384655403fd1572e15570675a50be4009460bf97dc0b134ca8e092f8ecb2c64602731

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GBT_RGB_Sync_Control_23.10.27.01.exe

Filesize
1.6MB

MD5
e60f457f3e711c27ec1e2cb1edb226a4

SHA1
a77a2273d6bd8817caf4d41a49692cc59d876eab

SHA256
24c123ed00e975fd031e2b454d2befdc5aeccd5eb2b06e0c590004a615a3a959

SHA512
48b9442c8b53d7820d4242e73b377b78d305ce1f166df9251de461f86090be76e65f695ae4d55e491ccbd9bf1c3bca0bdcc3c75fcc20258fe354c4687a4cce11

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GBT_RGB_Sync_Control_23.10.27.01.exe

Filesize
690KB

MD5
920a0e985a928a55069db97e51f20fe0

SHA1
556e3c23b95b964959cb3ebb28c52447cdfa1a8f

SHA256
79bf2df6a155b3685169cb3324bdb6fcc829d9f3162065f2090ab4a245e55716

SHA512
05f2f220cafd0be5a104a38c53265766f254d5ad3ad54b54c2d75497fe84f2b245dd14d9760262b1a80d393b73526914daff1d3b349b57a4092721eb1448b98e

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GCC_Main_COMM_Fun.dll

Filesize
38KB

MD5
465c0ad1b0c8bd7711023528458a4bd3

SHA1
ab3b19e2827e1d6c53b47b1f44fa62f89c6cf355

SHA256
370a25bf31426fe803dab113b0d1238c7074e69d6ab33d447e7995b54066bd01

SHA512
ba5c1a42bab5d6513bec8e71d511a3c97ada6b8ba36e9b609b1213250e23e6e1921f40b8019d16976c8df6ec46f2c8534970aa0a0d372003819ac75f13ce798f

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GIGABYTE Control Center_23.10.23.01.exe

Filesize
1.0MB

MD5
2ef65e6c8aba31c800af1fe2eef95f23

SHA1
8e84c65f14da9b5587b78af9d5f3a1906d072157

SHA256
78455c3a87aebc9a727f611f3bb65a2d266d6dc8390297d2183045153e78f4fd

SHA512
317bd3e153fe8dc1091b6bbc8c52d93aec17b422740ff039c63b9e0798f08d0fe45b14c35ad2902c10e4db75420a66d0cfe73e5b1234b6db7f99730fff18c16c

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GIGABYTE Control Center_23.10.23.01.exe

Filesize
1.1MB

MD5
ad1c2f9d631c255d247ac9ef5c8a098b

SHA1
2e4001f30fb3f613c608f26e13a6bb2325510ca0

SHA256
7538ae56fe10000298771681766d605301aa5a0ad3fa9c30cd819703b734e3ac

SHA512
a393b9ca443540d8365aab76931c24cecfe4173dbeb6a8f06b7674bf37ea132f28b63c06a385c1f31f4c5104848e0ba11d6fe9bf52166b0286ca5997071d85e8

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GvLoader.dll

Filesize
28KB

MD5
447a69e915a1183fd77662954cc32161

SHA1
82799153c4bea0a8927d6a1151ef6beb0bd59c70

SHA256
1d8363281f08c4c2142d0fedd599028229030383a8648f486a91bbaa57c179dc

SHA512
468d31e87790dfbc24febed131af1f5908c4d498443506e520cfe53f3f8581930f407721f9abf09ce1a78baf09dd2bba3921d0611971ce2d29c2f02f427b9b89

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\InstUpd.exe

Filesize
985KB

MD5
367e4282460460305d20d41bbfd12c7f

SHA1
17e73607305da0cb5338d6344bf2ddb26207baea

SHA256
d424e86108cae92119caa54fc91d7a00e833d5ab35355eb6b6e1409e349a2b60

SHA512
603801247cc19fab286e2899d10de260be64c008fda48c20c515a1c492d90a13c50191d92a6448e4c8db16c8e49e6688242a56e0a3180abd2b1a4c6bf0206927

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\Install_info.xml

Filesize
2KB

MD5
0a7da338dcd4304d7514a1f6ce3d201c

SHA1
7f6acb9c8aaf80b4286b6a061d3c2ef2ae4d5d2e

SHA256
47f48a7f82b722812f33de27b93804c2e631ced36ee4f83c006b2442260beff7

SHA512
a8ebaf93d23ad3e3a03b780a37190b3f7159831c726d5c7a6365b28b68fefbafec19bd780a6af089d15f119635935b2fa162d83a3d2d84e5f0a539e7b504d18b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\Search_Device_Lib.dll

Filesize
38KB

MD5
0a806f25521f38b193f552d892c0ba1b

SHA1
e837dcf9439656a29c04b3360a8b023219d4cee5

SHA256
32c650ecfedf2deba0c7cd9055b93d31a5443038e9e5f17e2502b6eebf17891c

SHA512
11f9bc79845052f0ff7b64e2bfe990cee6d30dc4db349c1ad7b43badcb4f8dd4438d3a33c42993a2d57a06b65f96a3aa7383a3cd2d917e90178a25f7ac41edd7

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\WindowsFirewallHelper.dll

Filesize
206KB

MD5
bb84f2ac7fa1cb99b3fbd8fde30ca9e3

SHA1
432fdb03faffdf3acd3f547c4c491421d1877987

SHA256
c02ba1869988a1d70927c11455cb3ff6afde18f0798e64ac1125825994248002

SHA512
9b44c35fb250a57cf7ddd0e258dffdc67cdfb2a9e9ec38eb0283451565203c50faa3c974367b25b1917cc87ae00699aac59638f18985ce0fc61d3ad3c19dd77f

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSB922.tmp\ver2.ini

Filesize
1KB

MD5
0c425f5a4d6183f5e90ac7eb0d61ff38

SHA1
0beeec2815765e26d39ced394838e22bb8f7badb

SHA256
83b67e7815a304ca7843e2a8e8e337dad9513568a272b49c93e02459fbe91796

SHA512
6d68e96482a819d4fb524a25348dc54c5ba8547c1fa0492b6bfb1e7da00b6056884f663ae0f72875d2432a7c1d14567885312938d8ebc1aa855d4caf391e7fe9

Download Submit
\Program Files\GIGABYTE\Control Center\GCC.exe

Filesize
578KB

MD5
34118b654f94f491924e77593148c0db

SHA1
91b6d4e207cc923fc860d6018c9dd670155e808a

SHA256
9d29ee42ed306fd0911f3e2a9f2ca3970e7e8c3a5206e9fb761b742c42e74dab

SHA512
53d7293d587fdd0e53732b8cf0681c6756fcd202887a70437e81df1accdb5ea073313c35db9fb086abdb067fcb533d6d386fb14674be6aeaabdde7c07d4e7077

Download Submit
\Program Files\GIGABYTE\Control Center\GCC.exe

Filesize
453KB

MD5
9a26b898f890b02414f92241c5c5c407

SHA1
cdf1429d088211c88ea87ebeaf1ed89fc66dc98d

SHA256
d173c88fdb0702ab31e9e29df252138a71fd7d396e30584502008ddf9a71dd86

SHA512
ca83f57b0a14d839ea210c701d8dd15cb061732ceeba4fbba88ea877bc30f76c77c660583bf599e8c2e36d27455c57c3ecd1895564461b31df9f7b0b4cbf50ae

Download Submit
\Program Files\GIGABYTE\Control Center\uninst.exe

Filesize
72KB

MD5
f7ef729bbd84491919e22acfcae2ca6c

SHA1
0678012af7100338230715aad70ae381ea37d806

SHA256
e35e745d43149a032ddeec5c8cab2b10d346ff31ed3b4c627b828d4ea1e7b843

SHA512
9b3d1ae23f5ffb5be24bc1cca73dd75256d3fa3484bcb712956aab3dea3cf28615a855c550e3f4e4c6a5565952aea36eb86677fd8bcef2ffb1237b08124cc542

Download Submit
\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GBT_RGB_Sync_Control_23.10.27.01.exe

Filesize
1.1MB

MD5
6532082b725c55e6c185e283d1eb79f2

SHA1
57a65a42c3f6a11ae9d5741743313dac473c1ac0

SHA256
15ba2086ab1529047bad8d7cfd9d4dbb82af58561029f8d82d5cc706225c9b68

SHA512
625499dbac99dd68a65360be7b84a03b52c6f8482dc6f1cbd9b77cdc807427e51abf354e6fb925a886f9d57aef8beb6fe3af11f2e0cf52b017712998b357b342

Download Submit
\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GBT_RGB_Sync_Control_23.10.27.01.exe

Filesize
917KB

MD5
9a2c47fb4e6b45aa4f9fa2caceb34716

SHA1
414533173e9d63bb89340c9ba60a3ba69d1396ab

SHA256
9113cc36367727b0e67af392e6067eb0e7d7df7703d9a1ac03492107075f3032

SHA512
88e9cdc260aa5ffedf8a18b37763dd533444bedda5c4d040a95bfe8876615c0736e834ec6fa5ddb85996e361bd6a4718c04b66091ed0a32f4c486f68c20ccc52

Download Submit
\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GIGABYTE Control Center_23.10.23.01.exe

Filesize
1.2MB

MD5
7f6e3f66df15cff99258d00c62c666f3

SHA1
de6553337e022fa8bad293a08fd0459e5aa64dda

SHA256
4af6fccc0a9edd1d701123319df5ddd1829c5c04e86580ab76440e5de0fed66f

SHA512
40e64a09c3760284e98ebbb89d5e1322ddcb2999c08b74d94a24b50f1c180f8eb02e364be6fbe69457bc77aa83923ffc6eee2847fe858b8b05cbea357423993f

Download Submit
\Users\Admin\AppData\Local\Temp\7zSB922.tmp\GIGABYTE Control Center_23.10.23.01.exe

Filesize
1.1MB

MD5
373f36e792ed2f6dfa0cf51541765acb

SHA1
907d4d5870831f8c830da6b1b943dbc91977aaaf

SHA256
021f8640a36965f3513ddd64842fc7ccd651e94764774d6ad75b0a17f29869ac

SHA512
2405cc4795b4bdc37b7c51786eda7d4ecee21d8bb730247dd11107b3de4ffc31ad5fd39c7801298a06dc2c88b9dc4da147b28026a9b7198248e62d3467d73e4b

Download Submit
memory/1304-223-0x0000000000D00000-0x0000000000D6E000-memory.dmp

Filesize
440KB

Download
memory/1304-224-0x00000000003B0000-0x00000000003BA000-memory.dmp

Filesize
40KB

Download
memory/1304-231-0x000007FEF59C0000-0x000007FEF63AC000-memory.dmp

Filesize
9.9MB

Download
memory/1304-232-0x00000000003B0000-0x00000000003B2000-memory.dmp

Filesize
8KB

Download
memory/1304-230-0x00000000003B0000-0x00000000003BA000-memory.dmp

Filesize
40KB

Download
memory/1304-229-0x000000001D3A0000-0x000000001D420000-memory.dmp

Filesize
512KB

Download
memory/1304-227-0x000007FEF59C0000-0x000007FEF63AC000-memory.dmp

Filesize
9.9MB

Download
memory/1304-228-0x000000001D3A0000-0x000000001D420000-memory.dmp

Filesize
512KB

Download
memory/1304-208-0x000007FEF59C0000-0x000007FEF63AC000-memory.dmp

Filesize
9.9MB

Download
memory/1304-226-0x000000001DE70000-0x000000001E0DC000-memory.dmp

Filesize
2.4MB

Download
memory/1304-212-0x000000001D3A0000-0x000000001D420000-memory.dmp

Filesize
512KB

Download
memory/1304-221-0x0000000000390000-0x000000000039E000-memory.dmp

Filesize
56KB

Download
memory/1304-211-0x0000000000D90000-0x0000000002F2A000-memory.dmp

Filesize
33.6MB

Download
memory/1304-219-0x0000000000170000-0x000000000017C000-memory.dmp

Filesize
48KB

Download
memory/1304-214-0x0000000000150000-0x000000000015E000-memory.dmp

Filesize
56KB

Download
memory/1304-215-0x000000001D3A0000-0x000000001D420000-memory.dmp

Filesize
512KB

Download
memory/1304-217-0x0000000000160000-0x000000000016E000-memory.dmp

Filesize
56KB

Download
memory/2544-90-0x000000001A770000-0x000000001A77A000-memory.dmp

Filesize
40KB

Download
memory/2544-70-0x00000000002A0000-0x0000000000398000-memory.dmp

Filesize
992KB

Download
memory/2544-112-0x000007FEF59C0000-0x000007FEF63AC000-memory.dmp

Filesize
9.9MB

Download
memory/2544-75-0x000000001AF20000-0x000000001AFA0000-memory.dmp

Filesize
512KB

Download
memory/2544-72-0x000000001AF20000-0x000000001AFA0000-memory.dmp

Filesize
512KB

Download
memory/2544-86-0x0000000002150000-0x000000000215E000-memory.dmp

Filesize
56KB

Download
memory/2544-71-0x000007FEF59C0000-0x000007FEF63AC000-memory.dmp

Filesize
9.9MB

Download
memory/2544-73-0x0000000000270000-0x000000000027A000-memory.dmp

Filesize
40KB

Download
memory/2544-88-0x000000001A750000-0x000000001A75E000-memory.dmp

Filesize
56KB

Download
memory/2544-185-0x000000001AF20000-0x000000001AFA0000-memory.dmp

Filesize
512KB

Download
memory/2544-74-0x0000000000270000-0x000000000027A000-memory.dmp

Filesize
40KB

Download
memory/2544-78-0x0000000001FF0000-0x0000000002028000-memory.dmp

Filesize
224KB

Download
memory/2544-184-0x000007FEF59C0000-0x000007FEF63AC000-memory.dmp

Filesize
9.9MB

Download
memory/2544-80-0x0000000002130000-0x000000000213E000-memory.dmp

Filesize
56KB

Download
memory/2544-183-0x0000000000270000-0x000000000027A000-memory.dmp

Filesize
40KB

Download
memory/2544-82-0x0000000002140000-0x000000000214C000-memory.dmp

Filesize
48KB

Download
memory/2544-160-0x000000001AF20000-0x000000001AFA0000-memory.dmp

Filesize
512KB

Download