Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

installpol...0q.exe

windows7-x64

5

installpol...0q.exe

windows10-2004-x64

1

Resubmissions

04/02/2024, 03:35

240204-d5kahsgch6 1

03/02/2024, 20:27

240203-y8p1dsheh8 5

03/02/2024, 20:21

240203-y41lbshdf7 1

03/02/2024, 20:17

240203-y2s4gahdb8 1

Analysis

  • max time kernel
    358s
  • max time network
    362s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03/02/2024, 20:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    installpolyboard710q.exe

  • Size

    16.9MB

  • MD5

    6c9b733deaf7694d43e328f5fb18a240

  • SHA1

    0210a24d6a2ad1f40258ad254715e7b00320fbac

  • SHA256

    8573cbf3821c5c04a6c6d76e62f086b1dcc0b5535233479556953aaf25cd0879

  • SHA512

    7379e16fda076840a8bf148f9067a4f38456c1e0961a7ec39f674ff76eb2434a411f0f157e5cade39aee6c0ff188cf4375f7b4959ac1eb9d8fbee4ffb2636ad7

  • SSDEEP

    196608:J9181K28y7VlYNuLvY/6x8vIIqGpFPCDjZePvKhnwolNuXgiBZniAN4WghFmyqZw:L18HNT9SgzGiwShJQhViAXOmyqZE6FY

Score
5/10
discovery

Malware Config

Signatures

  • Drops file in System32 directory 6 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Program Files directory 22 IoCs
  • Drops file in Windows directory 5 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 9 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies data under HKEY_USERS 43 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 20 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\installpolyboard710q.exe
    "C:\Users\Admin\AppData\Local\Temp\installpolyboard710q.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • Loads dropped DLL
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2056
    • C:\Program Files (x86)\Boole & Partners\PolyBoard 7\Polyboard.exe
      "C:\Program Files (x86)\Boole & Partners\PolyBoard 7\Polyboard.exe" /Register /Background
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Modifies registry class
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious use of SetWindowsHookEx
      PID:3188
  • C:\Windows\system32\vssvc.exe
    C:\Windows\system32\vssvc.exe
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2736
  • C:\Windows\system32\DrvInst.exe
    DrvInst.exe "1" "200" "STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot19" "" "" "61530dda3" "0000000000000000" "00000000000002D8" "0000000000000404"
    1⤵
    • Drops file in Windows directory
    • Modifies data under HKEY_USERS
    • Suspicious use of AdjustPrivilegeToken
    PID:2560

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\Boole & Partners\PolyBoard 7\Polyboard.exe
    Filesize

    2.1MB

    MD5

    c1f84fe13f333f3beb9f57559ea5ddd6

    SHA1

    365d429b04a57ba7e400bc405b47ae7e2eac55eb

    SHA256

    97e65c3a47350be05ebe8f31659f0f999f550fac9aaf330acdfa1924db216e4b

    SHA512

    e443feb00650faae99cc6a6025cba72ecfa80ffbdc1cf3495c043c7796af36940fd2d585d0598a224d8729700547fb6d738a521634eafb4ac420c3c2fb8d5009

    Download Submit

  • C:\Program Files (x86)\Boole & Partners\PolyBoard 7\Polyboard.exe
    Filesize

    1.4MB

    MD5

    722051f92930dfd473348df6769efe3a

    SHA1

    d9a5c6690ecd5461972863edbfe449314653fb04

    SHA256

    d7139c6ab012155f695f88a7cd38abd4a5aa282dcffc6c7431cb63c45a7b858c

    SHA512

    952716fef8b0f385e9c955f2a46654cc629473bc289331a5766b0cec27ce2f104f746abdb811943d1726be935f0b0291228d7560f5ef4f6d5d99a39141246d9d

    Download Submit

  • C:\Program Files (x86)\Boole & Partners\PolyBoard 7\Polyboard.exe
    Filesize

    3.2MB

    MD5

    0ff4ba03e088dac91ad7c8fcd9d181c2

    SHA1

    e2aa69677053647e0bed8d961c8f0c4b4ef3a80a

    SHA256

    689365fd893e20eb9263c566b06920c67fdff66684ab836f02b4b124542aa768

    SHA512

    6f518a5c3ca47820d662cd4d2baea9beb2f50e8515a2ece57807fadd82a64c74cb5bcafc6263ff3a80580a07638e64521ceafe878bf879dcb44058f2fbaa4af0

    Download Submit

  • C:\Program Files (x86)\Boole & Partners\PolyBoard 7\Uninstall.exe
    Filesize

    1.5MB

    MD5

    911351a6e49135c09180cb08f428b856

    SHA1

    fce3ad274d6ede5b61b29f9c9a6aee12ee48d6e6

    SHA256

    e9ac19d6f04c0fb318dd2c7f6c275a1eaf801f68826875db8a6932fe90162729

    SHA512

    79406336c6e086c0a3690d7a138f0a9760f1adacd3c600a21439c5b3e3cbe70d18f8fe6f7559d552f20789a79d19e625834bd38accd2907f313c15f1e26a727b

    Download Submit

  • C:\ProgramData\Boole & Partners\Materials\Bar.mat-boole
    Filesize

    49B

    MD5

    ada22eacf83783149fac8067e23bbba3

    SHA1

    bc0725d1fd7c6ca302db7b4a7b927ae890dda450

    SHA256

    da13a6cd66275abae69f9bdd069026eedbe9ce3040fb89031beb7ed17ec24cef

    SHA512

    cdef45bd1b49f099c4aa9002337ab6757aace8eb04337eb2db717e2c2be64e04748f9f37ff4328fb6f6cbd617bd009c13132f2e6d4649896997b0bd5cd79dd10

    Download Submit

  • C:\ProgramData\Boole & Partners\Materials\Edge.mat-boole
    Filesize

    379B

    MD5

    dd55e8b2ce915d053ec7d77b25918d5f

    SHA1

    aa298cf8c173c962a2e971f25ecf7533f689e8fc

    SHA256

    a67f9706cfbbd1eec14cfe08e8f4baf48fb2e67d72c1957d7d34909fc00ad7ed

    SHA512

    81c53ed81dcfad8677e8f50268ad7eb71bea6caea2b2bad660568d6f9db99d565802965b73abe7e5b277ae18a582e0acc79d5686907b2799d081b2828486640e

    Download Submit

  • C:\ProgramData\Boole & Partners\Materials\Panel.mat-boole
    Filesize

    990B

    MD5

    456624392b08fa31c4c7a16378646bd2

    SHA1

    6c427884e369b9f22bf92b8c7f3248abee08f177

    SHA256

    996844ac274311754ce58271feef5931975eebc26309225aac731addf2225d0c

    SHA512

    36caadd38ef3f1c7acff4841ba852fb10860f2484c3203878341420544a3f7898b050dc480dd67dda1d4458a00c397203edd7894aaee57f7fb28e0480be7e28b

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\Accessories.pb-lib
    Filesize

    1.2MB

    MD5

    4499d660111a0ef553d01cd2df9419eb

    SHA1

    892c2d68e0b9d5e99e18bd832670faf2b2cfe3cc

    SHA256

    1606ef22ef3ab0637d3c4173d2867fbd852a6a062ba6643aa3fdb4570a852d14

    SHA512

    def716d65929917c35f24cd9115cf001d13ee7fbfa4f4f3a884566522d9706988755afd9b0ff58eedb8a727969adf0f458be07d9ac2e341519d4d093a5d4bcbf

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\Curves.pb-lib
    Filesize

    2KB

    MD5

    a5b6ecb561c92050c1c70d9ece1fa4c0

    SHA1

    7e414fb3054ca89282d402865008c9bafdd8cfae

    SHA256

    6bca746c440c36c7a21884ab2b0b7f8a5efe31e87444ad5752303dbcabf928ab

    SHA512

    479ae20016e17a51dfbe27c98fa7f1b7368242491c7d6638dbef9ab955cefb853e087d17ae109fe3753b7cfa33dbb2a523610c9e6c4d0c4d1755b16c72b55af8

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\FittingHardwares.pb-lib
    Filesize

    956KB

    MD5

    5e5fd03cd17240d7a8044eb6caf0019e

    SHA1

    dec725cb49378e0353ba876d8d672f1f95dce89b

    SHA256

    7a519d69383c897cba37a0d4ce1abd30ad304162f829bb1d4a9ddca58f5d39a1

    SHA512

    3d8a7e290d40363a003580e4271c541d34b4def593d500b10816d55178c49113ad06c4ead45e761639a83b1c0974dc389a42cd25e20dced47f8b08169841d1a7

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\FittingRules.pb-lib
    Filesize

    1KB

    MD5

    176525c5b89091ba141714ea995b7d18

    SHA1

    ef2cd7429c66a42d70863b038940e76d1bbdcdbd

    SHA256

    1547c9f6c7b865db1486c22abd5a1dcb08495ed8c19af2a21548cf90ea1f9247

    SHA512

    2cf40bec7a69893e57a489b79b6790bbe73a71d2902aa65100a4846bd35bc7a8691097e8a171c4cb2be45ed86b03cd108f90f2645793a2e0d9a2f79ce4fb079c

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\FittingSimples.pb-lib
    Filesize

    94KB

    MD5

    b69c2e8716a9fb33f09fb9111ba9c763

    SHA1

    0244386b51f869b735f2a405fc8a75f5d7b955f7

    SHA256

    79dcd8100ec59f59437c6b5a8006b47be43a56e3b8560e3bba99cb62d0181982

    SHA512

    b5f802236a2eeb0b52ed628175bedf2245358c8bf69c79d56ff5c7cb91aa22ddb52ad97cfc386271b0731095e4d8c82ea5dbc9627efbfb9b8493d1e10046d94d

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\Methods.pb-lib
    Filesize

    19KB

    MD5

    4c146d6e65e35f21518ed862ffa1b33a

    SHA1

    f046c8c9af32ec7a5bc692b8c36f830a8272be02

    SHA256

    bbafc2a95f329d2e353367a5b272140e55b647b33c4d3e305f09543350fabd86

    SHA512

    05b9259078c8c3fd619c06101ed1c435b4b7e0ab6ad0eea51efd5aa3203fd6e69cfe58a18e0792b25895d830fcb670be69df374430dce450d8becafe4f25e421

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\Shapes.pb-lib
    Filesize

    4KB

    MD5

    efce28e82448b6dfcd9c9d6bfc00ee6a

    SHA1

    56d6da35de51e2acbe837f889288774339e5b774

    SHA256

    7771402bbc01de0646a25fe6f332a50f9a90532dd2e891b2438e1965db78c239

    SHA512

    bb883c2f4baafd0cf14c9df9b3e54b34b207f8d077129724724247668cf2b44c6a294e8f1aa14bf24e0c79766dc6b9f45042764da776e74e65a05dafce9e6685

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\Structures.pb-lib
    Filesize

    5KB

    MD5

    dc800b808f9085afc220f34366ea2b18

    SHA1

    a8feb1eb79945085966fbb0b5fc2c3589d8df41e

    SHA256

    87fcd1b3391461fbce58f48d8f3eae764a514cdf001ca5f94df785aa9c77f73f

    SHA512

    5daeb94a2ea6b391a4a70c5ef0180068075fed5d292b53701457e0eec7471dcf0636d90cd2633ecb55962ffe45bc3b30301e57777f88855048831a939959fca8

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\SubMethodAssembling.pb-lib
    Filesize

    1011B

    MD5

    488d6f0bf57a27f8790657d64257389e

    SHA1

    f001f669884bccb4d383947316520b4ac1888d81

    SHA256

    3b6d9fc5d03762c951e9c0b5afbaff5ea34a9970887f254a9c097f5756a7aeaf

    SHA512

    53a192233c496b2d3913eea5aba80b7122d51fa6c279ee57cfbbb9387e3a01ea5cc9d1a0b151affeed43bdd2f15fe501a4900fef44943dfa2c26a169ac60d03e

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\SubMethodChant.pb-lib
    Filesize

    3KB

    MD5

    a10eefa15694749de0990b992fbcadb5

    SHA1

    47dd5c4c2271677b905be2455d529e2aedf66716

    SHA256

    5ac2d992f057758efdb622ddaf853c2c6fbc090f15eaf0e4c5ba577d512df66b

    SHA512

    d05849697a88f6ef3e268ccbc8e1cec3805ce5be189412e16f47b9379c7f959acb46597c5a22525ea7a8135867cc96e2624f5b51b31d4ede720961f8ebf221f1

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\SubMethodCorps.pb-lib
    Filesize

    2KB

    MD5

    29afbdfda90e96fe4f49d27069a9313d

    SHA1

    a546ac0b324af4642835dab09d0886dc5b4f43d3

    SHA256

    092b11778f97ea99008924f836cdb88d45d8a4d258cb5b1bcfe5e1c123ec7d64

    SHA512

    e9dc7d46921fdf88de70a75d02cbd0dc530258497ba78c38c031ebfad7265bcbc6a89c5659e4642194e8d84132943e42adf07ee951840589632043b110c8ed4c

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\SubMethodFitting.pb-lib
    Filesize

    7KB

    MD5

    1ffbfa4b22e7f18445fcc0172dc0a9d9

    SHA1

    d8fe931d2c973b594d1cf3f9f5f28fc0315b4f04

    SHA256

    4389440de1c1561373686d4d82c12d384516ec4a004a5b3b03c8b309b45da56e

    SHA512

    ba0f58e292cca9d6e51dbb5766258209f62cf6d165a9d841a7018d878109a943be87969a659708123ff3850af99b1c5dc4bf9335605efe13f1d4188bd4743697

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\SubMethodMateriau.pb-lib
    Filesize

    1KB

    MD5

    1d7bc6e5d608fae528390f1d2fc3c848

    SHA1

    8ed415c74b96d5dd72e2366b8a60bbba880b93ba

    SHA256

    2a16378afc5a36d865d0bcca54065b6e89b69717e810d1c5f67fa706e7fc5bd1

    SHA512

    98618a14861654f19ba5df981c808f96e6dde3a6407d8eb942a47aa506dc2e96cff69138c3ce49cbe085bfb9731f10819ef7e9a4eb83a806be2bfa94b7ce52b2

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\SubMethodPorte.pb-lib
    Filesize

    564B

    MD5

    92df7fef35c81c3d7b42a9e97a9f4a1d

    SHA1

    cec43dc5b096fa0827787e26f07b4e3310bd1be0

    SHA256

    0ac88b330572e9ddaac8e68a55f24ddcc525258a1d3e4807f0ea384ce717f94a

    SHA512

    9a4a118c0fe1cd9ef04a2448b777826f944d95a3e11999738eccea9d0f0458de41e48c60312e1b91795697d33043b7811a500cc5a4ea76cfae154a9cd01fa3bc

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\SubMethodRegularDrilling.pb-lib
    Filesize

    307B

    MD5

    cbeb7dada43492cdf72bedfede204aea

    SHA1

    f580292aca395acd2cb1e0e78cafad26a4874715

    SHA256

    877fd4f25793a4950d615d529415c2bacd1a5bf3437895a48619901c40f897a4

    SHA512

    14f2487a275faad020356ea3ea42a3381ba91ed0246a51b06a7a3fbe23c385aa234768b6a55735087addabc91324a17140c43927a865c43bc37a69495a0baf92

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\SubMethodSeparateur.pb-lib
    Filesize

    1KB

    MD5

    7b4299d3d8a922f6565c9103504c66c5

    SHA1

    8b8cda5e9620180038b61b54a12afc8ac10d9475

    SHA256

    930dad51fef865c123f58fb2675f611315ea2fb6f58709b1f0c9c230db97a41a

    SHA512

    f69bdf9440fd1053229d5718deb7345891cec8b71b0dd9074680e759a02b66f766ff3b2c85758330e557cb6e83aa138a59f883284ab388983d7d6b4311408bd7

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\SubMethodSurcote.pb-lib
    Filesize

    314B

    MD5

    5661df42f0f0189a7762fa87f26d3151

    SHA1

    ef21139b23b0b6dd15b936ff6bd88aa75dff9115

    SHA256

    df25fe537141696e3c3a0c2dbbd6ea2e5e7ab2b93ce25860f8bb82cc7fe1b235

    SHA512

    15c8617d2859e58f991be50d52327bd680dadb4b3f72cfd11ccd53953d87c5dd3e529b8ad551b6d09d12a42f684e5bc2721dc326b30105556d3f8ca515e51306

    Download Submit

  • C:\ProgramData\Boole & Partners\PolyBoard 7\SubMethodTiroir.pb-lib
    Filesize

    2KB

    MD5

    4e0a7571a4c546665508e88bbbda0c29

    SHA1

    089c54d52fb91e4cb2f9ed8513bf14dffb732aca

    SHA256

    aca4c23a0dbe15b385847ef2df69f2ed7b2ef2e70f408d6ef55ec3d9c0609236

    SHA512

    a5fee7565810b2d6f884222af4dd557bab3f18f6fa94251d14e81c739a74b78c1bcee1f827382d073aa474c59ccd0cc5999c4d1db1e36f167d7107cb17735d40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
    Filesize

    867B

    MD5

    c5dfb849ca051355ee2dba1ac33eb028

    SHA1

    d69b561148f01c77c54578c10926df5b856976ad

    SHA256

    cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b

    SHA512

    88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52e65be31708983ceb6ef03284c38dca

    SHA1

    fe79ad01727341d1b5684de5ff1e615cd83ec0c7

    SHA256

    3a4a8181de0b392a89b398ba2091010adc933d2ddeab10c52d4bdd9648b4881d

    SHA512

    fdcbcf98980b8e724a7c30e0506b62277e5bf760e7bd104e441089c1549f55b779c66e987622089797bfc562dd1b848d3aebd43346b39ca90633881756cdb0ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
    Filesize

    242B

    MD5

    65e696a40f98487357fdd4694db8330f

    SHA1

    3166549554487c532719255b9c180a03c8adc7e3

    SHA256

    b0487adedfb899ee402b84a9250ce61bb50954278b1e141539f32fac19076d6c

    SHA512

    1bc1315da9be5873eb756a0ebd650bc4c5902285b0866321379123e1d8ecf8457137aab159c6a8104c99afc62b420d1acdcdfb6e4fb4b38e58ad292af3df11db

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\BOOLE_~1\Jun2010_D3DCompiler_43_x86.cab
    Filesize

    909KB

    MD5

    f7f554aa613eccf065575b8c69717ef7

    SHA1

    8417886d47c19cf6892f4080ddd5aaa1a49db3e9

    SHA256

    417eebd5b19f45c67c94c2d2ba8b774c0fc6d958b896d7b1ac12cf5a0ea06e0e

    SHA512

    618f6dbb5bd9d44a8f10d119f5ef644f168fe3d8db986994e8cce31d1f11ff9ac872b389d1f218a82ff8b397bface587f97ca21e8f77433dbadb2ac475e9e6c1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\BOOLE_~1\Jun2010_d3dx9_43_x86.cab
    Filesize

    695KB

    MD5

    a7cf16f8151b47e8e7214906105fedae

    SHA1

    4b7344a1fbea62ba2704927a471946636532e7e6

    SHA256

    b950416567d413e3db98728b8ae2c7d6b354329e5949e6d64e88a469854f5890

    SHA512

    75274b8cf69e2ae0e61c83636f087eb7663fb7ddf95cb0c2911bbee02333ce92df74c51fdbebc1eecb8fdfcca9ac8b53072da11f02a6f8f452b92af786bc6426

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\BOOLE_~1\dxdllreg_x86.cab
    Filesize

    41KB

    MD5

    a025c67403dc2c2bcd709aa9435faeb1

    SHA1

    0433ee289e96a0d83a0c66ec35cf906a3e063884

    SHA256

    8ad77a4d9c76f65cd62337588f847cc1e0ca6ca9735937f3a781f7395e9566a1

    SHA512

    56bced81de59d413238b01396fafa6442ef6db0afaf237a699966df4753ed1a0b555450fa308f6965689a67f9fb5efb5d377d5f602a8d453ecceddca41072b45

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\BOOLE_~1\dxupdate.cab
    Filesize

    91KB

    MD5

    8adf5a3c4bd187052bfa92b34220f4e7

    SHA1

    b52be74c4489159bd343d3c647f28da1fd13d9b9

    SHA256

    13393a91201e69e70a9f68d21428453fff3951535dec88f879270269cfe54d6f

    SHA512

    3e2f2fe4b5742a4cf6ee2f6b8c0ca734fd0b3c5431dff112c907231846dd3eebee7b9b8117f0256119614282cc7a4896474a199563078481d48a1204ca96f92d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab36FA.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\DXD73F.tmp\D3DCompiler_43.dll
    Filesize

    2.0MB

    MD5

    1c9b45e87528b8bb8cfa884ea0099a85

    SHA1

    98be17e1d324790a5b206e1ea1cc4e64fbe21240

    SHA256

    2f23182ec6f4889397ac4bf03d62536136c5bdba825c7d2c4ef08c827f3a8a1c

    SHA512

    b76d780810e8617b80331b4ad56e9c753652af2e55b66795f7a7d67d6afcec5ef00d120d9b2c64126309076d8169239a721ae8b34784b639b3a3e2bf50d6ee34

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\DXD73F.tmp\JUN2010_D3DCompiler_43_x86.inf
    Filesize

    1KB

    MD5

    1a86443fc4e07e0945904da7efe2149d

    SHA1

    37a6627dbf3b43aca104eb55f9f37e14947838ce

    SHA256

    5dd568919e1b3cbcb23ab21d0f2d6c1a065070848aba5d2a896da39e55c6cbbf

    SHA512

    c9faa6bb9485b1a0f8356df42c1efe1711a77efa566eee3eb0c8031ece10ffa045d35adb63e5e8b2f79f26bf3596c54c0bd23fea1642faae11baf2e97b73cf5e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\DXD73F.tmp\JUN2010_d3dx9_43_x86.inf
    Filesize

    1KB

    MD5

    a11deb327119b65bacce49735edc4605

    SHA1

    0be2d7fa6254b138aa53d9146cda8fedbba93764

    SHA256

    6b33d32da02f664092d44b05237990f825b4062c105a063badcf978648b5e95b

    SHA512

    b0134a3d6f2d576e5fafb601014ab66fef91d661013acc8a7a9129940369a1d9ed5c0f228bb1666a4e891f09b4b18e83f0cb2080047aa84fa45ab663e5739a31

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\DXD73F.tmp\d3dx9_43.dll
    Filesize

    1.9MB

    MD5

    86e39e9161c3d930d93822f1563c280d

    SHA1

    f5944df4142983714a6d9955e6e393d9876c1e11

    SHA256

    0b28546be22c71834501f7d7185ede5d79742457331c7ee09efc14490dd64f5f

    SHA512

    0a3e311c4fd5c2194a8807469e47156af35502e10aeb8a3f64a01ff802cd8669c7e668cc87b593b182fd830a126d002b5d5d7b6c77991158bffdb0b5b997f6b3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\DXD73F.tmp\dxupdate.inf
    Filesize

    12KB

    MD5

    e6a74342f328afa559d5b0544e113571

    SHA1

    a08b053dfd061391942d359c70f9dd406a968b7d

    SHA256

    93f5589499ee4ee2812d73c0d8feacbbcfe8c47b6d98572486bc0eff3c5906ca

    SHA512

    1e35e5bdff1d551da6c1220a1a228c657a56a70dedf5be2d9273fc540f9c9f0bb73469595309ea1ff561be7480ee92d16f7acbbd597136f4fc5f9b8b65ecdfad

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar370D.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Boole & Partners\PolyBoard 7\UserImages.bmp
    Filesize

    24KB

    MD5

    33fad6d21b6f35aa71df50d45ec88e9e

    SHA1

    3f605f87ff5067de3a64be37cfdd4577eaac25b6

    SHA256

    d68da2425eb1c1ea255ff91eb97939708d8de74b0da017b984d5c8401c2b9128

    SHA512

    e4560589d05278749919a97bc94d7f40d6dfcc1711e51ab32fb735c0ad1e3ae67358353e30c901d115f7fc5b9e95846dccf223afd61e6aed023c56bd5a30a32b

    Download Submit

  • C:\Windows\Logs\DirectX.log
    Filesize

    552B

    MD5

    26574f043234a093b924752381f43028

    SHA1

    49317703640596aa53609cb69ee46bca4db34582

    SHA256

    1279350e9952a51db60ec1a87143bfd813388a8a9201a2d1dba4961586e1c9e0

    SHA512

    e3d3d36d371442bdbede0707ae90334378af8c356e75e6cb8f15cd0fa7280967b125fc5bb5a046870a67baeed5c8a1c356aa75d952e08139141005ed4fad80e8

    Download Submit

  • C:\Windows\Logs\DirectX.log
    Filesize

    24KB

    MD5

    7c79f8cf04ebf481fef83065465dac2f

    SHA1

    6d1ca19fd78a559d4d4aa25eb34b61d47a11f6ee

    SHA256

    01eac2cfe3b46286c74c0c1c103af31e410a7b53225487c5dbadd26c9c310d2a

    SHA512

    948709a681cc39eb5b48077c6cfb65b230314cd1180fd9a4de3cba2b234dfe7bbb9a58f84c306592d0f1aa8cf95a14b57f542749a667ea73f66472b1910fd5b1

    Download Submit

  • C:\Windows\SysWOW64\d3dx9_43.dll
    Filesize

    1.9MB

    MD5

    30457981ba8e84af0083a0183e13344e

    SHA1

    a48e27e88752f2304eef36f3a197ec8038accd5a

    SHA256

    df6ee062e768c8e416ca88a0966a18d4653b734b5429799de068f4e0738c4bcd

    SHA512

    955351c1cebc5d18bd4450a977f4adda37be4ba6d83bfc73949f8b8260240f91653510e59229662e1d0b5574804e56ef1ea92ff69a98b0c838740de0c40b876f

    Download Submit

  • \Program Files (x86)\Boole & Partners\PolyBoard 7\Lang\PolyBoard.en.dll
    Filesize

    553KB

    MD5

    82170f9b8fea7ea2d344be3c97981371

    SHA1

    2f90dab2194d59055773a77f7a05e931cc228ae4

    SHA256

    fd2044499bf2793beacfb8fcb4620490e02cea3953bbd5aa13ebabdf719f0aba

    SHA512

    3931d021052f225ea84a4d840a871c2c762128578e4a323981154d3e3b9fa076e9b92ca6d23dbcdd55813b611e1b8f26a45239e198fcc5035047695e67d689f0

    Download Submit

  • \Program Files (x86)\Boole & Partners\PolyBoard 7\Polyboard.exe
    Filesize

    5.0MB

    MD5

    b1936fe8457a2640344afec30701a92d

    SHA1

    8b2f39835e63c2a77d81c2cd77557d580b38b203

    SHA256

    606719ffafe085e56f8883905295470ecc943cfcbfc8f9a3a5ee3b24a45a55a2

    SHA512

    73f0beadb44c35b70985a9dbc7582a2efb6242e8324375f59ea3302341dd4517d9746d23e7bebbf11250d003979eec50ca10fda1913e38096071e8f4497e7512

    Download Submit

  • \Program Files (x86)\Boole & Partners\PolyBoard 7\Polyboard.exe
    Filesize

    3.8MB

    MD5

    cf074fa08324d1bb2afd1bec513fa0ac

    SHA1

    3c9e2e96f6662abe4a733fc878083e2650377dab

    SHA256

    a1c5ff2979d7d4535d93c5fa02534761dbec2f021d17de6cb6a150f9406407dc

    SHA512

    7b4fc0c5d410dd0ed485992cf7e9b27f6e9605074e5b755115baec523a8f662bc531777460afcc5652579573230ca1df3bd960289e94664915bb0ff89e63907e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\DXD73F.tmp\dxupdate.dll
    Filesize

    168KB

    MD5

    94202f25810812f72953938552255fb8

    SHA1

    c1e88f196935d8affc1783ccf8b8954d7f2bfb62

    SHA256

    6dcad858cc3ff78d58c1dae5e93caf7d8bacb4f2fcf9e71bccb250bf32c7f564

    SHA512

    65b66d07ef68e0d1e79f236a4800c857e991ee3ff80ece4cfdd0b5f6083ea16f8a52d351c3af721cb05c06394ec91b4b5e3cfa4b0f0879f7549f3e3ed035e79e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\boole_{628cafd8-b9f0-4c77-b6b2-c74a489a2c30}\DSETUP.dll
    Filesize

    87KB

    MD5

    9e0711bed229b60a853bcc5d10deaafc

    SHA1

    2bea53988bd35c5df5c9edcef0bc234c37289477

    SHA256

    def6f245762be36cf18b435ba8b7ebc224b9c21d1a1db606a8e8fafdaa97bba0

    SHA512

    c0b31872e52c8f4270d991c70d1a1c9ef9a4bbee4807c54c05a449cd1607506ab16ff1e74b378651b36e3276322c86cd843565c8a1aa33a49c47322ef4df0185

    Download Submit

  • \Users\Admin\AppData\Local\Temp\boole_{628cafd8-b9f0-4c77-b6b2-c74a489a2c30}\dsetup32.dll
    Filesize

    896KB

    MD5

    93228c66735bd8a3666446e0f38f442d

    SHA1

    cb70003471178e356803d23641d715fe6220f46e

    SHA256

    35f37b0407a5abf21bc77dcc2366f0153296511de83a55a9dc6018bcb513cd07

    SHA512

    fa8ffec291b72653c756d2fe3a7281bba8c6dce9bd520006fc64e0cd24392009e7e52f087148d730f6c1acad51150691214ae6ffe603b18969f5dcd799a1d128

    Download Submit

  • \Windows\SysWOW64\D3DX9_43.dll
    Filesize

    1.0MB

    MD5

    405b65dbdfef077bc9e5ba8a082265fd

    SHA1

    f79c329df65890afa8d9e389a472c268443fed83

    SHA256

    c7cc7c2682f1c4558610815864c49f8f6c51e8984ca0f12709899fba99b9c91e

    SHA512

    7610381b99255953cfcaa82ccc12db29217acea3dcfd3b2c86f551be47598b0ad06fac781428271b0dd2652b819ef820187de4bde5456a0062605839eb88249d

    Download Submit

  • memory/3188-1358-0x00000000000A0000-0x0000000001907000-memory.dmp

    Filesize

    24.4MB

    Download