436e4bb81959037d72b54066df8dd91430692f6e72519c07503595d820d9a3fd

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
04-02-2024 09:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8ed43232a1bc487e33754f0b383659f6.exe
Size

226KB
MD5

8ed43232a1bc487e33754f0b383659f6
SHA1

41e65ad489f7cb4b9579344a5d83e9cb0bba170b
SHA256

436e4bb81959037d72b54066df8dd91430692f6e72519c07503595d820d9a3fd
SHA512

1f7e34bcdbdd78e27774cc77348f905e8691e6b52d8226d8d07c8c44a2f9fd63fb8606a309ad0f0f8c115cefec92febc2213505c33b00fccab2115ad68fd8e1c
SSDEEP

6144:LUrqA3AheuswyPnTtMO6gw0QJwf6nyZUzj0v2kMiwP:LUWA3AheuswyP6gKJmP2viQ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x00060000000160f5-63.dat	upx
behavioral1/files/0x0006000000016bdb-90.dat	upx

Drops file in Program Files directory 57 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Navilog1\navilog1.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\oem2ansi.exe	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Gncs.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Wlist.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Fav.exe	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\regnavi.reg	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\traite.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\traite3.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Folders.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\reg.exe	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\regnavi.reg	cmd.exe
File created	C:\Program Files (x86)\Navilog1\__tmp_rar_sfx_access_check_259395451	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Gnc2.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Setlang.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\navilog1.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\oem2ansi.exe	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\regnavi.reg	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Heurs.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\GetPaths.exe	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\mvfile.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Folderss.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Gncs.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\OsV.exe	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\traite2.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Filess.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Fss86.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Gnc2su.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Navreb.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\reg.exe	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\traite.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Folders.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Fav.exe	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Navreb.bat	cmd.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Filess.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Folderss.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Gncssfil.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Gnc2su.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Orphus.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\mvfile.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Heurs.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Heurss.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\OsV.exe	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\traite3.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Wlist.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\traite2.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Gnc2.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Setlang.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Navreb.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Uninstal.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Fss86.bat	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Contents\Heurss.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Orphus.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\GetPaths.exe	8ed43232a1bc487e33754f0b383659f6.exe
File opened for modification	C:\Program Files (x86)\Navilog1\Uninstal.bat	8ed43232a1bc487e33754f0b383659f6.exe
File created	C:\Program Files (x86)\Navilog1\Contents\Gncssfil.bat	8ed43232a1bc487e33754f0b383659f6.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 1 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Identifier	xcopy.exe

Suspicious use of WriteProcessMemory 21 IoCs

description	pid	Process	procid_target
PID 2980 wrote to memory of 2864	2980	8ed43232a1bc487e33754f0b383659f6.exe	29
PID 2980 wrote to memory of 2864	2980	8ed43232a1bc487e33754f0b383659f6.exe	29
PID 2980 wrote to memory of 2864	2980	8ed43232a1bc487e33754f0b383659f6.exe	29
PID 2980 wrote to memory of 2864	2980	8ed43232a1bc487e33754f0b383659f6.exe	29
PID 2980 wrote to memory of 2864	2980	8ed43232a1bc487e33754f0b383659f6.exe	29
PID 2980 wrote to memory of 2864	2980	8ed43232a1bc487e33754f0b383659f6.exe	29
PID 2980 wrote to memory of 2864	2980	8ed43232a1bc487e33754f0b383659f6.exe	29
PID 2864 wrote to memory of 2736	2864	cmd.exe	30
PID 2864 wrote to memory of 2736	2864	cmd.exe	30
PID 2864 wrote to memory of 2736	2864	cmd.exe	30
PID 2864 wrote to memory of 2736	2864	cmd.exe	30
PID 2864 wrote to memory of 2736	2864	cmd.exe	30
PID 2864 wrote to memory of 2736	2864	cmd.exe	30
PID 2864 wrote to memory of 2736	2864	cmd.exe	30
PID 2864 wrote to memory of 2788	2864	cmd.exe	31
PID 2864 wrote to memory of 2788	2864	cmd.exe	31
PID 2864 wrote to memory of 2788	2864	cmd.exe	31
PID 2864 wrote to memory of 2788	2864	cmd.exe	31
PID 2864 wrote to memory of 2788	2864	cmd.exe	31
PID 2864 wrote to memory of 2788	2864	cmd.exe	31
PID 2864 wrote to memory of 2788	2864	cmd.exe	31

C:\Users\Admin\AppData\Local\Temp\8ed43232a1bc487e33754f0b383659f6.exe
"C:\Users\Admin\AppData\Local\Temp\8ed43232a1bc487e33754f0b383659f6.exe"
1⤵
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:2980
- C:\Windows\SysWOW64\cmd.exe
  cmd /c ""C:\Program Files (x86)\Navilog1\mvfile.bat" "
  2⤵
  - Drops file in Program Files directory
  - Suspicious use of WriteProcessMemory
  PID:2864
- - C:\Windows\SysWOW64\xcopy.exe
    xcopy "C:\Program Files (x86)\Navilog1" "C:\Navilog1" /S
    3⤵
    - Enumerates system info in registry
    PID:2736
- - C:\Windows\SysWOW64\mode.com
    mode con LINES=30 COLS=100
    3⤵
    PID:2788

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Navilog1\Contents\Filess.bat

Filesize
6KB

MD5
c2d2e5b4914bfa8730dac132bbe51712

SHA1
5c0556466ceccf0376656cee6201cdc808aa6aed

SHA256
2b4e80aa18ddb33a87aad87ac8c929b48723d3879251bacabe43e5629311a6f4

SHA512
e711eaa547efcd9398121d38fde2857e8072c0ca129155d958dec83f27671bca0232b480274abaa85997386718759dd819816a56f6e4b7a74d8d64aca621ef70

Download Submit
C:\Navilog1\Contents\Folders.bat

Filesize
844B

MD5
20358c39ef5ee025bc755deb9d6bbe83

SHA1
69daa914faece1a38b1f63b5e71501d3b0296db1

SHA256
7cd3d8094fee0a2fee21c210b6b1a2ccc6c494d3a3773760482389f2bfe7b887

SHA512
abc7ff4d4615b1914013876b3e0f2ebcc96bbb29cafca525946195a37d97c4ded23cbcc3938ca328479d3f71b101b80b3d7a9f3a523a51c047d48d1b78acc8b7

Download Submit
C:\Navilog1\Contents\Folderss.bat

Filesize
5KB

MD5
0d3b2bef4d5f06e8bc3d26793352e4a0

SHA1
ba6c21a091d3097eb8c69617829799fa46471109

SHA256
e012f47479b06d3df28710d5b5f6bfb1d2040ac22b92ff5b02fcf06772d26f8f

SHA512
001742fe9c8d1e18ce97338a6dada0d541ac6e3379c8742eb7865193f4428368be0eba319cb8645f185452fb38dbeeb32cd177a5a0f1e81458bd120a6fff62c4

Download Submit
C:\Navilog1\Contents\Fss86.bat

Filesize
5KB

MD5
1af48a313a3757e429901f2b7bddc405

SHA1
749925f3b7e2f69eefe9df3b53b03632b44f0784

SHA256
26048b807b372cedbccd8136ec99f287a28e37357208004312b23c1c27b3dc96

SHA512
5d937350f5ab4b695c5ad966c941dd317b517a90917e1300822a0e33c93f5abf4755ef2db1359e96924ecb64a61af1f55cef944e3821fb79243f9e606a975bd9

Download Submit
C:\Navilog1\Contents\Gnc2.bat

Filesize
1KB

MD5
22eceec84f18270f936c03fa69e06595

SHA1
0540ae2225f2f1c26f97d0b90f617e42b0b3891e

SHA256
4bb5e4718c7f63b2887e5c1c5300e01ca34a8e19dd0a534112cbc4f0f3d60fca

SHA512
4cbfa28af7d4621d5afa0af7d19e3ca8a49a156bb75fc3e0ceecd9966c0d858b92ddf9ce7658653deaac9d36bcd1fd489f5bb92d3cc1b1ec232f925ed66a62be

Download Submit
C:\Navilog1\Contents\Gnc2su.bat

Filesize
1KB

MD5
f111f4b7390ca853eaff912ceea2fa08

SHA1
7b11b570348089bba86d8f0b02077f7aec6d9313

SHA256
de0fe62721471e32e4fa34e12ea39418e787e77f019433a7165a5517fbdb66b8

SHA512
15ecbea80bd3239732032eede41e7d10f3c2d7151591dcc6d722980c3e8b0031c11f9a4bddadf146eb09a319c2db097c9a24c81887f1f06103d055532b8fa18a

Download Submit
C:\Navilog1\Contents\Gncs.bat

Filesize
1KB

MD5
a658c76ae05a5ff059f0b8a49e284377

SHA1
b7304f4543240658ef160ea2740148d9132e3b9e

SHA256
d337d06c01220f5ecd8d9552d503065cd9da599da470b6b919da7087f90b0e62

SHA512
df2766ada38e0e4e514ff828c039611cf0810f447ce6c0563bdb33925275dd086b17dd72b5df3aae606062d5e349bdb36636ecceb48222e1380b7a13f3dc791d

Download Submit
C:\Navilog1\Contents\Gncssfil.bat

Filesize
3KB

MD5
28a36997bc7b5bca2194be0a5ca5b396

SHA1
7cad5a0ba42ab32d2b3ddb68cb8dc21fa4c5b120

SHA256
6c073cdd5b17b578da9c5b822a9251b9457b9ce0cf27b3c85b7a690d8447ca54

SHA512
9a4a3108bf0d0d1cd4d496b271730e96dae6669572538be1c543234f10f636f4e1e60a012ee74b58eb2a8138c778da8ce73a71db24357a2a63b07134ec0f9dd0

Download Submit
C:\Navilog1\Contents\Heurs.bat

Filesize
4KB

MD5
478f516f6e7199d63747389f6347c587

SHA1
0d0a426371e75ebac5080b9152025dd0747dd9c4

SHA256
b5b409b42c0b1ff3f18bbb583f398c01fed5e4db9c9578b939d2d6a8f49dd39b

SHA512
51dba5e19dc33ca7978213e467c7b80dff010f10e429d2e8c5ebfcf96680fa87767fd62a5df9881bee69dec1882c4707ae756181e1531c5e706c37abca3888bc

Download Submit
C:\Navilog1\Contents\Heurss.bat

Filesize
4KB

MD5
76279e32d963c63f12f1fdca1721fa9c

SHA1
1359d79da1398080d37dd8083c5a621bcbf53464

SHA256
b77e6bd0f91ae567069c6ea2e4d7b11351ed198d2f9964312af8dc9f1305d36b

SHA512
b26cd2114901147b06d3a4ac6d967684b7490553503a9c87c6414746568a5f83ff78544f29cdb3d9af3cd140274dd935d2bc55d648c276af56649cc2b6b97c91

Download Submit
C:\Navilog1\Contents\Orphus.bat

Filesize
2KB

MD5
cee49bc2ab3fb0a760aa614c5a018350

SHA1
352606342d07493c804f429ac923d288dab572c8

SHA256
63fb51edd8c2013b57ef7950d02b025a003629409f06e5634809467115f1fb1e

SHA512
280647777d12c7b3fe9576aeeac5056f00d4fbea851d67c454121da3fe7eb33f90f862045496157870a14bf6c546f4ba9c6d5f13e5f7d31846a24be5c0c55801

Download Submit
C:\Navilog1\Contents\Setlang.bat

Filesize
42KB

MD5
8d3777a06f7418b6f3d4ec24f3b993e2

SHA1
cdafc483a8fe7e072e0a741b14985c1b470a088e

SHA256
0434c90731a1e37f385c52172dbff37c98f64cfc021b2bd18b0843f230835d05

SHA512
593dfb066369600f74a659b2ad6b5cfc99433604997c5bbd36564c30b17d2f0fe9c2390c2ac7708af57872841be14798cc403e407b30593a425afe410d6ac5f6

Download Submit
C:\Navilog1\Contents\Wlist.bat

Filesize
5KB

MD5
f8beacc1ef4bb5afd2cf8057d9d50f65

SHA1
fa50cf5effa047b361c5719faa15ca815007366a

SHA256
fb0fa1e204026503493edaa5eb20114e1eb31940308a85fe2f52f17f12d794b6

SHA512
21ae6167fd828a46ecba88fee1512a98cef081f7b84785d6762ffcf3fb2442b94519b4e1d561a4bba1e2b23dd81d4549426961d886741e47692691a531df3929

Download Submit
C:\Navilog1\Fav.exe

Filesize
5KB

MD5
14d5c84ee552ac04085bbc761b29ce60

SHA1
bea32f4b9cee2ad0862f5afc99097e5f309b86b0

SHA256
085b72517f96d2cfc9fe69f699a11e82df2a74925c797e6cf4f234284182aa3c

SHA512
15232136f9a3264c27ef9d41a479c9c5421c09dbf67057bbc137aa8d268cf7493919b46e5b7496e723e3c25cce85e0af2b9bd5e441b9f0a77c1589ef8912c065

Download Submit
C:\Navilog1\Navreb.bat

Filesize
136KB

MD5
51c20d02035014c13b9c1dc1c8102ea9

SHA1
dc83b8ae06151d3aa0bb4354378a4bf4ae6d3a0d

SHA256
b3e4b4591c739b0d8c39ac7b5bc2fa06375a51cd8f0c33476d7d7040aebdbaf9

SHA512
30920632d42bdc52338c8259367c6d2b0ca66a46e95baede4010cf1173f9f8d97c0eda3ece8647b54cf2d3b42e17ef01bf41d3c60130abde142a43ad61e630f1

Download Submit
C:\Navilog1\navilog1.bat

Filesize
197KB

MD5
48340bb0619b36a130157fbe71d8355e

SHA1
5249860179ed6a9fea50c276ab9723059d522d67

SHA256
07355764d71a9b0a14328efb4ca94beaed729e93e986dd28e0c6f78f6576cc74

SHA512
732e517993e67678a5eaec830bf9e5043b4b0399955ff394e8c704726e2c151c3074e8102758563d57d0e52664353e9a45c3ca3aa53c5541b415f576536e9d77

Download Submit
C:\Navilog1\oem2ansi.exe

Filesize
1KB

MD5
368d6ff27077ab264cbdd6b5296055c1

SHA1
6f00fcc80ef40993bde0d586ec68f9c36428b7be

SHA256
aae144dce7bc164b3895fe173ffea5bc260e95098240634e026a3cc19b081b5f

SHA512
3eb42b24b2e9557052c3cb87afc108d1063410caa69880a9f9096ba713558d7d8bfa313b0eeb52dd9e099379ef71e58504392094a15c7696a107956de6c20fbf

Download Submit
C:\Navilog1\reg.exe

Filesize
17KB

MD5
ef09be7409ef7bc7f7d2bc1507748942

SHA1
da207b299e4f0b11d215c9fc7e0d70a5f5d6e90f

SHA256
07ec45ba23358b2123722af1a5f88b166973e6f72ee4b467500b976b7525cc1b

SHA512
463be9107ef4d8c2b880e395366da279364ba74f06639203831a15eb76d4fe158f18488c18f227b5927f162c5a01e4dfd7029ea29f0641a75199e9a7cc547586

Download Submit
C:\Navilog1\regnavi.reg

Filesize
65KB

MD5
2646af18bcb7e34075ebe79d556cfb20

SHA1
8fc63489ee991c227fd257c7aa00b6ed84931380

SHA256
f152c5d2d8321a8b1f6e44d541b6d06758f28b7c6111d1c2d7f4ad82df47afe1

SHA512
884f2cc43e9d9826b6deda6a62cc5c068ecc9e2fb0448024de2dc4c59682a75dead97d5a49c9b009a92bb33fdb09f0d67d7b78d4e78a486b3c1eeda82b1fb303

Download Submit
C:\Navilog1\traite.bat

Filesize
236B

MD5
9e39e5764b8d4e68cb3f151d1916233e

SHA1
ce907595c91cd96b7ebc9a8f304a2ce1f9b6e1e5

SHA256
12da7593ac527e191c8e4e991c253b8c9fc0adf91bcc0f11ced153327c5be7ab

SHA512
945b8cb49ae2640448d169822823aa37daee7a966a8eaaa2fb50e8b40fac3fbc10f9a2d8496c19eb31d41ac1aab4c13510471a27b917a4d89a12ade72a03f357

Download Submit
C:\Navilog1\traite2.bat

Filesize
210B

MD5
40d14d0f12a1c726297686d9b34dbe64

SHA1
ac0c5888eeaa6cbcc013be293faa5f769d906ea0

SHA256
2a5482f2e400ea3abfe17ac413effeadc4abe301eacc737bae73c79d0a70a815

SHA512
402aa578ed82c2493a076e60fade53a4095f7eabfdf9efd6407250eb812ad9b610eabca60949dffe4e656060c388329ef6d6449c2f0e9fc2ca82a1bf677f5f62

Download Submit
C:\Program Files (x86)\Navilog1\GetPaths.exe

Filesize
96KB

MD5
bd43161731657308448552050041c98f

SHA1
12eff35572c4ae9d77cd8ab20510f16cccbfff35

SHA256
95ba6179b17bf252004a1c5e977032ef65995d2f30da6f557c3cc19f79db7e1d

SHA512
fade35c51067b5f6389575eefca5aea7b1af84d138aa59e79f7d015404f546d50ab39978f7f6ad5543ab95ec410573c6664f14d80850a8b281db68d910ba89ef

Download Submit
C:\Program Files (x86)\Navilog1\OsV.exe

Filesize
23KB

MD5
c79cae9cc34caa4019e25a9ba4da52ef

SHA1
4c4761187a86657d28d16999dfe676e5464897ca

SHA256
8b371e27d6e1db3607c56c7ad2473a25a82138b48a36f24691a86f9136c77d1b

SHA512
63836a1bab41acc8e98035355188c6929360d34e3729530d7dcab1c2f03d259e36ff75d917340444c6926e1a754eb5b888c5429b27f6d6401376e0c80bc2fbc5

Download Submit
C:\Program Files (x86)\Navilog1\Uninstal.bat

Filesize
1KB

MD5
1d6f44e68c0a99fbc923e32e50facd37

SHA1
4697c5605ac6e8b3176c107210c080aefdfb69bc

SHA256
76e024b0fc495b12c2480479543f8dd0928e6a0fb108f5778be0b5e60671f546

SHA512
1e762dbb1769c14c453b0df521ee88ee7c245585d7b1ade746cbf888ca8863e4428f48447db729f7f03bdd136752b8e28e9d9adc1a8cdebae215ea7097102489

Download Submit
C:\Program Files (x86)\Navilog1\mvfile.bat

Filesize
887B

MD5
a173f63fee192c642c582980f7d749e9

SHA1
eb6ca239a96179d0c9f694511180cd44840d0c38

SHA256
8722758be9bdfacfd01c639ec7440fe0fb30226a5dd5831c49efa7329956fc52

SHA512
379f9fdccaa6aa2a63d68d3e1185365e4bc95eecca5944ff3bb211ad76dd2cb476591f8680319d6ace25e42f19648062bf633d64eac802e3189079de37b5cda0

Download Submit
C:\Program Files (x86)\Navilog1\traite3.bat

Filesize
202B

MD5
a2028917cd0b4231db839933fd73958d

SHA1
54220fd631b5ead852cd064e0bc18e9d66c4a237

SHA256
d68c42a8f1560213b09a573e0dd7a5cbfe3036a1b03e5178b7a6742f3f7f9f45

SHA512
3886c008c5cef7e24f094c02e89bb7835a0ce8e305eca768535bed9a6748f15d436f287a410a24685a5c2684a506731d9e2df5625298c4ec073b1ca9b66e7aed

Download Submit