377ac497bdeb20e13ea84ca1eab709946535b77d4231007a7646509386a4af33

Analysis

max time kernel
62s
max time network
130s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
20-02-2024 15:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MBSetup.exe
Size

2.5MB
MD5

7ce024e6e2248ee891248469894d8a9c
SHA1

13db96c5e8d67b7f1141d22567741cd45d659c1a
SHA256

377ac497bdeb20e13ea84ca1eab709946535b77d4231007a7646509386a4af33
SHA512

ce5b6e7b7da5d3d00ad1df64006c24c291e24cb63e855855375e52e7a18ea7b3d283fababb79046a59533bcd80d8c18f604d9ace64af7e712f18020e5b351eff
SSDEEP

49152:YXrcUh6gxrxD0Xc3StQyfvE0Z3R0nxiIq2ddIAuSF:4rNRxrxA6KtQRq2SSF

Score

8^/10

discovery

Malware Config

Signatures

Drops file in Drivers directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\drivers\mbamtestfile.dat	MBSetup.exe

Checks BIOS information in registry 2 TTPs 2 IoCs

BIOS information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion	MBSetup.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate	MBSetup.exe

Downloads MZ/PE file
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 5 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\mbamtestfile.dat	MBSetup.exe
File created	C:\Program Files\Malwarebytes\Anti-Malware\f5a4de2b-2369-4680-9c1b-2ca550786d6a	MBSetup.exe
File created	C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe	MBSetup.exe
File created	C:\Program Files\Malwarebytes\674ad387d00111ee97985a2e32b6dbc3	MBAMInstallerService.exe
File created	C:\Program Files\Malwarebytes\Anti-Malware\674ad388d00111eea11c5a2e32b6dbc3	MBAMInstallerService.exe

Executes dropped EXE 1 IoCs

pid	Process
2564	MBAMInstallerService.exe

Checks processor information in registry 2 TTPs 5 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
5064	MBSetup.exe
5064	MBSetup.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	5040	firefox.exe
Token: SeDebugPrivilege	5040	firefox.exe

Suspicious use of FindShellTrayWindow 5 IoCs

pid	Process
5064	MBSetup.exe
5040	firefox.exe
5040	firefox.exe
5040	firefox.exe
5040	firefox.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
5040	firefox.exe
5040	firefox.exe
5040	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
5040	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 2444 wrote to memory of 5040	2444	firefox.exe	96
PID 5040 wrote to memory of 2684	5040	firefox.exe	97
PID 5040 wrote to memory of 2684	5040	firefox.exe	97
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 4680	5040	firefox.exe	98
PID 5040 wrote to memory of 3144	5040	firefox.exe	99
PID 5040 wrote to memory of 3144	5040	firefox.exe	99
PID 5040 wrote to memory of 3144	5040	firefox.exe	99

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Users\Admin\AppData\Local\Temp\MBSetup.exe
"C:\Users\Admin\AppData\Local\Temp\MBSetup.exe"
1⤵
- Drops file in Drivers directory
- Checks BIOS information in registry
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
PID:5064

C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"
1⤵
- Drops file in Program Files directory
- Executes dropped EXE
PID:2564
- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
  "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Service /Protected
  2⤵
  PID:1456

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2444
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:5040
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5040.0.616068377\313869639" -parentBuildID 20221007134813 -prefsHandle 1884 -prefMapHandle 1876 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {12c4b42e-e1eb-4eae-900b-724947e6180f} 5040 "\\.\pipe\gecko-crash-server-pipe.5040" 1976 1a4c2ada858 gpu
    3⤵
    PID:2684
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5040.1.1541747239\1294008771" -parentBuildID 20221007134813 -prefsHandle 2340 -prefMapHandle 2336 -prefsLen 20785 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {58dc51f8-6f28-46c0-a396-00f84b3b8a03} 5040 "\\.\pipe\gecko-crash-server-pipe.5040" 2360 1a4c29fcc58 socket
    3⤵
    PID:4680
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5040.2.1352495016\733158260" -childID 1 -isForBrowser -prefsHandle 3032 -prefMapHandle 3060 -prefsLen 20888 -prefMapSize 233444 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {494e8271-7bb6-4c74-b385-7b2725d2ffc1} 5040 "\\.\pipe\gecko-crash-server-pipe.5040" 3012 1a4c6ba8458 tab
    3⤵
    PID:3144
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5040.3.1302299856\1642762592" -childID 2 -isForBrowser -prefsHandle 3632 -prefMapHandle 3628 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2435b92f-ad98-48f3-b55b-d8195f5b03ed} 5040 "\\.\pipe\gecko-crash-server-pipe.5040" 3640 1a4b626dc58 tab
    3⤵
    PID:4700
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5040.4.813158654\1345361478" -childID 3 -isForBrowser -prefsHandle 4476 -prefMapHandle 4316 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6be72eef-5f8e-4369-ac2d-bfc33b5ad1bd} 5040 "\\.\pipe\gecko-crash-server-pipe.5040" 3804 1a4c7fa1058 tab
    3⤵
    PID:4348
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5040.7.1620194066\1931321387" -childID 6 -isForBrowser -prefsHandle 5420 -prefMapHandle 5424 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b50f358a-b6a8-47ec-9a92-b6d2a719d3e0} 5040 "\\.\pipe\gecko-crash-server-pipe.5040" 5412 1a4c96cd258 tab
    3⤵
    PID:4568
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5040.6.408603309\1483823170" -childID 5 -isForBrowser -prefsHandle 5188 -prefMapHandle 5080 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9742211e-0f61-4806-9cbe-4e30d2d4ebaa} 5040 "\\.\pipe\gecko-crash-server-pipe.5040" 5084 1a4c96cfc58 tab
    3⤵
    PID:3212
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5040.5.500568993\1369813724" -childID 4 -isForBrowser -prefsHandle 5044 -prefMapHandle 5040 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd3c5872-329f-487c-9518-a70edb03b1cb} 5040 "\\.\pipe\gecko-crash-server-pipe.5040" 4708 1a4b6261c58 tab
    3⤵
    PID:3648
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5040.8.2139829127\1475128776" -childID 7 -isForBrowser -prefsHandle 5240 -prefMapHandle 5236 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1a1f274d-e7ca-48cf-9e69-597f6fc56e9d} 5040 "\\.\pipe\gecko-crash-server-pipe.5040" 3000 1a4c5508658 tab
    3⤵
    PID:3752
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5040.9.1038703726\1265457973" -parentBuildID 20221007134813 -prefsHandle 5216 -prefMapHandle 5288 -prefsLen 26646 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ce65b975-c473-40c1-9088-ed335444cbeb} 5040 "\\.\pipe\gecko-crash-server-pipe.5040" 5476 1a4ca924e58 rdd
    3⤵
    PID:5364

C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
1⤵
PID:3160

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\Actions.dll

Filesize
14KB

MD5
bf5c38a72c2ffc31d0c8cbad4f5e9525

SHA1
90a9d0bf321c6dab4910c022e9388066a682f015

SHA256
fc167b88e5966c988ae8146239df845b289a7092c888353bf8fbc4c1da8214d2

SHA512
f0dd70e92345107a14579c17eafa0fc5c1e55c82893ba06b26c6e590223aba727959182f51885d221d6519d26b52510dfefb33e9b65dc3dfbe4f3cb7da43e75f

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ActionsShim.dll

Filesize
192KB

MD5
6861b4369f6d00afa76ed7affcdffeb3

SHA1
9ebee4e10831111f284d7aebcab1008a04d5d1e8

SHA256
c41c236baa28d5b9477459fdb623b2fac1ea60cd49c8570f475fb4a79841f9ad

SHA512
0e681238c2c40a82df464cc5cbaae3188a6d2572dafbfc68060c909de34da9162bc369e99881a0edd230e00be59409891af74d4f982e5170008c39b195ca7dbd

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CleanControllerImpl.dll

Filesize
1.0MB

MD5
d13dc57d72f2ff8e65c03016a3f56b91

SHA1
453c68b7720b71687a9b0cbb2d819ab9a3be5239

SHA256
a10903360e7a9d040aca108a79fb64ee145265ae3381c54e506402b7fbec29ea

SHA512
9179a9c837562948a136a3af539616da34a9e26968796f133e54c2fb92bc9771bf3928f75ddba4a4ec87ad93a553bd083fcc5f7b0d277f728f1ce8d06e50d2a0

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CloudControllerImpl.dll

Filesize
1.0MB

MD5
3ed4955fa4fbf413c7be95dca6d61ceb

SHA1
ea735351693f0380b6973001f4d6e0df13522c38

SHA256
b2377fdf7ea97feb5cbede087682bdcd40c059b992b27559b2f474723e426ba1

SHA512
ce2772754f6779b644af2e6cac9414168ed5e7ae9d8a18757bd73b30b19d64b81ec9217f387c85f94f2fc30d13723560c51d43d3552f5009ed4f2c635a49d4b0

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\LicenseControllerImpl.dll

Filesize
495KB

MD5
466cdd500b9a2aed7649716580c0ff9e

SHA1
b9981aa262f3b8ffe68ab12d57b44a955925d9a4

SHA256
ee6b781dd7191b98fabcaa9249ebab7bc3d6db67176ecc8c364f803b65641236

SHA512
dd2b96d49441c60a58bbb1cdef5ded80854cf83d2bc25972a953adfe116f780757dd570f6ec64f2c8fa474082f922b2fbcf0fbc73e997a7c35f0e376d7a43bcc

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll

Filesize
1.4MB

MD5
759afd184631ec566a0ce7f8a3d068f5

SHA1
ba944255e41d66c4f02fcdb8cf215c5c819651a6

SHA256
5c3daf584e8715abf968b9fd560db3e30da8f286512c50bc2081aa9fc4c50e25

SHA512
99222eb762a086b4ef7b55d624fa65fcb7f57111549c34f133ce3623a851f0374d868dc11239f58870831dd2fddf90b84c2acb927056f6456a3fa04d5f759b22

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMShim.dll

Filesize
175KB

MD5
e6cb4fb89e9e4a6a71ae047fdbe0da27

SHA1
cfec834611e5d8da286c97da92cbb822ac0e12b0

SHA256
15aeb36b8c68730c6495c18e167ea96d052a79ab1bdbae1caa0e555359b46c78

SHA512
e83f27d18ec0361f9ae73eb9f3a2bd498c817bd0ca8e827d2c87f9c35697ccd907ab7364fe3267f7248de0b9428b13584e7a6270fc3934c24cd9c1b459e656dd

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll

Filesize
950KB

MD5
6628c5ce129f9836c8d3b37dd2147dbb

SHA1
fc0dc644d21b40f9d7d55d450cc117beafa3fe5f

SHA256
4b54e53424616b1da7b0aa4bb998bbd2db4c877cc981f7f979c8edf44d8e3170

SHA512
ac0e2752fe84a369928c895664e5771431fd26fd4602ea40aaa11ff6801d23bec7a06723172f0c45d51905dae284040c81af869a19b0e48aaeb26f8dff3aca71

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ScanControllerImpl.dll

Filesize
1.0MB

MD5
ac795e5c1de62991a8d69b3566e8b123

SHA1
360a01a86cccc2bc4df73eb97ef44cad8087dfe5

SHA256
d8185ec540935a7c396c2e2ca8763601bb15db64d56d1515100b59948c23a8a9

SHA512
95b12fec82dd82b724b3e432b299ec06a6c3822e50793d0332e4b468c5872c5a956487e3354ecdf4b6fa414708fc816758d7ad51d2248a8b7790dce3bc4d90ca

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\Swissarmy.dll

Filesize
347KB

MD5
3d97bbeca358df0f2bb44ac0e0deaf8e

SHA1
d61c8d8c49d8325f576f7edfb7df3d729229049f

SHA256
6fb7be997d66f2e0552d5f7b8be07fe8df9182b908246b69fa4b88d88c264717

SHA512
4906f16f88d84786078d378b5a8b1cbb5cd5b3c78a43fad842875cc67ae3a4e21344b8dabcebd504d2f6ebf9731c91240edaa698c4b67bd0253d9cb28f1f716a

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SwissarmyShim.dll

Filesize
203KB

MD5
c052290a8fc1080020af305f7af3a7d4

SHA1
1f64799b80c5f88aa8f721ea80fd4efab7a6058e

SHA256
70dfe87c60a950ff33dd58d71295b37447a8475f8ff9552de330c8be72441865

SHA512
57f922ab9eec5cc2c22fefa59eb52bc4d683109396986ac48959c0e9376aa163f6a2ef6441ccc6698a7a0b83b937c3b0f82ed081b1e2575e39d23c5135ba6f0b

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\TelemetryControllerImpl.dll

Filesize
320KB

MD5
a7ab45b5116c87dea3b398c53fd29fcc

SHA1
91430cd590d7a3cafad790c6d631f0cfaf96fc62

SHA256
e05e96c1ab0038514b20e61513e153c4916801412dca51480f1cf86e02f49461

SHA512
fcd2307466bc714311267db9304d31db0095a3cace0da3bd5b6dc95ddcb06b3a169e89d5569ed43cb6a257bce40f50b9a0e371479ab04658bd6cdd0ef4251680

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\UpdateControllerImpl.dll

Filesize
1.4MB

MD5
2c60abdfcdc39a4fd71ebc24fc82f275

SHA1
c7946356634a0ea0c6e5a520192b9bb877307902

SHA256
7d0c414711912b322dd14f9658bdca698e9a5199d3ca0f47dad1351becde1709

SHA512
c106f2b3f76212c28f131573436da407d58144c26518363ce1a4a199ce857e3ed865e8e9c990538e8d1f62f0ea3451c52127cdb51cffc2f9537b0d79b7660dcd

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

Filesize
1.5MB

MD5
b7c0acb1c32e37b8ab4675356d94449e

SHA1
811bd1279e55ac3a1eb1b27393f2bcb50fab4bae

SHA256
d358fae6e3aceb4f635c5dc89fe457035047247cd8b77dc951ecab8837fa58f0

SHA512
2260823abb7238298afaa23f93e1c0c85c5e2703f7c14946ea117fba44deed3dbd6c0ee07173275d0b2473f1829c2a87c87e9c921bef79b16114c3b585ae507d

Download Submit
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\sample.dll

Filesize
528KB

MD5
2b37d26da04b7f0c9051ee698e8c142f

SHA1
4e6aa5037c717f3ccac0e2d05200da6b48499a54

SHA256
1329332d9f51d7c63cf13a25a75a33b7096cccaee400b1c7df46626c88ab9cfa

SHA512
34cd5d0a5ae18b45182cea93747bdfb63d420fc75cf0a75e9577804c93f25e60b0ba29f404a962041efc45eb93d9b329365f07228106f44fbc4c65a7ea437696

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\Global.sr

Filesize
256KB

MD5
8d96a3a5f4a6927b0d8c32f82cab7727

SHA1
8b02e5864848a5ea71de788bf831ac382e89026b

SHA256
5b59f2e122db54f4f3f08dab8b503017baed18af21838175a93f49690299c460

SHA512
cfc5f9e51451295f98b0050f7e80421ad6ff9e087edf370a5ae44f55158f242eb5cd34eaf08698d1759f960df97d995ff85ef29b7df8c300baa3bb7100250ee1

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb

Filesize
10KB

MD5
088157e2deab84d8f85879506a934661

SHA1
f817be5dd666dda80faf1bfdb26a6141c6db350a

SHA256
5c268b3ffb54a9abe081857560d58c129c6d60140b08b94b5f4d875e74d11452

SHA512
2ddb7438754c58ee7f01ae4cb4f6c936f5f3678d06aeb03f03718a42e13646d9a8cc657a54a85f1e7c2653c1442948733ca4af95528d9b721f995ca641e53ab9

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbmanifest2.dat

Filesize
924B

MD5
c84ddcf5404a3b0c00e2ed4e0d4be767

SHA1
48bc1be5eb4a7503d0a87be8f507f77227ac60bd

SHA256
78dbf8919d5915b81096b1a61497cc062de9dc872ad08391afffc709e614f3d3

SHA512
90d265dfbfd375d3facfea68620f6ac9311791feac3679473cf9f0d2e5407dec06b902768c2d862f4bc75fb41329955dd698aea7d355f34e5fb9db6ce0dbb3fc

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dynconfig.dat

Filesize
39KB

MD5
10f23e7c8c791b91c86cd966d67b7bc7

SHA1
3f596093b2bc33f7a2554818f8e41adbbd101961

SHA256
008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc

SHA512
2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\exclusions.txt

Filesize
23KB

MD5
aef4eca7ee01bb1a146751c4d0510d2d

SHA1
5cf2273da41147126e5e1eabd3182f19304eea25

SHA256
9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f

SHA512
d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\mbdigsig2.dat

Filesize
514B

MD5
0954a80c77c82acf4af8bd4cb72a8f1f

SHA1
f6ad819bd5da24f30a7225de53e03ec23c46c0d3

SHA256
adbc52d2e70cea5f4431882f963ecb4d0470f27026204464131bda2d0e1979b5

SHA512
4850004d09e1cd47d2ac0aa7edd40204cac4cb678cf7d310c7025a382ea31077a8d68f2268c405c13340dfc9afe42268a86de505becd918c5d21f80522e6e459

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\prot.mbdb

Filesize
24B

MD5
546d9e30eadad8b22f5b3ffa875144bf

SHA1
3b323ffef009bfe0662c2bd30bb06af6dfc68e4d

SHA256
6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f

SHA512
3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\rdefs.mbdb

Filesize
24B

MD5
2f7423ca7c6a0f1339980f3c8c7de9f8

SHA1
102c77faa28885354cfe6725d987bc23bc7108ba

SHA256
850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55

SHA512
e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\rules.mbdb

Filesize
1.1MB

MD5
83516e9dd4996c012e5b6edb4bf7e5f0

SHA1
96b48466e56c9de5fa16e3d2431f9d1c94e872fb

SHA256
53940260ca9e97fa0d9dab5f8d5754685fd9ac30e352cebe4379095b48bebc88

SHA512
5116c6d55468e29f6e412e8957a32d43bd24140d6c35831551b02f9dafbb1bc76b0560d3b6d34acd9962113a0586d90ee056bd03432f3f1e781b104eb3001092

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\scan.mbdb

Filesize
768KB

MD5
94e52a4aff30994b28aa7c9965bc0225

SHA1
4f4c398e31cf14a144994a4ad4b31ffa0e4e8472

SHA256
6f38661d8c39a34b72f3caf3b1664bfc882e900e48aad4cf93ae0b48a5e97427

SHA512
0d0b7487c27f854eaacd11f23cc1d3ca0b4309ec1fdfd971d56c128c902340670c6aefa78a703f067f1bb46c3777e9dee811d54e3422717f68c7c7f9c22aa10c

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\tids.mbdb

Filesize
178KB

MD5
276c235f8b8d17513973e5792ac9f0db

SHA1
9bc9d07b46268779793b92bcccccef1dc160eefe

SHA256
6bbb05cc8a4313074d5044bf568c1a4809f970ab72939e8438d9b6bbdb8f1bf7

SHA512
c489a0fb0a10e8af922e505f83b893c908d751b718135a2e6c6851c1c4ac4d7ddbd0ad9c4700c401d97dee132c77b259f99e83fc64f6214ae9cc481798d6c951

Download Submit
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\wprot2.mbdb

Filesize
640KB

MD5
8b18a2ff43919d9b455ca0d12a032db9

SHA1
f3120322fbaf0f716e8b0c287c153e91a75dd5aa

SHA256
ac465647bc916c13f79a944aba0f478d9680ddcb65ad3370c4450457df76e280

SHA512
062bba7fbb586a153b3766f0508c5e88004e9f419e01124b93ff52b33b753fbfcb7dacdbd13d75c950fa5ecbf92860254575e2c6be66c2ec40df842dd8586eda

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\7z.dll

Filesize
128KB

MD5
c9f986485c18fefcf80c5af9a7b9bbd3

SHA1
28c7c3ad73b9d5ed66b3c07a4e4e869c5aaba35e

SHA256
ae3dba5be2864bade0f63f022b75aaabe05bf9c8bf24fcbb54b99843edbd6f26

SHA512
0be54b3f4a88eb0a6827b694ed95929c1b3c3cb46a29597bf744cf9fa886f659064b9d65cca9bf8d143f9a264d78b5c83e7de88145790966a6ca91b86c286151

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\Actions.dll

Filesize
415KB

MD5
621fcc76ebf1cbf3b6ed24f6d9111d05

SHA1
152de8a3899afd61e12950f41686fc82b53b6946

SHA256
1c7c33a1edd9695eb2abdd5bc9aea28536652ba0dfda4c72497c8a39b9675f7d

SHA512
b0c630f8693304b4367aa13b330487a3ff72e9cd9e2dc515dec497f5152853bc3b254e4332343d781fe1cdbf32f49b2b146e00bb2ddb635ba956b3f0f711dcf9

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\ActionsShim.dll

Filesize
1.2MB

MD5
6e075d2d1059d278c7e2e15fab4f47f5

SHA1
157c38c30eb43c5952156540374724a48c71b5f2

SHA256
e3b57dd6700f64dfb1f4d588abca5631f5c5801a576a99d4a4fe6297ba5fa60c

SHA512
0e3869176d1e6c64b0d7f9a0692788d8c1a95a3849914ed1615ded82d73c6d3e793a58c024df20207d4c197d6e3dbea481b25119004d86ce07508843a3fe8ac4

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\CleanControllerImpl.dll

Filesize
1.2MB

MD5
8e3ba19152803da88e911fe895baaf1a

SHA1
7c972d3d7ccba0c29a5d15027facc5c3568ce39a

SHA256
bfeef3a8bd7c9fd34a1e08463ed87076580026a671bd2cf2a3f22432c94f775d

SHA512
aee2df3a0f7ef8905c692278054255ca58f0d56add5164ca492d9edc9130a1a16d32815a780b381d58b7eed01fedf49106a328ac19b2e881fae3c6cf2f8a2229

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\CloudControllerImpl.dll

Filesize
128KB

MD5
43c5733967b990db77f7af2e58ac0410

SHA1
27b1fb9f40bb4169b244f6049e488628592fabef

SHA256
178fa322db2104e6aab8a1d09a4bc6b1ed1175a5a1cfdcff601eb3af86de7eda

SHA512
df76a2061f710ff91cd4fddc44d5dc09dcf231a7acc26b7cf4cf6ef75609b3fe4d66a561413e17bcaf6576c6ee630391ae52142a368309aef7c9aa574846830d

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll

Filesize
409KB

MD5
338eac3d40bcd94bc808825f36873e42

SHA1
0df117ff9c2cb7631b581a6f768b410f197e30e2

SHA256
a7c9f18c06cf2c53d3bec226de7c21988d73a4efb1f8d227d566229d92483daa

SHA512
897189be76faa5b190fdde75935067308b194107bbe6dd44a8d340a3471f93bab2e4bed8ea598bd5732da78172bb5efcacf3a2f7667de53be04025c57ae184ed

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe

Filesize
64KB

MD5
246dab4f4bf548d8deacf0a3fd57c202

SHA1
d7d573f3c8b26480bbb3080e481ab6c7477fd629

SHA256
2b951b307778ffaa875b6b4e2973df2c653e503042f897d63cb26fa44e266c4c

SHA512
4bf7e0e2dd346c74f74ba5f796af99b8a15a7160f4dc74f42da7913d0369fbe194fc3079b73b270db656019d0e0e533d45b59913c81a1cddf586637363ad35f7

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe

Filesize
8.8MB

MD5
f0c28c2c7ab3d0902cb776af8b8ffc67

SHA1
734a5fa38d72c40fa9a92472e270a0625912d2e3

SHA256
7512300ce0e2e98068f6ccdeed60b93001522a36d9dadf04a85a4c98aad6a823

SHA512
176bc0ebdff56b60998827d791ba9894213ec09e146a1e7398be4946499a367f25955ac0c300e85d1574bb55a6d5cc753375d6679b4933116989e1505f43fc89

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

Filesize
1.5MB

MD5
74498292d56b2922535ae9ead450b0df

SHA1
4a4c596791843724ed972c89f6fec5745fb38c3c

SHA256
f62ac3ec87f73009f863f3fd9c0d6549ec431e11a877d6120b30dc055fd33643

SHA512
d38adbe359f150ba8202407973d351673fb0b24851311f39c7e1eb82b71ce0e67df5e4fa69e1e95189e7c09672981a1c18627452eea414cccb99c8161b2dcfc1

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

Filesize
1.4MB

MD5
fc58c252b6b7c9f954fa5a04d06bc3d8

SHA1
c22b642b6d765e551a4a1bd4c9e2811339f85743

SHA256
d8f895f10a47efa581375500d2ae1f6563790d5b3dbe4586baccfa3ede03ac83

SHA512
3ad444bdd144a3867127c38c445b95cdd1fbfd0a1b46dd15df6c3a274605657b2f927e34d5c9de3f1c6f545e46c8f48b3ee56619bce6d267ca81faf895ad42ed

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

Filesize
384KB

MD5
56b6556e106a5b43a841541e5705ed17

SHA1
e64aae757658f2d2967a9dcf29780c6a8e4e559e

SHA256
0b6ff5d5ee6c1de797290a4ca77021f1df7aedcc6bef361301c5a8205ec9cfda

SHA512
e28b12fe410d3c815f074700f513dbdb28e43e3752eab0bde2447a9c3c9ca21b19a4707cf6e53363f86f083fe5b3b5e9150c914cefd13ca8b57ad690f17ddeee

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\MBAMShim.dll

Filesize
224KB

MD5
ffcf87ec7ba0491fbd95b0ddfbbcf772

SHA1
fa3181bc9f3675e18c96774a81ce59dec9687474

SHA256
7ac01be59a90a4789b2033b0f57e606664bfe55576729f79a98dc6d9eea44de4

SHA512
ce5b0ad450f1d23ddab8b3c8dddc58bf4467697712a4cf68cd8438bb1e10bf62145b1497b75f84bac1789c8f8b55b4b8cbb2ac4f38990eabf362d794aeefcf1d

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll

Filesize
769KB

MD5
846bd8794f4b737b96be3ced342c5823

SHA1
12b5bee7d1f35c4b6edb8ff5cb35bfe32b0a6f5a

SHA256
6c8517a394f3e8f92ea3c75a6aac62f1ab3d99c4ff27a9323e0cbfa5f714e7c5

SHA512
b38c5f91e0871b02ed4353021b7d0ab1d719dd686ebb35a485226e388f3b9e1701f8121c8c11f7a742ff04292de3712ea0499a976399049cc84b454f4622535d

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll

Filesize
708KB

MD5
c02772e2280ba3b8b06013cff409dbcf

SHA1
8847a271f9067bd08fdaccd38cd5be33ae8e4002

SHA256
d23a35960175371b07f1f1352ccb31438052d5b02dc80c5e0205fe1266b94c78

SHA512
be813b632a197b7f2d750b8a8d35117a6c58f07c71878f80ee6759301f260622c9560b1c1f771e2ed0e89de14d870f7da45ba6535949f8442a5e7ccb0d75da17

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json

Filesize
592B

MD5
f6747ce4b139917a88daf747ed487f35

SHA1
425bf11f4b6b3670f20031a49bb58aaa24592057

SHA256
a21d6f411c19f5ae10c306b085cd9b60b7e8a39b7781e36fd3d23fdffc3d999d

SHA512
5a39dd93b2bb288eefedfba1fbe668e7d4331ef10835652a5cebe98e546d8edfd48c4673b6cb7a83f4d4e57da5a01d86a6625fe14324e7c3bbf329454b4b9f69

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\Swissarmy.dll

Filesize
73KB

MD5
c15151f0f765085a91823dba6b70c62e

SHA1
881b9990c125bc813beb2a1cadb7a074dfe33055

SHA256
d366f7237edf98f4f12bb50c2f963aea8945c1047cac84298da53eb9c6fc8671

SHA512
1673a1f83140d56e7c8244c683deb8a95699bb33d854dcdb0ad2b99386617988491bc4bf0f67c8459c29b5c05d1b23ff1bef2b9fd665acf1a8ecb1a33f99d611

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\SwissarmyShim.dll

Filesize
426KB

MD5
44a95f4d4d60d110b060a408d65a4929

SHA1
7af6c87a4032ed6465a7c089a7b7e193f773e07e

SHA256
5bb4f15ea0269e2fde07dd5c0f6169b2ba7f07af9ac4a0076e066705c6dde79e

SHA512
db913d5efda89a0c4f6d572f2a2fbbfb691f60b0a15d659a3f0b13df5fc817ceb5b5569c4e59691fa3ae49d4b6d7cc633ac4e8f141bbe4610de74bc686b1758d

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\TelemetryControllerImpl.dll

Filesize
192KB

MD5
475a3ce4deda51ba839272818d62089e

SHA1
7175ef14ef4a8634cbae0fd1fd7a9768c79b38c4

SHA256
1023389c06f676ed282fef2da72b968cff28ed4a166f7b0f4c94f3063ebeacb5

SHA512
c50cd410d4bf58f37f2ef4b3a462c1c8cbb0bd51aa2f44793a1749775d9a67268f7354c0e5c63a8b7c49e289765f3c7322cebdd42593f906c5317e0d87639dd2

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll

Filesize
1.4MB

MD5
3472019481e40326cfaad74687bd1e8e

SHA1
5b0d400de4749c80580b51a535f6ce5a325ec193

SHA256
08c02a120f5c41b8161797a384f317875f0f5a78e2fedc63c2635c50db77424f

SHA512
8f3e589e675c8475afcdd7adc184eb8813c778fd0e07c03d7aab1ded8d68600471e6da85adceeee92b656e5f4a69662f4805c6b1b744f19e59363d8ba0be52a7

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\ctlrvers.dat

Filesize
8B

MD5
0017c05435806802ecf2e21b7f122d5f

SHA1
9df6aa770be10544b6fce7bc061cb05f1466802c

SHA256
ba79a386f45853957b7c0bcc0b0b18341030422f3a9577bab1b86292180a9c92

SHA512
81417487d24bd48159e5aa35e15721e0be501d421972a96b02765910e1e852182289ea253644bbed6e3c92aa62f8d2873e66eb55ba5cef40cefb11fb2701a47d

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll

Filesize
552KB

MD5
181ea3dcb72f397dc1055dd501e407be

SHA1
06169d21fa73f54628ccb2cb4c80eae8b6689835

SHA256
a443548dd8bf235843122beab6ce1c0d8677a09241d9aa8eb4ba10ff361f6f74

SHA512
ddf21b7d4b072dc8883fab0bd2b6333b41477bc6e34136b7f0d8b2b22617c3fff41157e20f20ce443067fc133fd601d7b0a6a75a835ca1dc67f398bf7ad952ea

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll

Filesize
565KB

MD5
d234199384eefec7628ac4174c501563

SHA1
9f40503e7ff11fb657c00074896e88fa72024c70

SHA256
e5336d79a8f4e95c8ee483deab46f247def5c13a2e698b14cbaaf52e11dc9492

SHA512
a815e35b90f928231df0bb54f081dda4c14330b62e64a004b1c5a61f1ba25f1cd95a9e451e98e3c35874291673cd943c9f71a4b019592826081d87c9da7f746b

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll

Filesize
64KB

MD5
b5d6ebd085c3ad591baba0a1a4a6b165

SHA1
2e2fc21b65818c50c65475b5bfe1be481fdb9400

SHA256
976dd6ca431d73ac4f6d44d405014767bac04ab1e96f85b5fd836cb95804e7dc

SHA512
30b16460d374a4bc91caf0bb746a33d18e8b254d944d2237808b98ad7bf54c0a794c9c3995ed03e49ff34ea08fee47881c7ec5f237ae000255ec1fe2349309d6

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.inf

Filesize
3KB

MD5
5a9717e1385703e8f06b27aa10a69e87

SHA1
84ee67a9167b5eb6560711b9871de98898ad07a5

SHA256
47b7c516bb57c612de19f0ca865590af95b6e32bf873a0fef9e011b2c5b483d4

SHA512
dd3c7278c2c11ad15a55fae6d19b96dadd92f85b7f0c8ce934298258af00bb5c052a84a98499b8867b0f43704fb307c67d03692ca69dda4d814c6c17dd73df44

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys

Filesize
141KB

MD5
239cf7228afef65f86e42b3ca12f0fce

SHA1
5babafb8e5c7b38a5da9b2e4da7212ebde252cf2

SHA256
cd1dd08435eac79dac55942f02e0949b09cdd8518ce6adce006dedfea8693155

SHA512
13a3e0af4fe0f8b062cc6abe62d3c084c9136405c5f9eec728d2d71acd81d1f2af7499227c315a4ad9baa33ca4b1bdadd4e0fd05e8651b59de4d34adf45e4dad

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\srvversion.dat

Filesize
9B

MD5
f726542aded84023a13eb78929733a4c

SHA1
a6e6cc94faa58f8f9de95d6fcdd6a7ef8a86565c

SHA256
ca8a93db9b23da70acf8913f25b52c74ba3cb9a705de99e8cffeec3053c97316

SHA512
a0c11b133436d6f186c7ad44e307b7c7190b7c685c9e750e4d8eeb90e1c5efb9a6397ff575c998cf3d334a670b331b1ac5e30d6524e6c051e9a3fa5ddd367673

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\uipkgver.dat

Filesize
6B

MD5
74c6677020fc6b6c867aab117078bf5f

SHA1
8c46db37dc0b39eb963d4144539c8b591e122400

SHA256
cdbb9bc874d71e154c71b68b1fe959913d286036dac11e226e5620c919ba9708

SHA512
3f9db8d9bb25322f8d8e750750bf92dbe6ac63d686eced65cddfcd61178cf0e947118a491058414d4d2cbb4892e39815565669aee0dfdda23aece72d278292d0

Download Submit
C:\Program Files\Malwarebytes\Anti-Malware\version.dat

Filesize
47B

MD5
a6194432486054029103e5aec0d2f272

SHA1
ac63ba6e461585c35504c66d3f082433f1f5a5f2

SHA256
e8f54e9ed98bdad878bb883d4b8981c902b088c1b45371a4a4420b77135df172

SHA512
2fa0b49a09a02a7bd8f08c9e798eb3421ddea160f549ae9f13b51495779259f97f5d90126b89502773ceb021bd61c38580becb07bacc189150bf4609172c5480

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json

Filesize
47KB

MD5
e2ff4aba92d839ef664868331ffc8bcf

SHA1
4642c60ba5bc00fe2e95d02e142d6caddd464c2f

SHA256
e489205a41c9b9f7cf95816a95a4a7323553a514367b8166c9e5d377e6bc16af

SHA512
9d6b6a79e0e7519fa3c4a366eccce2744008faf39129c6c25adf980425eca121688b1e1686f444fb71117cfb8ed18fc056924a8e67b8ec0af589818cb82d1e31

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json

Filesize
607B

MD5
cbc468ab3306b8fda42da10b641c9807

SHA1
049cbbfc9bc80214fd86db3be0b5607ea8a0a664

SHA256
3e975b3f9c3f9fb1e767188d71158a0e7692c51aca3f6122a4d66750a0a859f0

SHA512
4df77692ab6f33d890b7052466d0ae82f2d6d25c27308051032c2704db65e3a515277c9fff1b7e27f1d89e44c120ec36e0207d0c8af48bf5dd00a8f737691941

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json

Filesize
847B

MD5
afba1b14830f7f9eda8f6a7078777287

SHA1
5e93d2022e3143ba086bb188d814903afd14b834

SHA256
e9b343814fe482cca47c1064ef6e721d5d0ee596f679465a439fd4702b6deafb

SHA512
c817cd208cc202e462b7afe1d3fed6cbd166c5782d595d718300b823e50ae3383bcf6827c104707873cc1bedf1bfc9a0a5e751bba97d5200f3182746e675b8ca

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json

Filesize
825B

MD5
4416bc423debe41b1bb5ad56fb80d7e3

SHA1
06cdcf6f367e618fd5be890bfd9e64f6d02501ac

SHA256
94c15583aa16a5bd259bdcfd4f92a569c7b1ef85e22d47d69349d9331dd1b86e

SHA512
f3efeb4383287684d5443bc009e615f60a2bb2cff91502b99c81e24f966d8486a7d5ec9df589f74508ea9d206f10a9e9422ed63ede28920bd1121f40407863d2

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json

Filesize
15KB

MD5
b0829044ed3f65ade36666578479708e

SHA1
a9fc6c3ab961962eae258ef4876c38bf90166d23

SHA256
ae4bb26a54b60eda1076e45ba1bd95751ea18b8e4632f2c657eaf3179f9dc6fd

SHA512
a3c826c47e4bfc711722a2d2329ee815e0252285628d3b07a38dd154aafbffbd2583771da7d043dac50474dfe648c06252de9d267b6bb83c953dca913405c6ee

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json

Filesize
16KB

MD5
779c7d9c78a2cf75e887c0d4fcd4923a

SHA1
adbdfbf851eaa38be145e79386575abbe4910269

SHA256
38490d50e97b5cda0cefea43c68b634adb7294af86e80ca9c95f22cfdc3f5444

SHA512
7a08ef8e470a9ca8aceb3ff22a6a7d856e47be1d34f339590f2b1d8d0d8409e56dfadcc075055979ab4ab916d5756188ba6b07e02e638914ea61087052df4f89

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json

Filesize
16KB

MD5
8b57e0d424a971a52b530b546a1e494e

SHA1
0fdd74a30fac658cce3dc2cb209f78ee5f21d476

SHA256
6fb626fd248acc2b1efea2f9f4836688bf305e18e1d1b7e032c6d04e40956bd3

SHA512
7e1dac33a348c77c067afe89df2826485e8309f33a849ad00f48b4104cd56e19b7ecb36b06a1cb2311563765806f57a89c7a5260aa946814bcc46fb0a6e40198

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json

Filesize
2KB

MD5
f00a6ed9e0b0d8a4153c192cf57c639b

SHA1
0fff054845d5248d39a5da73d74c002d81d7eeb1

SHA256
e75d06a77c29cc18d0d880cf19f164ee283c066ac79dec2923ba2c5ccd6bc239

SHA512
65341b1cb708dc327622e1d774c2e867128ecc682542b2f3603433c85b18bda7e8a5282cfc9abaf4ceed873dce71fe1d589e37c8e775ee9442601225c0b967f2

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json

Filesize
903B

MD5
e3e2cbe24bdea40cbbdd2d521953b47c

SHA1
0c4b18bcb415444fd2bf3251d1b590e893a96c5f

SHA256
e2f1b230e6c663d554140a14136878b9cc6c35ba473cc5b04e8a9cf5240a4670

SHA512
2ae7b7328d50257ac7800622e6c5c00aee344c2e8718d2a1ad82fc4009089e22a15cf6168870352a109c85d8a0034feeb737d8b4bbb5fc65006c84fae9e6e654

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json

Filesize
1KB

MD5
06efc6b352907c52dd71c98792ba9c89

SHA1
715f5e7530776543da8a1a6bdb7c4f65c5f94296

SHA256
d8bacae65b4a48caddbe81fb83b49050928b7322cee12cf594d0a6f0d128a00f

SHA512
e98d8a65eceaf2900c33739df28a95c4f33cd32625c268defdd716cd762afe4d9cf5064d3899520aad3111a1cb2445a7d15203b83fa06a9724126afd04e19707

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json

Filesize
1KB

MD5
cdd8d51fbfbc162796ec9f28d9272969

SHA1
e1f983e044679b9929b5c9255f0aeec6fef07682

SHA256
010c53bd74d7cff7a583949dcd86fe285fe622a2d3901eaa92a1c4b363009b7f

SHA512
fa37a7ba837629013582da77ee94834d1995c98acab1fde0ce5885dcbc9d0d89fbff6211fd9361ab4c0a1b5a739a863d1482ffe449c4b23713a80f7f2f1afed0

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

Filesize
2KB

MD5
679aafa25f3bf836cd5a627383e073bb

SHA1
5299d877c673afe235bd261ddf67848cfdcc9e8e

SHA256
5506befa986a3b8bc64b061cfc32ae98ddeb934cf42d1b9d1d9a9e60aeb46521

SHA512
100ee1cb70f96bcc9fbb3c92e2b2b0f9139e39f72ab92bbb0d6b77b7e646fb584bce72ffb639073523810475de3ca5a3e0a66b5ef354ac8f3210c0d732a38d26

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

Filesize
4KB

MD5
f1dec32b2de6f9d96ad6b157fc767e5e

SHA1
5bd4123733a649ce0f8c1b73a9f181d6f0a0c1ed

SHA256
9b22380e8313781574b1ba666c6832caf378fe2ba58c8326da361b57664457bc

SHA512
8ad3791d049b5973231917ee43cbb9251224665206568d495657b242eb9a633603e0371aaea29302687973e1fceaaffdc052ba1815112f8e3f6e00dea06cd5dd

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

Filesize
7KB

MD5
fb2a74cfcf7b96b9ed4c32b1fbb8a780

SHA1
1fbbf593478aa1dc3e535f4d5e8c27a6a5e99246

SHA256
90d91bc7c8335cfab4a838171fd0f7d20c4b7801b30fd29173908f3816e766a7

SHA512
6a402eab4ffcb3be648aadf53516c5cbecce87ee80f94cf946b24cc6b1bcb4546ef3c4825f6d64da758cc1c45540eac0f49cfdcae2c87fe82471af275577cfa8

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

Filesize
1KB

MD5
37b329eab21f60764c62f4cca4c151fa

SHA1
3834901615860e4b67c6ac71a85b53ddfd5a1757

SHA256
c7342220f468a373bbcb6a51c2d43c44d0e87c52796c1fda17102bb94281b335

SHA512
96f279480841a433a92efc6d34a396d0bdd874a132fc5ea11491bd27c72bb06d41f62a1a5b823291f8b5cce70fe04a84438e06bd60b0263b95112f9e2b1017f8

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json

Filesize
1KB

MD5
4432bc1d72e8d3c076f7e1d17a8c6774

SHA1
6769a9902bf759e4dc01b7839e43641530982f50

SHA256
7916d623a86e84f200b1d78499e3cd2b34512c21adae3e9db5340267935bc7f5

SHA512
f1d8dcf7c289daab74ce64c43b0070602d94d6ba849a10ae6f59cf486eedf792b0d6ee3137cfdb1616832838dd8904079ea2445f8b5aee565b30792f4d74ac69

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll

Filesize
1.5MB

MD5
109043ee247e7b94a8a5ce77aa38af1f

SHA1
ae0f69053a48e281efe20117c1f163bc6a6b4f30

SHA256
f812c7b78f341fe7e8a27ef87d385d86ce146fa651311fadd2e51b7303c98c0e

SHA512
e184b8e42f68582737b035c8faae59d54ad98499929463243f83b82563dde7dc10d56d74e4bfc8117c6eb9be6a88cc110b9bba662923623ad25ddedd239763a8

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll

Filesize
1.4MB

MD5
8db94fc3eb77e8a80bcf81c299b6553f

SHA1
b0a9ba26102f339dfc28d759a9a6f13607e688b2

SHA256
7d5be39f162ecf6cc9e89584af8df37134dc99becd0303273ba37be2abd6a9a3

SHA512
f5586ae850c4503ba87ceb833766c1a9afd464582ff00258a7c9d9cebecce38a995914b1a467faff28ebaf06f34fbcff90e61b41951dc9c014f94a66fcdc592e

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.nm

Filesize
337KB

MD5
2562387f8817aef8e92986110ecc34f1

SHA1
42699ccc6ae89d569a66cb7fe21a4636b381baea

SHA256
334fe9e3e5f2f5bc85aff9f3b12c445e1d595decadf581e2dde11fe50abc30a5

SHA512
f749afa3ad1a2f2cbe3ca5fab6047a249230d665a8cc08d2f7c81659dba5df050002ba773664e026d645a11b242efc3e396015e6d64396d1492c3ab6f9a7c5a3

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.sr

Filesize
1.9MB

MD5
6ceaa5bcb073d3fb2924f5b6e966a3d8

SHA1
85cfe747344656942cbb2bfdc48f8384dc58d673

SHA256
49a85533b762a06297b95ee0ad5d5dc6abdc7d8d37c3110ef511f019f2864bf1

SHA512
9f83d2d03ce7e1d1e5e2ac44ff4798d5ad29c7c6693c7cb24c0a15b5e7b202d523ddb172f62a2ea58b3ab4aab3ce06cff6842bd120a422331feef0d520ff0dad

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\cfg.bin

Filesize
1KB

MD5
9b2f91e409c9e923cf436a0259704a70

SHA1
a8d50ccf3ee0c4eace5882c33501046dd3d4e27e

SHA256
a581f90ad1393615d2bdbb1a2dafad0a3177e8f7b430443fb4b57130529bdf34

SHA512
5f7652296dde0e614fb6e0f21089f362680b87a8fefe2c2e55eb0e28dcd326c237b2397deee6f5fc4d93982eed598b9a1f523491e2bc8d6a882df36b592838b7

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe

Filesize
1.5MB

MD5
4cf2c6fe5b78ff205949db9f54b8714d

SHA1
37ff171608b47786da796970416c0a2f8e679e13

SHA256
afbc9678e3e3e396539021a00bf8fd1bf451f231011231910ac12277792378f5

SHA512
8db9a4e8852e702b92969704c7cc262560159dbf628db93eade6ba9d2e489d07ca92bcc6aeed93b8be1f70fe9e69e7391b12b355dd02ae830710e2585056223c

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb

Filesize
2.2MB

MD5
3da78e69df36d8e5072a68acfc8103d2

SHA1
534e4f5d7d75485c3d4679279beacf2bee8f4409

SHA256
bcfa831a5abe74b0ac2be807ebd297e374a063103ca44ac08ddca9fd00bc1a66

SHA512
ba8c63b636cc50a1eb812650f374e13e9ff7ae995719b600f732c4820a5ffb4c40a6370fcc5998ef2412cca8e043d292062e25b344c04a694075b19f52db43ad

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll

Filesize
128KB

MD5
f9fc4984b3647b346da4010f218e2182

SHA1
071f7d72b6c84c71f6b5bd753935a9e70a2997f3

SHA256
c438bd285f883579258f00582164532fd09c80ecf7b93420a7deab0cac8a41e9

SHA512
7706fbbc7b5b743154bcbb9d4ce5bdea75a5cefbb0dea389128c2f53ac4eddf5d8286d19a8a69029d2e5999a925db3956516e54b817f3f6a63414248824a20ed

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb

Filesize
994KB

MD5
e4f0d35afe6311b0b65dfcbb122d91a3

SHA1
ff1bc3b0b75e9fed7b377f9d3c145831f42f891a

SHA256
8a83dda1dd5503f0784be8d4ae585b480f1cf1f0c52e2cd6c9e1235e4ae78706

SHA512
fe14780f7f354b69e1282493aec83e800a4fb7925a39836dee0664aef80444f5ae81aa8e394411d723e7e31e862d3b3ecd3af9b078d2d6832ccdd9321d9250fe

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb

Filesize
2.1MB

MD5
1c9cfb950952ca37807e2a80e2fb9e47

SHA1
fbe278b666c405dd3851f33c7949c0af9f3061aa

SHA256
d005023e50a01abec95e77f6e5c5098f76baa01275f598a3ba73d187ccf87644

SHA512
037950abacdf965998a3716db3e52b11a8d37994f73c3cc622623295e2c36a69f09e85f1f3f21ba380695ec14e3ae08d155b54d3dc042613e0e1d977d0317734

Download Submit
C:\ProgramData\Malwarebytes\MBAMService\pkgvers.dat

Filesize
74B

MD5
687f8c79fd3cfa576638cf044b65f1e2

SHA1
b7656a6d73970efa899f12277d42781037675494

SHA256
e0d2a56554882e2d34efc3be82916b6270c6fa7079704aaf9627180373f21d2a

SHA512
2b48313268bb88aa3af215f5509069acf708c70c1f1db2db4127bdb0e14e405679396eef5411bacf9fb2a28d66681fef63de03dff88ed1359a577a30b8761c2d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\doomed\29124

Filesize
10KB

MD5
88bd980b6fa91149eac91bd58c418c90

SHA1
69dec738bf0cdb5696c020f6de42b0baae8f5353

SHA256
f2733ea1d15c73c94fa4317970a2d345c0395065aee876e049282e63d7962a17

SHA512
3edcb6cc69f3fbbabaa47f3204ca67485e452737c2d20cee005feadd63b4a9a05489b23a1d0f2070f35844f14fa681e2e53ea62770a2c614f49492661860e561

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\x3x6afp6.default-release\cache2\entries\C6CD1E5334A43246518988270B38947BE615B084

Filesize
126KB

MD5
55e62a9dd8c2bbd38acb63b0dba37f82

SHA1
9e934fddb3a1ccf13a5b0e3186cccf676e5d16b4

SHA256
b496994c95e480188d93b9652a29f6ff40267699dc03bb47e5be37c89bf00a35

SHA512
0f788db8bc7a4e7e64e3cc28c29e8396aff47f12d6c6c8d11beddd757650b410512e018f439cff90e6794fba678636d95b253b54aaa75a1c92ae42a83cafcc9f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\db\data.safe.bin

Filesize
2KB

MD5
5e0b0488738a928bad8a4001270805e0

SHA1
66e9d3024e859c1debcffaf976e8489e9b87c8f4

SHA256
18e29d86271e2848ec41a0b3c889e6c6234cd6a63bc2d19fe6ba5ec7424a28a5

SHA512
20ae40b3419a984a44e7bf09884a179514b257df686a935664a907504e7ada51efcf09d6e015a0754feffa944b90f13940870de14b1aa12f8b45951e65ce42f9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\03d9a19e-0c58-4739-b0f4-35bfbb8f6f76

Filesize
746B

MD5
f6d06bb793c4bad976a6fc176613f826

SHA1
2255d1ac2c4a21d420f61f77b06a62f2ae620bf7

SHA256
4069a72e837f383d2f62b288f100d857c7c922a76e290d75cfb9cb7b57607060

SHA512
fb39406c992189edbd6c6d4286079bc9a4911a661e95f31bd7dd1b71332ea68fa11d001558b627675825a82af651534a1b7cebc4a49be9b042022317729a4140

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\datareporting\glean\pending_pings\61a5b9ae-1009-4db8-b2be-6eda9b06aa94

Filesize
11KB

MD5
1854e2898abfcf1291bc57ce92da95b5

SHA1
504b162893b7ac09b4f88e86c687f2bb1c597bbf

SHA256
09b5c8d879d8249f1fb5eecb3aed9716565c60875fcc5dbb1a1877659970f617

SHA512
f49c607923eaa56b2d04bc35aca2e142d5a7f6279a5a4e0a944286ef783292c8dc33c063f7147f50392a5690cac52c15a33a54db6c4a526258c0094e8e459cb9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

Filesize
6KB

MD5
410ca563731158d1feb81ec700fcb558

SHA1
da660a250709a99fcc011a2004ff32da006c66d7

SHA256
f84b269f2bc2a82429b51de6b2393fd690833fea60783a1d8cb521c52b773c70

SHA512
df18b698f0c65c473921062e2b7af3887b70b1ea8c4bcc224ed9d6caf67e4f9d7afb09ad07cdb9b982bb5a75c64dd1fe2b1c184fb8fdbcebff4e12ddee478e0e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

Filesize
6KB

MD5
42809bce2c69449909abbcaf28897895

SHA1
209e4ae2c8bdb32651b4f308ae6e02c52efd04b4

SHA256
ec78904d3353e9640c7828a463cb3a591ad755b8ae26bf74b6f8c4f9a6e5a3e3

SHA512
b21017f0c2300e559af52e79196fe2bcdf763c43bf7d55a709ae20d0f6ccb3edc38a29f667f2b5051084bf6e08fcef6ccc2843868c8dcd5e79f31cc63820e52f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs.js

Filesize
6KB

MD5
bdd1a226101dffc6537580bbddfdb52b

SHA1
4d73c4d46601dff16396e0ced361a4ff129a0bd1

SHA256
6be614911ebd4636d437930b276ad88a796fdf0327f5108e6f8057cb35b1cf4f

SHA512
5f5048677e2b62cee2169bb0a4fc066dabba0994af5616fb98f2d634617267bf6a557ceb622b7ea7914ff9435d4bba0da16faccb45eb5f6702b6d841edb4c8fc

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
4KB

MD5
5df7c4871dd4e7e0b5cde9ce89daa879

SHA1
4259cd006faea38d725ea8d84ede17edcb5a1b9b

SHA256
e26e5f5fdd1eda73f9ad529357da1aeaa20d24149551b41169f0bd892aa903e7

SHA512
a7ac68d7573457615b763edadd8696a83e1764fafc9868068fd4dbc2b6d39fc428c73d317b063191fe0a71a1b3d29c8a4d0e293c3bc2eb1adadae550a91048d4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
173e1bdbf35291c818bf5f6c853e5f8f

SHA1
1f0e7f130730f35f3b544b74157d0b61fad955be

SHA256
6d94304711cdd30e520a1742f9f39f8b579fe45015cc4c11af26b87571fde704

SHA512
7ccb6cb0aa01b1dc96683f58850fd2d4a4890f4e01b3b944633b9084ca0479c1388df72475420acd0094e659c6c8192456c4ec472128d05f7a3d851b263d9502

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
6KB

MD5
fea109cc1d4bf12824861cfcce34b8f8

SHA1
72ade6af1ac0df210beb3f0f0d8620e29ff9c392

SHA256
41c870dd5e9cd9725bf9ce6aefb6552c60d1fcfabee64cfa5c78e0871ab4e1b5

SHA512
c6e6dd20f35cdee3f017b874b2f30f3ad026f2094a6dc4d9f612653873f14327403f8306484b7a79d867436de7e58cc87fb136aaae31b33b4edf0ed15962eeb4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
4KB

MD5
1bdac40640976d51eb4b53341454e629

SHA1
c7bb728c6e6b21dd44d078d3c0ba751e6b4d94d8

SHA256
2f60bc3690962374988ed81d8976d8fc7bd6224fc6ffb4fab71f011ba5573898

SHA512
12335b10ad33e408779d41d1df922d2ab3bac5fd3048c34fcfbb118994a0c0941808b078fa8ac0a686a86ac9e8f2d11f834d0db3384d05dd8f40fce2ad5f54e3

Download Submit
C:\Windows\System32\CatRoot2\dberr.txt

Filesize
14KB

MD5
ac6624019952a8855630f3eec8390158

SHA1
503ef7de3394a043a4bb47904925da89a35fa678

SHA256
2ad8a502ba9cdf632e3fc99164bc688aa86b4b18302f19e58e65b4a862fec211

SHA512
83135a3a0d0406579cf670cb4bf2351eb3fd9efed1386d3fa29be8bd77d684aaf4c8e8efbcba8c76d5887df97ec051749ba9577b2e9c6a23474b1345a5f142c9

Download Submit
C:\Windows\System32\catroot2\dberr.txt

Filesize
150KB

MD5
9d95c0a62a01726b115a224ac1652e52

SHA1
3c99516b9a2e3c87683b63e8e6e2dfcbd9034225

SHA256
957c6f8f78d24b4d7965e3680ac912dc27be997ae0185e4b7e9edcd274e59911

SHA512
8973d8d5d741f9b79f16ce894e225863ec16d5dfd8a1c11266db1de75973d5f64b78267612a4a3c1dd2bfac9d24eb11f2cb8e7a2f12ddf9422a86c8216ada25c

Download Submit
C:\Windows\System32\drivers\mbamswissarmy.sys

Filesize
65KB

MD5
0235eb46d65de353e624da03655030db

SHA1
d88fa18ade44207adf2eff6ac081e59f0f6b4c73

SHA256
4c8b0df851339c64ffccce3d7b2c0aca45aa0a368a861e90973bf2cdb9697948

SHA512
644202a580bf18be9a7780ddbd253fe9d2714863da9eee67ed92dfaf4e967b0aa5df94b686d4608596f8cff3cb0f7d2b1af00246d9c5fbe5d7e7a8eaa799f0bb

Download Submit
C:\Windows\Temp\MBInstallTemp674ad389d00111eebc155a2e32b6dbc3\7z.dll

Filesize
1.6MB

MD5
ab8f0c1a37c0df5c8924aab509db42c9

SHA1
53dba959124e6d740829bda2360e851bcb85cce8

SHA256
6e223b275b84d948cc5ae1f161f0bfff2adb34de04634c84d7dbe9305a4998d5

SHA512
ff8a26e8fd5a08c74e5ba93a564e0d3cd932754e7f06993a365bfad06670497889e69ec45bfba1378040b72f82d468e79682beba2439937bb29d2a41da940d4a

Download Submit
C:\Windows\Temp\MBInstallTemp674ad389d00111eebc155a2e32b6dbc3\7z.dll

Filesize
1.2MB

MD5
3fb0a31172c882007fd388f4438d1fe9

SHA1
64d76e4cef29b0f82a4a01e2cc5899c6809833d4

SHA256
095a692d82cc1aa3a44b5565cc05f63adddd16e1bddcf776a9fe3f0c575c873e

SHA512
d960429572aa012773e0d9cbdb5301e7b8490cb946c218670896d3d688cc96c061151845bc64d87c392cde5bfcedda47280f9795b16c45c0a8525a7364437899

Download Submit
C:\Windows\Temp\MBInstallTemp674ad389d00111eebc155a2e32b6dbc3\ctlrpkg\mbae64.sys

Filesize
154KB

MD5
95515708f41a7e283d6725506f56f6f2

SHA1
9afc20a19db3d2a75b6915d8d9af602c5218735e

SHA256
321058a27d7462e55e39d253ad5d8b19a9acf754666400f82fe0542f33e733c6

SHA512
d9230901adeecb13b1f92287abe9317cdac458348885b96ef6500960793a7586c76ae374df053be948a35b44abe934aa853975a6ccd3788f93909903cc718c08

Download Submit
C:\Windows\Temp\MBInstallTemp674ad389d00111eebc155a2e32b6dbc3\dbclspkg\MBAMCoreV5.dll

Filesize
239KB

MD5
27beb9f614256a05cff45f1c89c4e8f3

SHA1
f143a154722addbe45bc3e8bb4333d49f2be777e

SHA256
f5552b02128f02d3a7d35c872069b212d1b4cf36a0efc5ef877fc68359dcdfd7

SHA512
1662f8dec82999b4e1304e9f2400168434a163b15538ade02c6b1ef2cc6814775791782e91e9c6c48dd5d3febf92de7428653093a2a465b86ac431d95932d6d2

Download Submit
C:\Windows\Temp\MBInstallTemp674ad389d00111eebc155a2e32b6dbc3\servicepkg\MBAMService.exe

Filesize
7.0MB

MD5
1e66023bf3e14aa300a4710dc3735377

SHA1
a82d78085d0e11e9cd3a2ddef0fb3ec63d6ccdc5

SHA256
4eae0da5cd329812d81159b3824cd62ef09e7a6b6737e04f6ec483f9785674b5

SHA512
978e393eabda6598123262ba74e14000e0a872ef41ef913d07b598ec310cad563d5d3949d1211e727867963b195756db0b9621122ae80afecabd3ff0f5b75c1d

Download Submit
C:\Windows\Temp\MBInstallTemp674ad389d00111eebc155a2e32b6dbc3\servicepkg\mbamelam.cat

Filesize
10KB

MD5
60608328775d6acf03eaab38407e5b7c

SHA1
9f63644893517286753f63ad6d01bc8bfacf79b1

SHA256
3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59

SHA512
9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7

Download Submit
C:\Windows\Temp\MBInstallTemp674ad389d00111eebc155a2e32b6dbc3\servicepkg\mbamelam.inf

Filesize
2KB

MD5
c481ad4dd1d91860335787aa61177932

SHA1
81633414c5bf5832a8584fb0740bc09596b9b66d

SHA256
793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3

SHA512
d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830

Download Submit
C:\Windows\Temp\MBInstallTemp674ad389d00111eebc155a2e32b6dbc3\servicepkg\mbamelam.sys

Filesize
20KB

MD5
9e77c51e14fa9a323ee1635dc74ecc07

SHA1
a78bde0bd73260ce7af9cdc441af9db54d1637c2

SHA256
b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0

SHA512
a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186

Download Submit
C:\Windows\Temp\MBInstallTemp674ad389d00111eebc155a2e32b6dbc3\servicepkg\mbshlext.dll

Filesize
448KB

MD5
bbb9b4209b8a0eb65dcb4c7dbbb5329a

SHA1
8578bf24cf90a3061af7a382bf6a8280a9638121

SHA256
9b290d10b9874146b97ab10d75d6827ec78f53a5c61e3cf95cb383df310c6fe8

SHA512
08d5abc9b871dadeb44b4a724afb061b6a322a126a3ac84710ba47b0656902b22670d3edab8b05221a53ce0268904a341eab68e68527c8860d61d086b17c26c2

Download Submit
C:\Windows\Temp\MBInstallTemp674ad389d00111eebc155a2e32b6dbc3\uipkg\QtQuick\Controls.2\Imagine\VerticalHeaderView.qml

Filesize
1KB

MD5
829769b2741d92df3c5d837eee64f297

SHA1
f61c91436ca3420c4e9b94833839fd9c14024b69

SHA256
489c02f8716e7a1de61834b3d8bbb61bce91ca4a33a6b62342b4c851d93e51e0

SHA512
4061c271db37523b9dea9a9973226d91337e1809d4e7767e57ac938d35d77a302363ed92ab4be18c35ba589f528194ad71c93a8507449bf74dd035acf7cdb521

Download Submit