9948b0ace1b91c416141ef8c73c2d944d19bbd6135d26fc6a4b34f7393d1af21

Resubmissions

21/02/2024, 21:57

240221-1vdrbafh4y 7

21/02/2024, 21:49

240221-1ppavsgc59 7

Analysis

max time kernel
445s
max time network
450s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
21/02/2024, 21:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SetPoint6.68.250_64.exe
Size

80.3MB
MD5

53771b4ad5f9bce479f7dbc28939b447
SHA1

47cbafd3df3c592cc87dacc837ec10227e07b7f6
SHA256

9948b0ace1b91c416141ef8c73c2d944d19bbd6135d26fc6a4b34f7393d1af21
SHA512

c226512a7d087a0a9a883ef1504932ad0c29ea7ced1bbe763c4c74f3ffd9d85017187410152cf1f4419e6a754c6eb7ef46968b83bac796803778ddc32cf3bbec
SSDEEP

1572864:nsBQZP71vvdl2a6BKGszGzAQy+XlPM7dyoXMNQKJn4tGIepxtIKygMvF8uY5TSPt:nhZP71vvdmBKHS06XFM7dyLTk/l9eTAt

Score

7^/10

Malware Config

Signatures

Checks computer location settings 2 TTPs 3 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000\Control Panel\International\Geo\Nation	Setup.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000\Control Panel\International\Geo\Nation	Setup.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000\Control Panel\International\Geo\Nation	MSetup.exe

Executes dropped EXE 10 IoCs

pid	Process
4404	Setup.exe
3424	MSetup.exe
392	Setup.exe
5616	Setup.exe
4468	SetClean.exe
4820	RunNE.exe
3432	Process not Found
4848	LDConfig.exe
2796	LDConfig.exe
5096	LDConfig.exe

Loads dropped DLL 20 IoCs

pid	Process
4964	SetPoint6.68.250_64.exe
4404	Setup.exe
3424	MSetup.exe
3424	MSetup.exe
3424	MSetup.exe
392	Setup.exe
392	Setup.exe
392	Setup.exe
5616	Setup.exe
5616	Setup.exe
5616	Setup.exe
5616	Setup.exe
5616	Setup.exe
5616	Setup.exe
5616	Setup.exe
4468	SetClean.exe
4468	SetClean.exe
4468	SetClean.exe
4820	RunNE.exe
3424	MSetup.exe

Drops autorun.inf file 1 TTPs 1 IoCs

Malware can abuse Windows Autorun to spread further via attached volumes.

Replication Through Removable Media

T1091

description	ioc	Process
File created	C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\autorun.inf	SetPoint6.68.250_64.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

NSIS installer 2 IoCs

installer

resource	yara_rule
behavioral1/files/0x0006000000023217-455.dat	nsis_installer_1
behavioral1/files/0x0006000000023217-455.dat	nsis_installer_2

Modifies Internet Explorer settings 1 TTPs 4 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000\Software\Microsoft\Internet Explorer\IESettingSync	MSetup.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	MSetup.exe
Key created	\REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	MSetup.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	MSetup.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3424	MSetup.exe
3424	MSetup.exe

Suspicious use of SetWindowsHookEx 12 IoCs

pid	Process
3424	MSetup.exe
3424	MSetup.exe
392	Setup.exe
5616	Setup.exe
4468	SetClean.exe
4820	RunNE.exe
4820	RunNE.exe
2796	LDConfig.exe
5096	LDConfig.exe
3424	MSetup.exe
3424	MSetup.exe
3424	MSetup.exe

Suspicious use of WriteProcessMemory 21 IoCs

description	pid	Process	procid_target
PID 4964 wrote to memory of 4404	4964	SetPoint6.68.250_64.exe	89
PID 4964 wrote to memory of 4404	4964	SetPoint6.68.250_64.exe	89
PID 4964 wrote to memory of 4404	4964	SetPoint6.68.250_64.exe	89
PID 4404 wrote to memory of 3424	4404	Setup.exe	91
PID 4404 wrote to memory of 3424	4404	Setup.exe	91
PID 4404 wrote to memory of 3424	4404	Setup.exe	91
PID 3424 wrote to memory of 392	3424	MSetup.exe	93
PID 3424 wrote to memory of 392	3424	MSetup.exe	93
PID 3424 wrote to memory of 392	3424	MSetup.exe	93
PID 3424 wrote to memory of 5616	3424	MSetup.exe	94
PID 3424 wrote to memory of 5616	3424	MSetup.exe	94
PID 3424 wrote to memory of 5616	3424	MSetup.exe	94
PID 3424 wrote to memory of 4468	3424	MSetup.exe	95
PID 3424 wrote to memory of 4468	3424	MSetup.exe	95
PID 3424 wrote to memory of 4468	3424	MSetup.exe	95
PID 4468 wrote to memory of 4820	4468	SetClean.exe	96
PID 4468 wrote to memory of 4820	4468	SetClean.exe	96
PID 4468 wrote to memory of 2796	4468	SetClean.exe	98
PID 4468 wrote to memory of 2796	4468	SetClean.exe	98
PID 4468 wrote to memory of 5096	4468	SetClean.exe	99
PID 4468 wrote to memory of 5096	4468	SetClean.exe	99

C:\Users\Admin\AppData\Local\Temp\SetPoint6.68.250_64.exe
"C:\Users\Admin\AppData\Local\Temp\SetPoint6.68.250_64.exe"
1⤵
- Loads dropped DLL
- Drops autorun.inf file
- Suspicious use of WriteProcessMemory
PID:4964
- C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\Setup.exe
  C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\Setup.exe expr=SetVar(level,"1")==SetVar(indent,"2")
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of WriteProcessMemory
  PID:4404
- - C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\MSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\MSetup.exe" expr=SetVar(level,"1")==SetVar(indent,"2")
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - Modifies Internet Explorer settings
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:3424
  - - C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\5-SetPoint\Setup.exe
      "C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\5-SetPoint\Setup.exe" /check=yes /level=1 /indent=2
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of SetWindowsHookEx
      PID:392
  - - C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\6-Unifying\Setup.exe
      "C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\6-Unifying\Setup.exe" /S /instMode=embedded /check=yes
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of SetWindowsHookEx
      PID:5616
  - - C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\tools\SetClean.exe
      "C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\tools\SetClean.exe" /check_legacy /regKey=Logitech\sp6\Legacy /savedFilesFolder=C:\Users\Admin\AppData\Local\Temp\Logishrd\SaveSettings /level=1 /indent=2
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of SetWindowsHookEx
      Suspicious use of WriteProcessMemory
      PID:4468
    - - C:\Users\Admin\AppData\Roaming\LogiShrd\SetClean\RunNE.exe
        
        C:\Users\Admin\AppData\Roaming\LogiShrd\SetClean\RunNE /wait C:\Users\Admin\AppData\Roaming\LogiShrd\SetClean\LDConfig.exe @-KHAL:C:\Users\Admin\AppData\Local\Temp\Logishrd\SaveSettings\Khal\devices.ini
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of SetWindowsHookEx
        
        PID:4820
    - - C:\Users\Admin\AppData\Roaming\LogiShrd\SetClean\LDConfig.exe
        
        C:\Users\Admin\AppData\Roaming\LogiShrd\SetClean\LDConfig.exe -PS2KBD:QUERY
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2796
    - - C:\Users\Admin\AppData\Roaming\LogiShrd\SetClean\LDConfig.exe
        
        C:\Users\Admin\AppData\Roaming\LogiShrd\SetClean\LDConfig.exe -PS2MOU:QUERY
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:5096

C:\Users\Admin\AppData\Roaming\Logishrd\SetClean\LDConfig.exe
"C:\Users\Admin\AppData\Roaming\Logishrd\SetClean\LDConfig.exe" -KHAL:C:\Users\Admin\AppData\Local\Temp\Logishrd\SaveSettings\Khal\devices.ini
1⤵
- Executes dropped EXE
PID:4848

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

T1091

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Replication Through Removable Media

T1091

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\10-Uninstall\compcfg.ini

Filesize
411B

MD5
c0caf31cadd9ba3d2e7163b46a8f3e64

SHA1
344daeefbc64b3c31da5ddb1f0279ee2873903b9

SHA256
79cff3ed076ada8d5024742f5fa78fb7897c7847547e469c7c280db36a35106b

SHA512
0b241d5dd8a59129189debd3eef55f35edbe7fd47b14a46619bea2b93a3c93a75d564aa26f29de083148127954bc3463ec9e2de932f566dbd163400fa7ed0574

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\11-Unifying\compcfg.ini

Filesize
457B

MD5
cd20e442ba53c88f8b19bfa70c5c9bf5

SHA1
df18ed69aecc53fd8ee843dbff8a4b3fb0578721

SHA256
e961c4458a7e2aa36c00127ace56660e35511bb73b3ee3219dabd12eba1475e2

SHA512
a980c3968408c302f2636f37af3739d8da142bdd8c021bcc8b9fb3b4197916edd835716fa676ae8a8238f009c36547afca8c9f23bbbbc1ef8a0b947440205aab

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\2-Install\compcfg.ini

Filesize
490B

MD5
7695a6de598cd3a8c1f81762c6a4e668

SHA1
bfaaf88e95e064d56de5895ace1f4b0bce2b4637

SHA256
5b9628de725c6f61ec6652a2350ebe9bf1f516a4585c8ca2ea4af47dfa311ebc

SHA512
d06d73edd4c0d27386e497af37af42b66180a11ac7d3959b194c7c2d259344bf14f4b4717c49c10c54c19f1998f51cd6681df19ba057aedb2e0edd7e14de70d5

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\20-LegacyPre\compcfg.ini

Filesize
479B

MD5
8f8515b7692c4b64058f4f622d6b8874

SHA1
28cc8a712bc448502265d9a5c18c2f769da28ee2

SHA256
37d53ffc70b46cacd5a263c63a6b078eccbc10bc7a33311876b3c7102be38ac8

SHA512
f85c564bf43db2871db84b1f53f4199d3dc851ec128fa2a0c17af099695eb52c71d2f57d26cff8b36200d0a399d5b303c2c55cb310493af5a8b78f5ec008fe83

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\30-LegacyPost\compcfg.ini

Filesize
353B

MD5
f3589090a17ac8eeff0af57b17b36368

SHA1
8ef4c1d3430e8f359765fe02ce4620c092e70658

SHA256
e24b4e34b8de789f2411f7f1c3609bbddeeba0f5edf75ef05b28422fb0d111f8

SHA512
2d843b0592546922efcfe2681244a2855b453ecab265330d87275356d0ac9fb6ff6e67cb9a03597b830c18f1390141ebc709b7b78ef648077d94ba8596041853

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\3b-Redistr64\compcfg.ini

Filesize
496B

MD5
25dd1014a1ed7451b4851a44c8c39a39

SHA1
074d6e205fd3395550c9c68d81b454a33a660b6f

SHA256
25d5c8e72b2b47533df313246b940101bf057c590ecbfc6d1e45109ec5a80a70

SHA512
6019118be4b1011df81d956ac20597721443f75aedb68d7b1ec92f4eb35483cc6e1a8d4853a6ca61d663d4e66998c3fdc1862dc3510274ac2025c6650eaf7e0e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\5-SetPoint\Setup.exe

Filesize
573KB

MD5
b1f88d37e9df4fbacf3c82f7b65ff266

SHA1
f4fef493fbe792d332712f51316d6bc0505f4136

SHA256
37a1e7b7141f317deb9e4d956fe50fc6741f628a28b36453db79204e8b029173

SHA512
36697a573fb90e579aed5a294c0c708ff366e0292bd6442147824644f527825d72ab92cf6208f407e69eaf718f086025d1e4084cf4573bce1bf20f8983629089

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\5-SetPoint\compcfg.ini

Filesize
1KB

MD5
e119905414f985238b0df742e73a5de6

SHA1
ea15120ce359354f7e570efc2f0c011c16d9fb02

SHA256
13d40bec3c7bb3b372c8297272e97c621ade2a4de7b244ebbe4f81e0e6d9914f

SHA512
51ee0c1f6097b4dca795ee2a03417939a2a03d07598f57c4feb8a78a61fae378fcad1c1e7d5e41f9069d45008c85db32445ed1af244032968cb4531413238e13

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\6-Unifying\Setup.exe

Filesize
2.7MB

MD5
733c1df9cd37ede5d1cafa3f91782a24

SHA1
b4ee648fd1a1afe1b5f77fc9ed8cc8d3c48e2db2

SHA256
98af63242d16180778e8a076469868fad56fe1cc2cc2f5b18fd770f98412bfff

SHA512
4eb49cde1190121c46353cbb688fe60d8c65e7efb3246c3ab7a1a87a44aa8818e694cbeb8e8ec5f9494e38ee7d5c10bd30579d076c5defd3af21913e042b8c3e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\6-Unifying\compcfg.ini

Filesize
486B

MD5
f7fee5a55d46cdb4773efd6904480617

SHA1
644e57bb8d5c3a61d1b8711707cade7249b7193c

SHA256
170b5d075bcf9234fa43b102e94f5972c2eae3a83a0630cbfb21793888c3bc1c

SHA512
258aa1901ed1e150e7ca5086b7f01fd190cd8d605e43bc1c320d60c352e9ab353511c3bb85de47b8f15447889d08b2cc2d02904738a96385dc8407f875821607

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\LU\Lth\LUpdateProd_Legacy.xml

Filesize
6KB

MD5
551f02bc5ca1afa20e6514fba9846b02

SHA1
4046458ba5fc1d661bbef4167792db56d3446a50

SHA256
fd1907ec702d65ff81b9cfc13248bfd29079af01de567040415f2635ebe24063

SHA512
114bcb02711be52d25a44eb419de8be71c34e45849d757e6321b898c52d24c17405fa3923bf232d3518ea7e0829dd5f4db1da26f099e125fb12341e7a4d9ab2e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\MSetup.exe

Filesize
1.6MB

MD5
46e4c130532dd44f81cc545970b1ba7d

SHA1
bbba055a7973c3f2d1669a7505ecffa73dd85103

SHA256
48da3aa7910f3dcf8739dcddabb25f0f877b68abf3ee161b884428bcc864eee9

SHA512
ad74281033d3620003f5a7aedfe2889fb9f72aa58c624cb101c2975be12663faeb9e0ace55aeeddc04ec45e3595bb0042660d4d1c7926d5723bc50b7b03ccb5f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\Setup.exe

Filesize
294KB

MD5
467c3855db3135f24a747244567d5a92

SHA1
bd3c15c93c797b8364595e9608357bc467a9d911

SHA256
7ce76d6f05c3292760563ff9e4aae997a1eadafedd707131757e9e0b83e17410

SHA512
30c536eaadceebee1f051324b591add32b686b391b86c0d94af5622476a9aaa0cc076d543b0baea1356c42235f2c914caf028041eca72b6da613bf48fd83c10d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\SetupDll.dll

Filesize
62KB

MD5
6716f4e5ee82ffef2991b925dec0c760

SHA1
b933f9530d2ad848d212fc1e7c785b520b87eaca

SHA256
daca629f2fc1c97340f4fe77cf25677952e58a369cfa8953f9f11d599924ed6d

SHA512
6cacc14831a442508294ef363a44ea7bda6f3383ac9616fdf778af2edca582874c061bb4c4ace064f3920684cab9878742c88fdfff15bbc11f162264712174a2

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\UI\ell\CustomLayout.xml

Filesize
10KB

MD5
04f97e728cf6aa3484f04b95eb89704c

SHA1
4382eda3d6d2947fc777d5f387e300b0dc8f8245

SHA256
f715e7496b7a657670f954a563a73a0dfcd1e6dc35ce48c58beb97fdb08840e9

SHA512
a6f4d1593d98c5cb9f772b16a87c1bec12c1cf5d0aaad5d36077314f2d93c3afa375e9952ee037578347b69d3dbc7403ae844b9f2079637114b0579b2f5fa947

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\UI\ell\wizpage.css

Filesize
14KB

MD5
ae98b329932c4010b31c46e6e8ac5a71

SHA1
54c43a1ff0d7ae63997af339d0d5a709119d395f

SHA256
f2a4eee9d36d5a5f7d4df00590edd6df368d047cd3c1af35efb0fda739f6e5f8

SHA512
cfd6566b11411f91ee52c8242bcebdd21760816aed868b92ab00b1bbe484a6f4ebe4e7506a2b5f7d199b2bdf97ab1c4e3109e06a7ee7e8e1bdd4f58c029789b4

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\UI\html\install_1.html

Filesize
16KB

MD5
0315b7b094b480c3b25a9e0e4b534ec6

SHA1
39681905b74da29c4091473e1e4ac6577b3fecd4

SHA256
ab08843b427b518cc269509fa54881c95b726339b9a921932b4e4b53c513ac65

SHA512
e04d3229eb112e568137c46329895f93c71751f41c790bdb2eb129c1d68be8cfd58bfcb4e15a0bc7eee510094cdd581464489e25f2237eafa02cdc17b13e4eec

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\UI\images\collateral\header_image_1.png

Filesize
32KB

MD5
5b453fa3555e731aa4d4d5e985884977

SHA1
483068971275f2ce3e89cdf83d43d03275ac71af

SHA256
46585620f2eb749f599a6d6ae4f4a56e49966277c2d7de6e0d37166f86e41d28

SHA512
8752ea1779f329d2e73c19f49f268e3e266642ca95b89694c21f714f8ae3f415075eca89018270b4bcd080c4eb6e54a3f0adc278b5357d972d14a4721c8edab3

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\UI\images\collateral\warning.png

Filesize
611B

MD5
bc1fb63506eccdb2c21101916eafc575

SHA1
b177ea6e21428266199a30bb4299f1e3953ef458

SHA256
4edcf383476f7cb39175f038885be8a8765eee2bf37cec642fe7461b5dd70f01

SHA512
80cde6aedcf17cd9e23175c45a907c2656fe776b822ad568858e4c1c8451c9f1225194ec8e6b1d79ffb0ba0b4d6c83fcf00e30a2ef325b37e0598c5ad9774e1c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\UI\images\logos\logo.png

Filesize
1KB

MD5
eec6a28316d96fb091080241c3422f8c

SHA1
fee9ba3f2174ec42de02245ff0fe3308fdd9f515

SHA256
df9b66f11a75da141dbb8b6438a49d50b59a5e41304dadbbe9009462191349bd

SHA512
1a6d494626666b81d7f633a4ac522a359929234d076c3293c5eebc3f9c5c5c58e9b9b13ecdbf3fe406bea300eddace60fe23c9c6564733af0896417871129b80

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\UI\js\custom_ui.js

Filesize
8KB

MD5
607e532d644cc83c5465ed7412877176

SHA1
075317c2250e356cf5681d1e158332f961b71e19

SHA256
3f2a502d4bc7f364f51970141a7e0a830b5b91b5b3e53766410f1f7c7f557eba

SHA512
0ec5a0ac8b8c17d208aed47a4b7eae6e04f144e1d1cbe6224eba296034cf393b942e9a8f87edd674ee908f4dd303827b97e146a1af02ce59eb887f6cae53bc01

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\UI\js\logi_code.js

Filesize
10KB

MD5
e454d6bbe6a8b2ecd7ae07c38af329fa

SHA1
5fe9ea8947024ecd7d9755a38404aad4dfcbb25c

SHA256
49e97c8a18b92bd58891d4910f59fcf6e0d352e223ab8ba637158d02ebf52be5

SHA512
71a365ea1f733ce3cbb75e45fee748f491c88ae50af8391e15e4d8698b81b5e2e1d22f3f8541081f4734f49c21b9e7664325ed961c0a2f8192a010846cdd12ea

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\UI\js\logi_uninstall.js

Filesize
4KB

MD5
1098d2d89d6799011e35b1fee35ce177

SHA1
8e71117f6e85d555221500fb8413fb31731e30be

SHA256
0de18a2f0fdf9d3edb547fd9adb569dca0b836012b6a3f6db005d37afb5c812a

SHA512
76968684052ca9c5c73b28e33ae86812af7da3c531e3102c62ccc3837675370048f96f03553e88cfa798dfe66b136f798f738ad36cce57586d36483bc6709e7e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\setup.ini

Filesize
12KB

MD5
62bbf2b4326381e250a4ebdd0af9d24b

SHA1
aedb1ad529a429c79d4bcdb97271c44fd2940fd6

SHA256
ea0ce5305b4aab0ce5907de40fd2e0df9eb6e5df8394531b4412e48ad0a7226d

SHA512
bba65a8a4859bb03ce4b26eed7adef50188e4842dcab23c588e0c16a54c5e8c63878a95aa8b02acbebae5a6111d1a3ef555c75841b87fef2144eee788d1b759f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\tools\Expr_dll.dll

Filesize
220KB

MD5
1329bfcefa2860965ca23347be2ce14e

SHA1
85a6c81f74ff3b2d56352c64382471a7f6f0a9d2

SHA256
5c71551f5167ef57efae3c5e66791a501c75cd7b3bf8a80cccf6d74052bf6700

SHA512
51b50fe4ad7b8b1e5c278fdcd4d6cd391c6c8b4e2418017b6f395519d399e08bc31919659ad9a604b665dba68f57ce7077b37c5d6a82f9bdc26165737101ab2f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\tools\SetClean.exe

Filesize
400KB

MD5
e461f32d699006ccea35e74f1928e3a8

SHA1
a1c09e5137576991cf47b649b88f3167d0ad7898

SHA256
b3fd9eab7c8b9edfe18759a88b24f0bb2fae95d76c19497902241d94330e9136

SHA512
ca2f40cf9d78fc2569bc472d6568eb533f686e567c9883c0c1d3d96dca6edb2ffde038d40650998947340b3d105da6fb850f1524fc9eeee590c0c1a2bf28fcfc

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\ui\ENU\CustomStrings.xml

Filesize
17KB

MD5
ac32fbdf0d884c6fde5a7c8938180165

SHA1
e7c72bab8d8595fdbf122e2e332838fea6154e87

SHA256
39187410cd59d477463cac958e2d853a2195a7daceb10c9ab8f697f3259ba696

SHA512
10e59f3df2f91701fc052ce5252dab402345d17f35d8bdb6ab88f4f63c251619b16ef02abafddf8a3b2eb38187ff7ec4a442c69c8cbcba59c56f68202833b1e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\ui\ENU\StockStringsBase.xml

Filesize
15KB

MD5
f405ff1d41842ef323178a59b88fd3fb

SHA1
24c8822e68ac2073c45cc6bcb23dee8f4ad3e3f4

SHA256
49772d2110b6424650979809ff1da29b611f3b1f9c8f3c004844392f5c45700b

SHA512
d4ec1192276da756a44b224ec5d2b6c3682487c286df6c0e1c226539cf27c3b9aa05e531f2f66890f0e79a04efb6170a7d48d06f1eefe09ef331995e72add2dd

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\ui\ENU\StockStringsBranded.xml

Filesize
3KB

MD5
1752a791b05b77bfdb6cebb8bf61492c

SHA1
dfe6885df275882664975a47156b42f3526eedc3

SHA256
6dd1b4542cc642337b8b35ea22f76537fbda347ba0b16d2e2d18dd2faf236c8a

SHA512
8a8e44e64c1fbd449da52908f1f3c1864f759cca26e5a859788969dcbcfed9c4cbd2e9a7d0e298bd645239cadea36fd7563e098c63762f5bcc7e9f2199c7d357

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\ui\StockLayout.xml

Filesize
4KB

MD5
65d8456e4a39f3521876330def24f0ab

SHA1
02b1ecf511361491fbaf39e94e97b1cceee335c9

SHA256
f205e113c2f61e07d4c59cba04b0d9d0acf66eee2d8bfcf9326d5fdb30ab18d4

SHA512
ad35004a66d5d297a473047857c75e747995842e64b57c7d760c4f03c10f8bed0e5e3322268c678d5e8e05300ca515c4ca3c6b92e3788d6434899579cfe14f22

Download Submit
C:\Users\Admin\AppData\Local\Temp\Logitech\SetPoint_1\ui\resource_ids.txt

Filesize
12KB

MD5
b58a2357ebf3631cea27da57828c9a68

SHA1
42dc1989a1eb73a6fa6ca266d6c6aa454e6be2bd

SHA256
ab06a5c94fbcd673b8f5ba276a087eb6f541106e8d3d164b92cc01236f539a4b

SHA512
abe344a6881be5d924930ed67da72f42691d4e7a412b62cb0ba80954819f9017a50341f5651e61323b1d877570e88c089df9202d59b7893da7239244e02eebe0

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsi4E21.tmp\System.dll

Filesize
11KB

MD5
00a0194c20ee912257df53bfe258ee4a

SHA1
d7b4e319bc5119024690dc8230b9cc919b1b86b2

SHA256
dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3

SHA512
3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsi4E21.tmp\UserInfo.dll

Filesize
4KB

MD5
1e8e11f465afdabe97f529705786b368

SHA1
ea42bed65df6618c5f5648567d81f3935e70a2a0

SHA256
7d099352c82612ab27ddfd7310c1aa049b58128fb04ea6ea55816a40a6f6487b

SHA512
16566a8c1738e26962139aae893629098dc759e4ac87df3e8eb9819df4e0e422421836bb1e4240377e00fb2f4408ce40f40eee413d0f6dd2f3a4e27a52d49a0b

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsx4130.tmp\System.dll

Filesize
11KB

MD5
b9f430f71c7144d8ff4ab94be2785aa6

SHA1
c5c1e153caff7ad1d221a9acc8bbb831f05ccb05

SHA256
b496e81a74ce871236abcd096fb9a6b210b456bebaa7464fa844b3241e51a655

SHA512
c7ce431b6a1493fd7d1fe1b1c823ad22b582c43c8eb2fb6a471c648dd9df9953277c89932c66afd598d43ea36f4a8602e84cd175115266943071cbc8ce204099

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsx4CAA.tmp\UserInfo.dll

Filesize
4KB

MD5
351b802508ee5462cbf7f35454a9dca6

SHA1
7b9a1bc758e10af02124143680f636853b421da1

SHA256
39275ee1767aac3ae0929a3e67a84a921610b45d5cfff3db1641893504d5c78d

SHA512
6b0a4a500597fefaceb5eab79737d4f8dd253bb6bf8c263699314deda417763857b4407457d877b28f7a9c1f40a241d378ccae80c68541ff3f102eac8a6ff8d2

Download Submit
C:\Users\Admin\AppData\Roaming\LogiShrd\SetClean\NonElevatedDll.dll

Filesize
59KB

MD5
b0fcd0ee2bbae4bd15d74a938037759e

SHA1
f952ba14b248c1897733b687caec6c29e0a9bdfd

SHA256
3e3dc7a5b3eeec4327a845663909c26f7ee2e33a83c4d628f9bcc6284b3bf0b0

SHA512
9c02903b04bd14542df0b411927878c01f77d72477be1d9c0645193eb1907f40ab560284b91236f1a537edc97bd9a64e666b4f1ff640621a6885883e1fee3050

Download Submit
C:\Users\Admin\AppData\Roaming\Logishrd\SetClean\LDConfig.exe

Filesize
98KB

MD5
996831b192e3327c09e37d5a634152a0

SHA1
a7635968285c7354a0378b5a0027db3660a40812

SHA256
ce85efa57c859959d8aada7adbcb082939237e7d6cb73b9cf6af6fded1f1cd0b

SHA512
ae0e41a368134421400defac8f74e1d72ab834146691260a28d1cd744da1bef880235c06591ab2eca76928fd60117384acafdd80f4d5662315046db1feea368c

Download Submit
C:\Users\Admin\AppData\Roaming\Logishrd\SetClean\RunNE.exe

Filesize
100KB

MD5
5ed5ae25d40567a187630c25e657c628

SHA1
e3397ebb2a6db6db04319ce8a839fea784f7574d

SHA256
3f14d8da299211abad1e6298a894234d13b4627efe3802e63d1b6845edf04dfb

SHA512
70773c612d75f02f7b0b7f5565ff26bb8f84afc64b3fac020cbd89c8a981a00e3c8ed25d76e4bf9298a6c8006525a95f2c39c296db349406b71d29b4d78b7ff9

Download Submit
C:\Users\Admin\AppData\Roaming\Logishrd\sp6_log\sp6_setup.log

Filesize
2KB

MD5
aafaf523a6d4ae2c58152760b3db1537

SHA1
0749b9a434c2ac7e60f1f866b201ad7e72768d28

SHA256
fd14bd0791004f86ad35aeb4a8c52ff9d047852eb8efb3ba641b48b42235c8ef

SHA512
930abbceb6bf159a71de41e226db50b16f7eb5fce5e8385f4f9ee9a800572a00de9080c462aac6df8fb3278bdc574a211c5703474e8e29faa6a981de3e9362f5

Download Submit
C:\Users\Admin\AppData\Roaming\Logishrd\sp6_log\sp6_setup.log

Filesize
4KB

MD5
02547d095924627321d7764adf5b0085

SHA1
4416358c148a3327543b67936036cea66ff96b4f

SHA256
8cfee88e8cd83389fc6cdf5f3c1d864a6812943fa1425808dcc5287659188a1d

SHA512
6425a324e86865058717b3d3b3efe9af7686469fb92461406b2123417d495022d71a82069c784cf467f6e2389045072098316d6b2615454b97f39459ceb63e85

Download Submit
C:\Users\Admin\AppData\Roaming\Logishrd\sp6_log\sp6_setup.log

Filesize
5KB

MD5
4c5b2620f6237b0947b24e0e1581b369

SHA1
4160fbee5438ff4fa7a85a441488dfd6712ad74a

SHA256
3f2ceb7b158f5a0342aa3ba109517148272d0b7e3b00e7d454f2b9b438a9a7f6

SHA512
001e026ecc6236f83426cc292801467e8ba03dbaf5e09141c9e16d209a83e671ffc91910bdd349f5d59c53feaafbf104fd9403456e6664e68f980b5012d12895

Download Submit
C:\Users\Admin\AppData\Roaming\Logishrd\sp6_log\sp6_setup.log

Filesize
246B

MD5
95a86aa74c2b4be904dabab5d1ca8ca3

SHA1
a0dfaced30894799ed6ef2ad494653aada3e101a

SHA256
3a0ca6893cded1b4f801758b8a1ca5a9e58a310da7522dd983286efba4017091

SHA512
e2bd9fd3fe3670f41928b33aa146b2fe55a0fadb638528c7848780a73fc07496ae2d195d7ee016c977d2d030af7383e6f5e1d6b69485ecadff30ac769462045e

Download Submit
memory/3424-383-0x0000000002AF0000-0x0000000002B28000-memory.dmp

Filesize
224KB

Download