Analysis
-
max time kernel
615s -
max time network
580s -
platform
windows11-21h2_x64 -
resource
win11-20240221-en -
resource tags
arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system -
submitted
22/02/2024, 20:22
Static task
static1
Behavioral task
behavioral1
Sample
Setup_v_43.4.exe
Resource
win11-20240221-en
General
-
Target
Setup_v_43.4.exe
-
Size
108KB
-
MD5
807fe3c11715e92bfed4d8ec568a4ac6
-
SHA1
e4eb29ef16c6c137d1b1ce3c383dd44d6bea6a07
-
SHA256
0c8392319b75bf41bc36b0b64476a6dcef65b3449fa93de6708d835fc680303f
-
SHA512
a5870054c31c1d7b1647b27980af1810e6a0be6929e09766169860e957113f8f1a952da3ef1f3130225afa39f8930c8f941bd2f0be863f6113c60ebe1fb3cfbf
-
SSDEEP
768:27Zw33FNUf6Nhd/fQ1l+0vM0iT9LsS1Kadjp3S0VYcFodSzSZ27lftch2ryIaKFj:cZ2FWSNhd/4131iGS1Kax9Sxc2qAIrP
Malware Config
Signatures
-
Modifies file permissions 1 TTPs 1 IoCs
pid Process 1400 icacls.exe -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133531069997750110" chrome.exe -
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-160263616-143223877-1356318919-1000_Classes\Local Settings chrome.exe -
NTFS ADS 1 IoCs
description ioc Process File opened for modification C:\Users\Admin\Downloads\Seturp v_43.4D.zip:Zone.Identifier chrome.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 3016 chrome.exe 3016 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs
pid Process 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe Token: SeShutdownPrivilege 3016 chrome.exe Token: SeCreatePagefilePrivilege 3016 chrome.exe -
Suspicious use of FindShellTrayWindow 64 IoCs
pid Process 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe -
Suspicious use of SendNotifyMessage 12 IoCs
pid Process 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe 3016 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 2832 wrote to memory of 5084 2832 Setup_v_43.4.exe 78 PID 2832 wrote to memory of 5084 2832 Setup_v_43.4.exe 78 PID 5084 wrote to memory of 1400 5084 javaw.exe 79 PID 5084 wrote to memory of 1400 5084 javaw.exe 79 PID 3016 wrote to memory of 828 3016 chrome.exe 84 PID 3016 wrote to memory of 828 3016 chrome.exe 84 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 444 3016 chrome.exe 86 PID 3016 wrote to memory of 4760 3016 chrome.exe 87 PID 3016 wrote to memory of 4760 3016 chrome.exe 87 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90 PID 3016 wrote to memory of 4548 3016 chrome.exe 90
Processes
-
C:\Users\Admin\AppData\Local\Temp\Setup_v_43.4.exe"C:\Users\Admin\AppData\Local\Temp\Setup_v_43.4.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2832 -
C:\Program Files\Java\jre-1.8\bin\javaw.exe"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -Dfile.encoding=UTF-8 -classpath " org.develnext.jphp.ext.javafx.FXLauncher2⤵
- Suspicious use of WriteProcessMemory
PID:5084 -
C:\Windows\system32\icacls.exeC:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M3⤵
- Modifies file permissions
PID:1400
-
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3016 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xe0,0x10c,0x7ffc71189758,0x7ffc71189768,0x7ffc711897782⤵PID:828
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:22⤵PID:444
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:82⤵PID:4760
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3216 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:12⤵PID:1940
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3192 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:12⤵PID:1160
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:82⤵PID:4548
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4532 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:12⤵PID:1580
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4516 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:82⤵PID:3424
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5068 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:82⤵PID:3148
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5152 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:12⤵PID:5100
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4544 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:82⤵PID:2120
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5624 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:82⤵PID:1452
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=6012 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:12⤵PID:3808
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6112 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:82⤵PID:3564
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4572 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:82⤵
- NTFS ADS
PID:3600
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6128 --field-trial-handle=1780,i,13280213532448835482,2184462289702190922,131072 /prefetch:82⤵PID:2680
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:4684
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:1964
-
C:\Users\Admin\Downloads\Seturp v_43.4D\Setup_v_43.4.exe"C:\Users\Admin\Downloads\Seturp v_43.4D\Setup_v_43.4.exe"1⤵PID:3320
-
C:\Users\Admin\Downloads\Seturp v_43.4D\jre\bin\javaw.exe"C:\Users\Admin\Downloads\Seturp v_43.4D\jre\bin\javaw.exe" -Dfile.encoding=UTF-8 -classpath "lib\.;lib\..;lib\activation.jar;lib\antlr4-runtime.jar;lib\asm-all.jar;lib\commons-email.jar;lib\connector-api.jar;lib\dn-compiled-module.jar;lib\dn-php-sdk.jar;lib\dyn4j.jar;lib\gson.jar;lib\HikariCP-java6.jar;lib\javassist-GA.jar;lib\jaybird-jdk18.jar;lib\jfoenix.jar;lib\jkeymaster.jar;lib\jna.jar;lib\jphp-app-framework.jar;lib\jphp-core.jar;lib\jphp-desktop-ext.jar;lib\jphp-desktop-hotkey-ext.jar;lib\jphp-game-ext.jar;lib\jphp-gui-ext.jar;lib\jphp-gui-jfoenix-ext.jar;lib\jphp-json-ext.jar;lib\jphp-jsoup-ext.jar;lib\jphp-mail-ext.jar;lib\jphp-runtime.jar;lib\jphp-sql-ext.jar;lib\jphp-systemtray-ext.jar;lib\jphp-xml-ext.jar;lib\jphp-zend-ext.jar;lib\jphp-zip-ext.jar;lib\jsoup.jar;lib\mail.jar;lib\mysql-connector-java.jar;lib\postgresql.jre7.jar;lib\slf4j-api.jar;lib\slf4j-simple.jar;lib\sqlite-jdbc.jar;lib\zt-zip.jar" org.develnext.jphp.ext.javafx.FXLauncher2⤵PID:2484
-
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\Seturp v_43.4D\hs_err_pid2484.txt1⤵PID:2052
-
C:\Users\Admin\Desktop\Seturp v_43.4D\Setup_v_43.4.exe"C:\Users\Admin\Desktop\Seturp v_43.4D\Setup_v_43.4.exe"1⤵PID:4144
-
C:\Users\Admin\Desktop\Seturp v_43.4D\jre\bin\javaw.exe"C:\Users\Admin\Desktop\Seturp v_43.4D\jre\bin\javaw.exe" -Dfile.encoding=UTF-8 -classpath "lib\.;lib\..;lib\activation.jar;lib\antlr4-runtime.jar;lib\asm-all.jar;lib\commons-email.jar;lib\connector-api.jar;lib\dn-compiled-module.jar;lib\dn-php-sdk.jar;lib\dyn4j.jar;lib\gson.jar;lib\HikariCP-java6.jar;lib\javassist-GA.jar;lib\jaybird-jdk18.jar;lib\jfoenix.jar;lib\jkeymaster.jar;lib\jna.jar;lib\jphp-app-framework.jar;lib\jphp-core.jar;lib\jphp-desktop-ext.jar;lib\jphp-desktop-hotkey-ext.jar;lib\jphp-game-ext.jar;lib\jphp-gui-ext.jar;lib\jphp-gui-jfoenix-ext.jar;lib\jphp-json-ext.jar;lib\jphp-jsoup-ext.jar;lib\jphp-mail-ext.jar;lib\jphp-runtime.jar;lib\jphp-sql-ext.jar;lib\jphp-systemtray-ext.jar;lib\jphp-xml-ext.jar;lib\jphp-zend-ext.jar;lib\jphp-zip-ext.jar;lib\jsoup.jar;lib\mail.jar;lib\mysql-connector-java.jar;lib\postgresql.jre7.jar;lib\slf4j-api.jar;lib\slf4j-simple.jar;lib\sqlite-jdbc.jar;lib\zt-zip.jar" org.develnext.jphp.ext.javafx.FXLauncher2⤵PID:1540
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
46B
MD59dbecf1b04e54f043774308d0b876bdf
SHA16e77284e0755a395a8f862285dd73e625cc2dad0
SHA256c9291224d7aac64fa2a957efe5a682b361c73a5183bb9bd484926e18d88f15dd
SHA51275de803b111e52d9a0f445140e4687c6554c4c0e6af0a9fe1bcd6970ff285c4341b10dcf01e2f79f26e01e06a5a39315cdbac4b3f7663bf2a367101bd724fcc2
-
Filesize
240B
MD51a1a75780e09c82277c3d420d2e27268
SHA1b066cc10908f7faa48f89ec7ea82e773d7035bd5
SHA2563890e9e5e24fd3755be8fdd1e4941f668345d8f02c1e3b17efe31af4cd71a76c
SHA5125f41843e77133ed27aaefe4ad047e074bafee1406f36f8545d385ea1e1457721df93c55491c33496ac6f3734a69b528ee9b2328e804518fa47d89913444003e7
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
Filesize
2KB
MD5a7ea5f9bb97df05d29446101243382fd
SHA1beab8265198292430121ec4d795e10e33d24a389
SHA256c5ff564c5ec3c3e05afbf21a01b29ad86ab3fe5fb59783fbd805eb9d75c2cbb9
SHA5129b0f4f06625d3434f4260b409df84c1374d351a57d52e0b12105133daa1c9e21297f031c48f58c9221d09c48cc356a3193390f9bbcc2142f4c6914f293535797
-
Filesize
1KB
MD5551205e9eff3bfb9577ab17f5ca8ff76
SHA11cb88a3f00f690b5265a9501966cac5616eff6c4
SHA256edb3fc58a283dc9b596963d52f5c9886245387511eaeee5b7afd60131a7c2d61
SHA5128f639b6e5229fa348a02de46d704cfc1daf70b051cbed61cf17e18aca68f0e339609c477dc46a7896b094e4582be1edde3411a47eafdf78464f4a58a7eb87061
-
Filesize
369B
MD5ebed3f6538a342b3edc9173eff5e018e
SHA1e8a859a615baadaea87008713858d2d9f6a61db5
SHA256519a331db86588d0869331c32792e8a5ea2b46e458a351eb77e3d3df9cd8d11b
SHA512547bd6f3f0561bce4f1bae56aecefb8a7f7c0b2833571a1421d597191a6b5aaa62acf27458a1d3ccf8e50a3551c184d2f3787f75619fa6150dc45074b5a4a7b4
-
Filesize
1KB
MD5e9d406173ef2e8efc2988be444b7b608
SHA108a538d93ac9bd71e9ab333fea34ed4151425419
SHA256a54858ca8a6460332a24a437f529b1f0cf424c7fe5bc918c8e0e7b841872061f
SHA512f1d5d2433bdadce67164eecccae2328f77ab3cc4ba23c78d74ffd485ef9685562a119b63fe4d9ec49d71e8f670df351e4714fcf88e5ac2649fbe5109f080da12
-
Filesize
867B
MD51909e63c56c6a8e619702bca27cc68ad
SHA1606ae51465d0056e7e061425ba0a03cce92e5a3f
SHA25698d5c7af5939a6761fcf80d5a6e3d608eae7bf20d82d15d69f825e4da8aff0a9
SHA512a7a6ca61b3f7b95a33134f3076a90025420fda04f61a4adba0dd1e4357cf6635ef448f1f3b7ea0b4d5ed43a704740d97994a8fb1fe3611e509aa608ff3c06620
-
Filesize
867B
MD5a46341dda6a2b6b77872c3c60e09fdc5
SHA185c5b8a6e6950f280a37c628f54f19996db34176
SHA256dec296f13946bd7c81b10644418460b9003b0b43c406cfa27ac53d2da4d175ab
SHA5129f48a1f286dd89f0a8a75d50ef47e656a94cd10784f0eea44e7377f6a63ed03d31d8915de978efda68f6d9bce57a4f15f407f56196d7b82f4a13a5fca083fbd3
-
Filesize
867B
MD54399b77fca4694d378ecd633af10e141
SHA12f8ffe0ea377fc1afcfb56ecdd51a579922f3bfb
SHA256fd4af8af2c8d8b7e88b64b202ca5e989d53dad958a20f6ce82e12181421616df
SHA5123c218f96de2496f62c08a367f68ae0423eec4901680f3d63e734282c6fc105f061da4f33e8cbf13618e76156a3b788a8863843b771f6750502384581a9fd1d07
-
Filesize
5KB
MD59d07f1cb8f9a0c6efeb4024377347709
SHA129eec728cef587dd8653b6c81ed128c885dac374
SHA256ff9a195f1fd7daabf84955a1671600b5bd19b95f251e8e37caf2431c4f814959
SHA512f30bf0008c81f42bb0f576567a03575e9b8f297e6d81bbbb87b85c9dd5a08662fd1041b6e5654ee3f1c6fd232bc094a6c95b8e93c728e3be2061da2248b3adf7
-
Filesize
6KB
MD5d1e78e766e99186202791542efc63b17
SHA1ceb24f6131e21c86a163744cbf59da66be9bb459
SHA2562895d1de16b9b2b91ea9b63b7142108ed8432ba70c217fe3635a0e30680a4f00
SHA512c23584c26fbc8a53db31950e0ca3fb267a3099263b70032fbf74cc2f58b2e5361675fc591f13b0747990a823d29ee2944cc9f0ae955d1ed90de6b00a436328d0
-
Filesize
5KB
MD56860c516d378cf8050a0fef592e105e7
SHA13bd8ea52a7f34cdf2418e4c3d514bfc3a20fdd09
SHA256e52c6c8a38907eeb0075ecf6c14cb1113ca93250a713cafd379062142938353e
SHA512e20c3aef57583fe876c180895f403383805a44615de323c2ec26498557d430b953260ab0138108a0f3d13aafc067b733059fcd0b451ff4e9ff0353cc4084d81e
-
Filesize
6KB
MD5451400d7c9dcb36d67f00f2508cf57f8
SHA1a3d91b17ba41583f507e827f652c5e6bea6938dd
SHA2568ccbbd8732dfe035a71a653cfa438feba3214c3dc41d0a273e326340e4c388fb
SHA51238f9a5ac169dbea155050958fa6490e0b4254508af9a36bd20b614009f7c4caa66551a488eacf110fe5baa52966d05ee21ac333bf853d6092740448f00ed9cdb
-
Filesize
6KB
MD5ce016dd6bae98ca583a3ecbe0b459f18
SHA1ccd6760f8dc46c343fb5d74563f740df1399a81b
SHA25602510bcf6e02a9939b1c18ab8ba2143f2ecd45288e0b57e293bc462ab361bc40
SHA512debd2dc12f081b1d296ffaede639b349d406bb64d4ad775326ce6865986d209c99a5075be03cdb653d5eae817eea355fe6d5faa4ca3cd39dfbdee5c00026b1ee
-
Filesize
5KB
MD5d306a66fc8ad72629a63351f22feb822
SHA19deb67e37c4593a5f5078618cd7c32e1c6c0aef1
SHA2562db335a9516bfec173e8a7e0dae6ddb9d352194f5d88b495a931657e5ec7f0f7
SHA51263c21bf0881517ef4fae7e37ddfc499101e6355d82e65cf6e6696c9617458772634958fffaaea1e9e0afe7ca4995d55abd3b7b2bee639d6e2f57b1991b332185
-
Filesize
257KB
MD50bc61be290d193f5496deefe42dde3c2
SHA1f12b74c274f37021b266f456680b16e81092b596
SHA25665b76221fcafc6ab362afe139d363ef08096e97a621c137064384ccadbb42755
SHA512b28a14b3fb9d44c3ab97d42dd917d67cc56fe4e6fa0893ef319bb5507720b2c86325ff00604326a78b0e5d737cae9f3db4333ed8ace7c1aa6bb7983ee1fbd79f
-
Filesize
257KB
MD5615b10fdb0c7e8b0ec1a90d2750b4bf7
SHA1bb15018153a8fe8e9f626c493f7bc4db251068fd
SHA2561b35f9a17f4bc0f92cffe8b1db1dc209f53e1e839b636fc78cb4a37eaeba6a70
SHA512a7222dd259a8263da3502db7105e06f0484792783700ffb4d4b8bf650612628b0b8c7d0460ba301212fe1d365c3a39353e9ddf1cf29ed412e05b9cd47c78dbf9
-
Filesize
89KB
MD570a0669ed462439e65766b686a374a09
SHA1726381b47429fe06f25611751d7c492ca4e95f65
SHA2568c67e7b4a0b90e27d96f17f80cd47e6b585b8c3270714ca6022210da6369998a
SHA512e9d370db2e6c0af1bc3d9a7e2e460681bada370c27aa09f6b14447a07d9a5549428fddbfc5a1a312e1398f38f294e38c8a42aeab0a3619d97a97c420c06e9abc
-
Filesize
97KB
MD5835504aee7ad9623c38469d582b2515d
SHA1907e2a55c670d8392632c4bb463ce82464d6dde6
SHA25669559226ea5f8cbd92d50ee07a02169b4f62a1d21cf1547130fd826d2b06fb06
SHA512ea9d9a2f1dd09cbb70a4d43a426a3e4addfddd48c5c00e787d52278b9ffb6989372971d98e612c632286d7d9165134d04f1d802b633df2985154f5f311bc2542
-
Filesize
88KB
MD594d8b7e2e91ada2713c290c081d35ac0
SHA1e3ef666dc9bb1b501d87fbf96063a1410950c77d
SHA25665c01fdca108fba0c83d8c3dda92f1843ae7fccfa96e535c78fcf292a35b19e2
SHA5120e67bfec53bd4b35b12fdf627eaac00c4008addf0384e2a09b9ad05ebaec589d08fc55d1086c613d067f26cb0cc713f431fb7893204a396c97a48d4ed15b2d05
-
Filesize
264KB
MD512f39f0f3c86412f814057bd969363ab
SHA1f16de8e452019b31d9f74a7ad83de0f6f8f03096
SHA2565aa752b106695ff7e082dfe3130c57b0ec801aaabf3831b9542930d8e9dae90b
SHA5124ab9e69b737d4fca10f781d89b780ff8f75d96e7705b091a64ffb07c755f2b15ff56e02f57741a90d58e08f075a4e2439c528b80847b689087654435a6feb363
-
Filesize
257KB
MD53fc5bda0713dcd68b54799bd73b6b70d
SHA19fad4547fcf103001f1fefdaf13e70ee4cfd9de8
SHA256172002266e679620dfc042f165e145d8295324dfb85e4da94ecf374f04317481
SHA512635034db96ecb5b256f6a53489e9ce3760ba7edde34e5323b097308eb16a11778eba53a71b1127160cefcd60dac55f885a47bdbf4fe87133b984a8f91e8c7d5e
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
20KB
MD5b02bea6fabb951d8e2ef8a0ceb0a430f
SHA1fb1d657ad5159d56a9b6f9237ea9751c313723a0
SHA25679cee740d9799fbecab8463688f5af2cb8c7769cf99a80952bb8e17ad1c3e7b3
SHA512c5f723bc9ecacda9e6019281c498c7ea911b7f8749e5ce5d400e6d5a8adbc7e32f02efb3e651ea9a04a170f814181adbfe5e2f98fe883e15d8595f6bbea3df0a
-
Filesize
26B
MD5fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98