Analysis

  • max time kernel
    41s
  • max time network
    47s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    23/02/2024, 10:01

General

  • Target

    AULA F75 Setup v2.0 20230923(1).exe

  • Size

    3.0MB

  • MD5

    d2fe9aa9aa2373a22ff48c2cbc49b4f9

  • SHA1

    4d87e97d2a818bb54ee1cdb3866b09af8a180abd

  • SHA256

    53c05f8669aa0bb2fd950650ea845e9410205f5d543fe192c6c3563fc46cc1ce

  • SHA512

    0a843c3afcb890840511b10694ed048eb9928892dd825a27d35d398e8a4724014f98e81d7fde1e8c0f75bf62d21e34afc3adb1efe9bfa534bc8159c1526dedf4

  • SSDEEP

    49152:OKVbr2u/cd1t+fDDlU6knXa/s/r1nXIBLp1gr5KXrS/3f+TGh1oWGe24ZSQeQO06:bbT/cfqknmsB471S5KO3eG9ZZE0o/

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 3 IoCs
  • Loads dropped DLL 1 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Drops file in Program Files directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 12 IoCs
  • Suspicious use of SendNotifyMessage 4 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AULA F75 Setup v2.0 20230923(1).exe
    "C:\Users\Admin\AppData\Local\Temp\AULA F75 Setup v2.0 20230923(1).exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2216
    • C:\Users\Admin\AppData\Local\Temp\is-AQOB8.tmp\AULA F75 Setup v2.0 20230923(1).tmp
      "C:\Users\Admin\AppData\Local\Temp\is-AQOB8.tmp\AULA F75 Setup v2.0 20230923(1).tmp" /SL5="$700DA,2712295,281088,C:\Users\Admin\AppData\Local\Temp\AULA F75 Setup v2.0 20230923(1).exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Drops file in Program Files directory
      • Suspicious use of WriteProcessMemory
      PID:492
      • C:\Program Files (x86)\AULA\F75\OemDrv.exe
        "C:\Program Files (x86)\AULA\F75\OemDrv.exe"
        3⤵
        • Executes dropped EXE
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:3200
  • C:\Program Files (x86)\AULA\F75\OemDrv.exe
    "C:\Program Files (x86)\AULA\F75\OemDrv.exe"
    1⤵
    • Executes dropped EXE
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1324

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files (x86)\AULA\F75\Cfg.ini

          Filesize

          1KB

          MD5

          c0b83d3e946679aa424e8f7399998854

          SHA1

          4866a7a92efc1b5cceb51d52880878e637e52135

          SHA256

          c7bdcc2b4ed7670c8473c12520f0c20fe4ee59135f931e75bd9d71092ee4c794

          SHA512

          ed88c4b30a39f4150cd4c9aab1090919f554e56600c8398b71fa299743d524b9947be2b82a6a83a8a7da1b8850bb616309fece2c7a3402a98dde5905f7f93083

        • C:\Program Files (x86)\AULA\F75\Dev\kb\1\KB.ini

          Filesize

          5KB

          MD5

          7dfd7eb19a189e6d24b3bc74feafd17e

          SHA1

          926888da073d1d9eb046f7d145b5b41886a2d0f9

          SHA256

          794751026176e96a0432bb8135cf35ee1fcbe95d856517f760f9dd79e7f4f0c2

          SHA512

          4cda3ab92c70ef8eff544ae02fba1a7ba7ad764f2a369e86736995d385fe2e7d36bfbe9ed1be6d2d145b993a9530ea45b2ea74fbef49851e11fc6aa80f28d827

        • C:\Program Files (x86)\AULA\F75\Dev\kb\wired\KB.ini

          Filesize

          5KB

          MD5

          caf39d91062a539e8f2ebe3f1fe7d698

          SHA1

          4c4444f4da8b88bfdf39fbd7eb61b27e961d4c5c

          SHA256

          22b1beb8a2635eef87d4925caf115ca484e2afc2a83df338d79ee58b2e7853f4

          SHA512

          e3bd5d9572b8b8cc1a3c954859450d08a6ca6a678b14b0fd0c53ac0881816a0c038862c70bacdc749d048508caccc754841fc468acf190e729f848414de5ea6a

        • C:\Program Files (x86)\AULA\F75\OemDrv.exe

          Filesize

          2.5MB

          MD5

          3ca4211c7fe9d9df3ca4fa05e41ed44b

          SHA1

          fe93a7aceea51c8540fc52256e06722ba85b7108

          SHA256

          54dc704f9d417a2c5df43b917446228c64ed942d00b2db3cbfa5b90ecac91237

          SHA512

          7f19dedefd3438f3f33d194e65b18f6d083072f955081e672fb85272d4f6093803c49ca7274289cfc21e77d676a0c968fd72124da129edc6b31b64e90c7f4db0

        • C:\Program Files (x86)\AULA\F75\appico.ico

          Filesize

          141KB

          MD5

          73edc1797b66133d3a4b304fc18a2515

          SHA1

          a8421533fffa806276ed45ece85bb46106f2f8ba

          SHA256

          b43a53dc95f2564fa6512f99674794fc3b1cd07954d6e0552b08dc505f49218f

          SHA512

          d6b07cf5968541b091e4f8e9bab0fd2a817955c6f7fe84149fd9673f44e867910f81d2854ccf2dc63b393bbf42218fe2f75dba50d2cd9e3522c7a2bb121b06f6

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\bracket_left.png

          Filesize

          2KB

          MD5

          c6172143233dd77b58d83d216d343bca

          SHA1

          649415e30e472f2716a60b6f1a8f94ff2f4c4cbf

          SHA256

          5e3b18226e17fc720e8db66a34433a66b3d362a0bde7cb92d6ec00625445db35

          SHA512

          81292fa3eca07db6addd7f5e65d6e5a539abbc726f9576f159f2408b556621fedf741f7fbb0097e952662b50e1e0459000c49ad31e63ec67078a06b27a49a875

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\bracket_right.png

          Filesize

          2KB

          MD5

          082857f12ef1cd77545df5bfd7949857

          SHA1

          734869f277a14043252a43c720d115fd090339a4

          SHA256

          d0e21db4947092913a6184aba4c2f1b2e762ef0718b23f5d91497fd38d1332bb

          SHA512

          349bd55ccdf6655ec9dfbf85c2217743e8d62d0df480ab9f34130ac0af6a95ad3a273d0dca7ebfd29c4b28423959edfa19ac5e1f63fae75c88111ff0f3dda0f5

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\copy_nr.png

          Filesize

          2KB

          MD5

          cac89c7e3e89922383e745581828aeb8

          SHA1

          ef05a345f10e1d5ce57cf23f2436696b34535917

          SHA256

          62235019cc93768e6fe3824f36f1ff8cb52509dbfa95f533638a83a8ffa217f0

          SHA512

          19130bc78f873fa31bffbb45f7145847033922596a231e4bf32b1375ba6c36903265697eccc252e965188b17fe2a7d86846a27f67cbd76dd17158f47e307884d

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\copy_ov.png

          Filesize

          2KB

          MD5

          cf682a0111442fabf2170969c123caeb

          SHA1

          94a650ea174f7d83ca9712d35f39257bdf8049c5

          SHA256

          32ba93b200f1761b298fead53c4746a2c11d2115be9d9746763498ac57eeb7c8

          SHA512

          6c4fc5e55988eaeeba7dbc0cd8fb41fe84a39b61965d2515a13705e9b07c865b2cdc19ec5aca324c1ee693232fb42b24975a609337164426fdaf3cb8b5d7d1a9

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\del_nr.png

          Filesize

          3KB

          MD5

          5bd99bc83f220dd210a7f083ba4568fc

          SHA1

          a606498e3f118d595e8e5840ccd3d051f3c627e2

          SHA256

          415e271d0dfa4511ee42e917ee1a08df56b2c8cfa4d954a06dd611ea35e4d6a9

          SHA512

          3cf926b4a9b8d59aaf4c8f1be6dc0d5220b1b8670969668a712987eb58549c53cea7d47a3be9c267235819d4cc408f7de28aa252a1e53ea5f2d024d4eed9b333

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\del_ov.png

          Filesize

          3KB

          MD5

          7c25d89c6597de7cba5800d1d5d477f1

          SHA1

          80846f6a892dc4aea179266e9abf0ddacb8aecc5

          SHA256

          282985f6b17440706e8098fb1d86a88132aaddd2ddbb63f78b7be56028a9a418

          SHA512

          36b69254b2d1db98b74b29e3b73681fb49de11a36a91f5da594c70cb82b31fbf045cec5a1bec46fc1d9eb5439d68d9a86c6960db28ea3953080d50620bec7903

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\dir_close.png

          Filesize

          2KB

          MD5

          eddc423e087621dcfe3b4b70264c1243

          SHA1

          883b7f099e8b2dfeff00fff6ebb6d8d2e033f564

          SHA256

          20dc6600daf41e597a4c68615113d26bae42cf54e7a9abc6173f61afcc918812

          SHA512

          5635fa0bd655d45c41a94037f1757b1f44a12c84bb72ed91c6bc77be778f30276415737a8f878ca37387f8c997a5b25246c2b50c75892ea82d458d65bdf29b41

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\dir_open.png

          Filesize

          2KB

          MD5

          b91be0296462123620bed844f6cb5ed7

          SHA1

          c49b3a6a70fd89d2d9bf3d98d40c4d84f4e229a3

          SHA256

          88d08ca4121d98a2a6264d3802a55bbb8e2a76812b8e4f8d23dc0ec4964f7555

          SHA512

          4fb7f4dd28a4ea171aec80b1a345864955b0796fef83248895a1a2e6a70d5a644cd966f0c5c46c1712d3791485f47ba190645a1d0bc4b26e39767d5afd5df189

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\edit_nr.png

          Filesize

          2KB

          MD5

          87b2172f4c13632713f11bed2578977f

          SHA1

          838df4edbd6e602fd1bd35e76b6a815de9003256

          SHA256

          5c44d49fb33be475b47414f8845e29f9cc88c6c963e8e685b02f08fc1c7be003

          SHA512

          93be9bd9adf2aad628aa4cafb69d8c508f2624518f5d899cf411f507e9eccb2cd6dde5219a3854abe47e41dfded5b5580ded5916b9ae84a0925a1f9c74b02a83

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\exit_nr.png

          Filesize

          2KB

          MD5

          fa96ec85f53a059a3d82151a5cae13b0

          SHA1

          9490a3a3f8b1870f59ffb37628c1d9abc776055d

          SHA256

          0a6c490ac75f40c3d23351845521ff4d4614b347cea8d5b591cb99b33c9840aa

          SHA512

          281ef97835d18288079aa357430954f7f60a60176bd9e3ed94fa93d09d4dbbc439d798d81ed7dbf1dc5ae519bc8f4719d8d3a8b5c2548f163e846ace495bdd91

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\exit_ov.png

          Filesize

          2KB

          MD5

          7343f5cd0fa6e34165e95d55e151bb01

          SHA1

          a1c8162a82cad37ef54173120674d53cfc8a5994

          SHA256

          3aac676de969011ae40f9ff7da88273aef99d0e4f76c0ac5f81e0013cc9c5eb9

          SHA512

          03cc7539493d71b976c46ecda4c0bd854321c4eaa7aa1996371daa2d83fdcd8081d991842e46dc4d40d972f57c2ffc9e591b0babbad3bf73e197593692827b1c

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\export_nr.png

          Filesize

          2KB

          MD5

          26e0b7c95b9c400c35532bdefe512e30

          SHA1

          8bd87fdc4dc924a2d2038738536bb14a3dd5db97

          SHA256

          87268064b8dc53a36b52a4f4747c094442e4746582df171b92fbe4bcd5abb26b

          SHA512

          99b3d0844759aff6037c37af8adbde02a40f189682e466857c5a43e7f84a3b31082c71fb8bc3515dc52b0cf740a4f298e21b76a04a1b0d9e34bc0403a184d181

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\export_ov.png

          Filesize

          2KB

          MD5

          bcd173b9d04f269d12b66a5a3fa13ce2

          SHA1

          6dfa6eb26ae2d3f442fc434060237c88657439a4

          SHA256

          a6908ac6ca974ef0842cdd88595676a2163d7fd0070e9d643225f573ef10e290

          SHA512

          f2117a3c52ec8613a08bc9a8e0091c8970d1616f62cfbfb7080a1f31876987027a01e0fcfaeceeaa1c71d4fa3649e1a3d091d5d5797090a33aa7cac5d512c7a9

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\import_nr.png

          Filesize

          2KB

          MD5

          6380a560a3f3be830456c0d92917276f

          SHA1

          a139e748452cfaae8e254a9ee2b630176405ee3c

          SHA256

          a2ddea92ffecce474d3cdab259f27f15d2ef6faf9c9a10743544e4a710515c79

          SHA512

          d5a754ac6dc8f4c3413be88633844fedc34bd8c24503830d05d7a71f44f6ea059c65067f33d826e16e31866b6b8f8646e2d8d2d0ea886d84e485b019bb909fe1

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\import_ov.png

          Filesize

          2KB

          MD5

          68b3e67e40c6438964db38a75b1874b2

          SHA1

          4702ef641b6a376bfa28960075fc9cd61add4524

          SHA256

          feb2017120ca9ba60d198c31ea5a98ffa099a2eb489773af3f1916b9fff3a386

          SHA512

          6119df46a7d715e82287a8e1a145a1b3a3331ebfdb0bd6f14e6051cbf3a8e3badff58e08681f2205e32eeb35ed414fa0a061fd9576d4901fe18104f7f78d5998

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\min_nr.png

          Filesize

          2KB

          MD5

          56579d116c3d8d5ca53eb4297b8bfd78

          SHA1

          50516851dc3a5bcd81019b510b15dd40868570b6

          SHA256

          fc07072782f24efd01f584b05a9f11cba840119d1ff40aadf58befbad2d8adc1

          SHA512

          6b5d9420b6c38caac6f663a2ab1908a8787d447a9d927e049d7d495a1b7cc56624b7e9958df89528aaa797fbef22da17165ed534c59f5590d43795fcb11182ff

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\min_ov.png

          Filesize

          2KB

          MD5

          73415a23e52bbde0ffcd39c8405a8a5e

          SHA1

          2cff17beadf53f59ded21dcbf3ecb597b54fda7b

          SHA256

          4e5580ff509d58f35d5d0b84c0b6f6fcaac7d6ef12c55feaea3ebc8ea6f08a9e

          SHA512

          9b5fb9258bc5f037e5697245fa2a176898f3fe64a937f47286ed7dfc306629dae3d1bc49003b0bfaa40fe46028fbebc75be9d05bd9bc3073de1d7df80f8c3ba3

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\new_nr.png

          Filesize

          2KB

          MD5

          74447c4f770d6c516e13e69983293fec

          SHA1

          834fce23412a54ae553b09b283f26f7066304b8b

          SHA256

          dc407e41619893c1965c95de61627222720ada6f32d619fd0d3c9d86768fa66a

          SHA512

          e1221f7f6f121ece2a5a825df76af8eec24a5b4518399aebe16f1acbc36897ca749f5c288fbc59e787a7fbfcf439fe1c2f24e2ea74700cdcb10cdd24eeceeacf

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\new_ov.png

          Filesize

          2KB

          MD5

          3265a5b304b1cb15a940afde09f06291

          SHA1

          e0edd4c2e670453d1452ac2bc500520ff2e38c79

          SHA256

          97b1bf78bb214cb820b43f0e99c852c6bbf25793cee7e4cf1bb55408ace274a4

          SHA512

          940d0368cbddaac7ba1c8af98a6890e341566f82b19e0a33808eb9810d13e77015e2ccfef03d1e4fab79c3ab76858c2d1256bd0414425304fdded4ea3bfa796b

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\rename_nr.png

          Filesize

          2KB

          MD5

          a6b963f7003fe0804941c2c311a9628b

          SHA1

          5cd0b7acb460d024a86cb8468e096489193b19d3

          SHA256

          3c46c296c283516bd5a9ed6c7057ca04b9384bfce5cc62ccc84c2d191a1b5333

          SHA512

          346e52210e41ca411f66cc8a65bfb7b7400cf148dc9a7cd8343869da0cc0f0f3cb531fcd5ce2c7b10d6157d21024b9494a758edfb95a8fbea26f73cefd788da9

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\rename_ov.png

          Filesize

          2KB

          MD5

          a4a2a293b72425a26c6910985f2c0d70

          SHA1

          7d2cb4b833de30d747e055b4ed39373543789d83

          SHA256

          32980085c49826ec1b089abca7a2c85ba40b33fcf1bc75014dcba0c6111be388

          SHA512

          7b6bec18f316b3f10ab0a674d1216d04c17b62defac0c08ac0bdd3b34aaf6aad946daa0fe4336302409d90196a0f0175a902326d718ee41469b2652ecee3bf98

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\save_nr.png

          Filesize

          386B

          MD5

          58086091e98b63b122f1d27457dca125

          SHA1

          683bb1f1bdbc23f48f757012c7ccde5d97e1eb75

          SHA256

          107306efe5338845dcde65f47c0ab7b68d3c0e6b82fb77ef0cb0eba28d3f595c

          SHA512

          af746585d871a98c71414264c122bc82bfb61f5016eb47bc34e3746725c9acf7eb1ee6f462d1956ab62d253ffca08179f226277b327ae2dc9e4e5f1a1c5cd1b9

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\save_ov.png

          Filesize

          351B

          MD5

          46b44ea41346ede223fa6726fab725d2

          SHA1

          cd04bf0fd339217b191907f5b4df53eb83d05ade

          SHA256

          8b456b81101539ede010288efaedd170109485be92c5fa5b422156a1599b63e4

          SHA512

          3ce5380960571505748c36df16419acd32c7e850ab4fc1ecc319a1ae038fc4d07bf92842becd39b97270c16332a5b504e1c3f4341d40d34564750dd880b5988a

        • C:\Program Files (x86)\AULA\F75\skins\icon18x18\share_nr.png

          Filesize

          3KB

          MD5

          5ebff6833375d0f3457fd71e2c433fa8

          SHA1

          f33689ac4b65b950c18f5dcfe9b6203edf8f0891

          SHA256

          f596a82c21ab2dcb62da6ddd5fa7a17a2375cc0aabaa9c465aa2b6e06bb49f93

          SHA512

          af4541b17cb78857cb07f791c74e4f5f857039def96ef6e04a2647f292aa299c881e577ded18d64ce91d28670d5cd262f8995712cc3e154715c678461070c003

        • C:\Program Files (x86)\AULA\F75\skins\main_nr.png

          Filesize

          28KB

          MD5

          baefc7b8fa9d1a200b337af9779d8de1

          SHA1

          fd10a7e607cf66bc97205fc998b27a8aa955281f

          SHA256

          d11793fbef0ed675c70109f16fdefca39be54cb323c90ecc956b5d579ac7c8e2

          SHA512

          28a2f28c9f37a630345e71535ef809616da7131f30d38105470c643ffc7b36932696d2f1d16577e7baa66cfb810a7d7b7e8b545abea833864209b62b6573f158

        • C:\Program Files (x86)\AULA\F75\skins\mak.skn

          Filesize

          520B

          MD5

          56f1670f2a95e8d4e443d9e567e38d13

          SHA1

          d54747e77f95e2460c8c6e6403a548425bcfdc7d

          SHA256

          147c687edec5a9a97d566353a77007308238bf8767e7f855e5c3cd46ac02b696

          SHA512

          4e45de2fa7a5a795c2a2147cac00d932baf824f1d9fdfd02f47d63829d5c4b498ff06de833da920671639463d4da1c6cb419e1e8a2090648a4084a904c1c5305

        • C:\Program Files (x86)\AULA\F75\skins\other\icon_kb_nr.png

          Filesize

          601B

          MD5

          ba72e8699bccd0d8b9e3a668c6ded2a0

          SHA1

          4af693d261c87ea05fa69095b71186a1a734bfa0

          SHA256

          1895de1d82178c3fca5de6413b67ff31c1ff960293943d039d4308fb01c27981

          SHA512

          79ee123000d39716db4060d188912a62964f7efcfe41fff6efde89f8c26ddfb426e837125fcf3c02ace9001ad90a99516174b717bec91ee30e9dca600bf5086c

        • C:\Program Files (x86)\AULA\F75\skins\other\icon_ms_dn.png

          Filesize

          761B

          MD5

          0ff97053a1c78bdcd184a374e40ecf19

          SHA1

          54091260e5819c283f3c5ba44f16eb497250a1d9

          SHA256

          4640cbd5cf8897d1e78616c7a1ef587e65bc22f68f30c138d1d7e5900ea9e51d

          SHA512

          7c876881229f17bf04c5f57281027351240fcedc9b207fc9d0573c66a6ac8461d57c4f307b311e615158f4009f6ebb7d71f75611d39f96e7211abb25ce96d4a8

        • C:\Program Files (x86)\AULA\F75\skins\other\icon_ms_nr.png

          Filesize

          552B

          MD5

          5be537ccc92dc7a8385ee252ce63fb5d

          SHA1

          58848a30c4b8010b7f3759b70bfbe5d9223aab62

          SHA256

          8d88850136dc982ad4de34055a437980b8a8dc85805126de8a1b7a80d4e78554

          SHA512

          c998f7060bc152691ad175cc1b90dd9766fef6b930f0b621d3459bdf15aa5bb4c49596b7e35bc1adbff38c6e8d064a6a7d2fdae491905a3477410d270aed692b

        • C:\Program Files (x86)\AULA\F75\skins\other\kbico.png

          Filesize

          332B

          MD5

          2f6254565dc715068461eba44bb58f2d

          SHA1

          a73590ee9133cac8706c54947b04c7ddefcf516f

          SHA256

          4da8f28652b1ae2d3e10df0dbf6271782ce239db6bd4f61f280b1146e5b9a7a1

          SHA512

          4b4a6ba30fbec86fe4547e4b52e2812605adb8c76341364f75a14b38c1df4f116778f72eec12c803e973515bce3bc8f1dc9eee56593415304bf4a709a27f224d

        • C:\Program Files (x86)\AULA\F75\skins\other\mac_keydn.png

          Filesize

          251B

          MD5

          457e1395560347fe8541e4ee551ff267

          SHA1

          35fbbb5d43f379111a0eb424e9ea34f8dd521c21

          SHA256

          7eb7cf847568052d93ea8a693618a9e2a1bfefb82fc5219e0a989af333308af0

          SHA512

          5ae06d98bc1bc63f6a5712d08d0dea1627ec408e18615494823ccd14a0ce2629365ce7cba42e5e4e602a9b9284c9c670c9bdf800de48b0b1ef7166a911aff192

        • C:\Program Files (x86)\AULA\F75\skins\other\mac_keyup.png

          Filesize

          258B

          MD5

          8273c1e9d74bc74b70e16f139d80b012

          SHA1

          ecd2b7e617579b32b38c610ac665465f9f8972b4

          SHA256

          bad3d998aeed2b8eb8d57e5b2e71249011d3058208ed2a9914ddebc3133d2254

          SHA512

          28e78c1ca1def055ffc22f252c29080713308d0bb1d4d9ecd40c83a648d25392d1f60eacda6b8c612818112979d7accf31fa6d8adde2ceff6f105351452a0913

        • C:\Program Files (x86)\AULA\F75\skins\other\macico.png

          Filesize

          318B

          MD5

          f8aa97177b9de4c4d73725adab67f2ca

          SHA1

          5f575d7e16f6ef1878980255c5ee3c450e60d791

          SHA256

          cbc4fecc558b53d40e28f63e040b27f6a12eed625d6aa8f47fddfd8ce448d655

          SHA512

          d7eddbfcdd72cdb519318c7e35994ef5cc4911a624ee51c022386033a7f6f5e1065d8d3fe54c1877cc0d1b0d2adcf59594dfb5154732a276a667346f814241a8

        • C:\Program Files (x86)\AULA\F75\skins\other\msico.png

          Filesize

          466B

          MD5

          1d03df819b9d8efa5e50740b494efdef

          SHA1

          f3d85ae5d01aed363aa622b990ef9b2d9239432c

          SHA256

          b1beaf9333a398761fc1fbbefc643b5301177d5b31ad15232d647eea550383f7

          SHA512

          93a4a2c9ab09249033be4abbf496d56c0f0d800c48667b5cc8706a954a7ef130556211d94dc97a1f2f7423de6207ab89603cffcab8d474d8ef8e75090585d96a

        • C:\Program Files (x86)\AULA\F75\skins\other\time.png

          Filesize

          331B

          MD5

          75b0072bb8a2248b8b6f6f95824d559e

          SHA1

          8f053bef4715a17151d01e5291e152e96b68953a

          SHA256

          5aa3df6debcb777e25969e410ca2ec5544f05febd13c8c2f0aad3362fe051964

          SHA512

          c99f770520b3b1958986f028a8c94e382ff1f5390992b22a835048443a3624771b31aee83a70273ead051ad66cb9b18282210d89828e12095384af25265a55ae

        • C:\Program Files (x86)\AULA\F75\skins\user.png

          Filesize

          3KB

          MD5

          82823c4540d0d431d032c63ae2b266b0

          SHA1

          cef3ebf1438a25d8a0d6fcde1647c3c321244315

          SHA256

          b59eb21419b7f1cefea9361d649f0a692e6c122213b228022baa62d56465e84e

          SHA512

          9fc5430c8a1563b0b7c80176324f40bf926c781ae112fb406f06a79cd9f47db8c0c36eeab1e6c3b0c9b2ff7d042b1f7a8a87a40e1ffd9cde8c8c82eaa68ab991

        • C:\Program Files (x86)\AULA\F75\skins\welcome.png

          Filesize

          411KB

          MD5

          bd04d0b6aa0adf5a241432acef0cc43c

          SHA1

          6574e0d9943962f163ac96d3f8ec65383c46baa9

          SHA256

          d052e86b982c2a0a356317d11bbb643fd124e15fd4889af7ce44d37491b8fca0

          SHA512

          c7247321fcd08df8b002842cb2b1b1e527d33fe09971716350298a35627548c4fb49f3e15d2932d6b5e053699851c60b3e86fb5139b2e3a7d8280a718e2d6e02

        • C:\Program Files (x86)\AULA\F75\text\en\text.xml

          Filesize

          23KB

          MD5

          cdc84c16b392042e4c02154ce7522999

          SHA1

          795972cbd5d8d8d5e9cc691b906eeb287e0e8c8b

          SHA256

          82fc5bf5f51765ba375efe654fa5493bccab80894a575e0d4556348fa4a56618

          SHA512

          582bef1d4aad615f62e9d6707815a16ee1d7fef7379abea03b3c760011bcea867045560c4721468ae6e00fc30f4f6126af9b24e73a86e8cfa09b09c694b85afb

        • C:\Users\Admin\AppData\Local\BYCOMBO4\gSetting.dct

          Filesize

          84B

          MD5

          60054651e541292badc586b9c2541105

          SHA1

          4a97721039b9a620323fd470f7a7e075342e8990

          SHA256

          fb4110a7fd96324616cd137ef6eec8aba4731a0e41aedd35f3f0e7c6d37a564d

          SHA512

          de378e15c515bee2af867ad73b644cdfc354fd19ec6569d1adb1e48e093916529e428adc4bf598f081808a5d12bb2fc5e2bf989ca3f0ef950b8bbb78261a6ddf

        • C:\Users\Admin\AppData\Local\BYCOMBO4\lang.ini

          Filesize

          20B

          MD5

          3466966af42fca8c865339ffdf7bcdc1

          SHA1

          634110e8670fb8a79cba5ca7525d9e4d6948e332

          SHA256

          2c5451afc3ee4f44c5dbf63d07377485ecfa52a024ac869f0ee113c9c1cf59f0

          SHA512

          80e609b099f0390cbed23ad968ac36c5ea7f66ab05c7b188221c6d57ee1a9e9bcb2584795288342ea7b34035a85dfc1aac7ff478049b4cc819eaec06de26f843

        • C:\Users\Admin\AppData\Local\Temp\is-5DM2V.tmp\InitSetup.dll

          Filesize

          55KB

          MD5

          3bb4a9fd05f14cc833291f7332565843

          SHA1

          def4f41072c57ae0c66dce6b325e6d4f8c32504e

          SHA256

          72f5cfe575253eaff31e27ce8f70b4caaa079d2c42a4130515eecf7f0967115d

          SHA512

          0aa11d6d10c8a8635db9e514e4b6781e7105c9b1ce568f1bd012eed39d46d36340004507233cdd692049bb9ebd8299a067cc5462bdf9eaa43d9ec6d38144f0fa

        • C:\Users\Admin\AppData\Local\Temp\is-AQOB8.tmp\AULA F75 Setup v2.0 20230923(1).tmp

          Filesize

          1.2MB

          MD5

          45115519d1f8b09519fef32a2612b9fc

          SHA1

          8b03ea9d6df3af1c6b492319217afbc3c0da8ac2

          SHA256

          02eec62b7139a7cfc747d5f897ccedcf76ea154ec63ede231436a0f89e317387

          SHA512

          e0d4893286d075717926ac1d6f9af388f14daee09eb4222660f37619487e732d2669ef23a6ce3b341571d99ec2b89e804c1ffa1f94740095547619d7a204fbd9

        • memory/492-345-0x0000000000400000-0x0000000000558000-memory.dmp

          Filesize

          1.3MB

        • memory/492-6-0x0000000002410000-0x0000000002411000-memory.dmp

          Filesize

          4KB

        • memory/492-13-0x0000000000400000-0x0000000000558000-memory.dmp

          Filesize

          1.3MB

        • memory/2216-346-0x0000000000400000-0x0000000000451000-memory.dmp

          Filesize

          324KB

        • memory/2216-12-0x0000000000400000-0x0000000000451000-memory.dmp

          Filesize

          324KB

        • memory/2216-0-0x0000000000400000-0x0000000000451000-memory.dmp

          Filesize

          324KB