hxxps://github[.]com/DXVVAY/Xvirus-Tools/releases/tag/1[.]7[.]1

Analysis

max time kernel
77s
max time network
78s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
18-03-2024 11:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/DXVVAY/Xvirus-Tools/releases/tag/1.7.1

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133552333921284608"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-566096764-1992588923-1249862864-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4712	chrome.exe
4712	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4712	chrome.exe
4712	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe
Token: SeShutdownPrivilege	4712	chrome.exe
Token: SeCreatePagefilePrivilege	4712	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
5612	7zG.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe
4712	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4712 wrote to memory of 228	4712	chrome.exe	89
PID 4712 wrote to memory of 228	4712	chrome.exe	89
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 5092	4712	chrome.exe	92
PID 4712 wrote to memory of 4816	4712	chrome.exe	93
PID 4712 wrote to memory of 4816	4712	chrome.exe	93
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94
PID 4712 wrote to memory of 2912	4712	chrome.exe	94

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/DXVVAY/Xvirus-Tools/releases/tag/1.7.1
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd3a0d9758,0x7ffd3a0d9768,0x7ffd3a0d9778
  2⤵
  PID:228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1800,i,13901628759358347929,6056808228261085506,131072 /prefetch:2
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1900 --field-trial-handle=1800,i,13901628759358347929,6056808228261085506,131072 /prefetch:8
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1800,i,13901628759358347929,6056808228261085506,131072 /prefetch:8
  2⤵
  PID:2912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2988 --field-trial-handle=1800,i,13901628759358347929,6056808228261085506,131072 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2996 --field-trial-handle=1800,i,13901628759358347929,6056808228261085506,131072 /prefetch:1
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5352 --field-trial-handle=1800,i,13901628759358347929,6056808228261085506,131072 /prefetch:8
  2⤵
  PID:4400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1800,i,13901628759358347929,6056808228261085506,131072 /prefetch:8
  2⤵
  PID:1652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 --field-trial-handle=1800,i,13901628759358347929,6056808228261085506,131072 /prefetch:8
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5556 --field-trial-handle=1800,i,13901628759358347929,6056808228261085506,131072 /prefetch:8
  2⤵
  PID:2556

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2760

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:440

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Xvirus-Tools-1.7.1\" -ad -an -ai#7zMap9612:98:7zEvent30525
1⤵
- Suspicious use of FindShellTrayWindow
PID:5612

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Xvirus-Tools-1.7.1\Xvirus-Tools-1.7.1\setup.bat" "
1⤵
PID:6012
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /K start.bat
  2⤵
  PID:6120

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Xvirus-Tools-1.7.1\Xvirus-Tools-1.7.1\start.bat" "
1⤵
PID:636

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
037c99a0fdacb6d8fa75bd9ffe0483f3

SHA1
1ad23e53693299189bd5d9ef374e8018004ed84e

SHA256
58492d994656ef759c0517911bad9116a0ae4fca8c97e1c26ce98f746b8348f3

SHA512
79fa5bfd7464597f6d15beafb122a0de44890b7c289d9d9695c588f57abbf6d859b159d48b288444fe04cf2d44cd1cbb0bc580d3d1aab439096724e380d7e3b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
63d3dd4529c453146db5ae00d26e23a4

SHA1
4866039416d34a665bc9e17f94eb376c6496024e

SHA256
5d77689f9a8c1220be5631d98121d7334fc6e6b409872c2be71eed7403776333

SHA512
95400ce62e54ac89edadafcbdb3789e577f9ddc01e04fe817c5999b2dc650bbc1c3c9622b6340f5efab118a5029c8dad2d072078303f90e9154b3c7dfaec712e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c8a339cb91ef1a32c3e6f93f4067ed96

SHA1
ffab913cbf1eda5ae1a90fb08ad88d15936b1609

SHA256
62b6020b7a848cb3d681d025d918edac7e2070a7577ec33abca4550a6c327a2a

SHA512
84ff08edae7e6b97b16b899beeec2c3e20c385fbc1bbe45b1031955be16d6c8825a696fbe291b5e585da01ee9f192a7613e9a194c47cdf567b234ba108267fcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2a0263c8f43caa92afea71bf3ff313e0

SHA1
b50fa8556323fbb7b992d33b99cff03161eab08d

SHA256
94ff7790c122f16ec04d8aaf7e22b845e9ce945790766172f863fce7f7eee601

SHA512
d2ac32e3466ce223ec8e4f7076d8ddc8729f14417aa2ab1e9143b56d9e87a16b96785aeafaf15b16447efa5216404cf6002115083069479f3b8064391e49bb88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8c4302c6b6cf6fa42ab8c1103c52c510

SHA1
fb4286f5ad4bfbc7e581c238a7c52328bc38ef8d

SHA256
ca833f7fc98fbcec5fe063aff1c4ed02b7b30db44a015f2fa18635f26fb58061

SHA512
9e59dc2211af63f56187faaf3da12f3c1d9cf27f2130c593458b207cf15817c80596b4d0b271de6fcc498ac346d0882d6bfebb448d3cd0b20df60be546bcc2a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
279e47ae0578c75d8b1098853c080d22

SHA1
fb47f44cea0d14c19ac4af563a94a4c990a7713d

SHA256
a174f8888b96c10e4dd9297894b001ae4adc3c3f024409bc8987b22ce89d4f41

SHA512
850ebbb7c77153ef5ff6db55400fc4ccdf49389b420c27b7c4edb00ba38989c81911937476ce52832666e1f509eb7493193155118a6337a129a7ae042b18e40c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
fae708013ed8af5e4506065cd0547c91

SHA1
87445b8879a29cd0fc87bb44e2d8f3b85e92e024

SHA256
c7ecf6d9ae4d7e85218bd6782dd75b4d753090fd3f91bdb212adee1aba236ed5

SHA512
767f052a311f63bdbbbbce9b704fb37cb2c71af1eb9393493918767383a5b3864e08230c67acf84fe0794cbe615067de6dfad61f286a0515517b36e50fdbdcc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
110KB

MD5
322b08eccb4b2e2d70c242136c703e91

SHA1
1b61e2e089982e70ef0f9eefee73768ead418940

SHA256
c2526178837b687f1a4fc6810c3f5611581c6d8c020d9561b82e4ff2561036df

SHA512
959d80bdf9010161fa9b29f6c3cea3982ab783e2b56530f51cbbff8f222709e00714a8ef75d7475cc2a6d9f16f3081743f410e504e32af189b06b28e20d33120

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57d34e.TMP

Filesize
101KB

MD5
6cc895fb08ca246fd77c13ca1d609397

SHA1
895424519ad66e4d6ee345fa12b4dabb66825b44

SHA256
cb3f853d220d137c5bca149287162fd7595426db43105b9550ec71838e41864f

SHA512
498562d14eda8a9081d4e07701aebd0293c4164e6ece0bf9609348829a9d4854b2c0086dedf74e66886ef31fa7dbcf49ca96153162c53b689545d959704155b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\Xvirus-Tools-1.7.1.zip.crdownload

Filesize
41KB

MD5
49b8031f045898b246c6efd27842f948

SHA1
7dbe30c4f6f0a1ca4bf9d99fc11b292e7ae62cfc

SHA256
43d4f8e901cf19bad05ecd05fdd411b460b2eabb3ee4bc6e91e70d0b0af8032c

SHA512
1fcbac56b7ce0ac8b7b8973cd4b9f9fa6568f7000d4259a379839423e945c0ac8e2186d9888597906f69e5d0fb6552132dd8ce3fad16c66cca3b5931f75d4785

Download Submit
C:\Users\Admin\Downloads\Xvirus-Tools-1.7.1\Xvirus-Tools-1.7.1\setup.bat

Filesize
62B

MD5
bac1df08b5a2b813d82ace3a51adc67f

SHA1
bd1279e6379de4ea6ac108718010235f3b342405

SHA256
59f5244b33fe77d4dfe76e5159d44a07e037040f8790276ec84139ed3128a21b

SHA512
175b17c6e7d91aea20e6d8d3b63abfd467c0cf7fc6b8c574e39dbffeb52db8c40020816291f7a83e0411a165d0535c033ff1df299dd2c2a7e48ba8b34dcd4afa

Download Submit
C:\Users\Admin\Downloads\Xvirus-Tools-1.7.1\Xvirus-Tools-1.7.1\start.bat

Filesize
22B

MD5
439fcacf5dbd7675b272bf20a28ebd26

SHA1
567c60f881fe536d43f69973914cfa55ba3577a4

SHA256
93f20b2d08664ce038d6c18475c6a82f6304da012aa910ffc82aca3657fd0a76

SHA512
b4650e771dda5e29340867f73d5f5478e28ac3d17f00ea8d99f71e6d519faedf00e00aeba0cab889984a581adcde65a20c9bcb7e6ee818f0471de0dd6bbc1262

Download Submit