432e49e0b20100eb594bcfbff2e53573a0b5780bcf979b31e43c910bddc402ba

Analysis

max time kernel
18s
max time network
18s
platform
windows7_x64
resource
win7-20240319-en
resource tags

arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
submitted
11/04/2024, 12:11

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
Size

6.1MB
MD5

8df71e125728966818cf49a2dbea623d
SHA1

a097e94885c7f491830874f0e29e047ede475152
SHA256

363ee830e3732577fdff045108c27277c526e6b83286669a8c54f0021bac5899
SHA512

c623b857344b338e61cb599c37b700c1b2f4697399375c3c117a3ee15ef08b10a8fe51c93865c1c562fefff1542d4ed55eeddb4f3cd55d51f0d7d83247a80e4f
SSDEEP

98304:b8CBmcnY8zot0UHjesE7zmRWnED2wNjI+NjfB5VRM79Cf9CKR:b8CBBYYot3jvkzPEd/j5zO7G93

Score

8^/10

Malware Config

Signatures

Drops file in Drivers directory 12 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\drivers\SET6FD4.tmp	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
File opened for modification	C:\Windows\SysWOW64\drivers\WHNC6A.sys	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
File opened for modification	C:\Windows\SysWOW64\drivers\SET6FE5.tmp	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
File created	C:\Windows\system32\drivers\SET7ABC.tmp	InstallDrv_x64.exe
File opened for modification	C:\Windows\SysWOW64\drivers\SET6FD4.tmp	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
File created	C:\Windows\SysWOW64\drivers\SET6FE5.tmp	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
File opened for modification	C:\Windows\SysWOW64\drivers\WHNC6A_64.sys	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
File opened for modification	C:\Windows\system32\drivers\SET7AAC.tmp	InstallDrv_x64.exe
File created	C:\Windows\system32\drivers\SET7AAC.tmp	InstallDrv_x64.exe
File opened for modification	C:\Windows\system32\drivers\WHNC6A.sys	InstallDrv_x64.exe
File opened for modification	C:\Windows\system32\drivers\SET7ABC.tmp	InstallDrv_x64.exe
File opened for modification	C:\Windows\system32\drivers\WHNC6A_64.sys	InstallDrv_x64.exe

Executes dropped EXE 2 IoCs

pid	Process
1876	sep5B1B.tmp
2056	InstallDrv_x64.exe

Loads dropped DLL 6 IoCs

pid	Process
1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
1876	sep5B1B.tmp
1876	sep5B1B.tmp
1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
1244	Process not Found
1244	Process not Found

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_stdx_ex7\Ncpm.pmt	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_rev\ncstudio.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std\axeserr.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6B_std\ncstudio.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\netsh\system32\dot3api.dll	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\Lang	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_rev\axeserr.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std_Line_Tool_ex7\public.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6B_rev\ncstudio-0000-00-00-00-00-00.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\netsh\install.bat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std\ncstudio-0000-00-00-00-00-00.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6B_rev\public.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6B_std\public.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\setup.cfg	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\zip.car	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\msvcp90.dll	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\53C_rev\public.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_rev_ex7\amend.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\chkdsk.exe	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\netsh\system32	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std_Disk_Tool_ex7\Ncpm.pmt	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std\amend.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_stdx_ex7\ncstudio-0000-00-00-00-00-00.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_stdx_ex7\ncstudio.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\53C_std\axeserr.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std\amend.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_stdx_ex7\public.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std_Disk_Tool_ex7\axeserr.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\mfc90.dll	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\msvcp90.dll	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\NCInterp.dll	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\netsh\system32\reg.exe	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\WriteProtectTool.exe	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\netsh\system32\dot3api.dll	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_rev\ncstudio-0000-00-00-00-00-00.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_revx_ex7\ncstudio.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_revx_ex7\public.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std_Line_Tool_ex7\ncstudio.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\53C_rev\Ncpm.pmt	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\Lang\chn\ModifyRecord.txt	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_rev_ex7\ncstudio.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6B_std\amend.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\Ncstudio.fmt	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\FirstRun.exe	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\NcHelper.exe	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\netsh\system32\ifmon.dll	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\DrvSimu.dll	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_rev_ex7\axeserr.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std_ex7\axeserr.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\NullParameter.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6B_rev\ncstudio-0000-00-00-00-00-00.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6B_std\axeserr.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\netsh\system32\fwcfg.dll	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\Lang\ENG\ShortCut.txt	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\53C_rev\public.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\53C_std\ncstudio-0000-00-00-00-00-00.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std_Line_Tool_ex7\ncstudio-0000-00-00-00-00-00.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std_Line_Tool_ex7\ncstudio-0000-00-00-00-00-00.dat	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\chkdsk.exe	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\AxesErrEditor.exe	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\Ncui.dll	sep5B1B.tmp
File opened for modification	C:\Program Files (x86)\Naiky\PCIMC-6A\config\53C_std\amend.dat	sep5B1B.tmp
File created	C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_std\axeserr.dat	sep5B1B.tmp

Drops file in Windows directory 5 IoCs

description	ioc	Process
File opened for modification	C:\Windows\INF\setupapi.app.log	InstallDrv_x64.exe
File opened for modification	C:\Windows\inf\SET7ABD.tmp	InstallDrv_x64.exe
File created	C:\Windows\inf\SET7ABD.tmp	InstallDrv_x64.exe
File opened for modification	C:\Windows\inf\NcadptPci(PCIMC-6A).inf	InstallDrv_x64.exe
File opened for modification	C:\Windows\INF\setupapi.app.log	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 1 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Identifier	xcopy.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeLoadDriverPrivilege	2056	InstallDrv_x64.exe
Token: SeShutdownPrivilege	2056	InstallDrv_x64.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
2056	InstallDrv_x64.exe
2056	InstallDrv_x64.exe
2056	InstallDrv_x64.exe
2056	InstallDrv_x64.exe

Suspicious use of SendNotifyMessage 4 IoCs

pid	Process
2056	InstallDrv_x64.exe
2056	InstallDrv_x64.exe
2056	InstallDrv_x64.exe
2056	InstallDrv_x64.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
2056	InstallDrv_x64.exe
2056	InstallDrv_x64.exe
2056	InstallDrv_x64.exe

Suspicious use of WriteProcessMemory 32 IoCs

description	pid	Process	procid_target
PID 1192 wrote to memory of 1876	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	28
PID 1192 wrote to memory of 1876	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	28
PID 1192 wrote to memory of 1876	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	28
PID 1192 wrote to memory of 1876	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	28
PID 1192 wrote to memory of 1876	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	28
PID 1192 wrote to memory of 1876	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	28
PID 1192 wrote to memory of 1876	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	28
PID 1192 wrote to memory of 880	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	30
PID 1192 wrote to memory of 880	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	30
PID 1192 wrote to memory of 880	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	30
PID 1192 wrote to memory of 880	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	30
PID 1192 wrote to memory of 880	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	30
PID 1192 wrote to memory of 880	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	30
PID 1192 wrote to memory of 880	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	30
PID 1192 wrote to memory of 2056	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	32
PID 1192 wrote to memory of 2056	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	32
PID 1192 wrote to memory of 2056	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	32
PID 1192 wrote to memory of 2056	1192	Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe	32
PID 880 wrote to memory of 1380	880	cmd.exe	33
PID 880 wrote to memory of 1380	880	cmd.exe	33
PID 880 wrote to memory of 1380	880	cmd.exe	33
PID 880 wrote to memory of 1380	880	cmd.exe	33
PID 880 wrote to memory of 1380	880	cmd.exe	33
PID 880 wrote to memory of 1380	880	cmd.exe	33
PID 880 wrote to memory of 1380	880	cmd.exe	33
PID 880 wrote to memory of 2000	880	cmd.exe	34
PID 880 wrote to memory of 2000	880	cmd.exe	34
PID 880 wrote to memory of 2000	880	cmd.exe	34
PID 880 wrote to memory of 2000	880	cmd.exe	34
PID 880 wrote to memory of 2000	880	cmd.exe	34
PID 880 wrote to memory of 2000	880	cmd.exe	34
PID 880 wrote to memory of 2000	880	cmd.exe	34

C:\Users\Admin\AppData\Local\Temp\Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe
"C:\Users\Admin\AppData\Local\Temp\Setup-gen-PCIMC6-8.516.00-ENG-6B_std.exe"
1⤵
- Drops file in Drivers directory
- Loads dropped DLL
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1192
- C:\Users\Admin\AppData\Local\Temp\sep5B1B.tmp
  "C:\Users\Admin\AppData\Local\Temp\sep5B1B.tmp"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Drops file in Program Files directory
  PID:1876
- C:\Windows\SysWOW64\cmd.exe
  cmd /c ""C:\Program Files (x86)\Naiky\netsh\install.bat" "
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:880
- - C:\Windows\SysWOW64\xcopy.exe
    xcopy /y /c /q /k ""C:\Program Files (x86)\Naiky\netsh\install.bat"\..\system32" "C:\Windows\system32"
    3⤵
    - Enumerates system info in registry
    PID:1380
- - C:\Windows\SysWOW64\reg.exe
    reg import ""C:\Program Files (x86)\Naiky\netsh\install.bat"\..\netsh.reg"
    3⤵
    PID:2000
- C:\Program Files (x86)\Naiky\InstallDrv_x64.exe
  "C:\Program Files (x86)\Naiky\InstallDrv_x64.exe" -eng
  2⤵
  - Drops file in Drivers directory
  - Executes dropped EXE
  - Drops file in Windows directory
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:2056

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x0
1⤵
PID:292

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x1
1⤵
PID:2072

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\PROGRA~2\Naiky\PCIMC-6A\WHNC6A.sys

Filesize
232KB

MD5
5e2ceb4976bb44debf7239e4c44bab23

SHA1
319dd6f3d5f5607e0352346c613658110c296936

SHA256
312c80bfec3c25c30685a3ca19a9f2a7a76de6e8b3f4002b9d78e02ed2f4f743

SHA512
d91b3914baca79963904581a693e2f3ab6e8c33a1083b1dd6aa9fdf92142b8bf240944074e24d1331f226b059a78c42f9c2af3be019be5d8012812edb020cf1e

Download Submit
C:\PROGRA~2\Naiky\PCIMC-6A\WHNC6A_64.sys

Filesize
303KB

MD5
8e3a362a74d5f54aca88e818c09c5951

SHA1
f0284c36c010e4d803d7b70934a2544e8f39ff55

SHA256
1115dd6f5811e237d987213a0532cc5e23d177c37d8468155026a337b9193f4b

SHA512
184d48ebf53173e15777ae87275d567b1e57ed507c2235f7af1c5e38037c728c1d7310283b9a64626a068dd8ee442867cb083d8498235af20c83f11bb4c25e9b

Download Submit
C:\Program Files (x86)\Naiky\InstallDrv_x64.exe

Filesize
2.4MB

MD5
093b2d14b62fe886204b5396146e8561

SHA1
e1c9bb72cbc6102cd0cfbf8c969de69dd51f84ec

SHA256
83bc83cbda342ea4e35aa30188c4d5b2f944f3f6142bbec5d901109563a7c10c

SHA512
1faed49aec4938c01b735f00604ce628a6b817a17fc8bb0faa0b30bbf06199ab3ad174a1608063a3c5025930dba61e48ae4faf1e63840dca8a9d55586deccbcc

Download Submit
C:\Program Files (x86)\Naiky\PCIMC-6A\Lang\Lang.ini

Filesize
80B

MD5
ff0a4ba49d17e6359929bb18e2b8bc5a

SHA1
7573b13adf7b4b70934c64bb564e7c06c66f4f40

SHA256
e76341cb08a9ffacf4456b0f960ee5a86c4b2a0283b5d8414442e763305da4c4

SHA512
f6593c1ce8e00fb82a8b64b9e116f2c219f303644b1d32218d07a57161bda4dd7ac1ebf59822c545bb164021255112cb537f20bf330da18cfeda1f1fd27962a9

Download Submit
C:\Program Files (x86)\Naiky\PCIMC-6A\NcadptPci(PCIMC-6A).inf

Filesize
3KB

MD5
c9e76b9426cd460757d47cf52753bf8e

SHA1
93db3b275b98c3035d13102578f44a6f7a0fda4b

SHA256
88c87599dd60c57ec4cb927178cc03ddd093551a26f360e87946e9bc25629b4b

SHA512
a4c125fab690aeb3c10a0c65505c55e63bfa14bdeb9ff8e341fcdb82013d57e4ba86fe0ac74f8ee358955d60da3f66e52ae82067e63120c8c668b5e0463c70eb

Download Submit
C:\Program Files (x86)\Naiky\PCIMC-6A\config\53C_std\ncstudio-0000-00-00-00-00-00.dat

Filesize
88B

MD5
ba6efdcdf998600dc80ac1190cee267b

SHA1
0ce6ec19a093629a3f5d0fd16b1b12c2b5224c36

SHA256
71bf5201aaf37e1752685690dc7118d84482be2bf71f129193e23b8437462866

SHA512
71661eaab2b71a4fcee2e7fc47048343b2b515512b2aba39051becbd1c3fc09138c9342832c61b9183be74fe6ad52a68cea3265795a17ee110e63da88273c3a9

Download Submit
C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_rev\axeserr.dat

Filesize
33B

MD5
55425bbf3aaea0a8d057fd207cfa3d95

SHA1
5ab06711962acdc7ef258ea5f766138b9f87c065

SHA256
f895feca1ca867e7d3929dfe7a7b47412fa19e49a683a8c75eeab92838f7c303

SHA512
334e225c5eae8e233fa4616ee9df3976e8ba8f4483e5fc1ee2e0b9c66cb0869a1342b9c3652297cd5fcffcfa4cbd66421d18ae06112431f7db7d67cea12068c3

Download Submit
C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_rev_ex7\Ncpm.pmt

Filesize
80KB

MD5
94ed3e58886df307913fd74584f4dd29

SHA1
7929849a1e127e649715bef2809c2047802e6bd1

SHA256
e7bce25f7c564eed0fff1314ccc772f36784eacae1b4226945cb6ea585bc5552

SHA512
af5b4aa86a0580a166d4239d94621426db206fb80d9b0854b28f7fc02801efb56d0ad7fd6970634f5cd8ff10bdeaef4992baa777edc0b814505c775a33a31a6a

Download Submit
C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_revx_ex7\public.dat

Filesize
70KB

MD5
ca47d7388d470273b631bd1efc5b56e6

SHA1
8744b0fac7a540e1a1fb28022125377fd1cf5852

SHA256
9a450c3548d0a06ddeb40ac377d2b301d3f6eaa7176f5491f4ce9f9556d92527

SHA512
37aefa8fa466026c8072e07fe8816375c98af0622a1031bad3b7943d42e83d353cf849fe1b6e68a6e5d65c0cb10b75823cb509c03097e7450646adb034010cc7

Download Submit
C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_stdx_ex7\Ncpm.pmt

Filesize
80KB

MD5
81450de10d40f92f012820fadb51f1ca

SHA1
c9b64ec0599a8701613d27ede30165fef2dedaf9

SHA256
29816e9ba65929e293de967f42a29e19ddb4e065e6ab9cbb8b468c7dc1521b1f

SHA512
b0ab90a6573202786d958644ae4c4d8acfa87c9ed68dc4abd74b61085185e19fcb8d9b8a65144e970da345475da5e9892d7ad5081654c4c0f48f1d051371dc38

Download Submit
C:\Program Files (x86)\Naiky\PCIMC-6A\config\6A_stdx_ex7\public.dat

Filesize
90KB

MD5
d16c4a4b67b83417d9942f538653f225

SHA1
551ab48e172ae0a393f739f3bc8d8ef0feead8a5

SHA256
45544782ce61d9f0b54bf55905f812189c654a69c3544aec1eda47fb83aff110

SHA512
dce4e27408c70535ec850de514d7dbe52fa04bb50009724349ccc6a168ebe1f8db204800dcef8c326f0addac4cd4bae00e06deb88a9254366aa6d94bb4d49433

Download Submit
C:\Program Files (x86)\Naiky\netsh\install.bat

Filesize
150B

MD5
bc08a5350936b784709709c8b332c583

SHA1
9b1bc42e9729c76806c24f24064a9d1d88880258

SHA256
35167c935426678d84af55cee90cd58e52da8371a66dfb41fad82c3e8d994220

SHA512
5587342a97cd7af51427067cf0709f5ab6243dbb024e561cf287b615230351654a8452cf08115342c3c21f24a824d9df82c451d32fbdec0dde7f2bd18866709d

Download Submit
C:\Program Files (x86)\Naiky\newdev.dll

Filesize
234KB

MD5
c96524f05220ef2ad27310cd5ae3a9b8

SHA1
85e672ed5d6f96d1d13450041c7e813fdfe4571e

SHA256
16197a207c75a3274573c747f56f567f37f0be8108f79cc7ed743e2cb548e54f

SHA512
989932871e5bd9af41b34552b080069f98ad17ae1a85c243fbaff6c2453e6f05c50c9d4702c701a5ce39e25a2b2c0db66996c11ad61be9152abaf3cc4175d106

Download Submit
C:\Program Files (x86)\Naiky\setup.cfg

Filesize
51B

MD5
bd71444f1eabad93d1ef5720fec209fd

SHA1
8a333cdf084e49e6acc0daafc5951c7ff48e2094

SHA256
4e4217400433ec594033a325687a937d7bafab4c7aada3c4ac98658ffaeda857

SHA512
e449063fd269d1170d3e63d7dac8b6ecaf1de3f41f98929fc8dd3249e8ca15bbe8c8d4ac9e67c9cb60401666ea047e8fce0edbad10b3ffe37f0088f013fdb07d

Download Submit
C:\Program Files (x86)\Naiky\zip.car

Filesize
442KB

MD5
60e2ea9294cdaba6f4ab66e5b8d5e8c0

SHA1
c09ff878bc663537ad310e0087ef3bfa0cdc04ac

SHA256
4440d8be5b0d3b34ea3c1a3c6b8a02ffe550e3b38a87689e432c138be92dfc16

SHA512
c90fc3b8f438066492158827ba7366bd639ab8d6d1b4e238050d06a6dcaa4cbd822fed66c1e155aecea215a88f578a8ab05182ca9bfbed73d92c44807be4b270

Download Submit
\Program Files (x86)\Naiky\PCIMC-6A\NcStudio.exe

Filesize
1.2MB

MD5
c35584ab626c25ed919367ba9829d0db

SHA1
6ee32755d661632c49de9365640cf22d9c65b6e0

SHA256
95f93f66995c2a73e56125793127856b07af1111b52db69ab3bb33944943d6f6

SHA512
b18a520f1039e4d382adee19b349914df047bf1c61182d439ff2cc2e9c6eed498ac7ee1b99862b7be656b742cd366f6ff88bd3573e95f84b716a4f47dbb89f17

Download Submit
\Users\Admin\AppData\Local\Temp\sep5B1B.tmp

Filesize
5.7MB

MD5
e23c2c5d04bd9e4ade7235498ad203a5

SHA1
a7dfd9dad5ddd0139a133439749e6774ec270219

SHA256
ce20feee366d4232c8db77b0fda7480d17ec06d1c1928dbdd167998d917afb6f

SHA512
2c886afdeb792a8666aa3f30a9e68179c68bb5633ed963ddc9bc0caa3b52b1d3122cfbc1ae3b0996729d2f1602fe3625d02212771db9d9aaa45d0a21c9a7bd72

Download Submit
memory/292-343-0x00000000029C0000-0x00000000029C1000-memory.dmp

Filesize
4KB

Download
memory/1876-298-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/2072-344-0x0000000002820000-0x0000000002821000-memory.dmp

Filesize
4KB

Download