089724d905a55d45b56190c899e75c5f23a6749f3c9c746d62ae5d193ef55363

Analysis

max time kernel
144s
max time network
118s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
26/04/2024, 20:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

EaseUS Partition Master Home Edition v9.1.exe
Size

11.2MB
MD5

ce8df01a9085566e1515a7d3dd0059b4
SHA1

74cfee08ac28a8e7e2bfe441e5652812efe92084
SHA256

089724d905a55d45b56190c899e75c5f23a6749f3c9c746d62ae5d193ef55363
SHA512

e7c31859369633974a15e117c7c3b9cc11551d41a0ea75a8c40eb8d1fa64ef7893b948756e07f2f9a2f3c71d05bde493c30105abaa12042ef4295264f9a92cd7
SSDEEP

196608:rdbHk+aF45ukVABfJGc3gBve3+UUP6xg09QkM7/bSeFribQqWzWJ9L+9X:vxiPGLveLgjP7/FFribQqWzW/C9X

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 7 IoCs

pid	Process
2232	EaseUS Partition Master Home Edition v9.1.tmp
2012	setupempdrv03.exe
2972	setupempdrvx64.exe
1120	epm0.exe
1816	Main.exe
3004	epm0.exe
1432	Main.exe

Loads dropped DLL 64 IoCs

pid	Process
2052	EaseUS Partition Master Home Edition v9.1.exe
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
2012	setupempdrv03.exe
2012	setupempdrv03.exe
2012	setupempdrv03.exe
2232	EaseUS Partition Master Home Edition v9.1.tmp
2232	EaseUS Partition Master Home Edition v9.1.tmp
868	Process not Found
1120	epm0.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe
1816	Main.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in System32 directory 16 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\is-RFPUV.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\SysWOW64\is-5N5FQ.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\SysWOW64\is-JHI07.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\system32\is-BNGLJ.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\SysWOW64\is-H5MVH.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\SysWOW64\is-G4B9D.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\system32\is-PAD87.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\system32\is-B7TU7.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\system32\is-LTKUQ.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\SysWOW64\is-PDOGF.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\system32\is-GHD3F.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\SysWOW64\is-DK11R.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\system32\is-7GNUA.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\SysWOW64\is-AD4AL.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\system32\is-KISGB.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Windows\system32\is-IJMTP.tmp	EaseUS Partition Master Home Edition v9.1.tmp

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-GVB8K.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-LI8D8.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-V59LC.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-G43CM.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-JLS1K.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-F5484.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-BU5PK.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-0UMO4.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-VTHOS.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-78PF0.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-VI7R1.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-7G4AB.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-61MLJ.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-VQ4PR.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-HSONP.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-67O2K.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-Q21JN.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-1BSQK.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-1JLJB.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-E0NCR.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-0NNPG.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-GRVE8.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\lib\gtk-2.0\2.10.0\engines\is-K7LVE.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-2DEN0.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-JLU8A.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-2ABJK.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-7PRC2.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-U14HD.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-IAOLI.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-NJREJ.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-TB987.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-JI7FR.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-SPJ0A.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-4IV8B.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-SLE3U.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-NGPVL.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-0O2OB.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-HQ140.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-DEQQL.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-E7TIB.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-0KUG8.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-QPOUE.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-SNUKG.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-3NCFC.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-K5U9I.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-HFCKB.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-CA07Q.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-UCV44.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-DBOTL.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-L7CMS.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File opened for modification	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\unins000.dat	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\adds\is-AG3V1.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-D1TKV.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-U3LP6.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\x64\is-5LKO3.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-UUAOC.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-KL2G7.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-L6BF1.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-56IDB.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-NNJT9.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-H6DLM.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\lib\gtk-2.0\2.10.0\engines\is-GVO0C.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-MK9F1.tmp	EaseUS Partition Master Home Edition v9.1.tmp
File created	C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-KOCCM.tmp	EaseUS Partition Master Home Edition v9.1.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies Control Panel 1 IoCs

evasion

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Control Panel\Desktop\DragFullWindows = "0"	Main.exe

Suspicious behavior: LoadsDriver 6 IoCs

pid	Process
476	Process not Found
476	Process not Found
476	Process not Found
476	Process not Found
476	Process not Found
476	Process not Found

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2232	EaseUS Partition Master Home Edition v9.1.tmp

Suspicious use of WriteProcessMemory 30 IoCs

description	pid	Process	procid_target
PID 2052 wrote to memory of 2232	2052	EaseUS Partition Master Home Edition v9.1.exe	28
PID 2052 wrote to memory of 2232	2052	EaseUS Partition Master Home Edition v9.1.exe	28
PID 2052 wrote to memory of 2232	2052	EaseUS Partition Master Home Edition v9.1.exe	28
PID 2052 wrote to memory of 2232	2052	EaseUS Partition Master Home Edition v9.1.exe	28
PID 2052 wrote to memory of 2232	2052	EaseUS Partition Master Home Edition v9.1.exe	28
PID 2052 wrote to memory of 2232	2052	EaseUS Partition Master Home Edition v9.1.exe	28
PID 2052 wrote to memory of 2232	2052	EaseUS Partition Master Home Edition v9.1.exe	28
PID 2232 wrote to memory of 2012	2232	EaseUS Partition Master Home Edition v9.1.tmp	29
PID 2232 wrote to memory of 2012	2232	EaseUS Partition Master Home Edition v9.1.tmp	29
PID 2232 wrote to memory of 2012	2232	EaseUS Partition Master Home Edition v9.1.tmp	29
PID 2232 wrote to memory of 2012	2232	EaseUS Partition Master Home Edition v9.1.tmp	29
PID 2232 wrote to memory of 2012	2232	EaseUS Partition Master Home Edition v9.1.tmp	29
PID 2232 wrote to memory of 2012	2232	EaseUS Partition Master Home Edition v9.1.tmp	29
PID 2232 wrote to memory of 2012	2232	EaseUS Partition Master Home Edition v9.1.tmp	29
PID 2232 wrote to memory of 2972	2232	EaseUS Partition Master Home Edition v9.1.tmp	30
PID 2232 wrote to memory of 2972	2232	EaseUS Partition Master Home Edition v9.1.tmp	30
PID 2232 wrote to memory of 2972	2232	EaseUS Partition Master Home Edition v9.1.tmp	30
PID 2232 wrote to memory of 2972	2232	EaseUS Partition Master Home Edition v9.1.tmp	30
PID 2232 wrote to memory of 1120	2232	EaseUS Partition Master Home Edition v9.1.tmp	32
PID 2232 wrote to memory of 1120	2232	EaseUS Partition Master Home Edition v9.1.tmp	32
PID 2232 wrote to memory of 1120	2232	EaseUS Partition Master Home Edition v9.1.tmp	32
PID 2232 wrote to memory of 1120	2232	EaseUS Partition Master Home Edition v9.1.tmp	32
PID 1120 wrote to memory of 1816	1120	epm0.exe	33
PID 1120 wrote to memory of 1816	1120	epm0.exe	33
PID 1120 wrote to memory of 1816	1120	epm0.exe	33
PID 1120 wrote to memory of 1816	1120	epm0.exe	33
PID 3004 wrote to memory of 1432	3004	epm0.exe	41
PID 3004 wrote to memory of 1432	3004	epm0.exe	41
PID 3004 wrote to memory of 1432	3004	epm0.exe	41
PID 3004 wrote to memory of 1432	3004	epm0.exe	41

C:\Users\Admin\AppData\Local\Temp\EaseUS Partition Master Home Edition v9.1.exe
"C:\Users\Admin\AppData\Local\Temp\EaseUS Partition Master Home Edition v9.1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2052
- C:\Users\Admin\AppData\Local\Temp\is-2764D.tmp\EaseUS Partition Master Home Edition v9.1.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-2764D.tmp\EaseUS Partition Master Home Edition v9.1.tmp" /SL5="$4010A,11423066,54272,C:\Users\Admin\AppData\Local\Temp\EaseUS Partition Master Home Edition v9.1.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Drops file in System32 directory
  - Drops file in Program Files directory
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:2232
- - C:\Windows\SysWOW64\setupempdrv03.exe
    "C:\Windows\system32\setupempdrv03.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:2012
- - C:\Windows\system32\setupempdrvx64.exe
    "C:\Windows\system32\setupempdrvx64.exe"
    3⤵
    - Executes dropped EXE
    PID:2972
- - C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\epm0.exe
    "C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\epm0.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of WriteProcessMemory
    PID:1120
  - - C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\Main.exe
      Main.exe
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:1816

C:\Windows\System32\vdsldr.exe
C:\Windows\System32\vdsldr.exe -Embedding
1⤵
PID:1652

C:\Windows\System32\vds.exe
C:\Windows\System32\vds.exe
1⤵
PID:1768

C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\epm0.exe
"C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\epm0.exe"
1⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:3004
- C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\Main.exe
  Main.exe
  2⤵
  - Executes dropped EXE
  - Modifies Control Panel
  PID:1432

C:\Windows\System32\vdsldr.exe
C:\Windows\System32\vdsldr.exe -Embedding
1⤵
PID:1712

C:\Windows\System32\vds.exe
C:\Windows\System32\vds.exe
1⤵
PID:2604

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\EPMConfig.ini

Filesize
121B

MD5
77e5e12a827143ddb86d24a9ec02fd77

SHA1
796a1a3ce9838b28af70a6200fbe650775a097e9

SHA256
79243b193125e457199dd52a6dcab7d9685cd3fe73b79bc9f46737d94aef8e85

SHA512
1d70403644a54df786d28bd353528852e2a6962a3820c9e7ded39976be8b0bc4ef6a6c3cd61a43f210ff7f119bf33f4c926d11b1e52ff16bd8fddea1e2b4bde1

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\Main.exe

Filesize
2.4MB

MD5
b90ca728285cec4e0f45058f69366d03

SHA1
c65f5d9a168e208962319a604cb0119fca3fc8e1

SHA256
8889cb014d341c4c5cd63f95d01a0145c757a28411f6756dd96a5fa34241e222

SHA512
e8a3f78a86d290916f97cf7553fa23966982cc172448282b0347de3af338400272e5046fcb7a7d63a1781743e2b28cd217979c89f13447fb708f8901044fdeaf

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\epm0.exe

Filesize
268KB

MD5
e44ce4d74b07d00699940cd4a988e46c

SHA1
6a3986f24ab2d013af6a8d9e78e6ce0307f427d2

SHA256
0595e35e874523c2b91d28423af5a63fd63ef10a6174509bcfa321fc7e0c0b3e

SHA512
a521123e0226202400dcbf9847212843559481ce5e396beb59355cb0d17ddde9586dd685574009a7733d8297c17f5edea62b4beb47aaaf5518d7d487fd84f060

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-1JJ06.tmp

Filesize
145B

MD5
f7ad1eab748bc07570a57ec87787cf90

SHA1
0b1608da9fef218386e825db575c65616826d9f4

SHA256
d2952e57023848a37fb0f21f0dfb38c9000f610ac2b00c2f128511dfd68bde04

SHA512
fdc40b37810898383684a1a11d4a50ce9ae3f0802e6351d5cddb2425a6ffe64f7bae8046aea129c23fce6a3689c36368717d669b28d5de1ba55290e5ae8173c6

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\is-90Q3F.tmp

Filesize
382B

MD5
729d6e29e131ae62e7e9b2536990edf6

SHA1
524dd51d47df3bb204fcc7e176407a88eae9693b

SHA256
a1252a4f99e901b38f854a4b2760758ce5f9171295486e7cd93c9f3690c4d53f

SHA512
6e60920fbceed6f095d8e1b1b0c7f9891283430fb00ed37925a5354c85a39b3e998cb03f199df237d74917743ca795109eab098ae5966b32d69edc0cdb9bfda4

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\x64\ConvertApplication.manifest

Filesize
384B

MD5
39a18331f7170607791e8b6fea5faf3d

SHA1
f7a26a113da5463355c8b580737152c14cd5a257

SHA256
639f0c8ba12e332a160afa2832cf7ff69482a71a1d7ecbca0b3166953f2b1415

SHA512
cc157e8936346102990c60b359c528ee7b8bb97adeaaf971e69e709e0bdca6adf012210e3199a25a7bb423b9e5145ae974fbe2ed20d04c7e7d0ab1bcbf1313a4

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\x64\Microsoft.VC80.CRT.manifest

Filesize
1KB

MD5
a72dde00d763aeef1eb04534f8672967

SHA1
a5ee1c878a5e7aa10890b48aca5a1d2a49ccea19

SHA256
bc6ba66a1e93c8fae1c36a29a8e3b2500f3ee1950a99214f219f6d11058cf55c

SHA512
4f3f3be1c4ded7f930474b16367191b947fcdec55bab23b80049a8e892bac6eb7fcb5cafa3289175139aaffabbd3c8592927515f92e5dc4681d2ff18911c0fd6

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\res\is-E1V70.tmp

Filesize
1KB

MD5
1f5c4cafec71ea9e88b77845eceac066

SHA1
175af33e1f6957bdd2f247a4134a0ada5493bee0

SHA256
f899c38676937d5f038f57a58c01ea5e93ffb133d84e2f116c5ca8a1963cf1a7

SHA512
be207947da15070b8d24b7395cf5c07ef8acba689fd9ebccbb37ae356acfafc6095cbebda28bdfeb68b7e2e39830882291dbbad33a58c7632ec6ad9f1e9a0a16

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-2J04Q.tmp

Filesize
3KB

MD5
074792a0ff1d7553f539f9b41a52b220

SHA1
28fcc2a3cab06e06767ea440394feb19aae194a9

SHA256
9627857777b9cd7a6757e5e36b8c6ce1b974c975f12b0decd494e3747e6c2eb1

SHA512
f8149d0ec08557bd37b84128b07c741bec8f1c5e2d96b0ac6375d54258b6ea412d6e825de691989fc13715b03d4506e32b91b6bbd228ef87b46caf46ddb57278

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-3RQAI.tmp

Filesize
5KB

MD5
bd1203e868d3e3696e8b135878acc417

SHA1
967458e90d8b006742f6e4b5c7d8fbc48e49d84c

SHA256
d84ce5fdc220cb219727c949a55b2c4f4725e8b63945327870476996795b3b25

SHA512
a5e941701773673eb199612799937a99b12b8434d86550e8883acbb58df51911fab6b9851b3682b5a15173eb597bafcff9d201710bb75ea0aeea1f1c4317689e

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-42PET.tmp

Filesize
3KB

MD5
4abdc9aebbbe858d5ef13fbed2856b35

SHA1
c9f82abf839ce9c4eeec939c9bf391e8f2923ee7

SHA256
087e875e0493ded21dbafe86301270ab3883adc0905dfe87a7575732d3827fef

SHA512
214b0174bf27ff993b1a18ca081586ddcdbfbef1920fa283c7e6ff958f942f0c159f5819f5d682b9e7b17cb875c1b4e8a277973b076f57930bb578986b5e231c

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-61MLJ.tmp

Filesize
3KB

MD5
cefcca3263a90baf3a0773ea006fb018

SHA1
5b133c13207d5618fb077962f76f1222520c1de9

SHA256
b355421104715de1ebbc4b412f557370a2a0cd700b53b427d4ee055f05479f6c

SHA512
9b134e5a0dc2abc946d796dc527ded0f3f1604efea40c540e3524007572d383d797e269914b1d92c1d75c55a7dc2d08009b3a8adf575ccb29181de18848472d3

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-80FOS.tmp

Filesize
3KB

MD5
b15a2d01bb44257c85b89b43af9bccd3

SHA1
4bd3e1819e5d3fc7ed6311df204d8edbff3ffa92

SHA256
be03feba0650f9238b24c7830fb25205f961c584cab25f51b6f38729cb514b66

SHA512
b15e9c418f810bd8d23ec5fb3f215e01f3c1d12710b86e444be9765bec09431cb2739a8593681a385f234ad3b3e63c8c8c3683d3ef4282f14a69f2010b123aae

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-8D6GA.tmp

Filesize
4KB

MD5
93387ce96d870b4ca83627a524b6b7b3

SHA1
acf1d53782de2f88caaf4ed66965e53c2780286d

SHA256
b83954c44d2a0fc8bc3b2de0928a11f0d877fa3dc88f83701ca118fcd6612a7d

SHA512
923d56b2540a3029b905b25b4cf8fd64e2ba0449345a020cf1b8faa5115a9819398c39cd423ce96c6ed5776ed4b66a7af23d3955bea1cb1b0cdea52b0fa6d8fd

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-9HTFO.tmp

Filesize
4KB

MD5
c63d805ff0f366676b02eb10f2508633

SHA1
d69e372591aa957570f238ad30482999a853f511

SHA256
7fc24b6da65ae1f514524cdf0b372f96e38aacc9687d7528bc7a4d033e106836

SHA512
b9b5b5b55a957a70d1887105729ea0073eb46ff8d2842139d093a6ae5b28818484ff3a158bf2c8646186ff48069037c328034acaaf93cc90cd150457b64ef922

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-BBCEK.tmp

Filesize
3KB

MD5
623dcadfbe646cd184323a171dd13796

SHA1
230f3ce7872cc9a1882c4770793c99c7cf9604e9

SHA256
41f1ae792f46c6b04d6ccdab18f4c2540ddbaa569ef59e6b45d577ec375f4563

SHA512
2992ca4038c9dbd294b162fcee2510259cb8cfd2a124620becc1ccb8dd88876098ea8010d244ddb1293bd1973dcb578d91a5b7a3f9e240f9f71eaf046e3a425c

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-C4L0F.tmp

Filesize
3KB

MD5
53fa9924bde3bfac2c42226d368e4916

SHA1
50cc2c8407259d40fbb5ea22e0e3d70539d4356f

SHA256
1ea38bc63367a887f0b4c3abc5665807a7c23acd3634600d4da32b950b006475

SHA512
36a4d11e93b1117e13041b093c96e42648d6cd0b3ebeab9d53076b6bc162052c66fd57fe8963d9f6b56430275ea2308aa747a141116f160d6826df93c012e9c1

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-FAHAU.tmp

Filesize
4KB

MD5
595186bc296f728c9d532a7f3faa0095

SHA1
efe167f07d674a1fb928ac8b14b729453fe7d878

SHA256
87d5aa88517e1328e3db3c109a75c4fe7e5d510e71b39960635b745ee4f3f801

SHA512
22b84035f4214916010bb4ded588f171e9eb1a3fb81c396ef47237ee30fdd49788a9b38e1f2bffc9b1281f21253453242c98902e40bff85e187481bada94a5e7

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-GVB8K.tmp

Filesize
5KB

MD5
0bf9784c5ec126a84f24b84d36a7abb5

SHA1
04ff21c6359422a8dea6e3046ed1a75dad186701

SHA256
dc614a4cfd5bae4627f8cca85b59a6381e00da00863c8db47b3ea56995fb344b

SHA512
b9709a636f4b8f0382f7058984ee803efa251ab0bd66811754c76a32b05530a7f2f67de8292023327c576c614adc94831e8bf25a09f959579999570bcd8c2166

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-JLS1K.tmp

Filesize
3KB

MD5
dff2781e3a548f88fe8f0ddf0f441663

SHA1
f6b18270e1ba4dc94fe89bdfa8b80fd568795d2e

SHA256
e07431001603e67f8a9cff5ce7b75255e44d40e633251cd8cb89465fc37ea091

SHA512
e74393b5dbd49a2ea26e58b184584db2a180fb5e5ea366c085757bca85e31b12a86dca969429f3895ee4a4011542242385a335b54b881cfa9d45645a5a8b840e

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-M2SCP.tmp

Filesize
4KB

MD5
86486822b36e256b4d08200d1ab541a3

SHA1
b6b2d511db3b8ce1b2cd5327837d586ea54c48a0

SHA256
abcafb7e334294a59ac1b4b296a7fb1b1f09cb865ee0329f92af7a2a450f2b2d

SHA512
59435700d43607475599e03f38a372ed0c3dce56ae5e3e4b265d7e15ece117ee0f296998787379c9c6ed96afeaeedc63bce75145c6997189e7679c4914c197d4

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-Q8514.tmp

Filesize
3KB

MD5
5c22833a35cb514acfea3b502ae7e789

SHA1
cc5d493fc110b178fbe289b042433df2214f0911

SHA256
330eef2a0de721c497f219726f4910cdf3c95b81030b4d44289af1ce83133699

SHA512
cfc46d8f5bcce9efb036abd5518b3bc8261ab6287e3e34f2df657d84e5a6552c8d74d718598b86e76c5452a822e1a256b51f3c1506d916d407c598db867d4990

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-QIB24.tmp

Filesize
3KB

MD5
5d3a6c14bf46a09496ba62f33bb6358f

SHA1
09898f14ca2ab768b127db92b2737a8b15697bcb

SHA256
d5e9777f4bcaa600b204ca176a1cdc110e6d8d4d4f343b419600f16c37f488e1

SHA512
8ac88e05c67f74844e176d8bd749711bd6fd294c1d990e77607fcfeea8cd275cf06953c0443fa54136f163857b1f02f072c0d941b0b8ad437c0fd6e5851b046a

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-TB6AV.tmp

Filesize
3KB

MD5
8cc17df322da3d73c85b7ce9dbed2165

SHA1
aec7af24c7f33c093d56fabd7af8ba0e66e55f85

SHA256
da25a2ebcca3e6db21e28d6a63f745381777a202e96a1c5d6500d026f5fd5ae6

SHA512
6198227d09f0c4d832d72cca68aef225e71efdfd92053462df4c05b7794229eb974b38e1aa845bb94dd1183c8a8eef6c9abd2b9ffc1cf59d59f8a54a4748ea6c

Download Submit
C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\share\themes\Epm\gtk-2.0\icons\is-TC80Q.tmp

Filesize
5KB

MD5
8421196a9aa8eb2c57c88530cf464959

SHA1
3d5f4f7249c273d5ccd7d33ad7bdfca7affe1fd3

SHA256
8231a09aa896ddc95558f254e0e68021e63d0409c6315e8c17f5043bb89cb9aa

SHA512
9ebba119c99b3da6c7ff32fa0af6cedc751e0a1f7062d5bccd0347741d6aeae68d194472c6d7ee5176e536ab192ee817080fd119f62a7bbc9b66ba7997e8e8e6

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\freetype6.dll

Filesize
538KB

MD5
5155ae6efacc75084fb1a9884be552ea

SHA1
b4a7cc2eb2134a6d06f0a5fe68d2c64db9e89f4e

SHA256
2f44cbfe8b02974e029fa4b97f4bc342553167d6f715be082f8f52ac604cbb66

SHA512
579280ed5415b2fc56e424d5026da50809c4723a09eb6ebdbe00ceddacf549bf0cf6d43ee411d72c777c6bc0ddec5d565fbc8278703aa3c7e8823b08c11d6782

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libcairo-2.dll

Filesize
1.1MB

MD5
8c0c2ec604e293e90e957525b3ba446d

SHA1
093695df3a92245b34728ad4cb2e60dd26235da0

SHA256
ea6cb8cf98f635d730b9e8d3a8c27b3d1256ce7286f0c1a1f42646db6d212d00

SHA512
e4432b1cb2228873adc2ddaeb9637d72fbd291fc2a9293c761952a52707bec76550ec5b59197e96cc641f4f662f2162c9d4ba355d9350e5671e71568b7ff5bde

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libexpat-1.dll

Filesize
139KB

MD5
701659d3689bf4a8265b669b7d774255

SHA1
ab32887ca7a9f1601eef4910954e023cfb1b2075

SHA256
f2e500f501c03d3d09609c6d0b2ea4c51bb433762d9c8f82ac6163877a780bc8

SHA512
34df12fc988cc12e50e2c046ecf1427b0413cd6d5721847c99aa31f91f4aee7b171956776431ed362fb60b2dcc2c082a3d44abb377f5c2bc5c7db67ad26fe4e1

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libfontconfig-1.dll

Filesize
272KB

MD5
dd583bedc5efe7bbd21a8ef107dec88d

SHA1
24d852d57e5f1ff2ce0803e3484941a18b8a501a

SHA256
1c0a17ef42755d653d496dd7f52a4a2ca488b89ea1cf0df08f7fa32216f4c051

SHA512
63f4061043eb8e5550f646116f07c37e5207a29ec7d1980c502c311e827b273d2894e3ec503f7e229def71783e1eae1af79356d00be8bae7993732e67ff5b042

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libgdk-win32-2.0-0.dll

Filesize
821KB

MD5
bd8dd5c3c1e3b1e5d310868389b4acad

SHA1
10ee87275213432e30be2a6dce4fbe91d69c8577

SHA256
abbdce0a10f16bf8ce9740c2e3e29fa48d250165a1168ff5d30d1cf2d44f6422

SHA512
f39053c47a1e8bcd471c28340db584d9fd301aa5d95ee3a3aa03dff1006857d4c9763a67e22ed3aaac698c30c50cceaf4d1ed25d39e274bdf66834269ed883f6

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libgdk_pixbuf-2.0-0.dll

Filesize
266KB

MD5
cdc38a16d23d546f8921199f15bdf4d6

SHA1
cfceccdbc0e116cefcd42c0ce079d080f8053fd8

SHA256
4411506abb2c35f74aa13a80d8183a4fe34dd280052003ff21f5e4bd61c53995

SHA512
e2ab012241cae32bd8bf26e443793678e316423c7afda2f2af9a7f09508c720c0cea5389205fbda70754c467869ce6ec81b669796c931cea7401cf039952c76a

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libgio-2.0-0.dll

Filesize
436KB

MD5
5d1c26c12b2b83dfa25bfe93ca2db490

SHA1
b1f56dd1ef1937493a0c644cf29789e084705c65

SHA256
3ce5725a81e95a2853810a6c1eb93f5cbe56e49257051a3aa2cdd27779a3fabf

SHA512
46b24af898c985d85141184eb2256fbe6ba6269598a4af6cf17049f3b608ff89d89cc7b62b20289382a55089278e109f913dc58004060cc67fb93b50afbb9b6d

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libglib-2.0-0.dll

Filesize
1.1MB

MD5
221d264ce667e1d61a07134ce3b9fd83

SHA1
551984b69d880f814ea8743c40f5497da600ed7a

SHA256
997b9155902ed4c1d5206aa15cf4756f26694c796016882097e8da489e50d893

SHA512
fe658162e8c542821a0391433c7bc85f33a5504e750c99011018d69916708fd3be78fae807c4fee299c7aae39ab97809f26727aa9c3906577568aeebf75cba2d

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libgmodule-2.0-0.dll

Filesize
36KB

MD5
fe4a3f6ded7352e53c0947a82d0e9786

SHA1
f2111c5d46925bd6566b67bda207461c9b55b5d2

SHA256
393dda811539a4a845ef544199c521e4d3cbfadd58708e3fad2997dae3cce542

SHA512
7dcc149a4fc766f0debc7f8dfdc5dc9b535e3db87a372b126914f9d1fbf324338fdda92634ac6fe5703f2b32588da2f3eaeb36b2f3a82d70bb71dd909f661ab0

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libgobject-2.0-0.dll

Filesize
322KB

MD5
4841b329d2a3a855dd0dc806be1cd9e8

SHA1
5a7ab0f7bd85f69ea83c753ff2333e145f1a4c07

SHA256
40511c71e75bf7b4bce19409043911af91372571ee2b1ddd50e5b1d424418da4

SHA512
317fb1002238fdbbcdd209aa82e8fa5c182e365c80fd78ee76136b9bb4e02ba5fc12f1749878923c824d86ccceabc827dd007fdeadafe9a89035a659b7522123

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libgthread-2.0-0.dll

Filesize
43KB

MD5
17dc627f9486441cbd0c805957b4b6d6

SHA1
178ea5aa11d6186a42ed0cc7411969ac10aa1a20

SHA256
73e699ffa1ac190850cd4ab96fcabd3ac647eab8f23d42cdeb36ac2a9a6bed4e

SHA512
77d586ff709627623be3b262bb8154f600276524d6408a8192c4a326ab20d5fd377c3e61e4a2c2bc08b75e3ff05a34da8d6502229d8161d611df1a4ba110a4e4

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libpango-1.0-0.dll

Filesize
335KB

MD5
f0dc3c677f7ac71415a5fca485ff2bb9

SHA1
0317618c3d036440cd35e18575708f1204f52a14

SHA256
555c06735eec7cf2d2fcfb3c3a53f11a66b798d58396d1339dc658dcc619cf74

SHA512
ab72dd8569945b01d5838cf6675145ba8715f690a73e4eadb12b6f69a267c24bbdb5cf1eea52f252bc734c0fc7e263265a2c5d7f7967575f9cdfd07ad3f68a8b

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libpangocairo-1.0-0.dll

Filesize
100KB

MD5
f1926484ec4b1fdd47e73dc26fa82e8a

SHA1
809bcbac31aca415a4e225ad33a4cbed4dc7edce

SHA256
63b2b56a854075add9220ac502b9b6408f4945385e8f23780b105daa1c35a4a4

SHA512
1d770b41bcb051cf0b5f52b8387311f5ec841b8c9efd70924bdc853cb7ef50504fda70fbae07bd72ba871b715e059f94a4f24a5134e773fe51fc2caef6e92fba

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\libpng14-14.dll

Filesize
225KB

MD5
f3a15497e25baaa721f96638d7a4d2f8

SHA1
a5450c9fb0789f9f3b62e8f5bbc047c7a9209f9f

SHA256
7644c698cb5c823b9fd238d9e88b25d14e04816a0a2c77c48170309957c69efd

SHA512
5662fda61b4985a77aaf6bd1e91cb1d4bddfde1d8d9d278bb19c0c347cb0a5cbb936f3e279346e253ecebb602a5cc6bf90acd4d677ce982c51e813ae0769b763

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\x64\ConvertFat2NTFS.exe

Filesize
15KB

MD5
6b3b7eb22046c5cc458215e652a2bcbf

SHA1
17a3c63ab0c11e909e4d8a12a46909fbd1722835

SHA256
35b69656cfaa53c117d894caebe32691e633e3de0d7f319801536a13a13b9d3a

SHA512
dceef6cdc904abee0d0a51ef29f7c01a6b20c0f667744d2661584f24f1be1021430b4b55fcae40959c1d6575336d19999a7a428dbbf56e8b91ef86fc5c819488

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\x64\WinChkdsk.exe

Filesize
46KB

MD5
d1f417168d25d2218ed40d4e553c9300

SHA1
213587f60d4bec5341c72415f815e7d7d0811845

SHA256
dba25fd14f890b55f2e13197327d510bd5f6b0999fe325d8970b62feaea84d3f

SHA512
137d28fb09a58d2f0854976724eb1a9674ed88b970b5b432d52a9c8b7f4d8a5db962553abea334e980208bb4c2e6f45bb1efe3e61817f001d75cc4cdfee1509b

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\x64\msvcm80.dll

Filesize
504KB

MD5
60a6de55aa50d57a01b7148b0a7ea139

SHA1
da30628428724cd281151a60a361b27617b26508

SHA256
2fa2a2a4a0511493c5a360e66c7d62f0ea5891925636eac61cd9db09dbed5637

SHA512
376758a45744d2d3b9ef2d81387cffc1abc44753a1299550b1ccee47cbecf137c897510eb361693e518aac3348424ccb3cac3493d938a503a767eef96f5a3cc0

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\x64\msvcp80.dll

Filesize
1.0MB

MD5
c332db81197e6e5d4a67d3789dbeb02a

SHA1
d691130e4808910ed5ca0640150b9badc8124243

SHA256
d3ed3fef0f3fd9d547d7ef60d5f532d6aab5bd45966abcb24bdf61dec60c813e

SHA512
660462070a3a4d4dff52e1d20c22dff1c6caab48f0d039a43e7f322099068ff0eb80dfc6dbb9bea7a2923e8986b36fbe6048ee147ae44be8696d6d93214cc6b9

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\x64\msvcr80.dll

Filesize
778KB

MD5
4d89f6191db56cfa659388378f3dd688

SHA1
c5f28857b4d3a9d182b9c25f3d599bb84ccb8acb

SHA256
2219e15b66aba301909128e6775e0b4f8b28b529b3ec087161edae55e2676c65

SHA512
7a6b735bb80154e913e2d95e9e475cdfdec84cca410f4c05175aa7cc6d84adcb1726072f4b7b69acb88f9178ae67b9bf0c28d341a9a1dae3d32b4a36762eeb53

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\zlib1.dll

Filesize
98KB

MD5
d90dad5eea33a178bac56fff2847d4c2

SHA1
cbbce727fd8447487c7fc68051b24df17d043649

SHA256
104162a59e7784e1fe2ec0b7db8836e1eb905abfd1602a05d86debe930b40cbf

SHA512
8dbe57e32554d049a0779c40645dfbad2eaa1eeaf746898cd44f8686265f1fd4f84d6f857ba40644294d817d5c5eab6ba6271df55c56047fd16c10b8478184eb

Download Submit
\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\unins000.exe

Filesize
697KB

MD5
8710d6ac8b42f42ac748ea295383a40a

SHA1
dcf756391419af799c096e2ba6b94f5def456301

SHA256
746c98a004cc2095b0f9ce27fa0cbe26611661236e883c2c1a2156e78638314a

SHA512
acc49658dbc6c3a4ffb520e31714df44bff1c69b452a9dd33b560429ce8ca3252fbc7da668fc986483476465c346c9637887b8a2a489afb451f855aa8ac9b374

Download Submit
\Users\Admin\AppData\Local\Temp\is-2764D.tmp\EaseUS Partition Master Home Edition v9.1.tmp

Filesize
687KB

MD5
8f144bcbcad0417e7823dd8e60218530

SHA1
9df092a764b8ad278ed574f00d1c065683eef6ac

SHA256
39dfa032878743bba8244c73173c263e669131f0084a38f22c52b1383f627ba0

SHA512
e093f69030fee17d8b55bde8337d409e8dfb583c97a81ed37425fb72122318d4c1f996d0d1bca28f24182ff5c8afe2be25eadc27951463ddca5c0abceca2a72d

Download Submit
\Users\Admin\AppData\Local\Temp\is-KMBH2.tmp\_isetup\_shfoldr.dll

Filesize
22KB

MD5
92dc6ef532fbb4a5c3201469a5b5eb63

SHA1
3e89ff837147c16b4e41c30d6c796374e0b8e62c

SHA256
9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87

SHA512
9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3

Download Submit
\Windows\SysWOW64\EuGdiDrv.sys

Filesize
8KB

MD5
1f2f4ab15ce03ecc257feb2f6dc5a013

SHA1
a229482c7f557044a7c8a2c771327b9bb5474c37

SHA256
fb06406ad9ccd946155c4e8ca769e0430589a4e4bbbda2c90a67c84e0d2f8ee0

SHA512
fc502d2c163ec56d92a43ba7cb5e222c0c1326fe39b9e9aaae52f536b4cb2dcbf3dcf5e29b472fc39d702ece0765b3e3cb8dc839424ac974bebbec94633810fb

Download Submit
\Windows\SysWOW64\epmntdrv.sys

Filesize
12KB

MD5
35335fbcec055438a97b8dd1a1430568

SHA1
05214d544f911389eacd0af47bedc929f628d282

SHA256
6679b6e4b04182a30dfbd06dfce291f9cc99f6a0a151cef81d5a8e76b9663fe7

SHA512
563475ca08479347b5b27add3b2b416da8ed2a5cb948d3d8e66e321c91caaa51d145480d7834cfa5746bc189993d58f9c7a37b7f2163dc4a47ee622603597df3

Download Submit
\Windows\SysWOW64\setupempdrv03.exe

Filesize
84KB

MD5
780fb595e5e11355a8313f644329e3eb

SHA1
2a4714ff389bb2391f9c57ce9da6064ac2aed8ee

SHA256
1d18e85c2559afd67392543bf497983ad08d9aafc7b05ef02349fa4c8dc1a6f1

SHA512
99f311055bfe8bb78927386208ea0c42ca601aafc90047950652fa93ac23929e8e594771362e8e20b38831018a516f0c4aa1072530e5550507d7648250498676

Download Submit
\Windows\System32\EuGdiDrv.sys

Filesize
8KB

MD5
fb949ed2c93c878a189039f3d7730942

SHA1
b1f9f5b0ad4e4539f154062554e1ddf183b7a788

SHA256
857afb9965f14c80c21948c05a44d37948bd206961101dff087735d6a7ccaa8a

SHA512
4fc1ff2ed2013ed2340443eaa06aa5a5251d40f9696ac315ebdc58ebe5d967c9c475d7b7c0566461c2b805300329520364c5b08e48854121912b9446be697afd

Download Submit
\Windows\System32\epmntdrv.sys

Filesize
15KB

MD5
1cb7fb55d52d41731d66ebe3988e0806

SHA1
31e8004a3450e734f822078552359963c1d4dc0f

SHA256
33b71ad5ee050d9b25d8c57c2eb91cdc6e78798986d240c62ee4211ebfd3a4bf

SHA512
212cec14a2228e8af10068f36c2ccefa98528928263bf1a6cf90358bbf62cf9270368d188d5735a62304685eda4d1b21e7661fd8e61cb58b3d2ffaaeae7a25dc

Download Submit
\Windows\System32\setupempdrvx64.exe

Filesize
97KB

MD5
adad235532772c387058119ebf8cf5ac

SHA1
f6063be509acda3996a2160d4a9a99d5880c6195

SHA256
9eea133c1ba25bd135afade5a733f3f4dd70768bea95de845dfe14f8285b0a06

SHA512
a5352e6dcb6c4455698d9f2c22913befa00df694b95cfb274a7b67e704636a25075e79ea1f467ac0d8dbce8557cd383ad32a917be87d29817169166869eba140

Download Submit
memory/1816-1531-0x0000000000900000-0x0000000000C9C000-memory.dmp

Filesize
3.6MB

Download
memory/1816-1522-0x00000000685C0000-0x00000000686BE000-memory.dmp

Filesize
1016KB

Download
memory/1816-1497-0x00000000006B0000-0x00000000006F0000-memory.dmp

Filesize
256KB

Download
memory/1816-1495-0x0000000000670000-0x00000000006B0000-memory.dmp

Filesize
256KB

Download
memory/1816-1493-0x00000000002D0000-0x0000000000313000-memory.dmp

Filesize
268KB

Download
memory/1816-1492-0x00000000002B0000-0x00000000002C0000-memory.dmp

Filesize
64KB

Download
memory/1816-1490-0x0000000000250000-0x000000000029E000-memory.dmp

Filesize
312KB

Download
memory/1816-1489-0x0000000000230000-0x0000000000246000-memory.dmp

Filesize
88KB

Download
memory/1816-1534-0x0000000068DC0000-0x0000000068EAD000-memory.dmp

Filesize
948KB

Download
memory/1816-1486-0x0000000000900000-0x0000000000C9C000-memory.dmp

Filesize
3.6MB

Download
memory/1816-1500-0x0000000000710000-0x000000000072E000-memory.dmp

Filesize
120KB

Download
memory/1816-1502-0x0000000000760000-0x000000000079F000-memory.dmp

Filesize
252KB

Download
memory/1816-1504-0x0000000000CB0000-0x0000000000CC4000-memory.dmp

Filesize
80KB

Download
memory/1816-1505-0x0000000002600000-0x0000000002669000-memory.dmp

Filesize
420KB

Download
memory/1816-1507-0x00000000026B0000-0x00000000026C5000-memory.dmp

Filesize
84KB

Download
memory/1816-1523-0x000000006DD00000-0x000000006DD0D000-memory.dmp

Filesize
52KB

Download
memory/1816-1525-0x0000000065C40000-0x0000000065C4E000-memory.dmp

Filesize
56KB

Download
memory/1816-1514-0x0000000068DC0000-0x0000000068EAD000-memory.dmp

Filesize
948KB

Download
memory/1816-1515-0x0000000064F80000-0x0000000064FC2000-memory.dmp

Filesize
264KB

Download
memory/1816-1516-0x0000000068F40000-0x0000000068F63000-memory.dmp

Filesize
140KB

Download
memory/1816-1517-0x000000006A180000-0x000000006A201000-memory.dmp

Filesize
516KB

Download
memory/1816-1518-0x0000000061A00000-0x0000000061A3C000-memory.dmp

Filesize
240KB

Download
memory/1816-1519-0x0000000062E80000-0x0000000062E9F000-memory.dmp

Filesize
124KB

Download
memory/1816-1520-0x0000000065340000-0x0000000065374000-memory.dmp

Filesize
208KB

Download
memory/1816-1521-0x000000006D580000-0x000000006D5CE000-memory.dmp

Filesize
312KB

Download
memory/1816-1532-0x0000000062940000-0x0000000062961000-memory.dmp

Filesize
132KB

Download
memory/1816-1509-0x0000000004630000-0x0000000004696000-memory.dmp

Filesize
408KB

Download
memory/1816-1511-0x00000000047E0000-0x0000000004811000-memory.dmp

Filesize
196KB

Download
memory/1816-1513-0x00000000046A0000-0x00000000046B5000-memory.dmp

Filesize
84KB

Download
memory/1816-1528-0x000000006D4C0000-0x000000006D4D3000-memory.dmp

Filesize
76KB

Download
memory/1816-1527-0x0000000065580000-0x00000000655C5000-memory.dmp

Filesize
276KB

Download
memory/1816-1533-0x000000006A300000-0x000000006A323000-memory.dmp

Filesize
140KB

Download
memory/1816-1499-0x00000000006F0000-0x0000000000702000-memory.dmp

Filesize
72KB

Download
memory/1816-1530-0x000000006B280000-0x000000006B296000-memory.dmp

Filesize
88KB

Download
memory/1816-1529-0x000000006D700000-0x000000006D7E4000-memory.dmp

Filesize
912KB

Download
memory/1816-1526-0x000000006C340000-0x000000006C3E3000-memory.dmp

Filesize
652KB

Download
memory/1816-1524-0x0000000063A40000-0x0000000063A83000-memory.dmp

Filesize
268KB

Download
memory/2052-18-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2052-1508-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2052-3-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2052-0-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2232-1358-0x0000000003A90000-0x0000000003A96000-memory.dmp

Filesize
24KB

Download
memory/2232-15-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2232-1324-0x0000000003A90000-0x0000000003A91000-memory.dmp

Filesize
4KB

Download
memory/2232-1316-0x0000000003A90000-0x0000000003A93000-memory.dmp

Filesize
12KB

Download
memory/2232-1315-0x0000000000400000-0x00000000004BC000-memory.dmp

Filesize
752KB

Download
memory/2232-1414-0x0000000000400000-0x00000000004BC000-memory.dmp

Filesize
752KB

Download
memory/2232-19-0x0000000000400000-0x00000000004BC000-memory.dmp

Filesize
752KB

Download
memory/2232-1351-0x0000000003A90000-0x0000000003A98000-memory.dmp

Filesize
32KB

Download
memory/2232-1488-0x0000000000400000-0x00000000004BC000-memory.dmp

Filesize
752KB

Download
memory/2232-1323-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download