Resubmissions

10/05/2024, 21:49

240510-1pg7jsbe6w 7

Analysis

  • max time kernel
    65s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 21:49

General

  • Target

    Diabolic Generator.exe

  • Size

    163.4MB

  • MD5

    c8845cc4dc9e7c810bb267dbf7706702

  • SHA1

    b0974a488be39dac53a46e5b1ac12f22c5a2433f

  • SHA256

    d8606962465e8c21ade31d09c3193c7438129cc5174e43fff62472cb9c777075

  • SHA512

    6d7da44731d97c2659e80d895c14bf7ca64e2ae2409a8c8407b21c2ef0d61159dfcb82a49082b844cb97ce83c6976c3fa4edd41c9e87d881d65e76164eef070a

  • SSDEEP

    3145728:/t2JYOUKkiNhjgEhzpMWwJi52fzNkLE0YHNrTyT3a7MrE+h3mMVR6:/t2CnDOrtWRBGFMNrTiqIR2MVR6

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 4 IoCs
  • Loads dropped DLL 31 IoCs
  • Detects Pyinstaller 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Diabolic Generator.exe
    "C:\Users\Admin\AppData\Local\Temp\Diabolic Generator.exe"
    1⤵
    • Loads dropped DLL
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Users\Admin\Desktop\diabolic.exe
      "C:\Users\Admin\Desktop\diabolic.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious use of WriteProcessMemory
      PID:2240
      • C:\Users\Admin\Desktop\diabolic.exe
        "C:\Users\Admin\Desktop\diabolic.exe"
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:952
  • C:\Users\Admin\Desktop\diabolic.exe
    "C:\Users\Admin\Desktop\diabolic.exe"
    1⤵
    • Executes dropped EXE
    • Suspicious use of WriteProcessMemory
    PID:2988
    • C:\Users\Admin\Desktop\diabolic.exe
      "C:\Users\Admin\Desktop\diabolic.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:2624

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\MSVCP140.dll

    Filesize

    613KB

    MD5

    c1b066f9e3e2f3a6785161a8c7e0346a

    SHA1

    8b3b943e79c40bc81fdac1e038a276d034bbe812

    SHA256

    99e3e25cda404283fbd96b25b7683a8d213e7954674adefa2279123a8d0701fd

    SHA512

    36f9e6c86afbd80375295238b67e4f472eb86fcb84a590d8dba928d4e7a502d4f903971827fdc331353e5b3d06616664450759432fdc8d304a56e7dacb84b728

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\PIL\_imaging.cp38-win_amd64.pyd

    Filesize

    3.1MB

    MD5

    4bdf10382db4369c5f779bdf68d203ff

    SHA1

    5297002ae657d981c1dc9c67231da8371c6e4d6c

    SHA256

    334375da85840776cb4f663b6cd09297a6e3281ef43b1186bc61058e7699122a

    SHA512

    84afaae2eace1ec6fb50887495e7a08772bf54ca1453f15aa414c67ee94285b339d4e7da348faf5dee9e9a24b4371a9f65f1e5323cf5332c7e50274d4b4c1f58

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\PIL\_imagingft.cp38-win_amd64.pyd

    Filesize

    1.3MB

    MD5

    b45db71a9739ea4f9de8fc5b1d7eac57

    SHA1

    d0e31e671a181f4409644f421679626074580274

    SHA256

    d545aad2f89e1748a5178876ce1f058595ebb53694ba375fee9cf2ad2cbf2a88

    SHA512

    3d4eec4befe319ea8245286f992b3a1f79fa67d04d1f5a1bf94bf45e93ef591b878e4188e54cba98c1b32ea96afb33c5b37e5e44543950edab93c80d02995715

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\VCRUNTIME140.dll

    Filesize

    91KB

    MD5

    7942be5474a095f673582997ae3054f1

    SHA1

    e982f6ebc74d31153ba9738741a7eec03a9fa5e8

    SHA256

    8ee6b49830436ff3bec9ba89213395427b5535813930489f118721fd3d2d942c

    SHA512

    49fbc9d441362b65a8d78b73d4fdcf988f22d38a35a36a233fcd54e99e95e29b804be7eabe2b174188c7860ebb34f701e13ed216f954886a285bed7127619039

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\_bz2.pyd

    Filesize

    85KB

    MD5

    712a8dba2916f0261a1290a8e3d85ebf

    SHA1

    27dbfa5de547c30c457855594272545dafaeb39d

    SHA256

    d6e5763cecd267be0ff5355ff53e93428f3dd7ab20458fb1e7432dffa060cf82

    SHA512

    662664189f3a426a2042c998a5396fcb660f1ec123fe8089ec740ae414e0da9173d2e1abb6a231b3271bba9c4cb2a3a0a6ea45c475531bb986a4d085e74de1d9

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\_ctypes.pyd

    Filesize

    123KB

    MD5

    4786508ffadc542bd677f45af820fdb9

    SHA1

    fc0f7dae6e0d093594e4ff1c293ce004dbd16fd7

    SHA256

    64f5072cd9536418ec0fd4b5c30c13b03cdddced1f9332d4d721c4b37ae3883e

    SHA512

    ad4b0e6883c2f0c003c46b1b85f5fbc2c1f8366a212695b9e47664c8735a30d4c8a3c645b324d3d059582096a1fe78ac1043ba8a639ced0665ef8c5cc33d0b80

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\_decimal.pyd

    Filesize

    262KB

    MD5

    64f63438e6d05ddbbff020bb517326aa

    SHA1

    1a902846832889e23cd1b98785b9a85709489a30

    SHA256

    c2241fc45e94e2950c7bceaa097c3fafbc0e8e764bf2869ea5e27ebf4829a619

    SHA512

    e3e801b35350366973464af4ee0490fd4efff2814f7b34094e23df8bfb9a67f1c6ef2e6a628606226dce956b11d43d73924ab0787ca05b56dfb7ad3beff3555a

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\_lzma.pyd

    Filesize

    159KB

    MD5

    fea0e77f594207b8af1d240a16c6650e

    SHA1

    dd48f108074eade8c0f84916d619bce4a97c07bb

    SHA256

    d7acc95049c07298af56a316419e6548f3e6b56fb22dfb3382607a803dddb5e0

    SHA512

    3b06abcf29bd93232afd6ae0b8fbded6cc75c5a5cdbd5b410d16e6f19e034d4f903252eda243f670173cc05e78e36e767553e065648ce7c3af330d10922d51ff

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\_socket.pyd

    Filesize

    77KB

    MD5

    bc7b1b0112427976b83911e607213c37

    SHA1

    f4c7eb5b46ebe015a13de59f17ca158c01a377f4

    SHA256

    85f200cb9adf0ef97d40b897868f6ad564211d3529f0b6dfe8e04c56a7b832bc

    SHA512

    18bc94c917ee894121241dcf65fab370a344caaf1120162fcb0966503c502b3e990a79553d2e4e1e3403e35d2b5e00cb365254c08f99c93c178e2e1fd7b2a040

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\base_library.zip

    Filesize

    760KB

    MD5

    877f89f4a141da5810ae8df658dae577

    SHA1

    df17d4bf2fa8bc3ce9a85f635ee8cfe640cdd3d2

    SHA256

    f009edc33aea2ee2dc1e9ed32e27ddda6204c45c87a6f722b883c76eb394555f

    SHA512

    988a3daf5df93fe509886c4af86039493667ba83957d41a48615101d3bbcd8b2c319ae59e59cc83a6765f33558e396294f8e9e349f8c21131c0f10a2bad6f212

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\libffi-7.dll

    Filesize

    32KB

    MD5

    eef7981412be8ea459064d3090f4b3aa

    SHA1

    c60da4830ce27afc234b3c3014c583f7f0a5a925

    SHA256

    f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

    SHA512

    dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\python38.dll

    Filesize

    4.0MB

    MD5

    eec355a6e9586f823a4f12bed11e6c80

    SHA1

    33627398cb32f4fbb162f38f7c277ad5b13a99ba

    SHA256

    560a6a5f8b7afa99600cc47da26a802c342d7f50ffe23850372f2fcf536cd26f

    SHA512

    7b4b3c13383de62a17aa1aafabce657ea5f4aadd716430fcd6e0f3125b773ae1589b3eaa050ccd87b37f6fae2391c5e7a8a229c0b0fa135de8d0269e9752bea0

  • C:\Users\Admin\AppData\Local\Temp\_MEI22402\select.pyd

    Filesize

    27KB

    MD5

    bb6e9825bd4a98e0700d96b59ec64f68

    SHA1

    afd51547dad9cd7fac0efbda76b5e2388a027681

    SHA256

    bb81d220db83d5276fccda137d430160b8eafd40f4d92d86ebc718b4dfd555ac

    SHA512

    2380a0a2bd625ff79b04bb9d4f6611150512d72f719a3cc73806ea979c29b01fc3d947fb2998e308796a32061e0f2d34d158876924c71350c759e2a841abf964

  • C:\Users\Admin\Desktop\config\config.txt

    Filesize

    352B

    MD5

    b58b8a5163c6f8dced78b3f7ca00472f

    SHA1

    95b975403610b954a3787cca97b0b68652f2f319

    SHA256

    2dcab3d2940b72432fa51a5fc64d4b1ae4b3f04f1bd39c0e6dc0507fa500f61a

    SHA512

    816d6e34b92b4b101fa822cebb9162c4b77ec6fe29ab0c58006813c3ad6ddb2916533e2f797b0c47d860985a998bbea9e31b5b5d54a4897bb574c50c4a043990

  • C:\Users\Admin\Desktop\done\fotos\perso-back.png

    Filesize

    13.3MB

    MD5

    0a98220398a6b2c3aa44131e991ed853

    SHA1

    f65d1bdd1c2c2a10740618c20cccc9634dc978f6

    SHA256

    50ae3005a75ea63d20d15f915e6becd6f03e55038173a06e7585db5cab9179e5

    SHA512

    ec59f0bf757b806f2bd3d87eda3cab6e83661427f6803707653e9a92987f2f8a65321f2bcccbb38af627e9e418d3db4010e9ec3e9c5032e74d277175d200c439

  • C:\Users\Admin\Desktop\done\fotos\perso-back.png

    Filesize

    13.3MB

    MD5

    3a04497de5d93ad6aa38acfad2b00215

    SHA1

    bfe9b38ca1c3903ef1497acc6ce5cba90ae943b6

    SHA256

    9f48f1df014bcaa01e5779591afbeb156e001325dd9070716ef303df0d666e5c

    SHA512

    8a09681d20ef7aa222e471fd12ff76bc9c1fb5c10810a40e60283923b51d23950c93958472821b805926bca2f6404dfa5e800175f9dcd6a3cf2312f279cb81c1

  • C:\Users\Admin\Desktop\done\fotos\perso-front.png

    Filesize

    16.0MB

    MD5

    c6a11e0f8736dc953c75a43d92de4db2

    SHA1

    43e90cff4c41046efcb8e9571dd26f417c80abea

    SHA256

    fad9b083eac53c3337e86facfb76af55ed34a40fdd8b964a2f5a67c88f5639ab

    SHA512

    e879f41d10d10206a1b29120a94999a9551b18798fc7d4e0ff9186c99d0fa5f47878c944a91321f89f87246f768458ff8097ca536889be024173e8e3f275bb44

  • C:\Users\Admin\Desktop\done\fotos\perso-front.png

    Filesize

    16.0MB

    MD5

    06d54faa1cbe7d861d92b7ba00fe19cc

    SHA1

    46a7b342906d3bc6650a1b04307db2e75447b287

    SHA256

    2bf87893b56976e33c63d2b7cae5177e6a819c3068eda9bf6c12f3682c525c00

    SHA512

    1e1334752a31347bbead0a00274c5450b4577b7915d1b4899bf6565b698f1ead2418acba2828afedf09fbaa358e6e5f2f05d20d2b2036159ea8175db1026e114

  • C:\Users\Admin\Desktop\done\proofs\karton_unterlage\back_proof.jpg

    Filesize

    1.6MB

    MD5

    531e317c1e22e01e0b4d4098c4a69462

    SHA1

    30b47499887cfeef70d1d78d1f0bffcd766eec3d

    SHA256

    06b3b72c5d99f69ccf55b86ae1eae3213ad212dc1cbb80697d4e3f5e484bf62f

    SHA512

    a24228397d20f9ec1a0f8df6e61ab17cbfb3976d65bf61e33d17001f4c0d9c97323102acaeec2f01207e3fbaea6492ae52e76d30e615851ee9c46906bfefb741

  • C:\Users\Admin\Desktop\done\proofs\karton_unterlage\front_proof.jpg

    Filesize

    1.7MB

    MD5

    fe55f9666d0f05829c2ddb8ebcfadd4a

    SHA1

    3e75c8de0b843552ee52761819db9903f5b45c54

    SHA256

    3b7a186df2e71cffcf23d09cd504319e7e1ea98f6c230934dff709175a975b7f

    SHA512

    9eca46c75b5b63de3b005658443b8543249981e93886fa96177f55193c2a2deeb09fb4fed1b8fd5306ba32e2b7b09e8643726463125e0ff22219167ab274dff1

  • C:\Users\Admin\Desktop\done\proofs\karton_unterlage\front_proof.jpg

    Filesize

    1.7MB

    MD5

    ab02de7eb87c63c3e40adaf1654fc834

    SHA1

    0dd98291df08b10ba2eac217d19cde4a9fcadaa4

    SHA256

    6163c1aab3f09de314f975b4dbebab40e573020f76108e964aea589633557ca0

    SHA512

    89f8ff07e99f3d03ce9d1fee670558f1870eb4b36a1e4896a543b78856fbc2f88161d4aa7d91a3f3420c3665ff61a126cb6959b8daafb9699f3b89b914cedf92

  • C:\Users\Admin\Desktop\done\proofs\ordner_unterlage\perso-back.jpg

    Filesize

    1.8MB

    MD5

    51353a66c9690f7945e02e9df772c0d1

    SHA1

    1cbb3ec07f6e3dbbcb9e1c387b9976a2d86f396b

    SHA256

    6b8aea8c0a91cb4e8c0074c354c24b6f0046660bddc6c8c880b1312b0985b497

    SHA512

    07b7bba67b2639c2b7251d67c504ba814b42b1315ede81496554465739a1ead8c598986dffe9fbe046e917fcf8e49589a9b653f0312a65322cfffb4d51890ac2

  • C:\Users\Admin\Desktop\done\proofs\ordner_unterlage\perso-front.jpg

    Filesize

    1.5MB

    MD5

    3d2a24d7cd9734205bd5f250f5416b3d

    SHA1

    474d1e8bf129458c7c7b73b9833df5a8407bf171

    SHA256

    444fb51792352c91728a94350cf8be39f8152bd0670461bdbe9af6a39aac6bff

    SHA512

    3d0d5288b17b18bc31acb9498071b6c0b45dfdbaa9b5a178a3ba00df8e96f7a0a304f292cb50f80a060f766106edd43249504e967c7c42099fc602a6ad04b1cb

  • C:\Users\Admin\Desktop\done\proofs\papier_unterlage\back_proof.jpg

    Filesize

    1.6MB

    MD5

    948079511b1bbcad08d8cf553af73105

    SHA1

    4b99fad0afb64248c3068f215de0418b25c766fb

    SHA256

    8f59125d8bd22a27b9f1f715f8e9430b3036ca87b7ad0d48e3e006a39d6f0a46

    SHA512

    bfb0e7f214c6f7c7803128ec852c0a5a6818bc7bead65728c06d26f0107184107963203d16e45b7e6fcdd6e5cc8ef1a839632ef87e9747b78318e41fe758e3a7

  • C:\Users\Admin\Desktop\done\proofs\papier_unterlage\front_proof.jpg

    Filesize

    1.7MB

    MD5

    8a108d71cd8d0535a3f804c89cbc46e8

    SHA1

    eb5d94080b58642cb40ac8a8b4e97f838d1ba8c6

    SHA256

    8281e94263ff2fce03bf62ca0a4a8306337f12ef205e1f579495ac88dc7425b0

    SHA512

    c2bf1d0cd445604f7074a63beeef90680010505ebccb93543606b295aa00203f42665e6799b424677b54be131d5e33b8ab90cf5dcec0c3573953b604c546644b

  • C:\Users\Admin\Desktop\done\proofs\papier_unterlage\front_proof.jpg

    Filesize

    1.7MB

    MD5

    b289075bf4b40c64423b6a6276f13490

    SHA1

    734b4504753c6fe7f81b6727e4eb8980e891c290

    SHA256

    965b6cea7bdf36c0647dcfe720917fc09231f6dfcc8d177d32dec9ef3419f5b9

    SHA512

    2d845f9d89e354413578c1cc4320649608e3355d2cf89c31c1b89cdb9933bef642fbd6f2ed9426715c60a9c6f63c90323d283e0a7bb6ac6b3cbdb31ab5852103

  • C:\Users\Admin\Desktop\done\proofs\schwarze_unterlage\back_proof.jpg

    Filesize

    1.6MB

    MD5

    23f6e59fc09d12103b1478ed36875a60

    SHA1

    2990be08d0485cba88b22a4b5eb0111d7ff04811

    SHA256

    edbf31fd6e880df8cfadb5a965ae9edaf8df56fc5664a461e9d8df008499c8f5

    SHA512

    6a8980ddce9fc032b5b5b7b4ffeba0fb3d7b2e56141779549279628440eb74fd4beded1ed8c08e1316b42b78fd0ef2dd62a2e4840bda2c1707340f2aa6b8a251

  • C:\Users\Admin\Desktop\done\proofs\schwarze_unterlage\front_proof.jpg

    Filesize

    1.8MB

    MD5

    6a66919f0507297db233c8215de7ec01

    SHA1

    8023c10c9eb1de550c43ec1c287c491b347254e6

    SHA256

    270dc30f05e348b51d59a920f6f3cd700fe73b532a43b5ea4517cf920f798361

    SHA512

    726cee0866c9a73dca9958860864b2d88d847c020e9c5343a849466283bd8a5702c37677a9b74700a2e8e65e4a6c73f5f2c54c7bd4db75c43db5de9a4b1370ba

  • C:\Users\Admin\Desktop\done\proofs\stein_unterlage\back_proof.jpg

    Filesize

    1.5MB

    MD5

    806e462756c56f6f556a5c8d0e12647c

    SHA1

    6ae473f415c8ba755783d8a18c914059077c4dff

    SHA256

    eb74763998280779287abb7aaa76be04b96e983ca284c475808545d1fc2fda98

    SHA512

    487bb801ef2c054f9adc80316f42ea1cea5375b0758a4fa69403fce6448f8588a8a5dde96167926b0766f60d4f23043a13e81267e2d44b9819034f20a4e1635f

  • C:\Users\Admin\Desktop\done\proofs\stein_unterlage\front_proof.jpg

    Filesize

    1.5MB

    MD5

    1f155fa59d4182a7d0409d8eaaa27a73

    SHA1

    585e9acfbdc720effc4c26093799d39fb65361a6

    SHA256

    c430e04ec5b27bf2fae5ecee0b7ec2080c71472f4afffe98469a8450cf990d59

    SHA512

    09da1c3aa6faabcf835da0841f22123b781b4feb62a510d154091bd35714d4cf5731f4e6e47434f4914b4079e5ac6f106755c576a6c28e19b0977e0416d11075

  • C:\Users\Admin\Desktop\done\proofs\tisch_unterlage\back_proof.jpg

    Filesize

    322KB

    MD5

    744f4592bbcc07ba9e9c075c4e46124c

    SHA1

    d3d5c6ab01e71516b41d8c29d6ed4c2a2e1f932e

    SHA256

    8ffa80c57ae0e680839c8d2b0c625a7fe4883f64d5b0d067792c026e2103460d

    SHA512

    5d47ce43bda45774e7daa5f9fd4bb06c73f20bbd9b845d8f01e0d615e247067accb753020f52f1ff9f208fd8d68892d3fb159e645f319f42c9cc9dc037428fcc

  • C:\Users\Admin\Desktop\done\proofs\tisch_unterlage\front_proof.jpg

    Filesize

    346KB

    MD5

    29a0786f1e9cbeebfd6e1e331236c4ba

    SHA1

    4fbf541630aa936e378bc86bd05bac57d1fbcff0

    SHA256

    34cb81cf8b1bb2583f3f06bbd36c6d12a0045cef3ecd52df20797a9cc08a6260

    SHA512

    120adb14edc1ed86571f0414efa6ebc44e1f21d3d7cad52aa0c51918c1285127a59f9f827911a9b0fc505957038e5923649ed4b81ccd845aae10c692838da5f0

  • C:\Users\Admin\Desktop\done\scans\back_scan.png

    Filesize

    1.9MB

    MD5

    2ed24e1fd433020766ff29a4d6a336c0

    SHA1

    66874ac4a1a46fb620bc5278f755d67ded1e9149

    SHA256

    97a5576f4b098883005d1c47a2f398694dce720f11346422c5c3f636ff56733c

    SHA512

    adc4543a120e953bf359a43a47bd9f4c9cbcd2c3613a2e7c25913ee5fb3f347bac7a47693010b7da4db1f5d53263aa7d79048474265d62ac7c4426d52704c961

  • C:\Users\Admin\Desktop\done\scans\front_scan.png

    Filesize

    2.2MB

    MD5

    6892dcf9cbecf6c9d00d51a437185f5e

    SHA1

    1eff690586bb53db10f54d21876fc28d9b1e714b

    SHA256

    bd92378e6a563dbc566bf8ca4cd771b85273518dc0c2f5d3d18d5200e4d94d81

    SHA512

    ae097bf53c1ec6996a6504973dca4951f49c14dceb841a92b1a0e887e6574e6529e4d6de2ae87b0f21444599329d52e96d6e46ef948b6a60fece39114912f8b1

  • C:\Users\Admin\Desktop\other\custom_passfoto\foto_11.png

    Filesize

    296KB

    MD5

    fe62027ae2696e4edec40011d6c9f9f6

    SHA1

    fbeda7ded9016773f73202e9b80a0481c6b2c1e1

    SHA256

    38a249d51b28dbcc3c16193eb705ec5717e5225cdfb8de9c341fdcfeb5c03e49

    SHA512

    41a4370993ca381419b70bdd4f7ba57fcd62096f95db08d85a970fcaa84052c5dfb9154aea742896690fa31f9f1cbba3b2d9f2d4c915b712e043a1aa1fa670e8

  • C:\Users\Admin\Desktop\other\fonts\OcrB2.ttf

    Filesize

    38KB

    MD5

    af1ab953d5a17d3b8c1502a8a171c5f7

    SHA1

    14ffc3495fad44c14bdf0da36dad4571c6ad562a

    SHA256

    7ad4aa4e7ae1a21a4795d1badde3f6fce0bfd1131417e43c1324896889f67089

    SHA512

    19ba54e772bcc925bfb38564fde1612413aa8641183d7021e141476a3a2ad7e2d1bda82061291df6fd370b615e9da5ed006dd25bab88d9322be8abc6bdebe5a9

  • C:\Users\Admin\Desktop\other\fonts\Ocrb.ttf

    Filesize

    41KB

    MD5

    8537d6f7f34e9e3e62ff447282905227

    SHA1

    7079d6ded57e56895472ab419de1977920a48902

    SHA256

    af5138f1fec1d4b8d8e5f5e62617b26d04392cde5501eb9f17e5b7ff31b2d3f1

    SHA512

    aae757614eba0404c169955c3b2255baae0e5f9e7c23607485cddd1ddbf4ad7567b02fa63fcca673e90c3b7e0ab2d3a6bf676f065a5ff01f775015bbfdb5748c

  • C:\Users\Admin\Desktop\other\fonts\ocrbb.ttf

    Filesize

    20KB

    MD5

    fc3b8143000f0e6f34aeb41dd1d410ba

    SHA1

    e2c31dec3ab043bcb052f52cf75e40f6582830dc

    SHA256

    0def887850db9ae5796dc66064185f1c435a1465ddf420efe145751eff8f1bf1

    SHA512

    994d4e4ba821caff75826093fe9cdb08b5ad958617016aa2c8aa4efa826712cb69ff6fa1b1bd475f1c05c1d0e02d6bf13e9509331997d92ce5cfef3d508f7f7c

  • C:\Users\Admin\Desktop\other\fonts\saxmono.ttf

    Filesize

    69KB

    MD5

    6a2c1ed911eb2e29268c60eb27eac92c

    SHA1

    139352943dcc0f0b2033f50468ed9c47442834ce

    SHA256

    dc91e53afbce578a64953c3599613603e0590bbf4d5fa9818d3ca378488dbc04

    SHA512

    553b98e4cca9f41a823f75aaf1eee184dd5629cf9c48dcbce1c548439af1a19579d7fca181d6e544920268942664a2f5a5e06dbd773c74b9fc322970cc80f0c7

  • C:\Users\Admin\Desktop\other\fonts\signature3.ttf

    Filesize

    86KB

    MD5

    3b06d971eee4af0e700f9b479a0e7a64

    SHA1

    d8e3e3bac6a1e434c65d089e5c22cd9badccbdaa

    SHA256

    57a4db4252fa6cf2087174ede8f31e2f6a6d20201e1897306e5f24b986c89f9b

    SHA512

    ef783e15eef0ea60beaa1f4be23c37a9e414eecdcb647764dabf7216f0d8d5bfb81c9c982a4cafc6c906018629115fa950371a398ea90f4488c35e93aff7eac5

  • C:\Users\Admin\Desktop\other\raw\overlap.png

    Filesize

    197KB

    MD5

    da2f0a5603a0c4d7e410191eb9a36a54

    SHA1

    a28aead33e410f8031de3904291742eadfe0d1b2

    SHA256

    b58775beea180130b705d2a37286d2f28ce43d19a695c9353659fb553f9ac239

    SHA512

    1e1a45711b5a92bced17ee13965ae79d02bfbdc8cae2db9decf5ed1eac22d17df2bbe607abed1bdae3a92556ffd9c8c7d72729c37b0f69b1df08fcac1bec3180

  • C:\Users\Admin\Desktop\other\raw\raw_front_holo.png

    Filesize

    17.9MB

    MD5

    d0fb8a61414c06f4832e0dba7fb1cc15

    SHA1

    aee2da91997cc7906e5b730f697b66dd8109ba27

    SHA256

    d79f5dcd51de2ba6e0af301d43acfc6da08fde8fcf1ae9f56024462389dfd1dc

    SHA512

    960f8444002c671d5edba19e14a45f1d6e5d99c26f71d29123ef6a4a5639303c36699a21d24df4a157934a0a63f25326f8c03d0636ee769a748b3e402059391c

  • \Users\Admin\Desktop\diabolic.exe

    Filesize

    9.2MB

    MD5

    1d868a796ddb538c6dae29530c6cecd5

    SHA1

    c72c987ec9e710763b521036ae229ea90f1b5aae

    SHA256

    b20f4ee8eb36c3ab08e9be6201f151253eb782ab4a6eea5a22f6d5e685339618

    SHA512

    65aa9496c7a63a1b23bee3be5241fb2aedd6cb400d780a21b0dd479bbcaf5aba4a9b49d636d9263fa257dd74a42520c5173229833afae2b8e6c0baa942333837