Overview

overview

7

Static

static

3

FarCry 3 V...un.exe

windows7-x64

7

FarCry 3 V...un.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 19:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FarCry 3 V1.05 DX11 Trainer +10 MrAntiFun.exe

  • Size

    4.0MB

  • MD5

    d408e8a8056bdcf9e1d569cd211f6efc

  • SHA1

    99fd4ff079ed73573848492504cb5712f2067040

  • SHA256

    587e14af969e26467c73d7b4e74bb02e39e4750127a56601cdbf9060d3728b9a

  • SHA512

    d6100d61f788e2d94560c6ca7931d4bf919c20ed6de1ea4140cbfe1d444004fa64f71cbcd502b44398d157f0120f578ce653834ea04555d4c549cb07f68bcd21

  • SSDEEP

    98304:+vEFsNsvGS7+3PCbPROeIZ0Ap0mYZBsv8NGfhIB7oWlmfWQ6RTbG5/AEcoUfS:O4sWvGBPCbPUTavNGfhIZbm+m5jct

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 4 IoCs
  • Drops file in System32 directory 45 IoCs
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 13 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FarCry 3 V1.05 DX11 Trainer +10 MrAntiFun.exe
    "C:\Users\Admin\AppData\Local\Temp\FarCry 3 V1.05 DX11 Trainer +10 MrAntiFun.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2884
    • C:\Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\FarCry 3 V1.05 DX11 Trainer +10 MrAntiFun.exe
      "C:\Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\FarCry 3 V1.05 DX11 Trainer +10 MrAntiFun.exe" -ORIGIN:"C:\Users\Admin\AppData\Local\Temp\"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of WriteProcessMemory
      PID:2840
      • C:\Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\extracted\FarCry 3 V1.05 DX11 Trainer +10 MrAntiFun.exe
        "C:\Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\extracted\FarCry 3 V1.05 DX11 Trainer +10 MrAntiFun.exe" "C:\Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\extracted\CET_TRAINER.CETRAINER" "-ORIGIN:C:\Users\Admin\AppData\Local\Temp\"
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Drops file in System32 directory
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of WriteProcessMemory
        PID:1856
        • C:\Windows\SysWOW64\cmd.exe
          C:\Windows\system32\cmd.exe /c start http://mrantifun.net
          4⤵
          • Suspicious use of WriteProcessMemory
          PID:2792
          • C:\Program Files\Internet Explorer\iexplore.exe
            "C:\Program Files\Internet Explorer\iexplore.exe" http://mrantifun.net/
            5⤵
            • Modifies Internet Explorer settings
            • Suspicious use of FindShellTrayWindow
            • Suspicious use of SetWindowsHookEx
            • Suspicious use of WriteProcessMemory
            PID:2348
            • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
              "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2348 CREDAT:275457 /prefetch:2
              6⤵
              • Modifies Internet Explorer settings
              • Suspicious use of SetWindowsHookEx
              PID:2444

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    4c5537fb04d034541ec7acdd153a62fc

    SHA1

    61ed40721771adaf0b449bc88df672deabc34cf1

    SHA256

    9a34fad0367cf56eca084adc87c21d6aa869472dbe9e1462d7463b8f5a98d259

    SHA512

    eefef268ca25ba389d66eae507ca2b98e3cf99eb0dc2c85613aec4d41b9eaaebf2736c015b8ebc0734f54e35aa6c217afd9aa5f6860d64d7783bbec98733e019

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a5777dd5ec44bdcfcc32bb8eb20be3a

    SHA1

    f1a1775f9fce0c11ba7ea0240624a1d1822a442a

    SHA256

    5be84d2a289bccfb14c4d0e5898c25c0837fd6383275271b42ba7d42e53080b3

    SHA512

    4ec691ff4c9de2506b78805fcf2a0ff1ebeddbdb6046e40fe71534e50c4233dfcebf190f20474420cd04484130dc510a340cb49577525a1414502d9aaa993fc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87f63a375f7bfd599a21fdc040e42af8

    SHA1

    55cd6648d71abed3eef246e126fb5689a567dac2

    SHA256

    e7c86abca7a9304df060708caf7d5b660d50ca90dea953502cebb73ba77d565d

    SHA512

    57182c1792a38872e657066be4b6e27bccedae129f98ddfb8c119712d31650abadd9f046060bcb8ac301226ebdf63843f71e4457fa9a5959c8850c4f9ed04081

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa570e48e5e8b85b0c9431ab22e1f12e

    SHA1

    60ccb9eeb275f01cc586b14405ec5532722bd554

    SHA256

    963815dd0ceea1e7c4cbc0d6ab9d4f0c20cce6687cf1399c247bca1769a35572

    SHA512

    1399668ef02f53cad8767955debf400cfe39848a5cccf2a546703306a7bfb47171ad68c6eb730d651ba118ece6c129972f40e479bfa86b138e07959370e28b07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2336640b677d8bca4bce042c8b29156

    SHA1

    15119872620630d298d8bb22bc47485cf3781725

    SHA256

    f5f4597f9c6ed320315db962fd0670dea0b8c06af311581f616643a21c90c04c

    SHA512

    9dffaf0f5a43006cdd04b31b7ba3e4a5bf56f194a4d2b30b9ad2e669138125bb47f8b0f2bdb9a63396f69f25b905fc37ef3a3e25555b315f7eef162de56502e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07639d1fe126e16b22956dce5ce1aef5

    SHA1

    44becf723e6229e9d9d8738bdf27e0bfaaa744d4

    SHA256

    b2cc916792d81c2862e7f8eced3efc1a5d4025544af09bd0c26847859bdff8e7

    SHA512

    544cce2fadae4df0517d8c78af52e7839f9ae7f92a8f12dc6974ed1253cb9a89e29360f370b5bc61f843e58996f4bbbc92ad77e0de8bd1252c48d7eca2a1f917

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3da765077e2eb92c86447aec232c4142

    SHA1

    8a36765718c41c092cf3a1c11d2a0fd3f4e58fc4

    SHA256

    ddd25f1e6ec136a86e27723de30b47817612010093ec8ec3bb7b5bb55a5ea2cc

    SHA512

    331ca55996217d130c24b80058179bbbbf30b1c9ba471edca87c745ada98f93a028704a702fd56bdf660df3143b4bacf36f684ea1f39f6ecf74ffa7de442256f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45771b985a0bb9cecb6b929e97fdfe4c

    SHA1

    7fb3ce0fd8485f383c7c6481580b13bbe6945c5a

    SHA256

    a2178f4e942b1ec3a4993e33ba6d614f8f209769aa0bedc31d7a364e52182b25

    SHA512

    9e7f0ba06b5c20490357745a5b8b75f290bcc42ebbc6b4d099b9589c81be20dc0909540124337984f8a84e2bb9d708188fbcfa052a3c5cda1efec5c55d4bdb91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5941ce1b4443b69b7d86cca222e117f2

    SHA1

    10abaf4679ef376969e7ceb18f6125275a490275

    SHA256

    a06106b6d581a807bd2a95cf770261682292f833ffd19316e2e7f386d6596d4e

    SHA512

    5f1b446f83782ef496697261f35f2ea81b3d6a68f35f723cfefd975f8946e3270555d0b5702ff3ca9a5bd160541e6064d5b48a93ff628b58bd74192104e73f03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2ff6dd6aabc4a8770ccf7e15f134cb5

    SHA1

    715dfa8062423eb0c85d03efc4925417ed0a9a10

    SHA256

    ecd9e5483e601d1b90e2b725d7f9d9baf13e0bafd4a9ea2beab1c72cc75814ed

    SHA512

    06032582769409b2b0d03808caef05db88a1a2384023122e8cbe08d45d7f70505ac9afe5be33146e7ed3b8b55e931ab7424071f08631a9c33692eb5450032cee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1bd519482b365bb4aa8093e91003fad0

    SHA1

    684732b573e1a2e9308e127ae72d2f4ba551ba3a

    SHA256

    9e248338b346ded5096f33a510f4f102108a942eeb9e08b4459c37140ada5fc7

    SHA512

    ab6fc287d3d1835f14700d5117bd3c3aecbbbe80fd79856775521ac34de21e0a3dab4f450e51e8c0107b2cd6368b103887a0f8c105222fa4ccdc8d0d6765b4bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5c0e917bd88d70b2e9fb8111029afc4

    SHA1

    f1d0b3812aa8111c2f60eb22c7a989b7af7ff383

    SHA256

    6a3912219f453b74f742a38998784f965bef2f396889967dd36b7fac8b9521af

    SHA512

    16138e885d92aa510b5fcbccb90e340f3d9631b7619f73fe70e19e8d3d77f1c2a9811ecf65683012a8fd28fe2bcb3e738b868a9322290419fc7dedbc58772815

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    805ff06442971e7e8c2ada4c38734e7f

    SHA1

    2d23823c915f0ddecacf8103eac1146dfba9eeb6

    SHA256

    b7aeb1296d5cac3ce781a2ed6bfa71c87ab0633e3c98d302805c7d01e82eaad4

    SHA512

    a85bb7e21a5835c8ea62dde14acc2567243be4d6f29448a4046dc2346fbee68946677c0c2ee94a8df8f2b2c9e5981fb1c884f6854f9a53be49265aa47143ec5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dd3c8d4072988d7388d5ead21bed453c

    SHA1

    c6b74ececaafd99315dd7fac1cb30467b388c392

    SHA256

    1ed0e5ed48404692e7bc8dabd218a21a01c6007fc12fa005a49154a874a3df7e

    SHA512

    94d6ea2c4d979f33a02e6f86e3f0a4d42f70e9c18c1ddd5c1e4222c28195e8bb5878deeb74972722c63603a5fd0241d283518db0840376bb7cbae8f9e501bd79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1d65e511cc4bea3b7ea7819fa08b181

    SHA1

    8bbb94d600f8e9d47a18842fb4404a86128c9015

    SHA256

    95552ab073c09f77e75b79bd4aab08e594d2b92f16879b5b4c48d2b683819ec9

    SHA512

    bfbb52de2ade25f77dda9154eed127fb9b0d863e6c4e75f1feb2656b2a0a5d7336552bd662a10658b957b8c7a560fbd76db22f0127c7fbfe4a20c9085c51de40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1e55a8481fb8ee6e71ef5046e20f779

    SHA1

    cb834b291c4242c1f003c87a54e7d77165ae6f84

    SHA256

    74b88ea4eb9b4aa42afb70efc994615bbdc79f9294b81a7ee0a743ebfbbd0471

    SHA512

    2b8ad610cc19d7b265b25070ef9f821cee2ea29c65a8e090677dca43fd8c35c11186bc6b6fe52fa2e88c0e85d8998fa3f92985fee6ed7ff030ac592baa450888

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb2e3cdb9906bf763b3728429dd33944

    SHA1

    a21693222ef2079fe68ca6662a08b82b1abfa614

    SHA256

    f0fd9231868cabb22e75123e7761fe59777bfc0649eaf4decb605a1a4207b375

    SHA512

    76bf76644710e2cfb82bd8a76e87c8fe47499e9a9099634c1e6b1c991d60f77321a3bf5df448291c51060ffa6a549c91f9042abde49951072bc440633efe8db8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7fe1b38ad811fcf8a3f4f1764b3e1a7f

    SHA1

    bad327fc0bd5fe6097d36c4650363ab9e6607305

    SHA256

    188deb170d04990ddc45830655f7616b583d008f398e3efc5d58730e75a991e7

    SHA512

    79ed270ae7be8dfb2c50d0549520852eb59a8ea77bfe2dd692784d8996b901eb685a4f5e027e6c754e6b4f01eed93e7874c640acb617bf39068334dc4307eb51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    594a258a046c456f1dccfb2c8e6d21c7

    SHA1

    72e3e4dd38aa6e411d23342b16b57eb93321c778

    SHA256

    aa4461899040b15a692aae2db41c3fd435de22a20eee68e2112b2798a9ac9307

    SHA512

    19c3b6526c86764df8661e0a757a86fa5a5ff8e71f9d1a3accd70aa5f28fb88c1ecde2d884d2632f257fd222131507d5979d83422b39b8fc84e55113fb9deb8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6611cd8bd8323c6c8b76c47803d9a02

    SHA1

    5fe01fb7a5d8f1ebcba9d5d6fd227ea0b5d3c860

    SHA256

    d2c2865c589cc4cf0dc63e0bc9b7f43385169360180021c58b9dd8238232ff74

    SHA512

    d290fdc8308ce06974b688b9ffcca6e80677adbf895b147353b77724e7e8d8b0c20fee5d4e260ca92f6a19ae7c64bda9036536cc593a01df41d27017b772316a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09c1a1b2051c9427be8bb68a9e30da58

    SHA1

    8bce6e8d7b67f89caa637fd16fc576cdec77c604

    SHA256

    81e4c7a83d0855660e51de3bb671586179dba915a9e9ad35f4b5ea7f94ca2326

    SHA512

    6613cd0e1adb2e302ee864483047232a5a975deb3d0ce9e4aa362ff97e43c48d5883d4bd27169d577d2c6d2fbb9acee993c11c37fe071be8b8e02930720af70f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6cda68f96d55c31af3a6e20c5d7598de

    SHA1

    e385dd51f87ec0231026463f99d0b5e7e7e14294

    SHA256

    e9f2dec33891155c0f63bbe1fc408fd9b66dd063bc6795c9068156767606f387

    SHA512

    39ff40f96d46fd4119156bc0a174dcab654031ff56734cfd79b5a898d61980670697595756151ec597fe95c7a3057fa1609f788ea0777ebd2f780613dc4a0c95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    43e94ca20a8511c0532794f221946fdc

    SHA1

    2a949928fad999ea7589badfd5471da004c0a2fa

    SHA256

    8375a6778a6a05e4f913775715f88d0d3e491fad4b61eafdbd61d103ec6232e8

    SHA512

    fa0b43291c235361fffec78606e1a87e1fa21e1c7f9c9a2ea65999581248c5eb39d55886844e7fdaa8590368dfb6015aa6583dfe130b543802e1fde34e24d7b2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IRYXCI46\mrantifun[1].xml
    Filesize

    683B

    MD5

    c39a52e9d907960439202a6cf93d51f4

    SHA1

    e50448b473a1ac1766432c5e5b6864506fb63bc0

    SHA256

    045953cf32cd4d8667deef0e81e73d054799cf052807c1aeb43a4058c6ff50d5

    SHA512

    86bc67511838fd0d545e571629a1bc7bb2a0dc3233602604312b9034bac67fa86398cd0f366010778b7c784809ec33e533457bb5225ef52f3b2e4a1e0c2a520a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\sxsuh4u\imagestore.dat
    Filesize

    31KB

    MD5

    20101a3f23451e93f51ca9cc2b0b0a2e

    SHA1

    0125a113a140f12653f5d7f60951d9092f4a03c5

    SHA256

    9aadb4c620f2ed0eb82f71999ef515c24c639f043bf94b6b6526e334e13998b3

    SHA512

    aefc41d5041b33cb90e19649a731c2fc8ad39a87dcc052ef38e0b5c0e6dc43e809721ef9dedf9364a1f35f37534b22e461951e10b50caee52ccada78930a0ae7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\favicon[1].ico
    Filesize

    31KB

    MD5

    1573660a090deb4af54285c33ebc7a6b

    SHA1

    7a351add27ef63f60c1ddef847a98da7adfec814

    SHA256

    10cd50f890ec0b3061d2df458ab5714cf3f6b454ccd751ad801e1de51d9589d7

    SHA512

    97d7c0b82e08b3c4f59d28b6724b8b3ecf97daa9391aa7b2ad990537216b77657db5c111beb91e070d4268fe88872a9b71e4edc34e6ea5d09bd538f778db0666

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab197C.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1AAB.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\CET_Archive.dat
    Filesize

    3.8MB

    MD5

    18c8cd69b4864a5a1cfbd2a821ec497b

    SHA1

    6e922bda9a311c9abef40af9623da948ad490572

    SHA256

    e0c0e073a7db8150b29046e414d6424ddbe834d130bcf56ff6a82e4f4b86e81f

    SHA512

    b0dfb1b2114baf6eb079c7075b28086f4397557f4d7bf1b71e869b00a9e0f27c8ae0d0be8d05c17eed8bbe6681fee3f7574def618290844d9f4f79f77bbc745a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\extracted\CET_TRAINER.CETRAINER
    Filesize

    221KB

    MD5

    bdfae0c7601c5fe3b1fefbb2c485c02d

    SHA1

    ee532f617c1d29cc2dc0ce26f6e1f7077d54b61c

    SHA256

    5b2508a471842b8e88dcaf0844889565075b3eaad7b8646eb07a3b8eec43011c

    SHA512

    9e4877dd3bff34c894f0843f1f491c295c2710617b0557ddaf8d6863d512c3af6fbf43035d3658dc248b82295ce2c59d2d365937004e5837a4e144aa7006609d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\extracted\defines.lua
    Filesize

    5KB

    MD5

    d8f9b4a10a48ebd8936255f6215c8a43

    SHA1

    7d8ff0012fa9d9dcf189c6df963f1c627f2ccb76

    SHA256

    d4347332b232622283e7dd3781f64966bd1097d06cca7052b467cf99e62898f2

    SHA512

    67db5dc65fef66fe3a1920c5f406091d17eeae27266039af392a166d63686b8fc61b94684f2b97762995aefa42d2d15148213ecef64cc0df04de19320abba97a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\extracted\lua5.1-32.dll
    Filesize

    329KB

    MD5

    2730ff589ae86ef10d94952769f9404f

    SHA1

    8010834297a6aa488e6bf90eceaaf9e60bb60c6e

    SHA256

    faf0850051ba175347e40481da9e2cc3a122a09d428925042932be555db06e6b

    SHA512

    5fb35eb364603568b67ce0d19371016a382bc62500de807a12492ceacd5d2b765e0908e2e7e9798446b6c005c0e48c0da74c1a0f9d55c49a8ef4eb3c3d1307e0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\extracted\win32\dbghelp.dll
    Filesize

    1.2MB

    MD5

    9139604740814e53298a5e8428ba29d7

    SHA1

    c7bf8947e9276a311c4807ea4a57b504f95703c9

    SHA256

    150782fca5e188762a41603e2d5c7aad6b6419926bcadf350ebf84328e50948f

    SHA512

    0b99259e9c0ee566d55cc53c4a7eabf025ed95973edc80ded594023a33f8273cd5d3f3053993f771f9db8a9d234e988cba73845c19ddc6e629e15a243c54cd5d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\FarCry 3 V1.05 DX11 Trainer +10 MrAntiFun.exe
    Filesize

    196KB

    MD5

    808de473370ef6b5d98ab752f245a3ca

    SHA1

    800bd4ad10c17471829693fac3cee4502b14f029

    SHA256

    65cbed2e8db313b8966638e40eb27f94156c294eb060b28a02c130d146518c39

    SHA512

    fafaff03ad502523b3627e59e1026b8af4217a80215782a90667bc4f4c330871d8c3d890f2601b68ec9a42c0171d12b9e5b87067c95dcad1132b0a8979c56a4c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\cetrainers\CETFF8.tmp\extracted\FarCry 3 V1.05 DX11 Trainer +10 MrAntiFun.exe
    Filesize

    7.4MB

    MD5

    7be0f90c526a7dcbe40c2b6d5db884cc

    SHA1

    afaf6106f912f9ca8703fe8be2114c1d47121fdb

    SHA256

    c53cd508cdf0c218876e6ff23ffa496d51bd7a231e5a64f86ca3af46b0402fbb

    SHA512

    698011935a3e5a83dd69689c48b0414e85625d4b1e502517854d435e3af81e84aca1112232a0943c123e7a81d0d141781ce30612f64ec90ffc7d93c75d6f93e9

    Download Submit

  • memory/1856-679-0x00000000035B0000-0x00000000035F0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1856-27-0x00000000035B0000-0x00000000035F0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1856-23-0x00000000035B0000-0x00000000035B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1856-25-0x00000000035B0000-0x00000000035B1000-memory.dmp

    Filesize

    4KB

    Download