Overview

overview

8

Static

static

1

6926861abc...18.exe

windows7-x64

8

6926861abc...18.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-05-2024 00:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6926861abc5e60e35309e6bd1f40ddd2_JaffaCakes118.exe

  • Size

    2.3MB

  • MD5

    6926861abc5e60e35309e6bd1f40ddd2

  • SHA1

    68d78e10ce0d92f943725f4a20cde30336551765

  • SHA256

    036b971c031f1a90ddbf4e298d3f6491259bd1594fb9d9cc7f0025a8c68bc112

  • SHA512

    a3cf7bdcefaa2e2b4da50b3ebd5f35db2c6704d5f6a3d7bcb912cf90b014c42534ec0b97fb766c1b5ceb73d0228e0dbb51cac92e0ad28f60cb8ae0d5dce93db9

  • SSDEEP

    49152:0uuE7AnqIxGrGYyZa/tgrYJUGfZC3wA6EylfwEaFWd:eE7AqrlyutLxC3sEwwMd

Score
8/10
bootkitdiscoverypersistence

Malware Config

Signatures

  • Downloads MZ/PE file
  • Checks computer location settings 2 TTPs 4 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 9 IoCs
  • Loads dropped DLL 27 IoCs
  • Registers COM server for autorun 1 TTPs 3 IoCs
    persistence
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Writes to the Master Boot Record (MBR) 1 TTPs 5 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  • Drops file in System32 directory 4 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • NSIS installer 4 IoCs
    installer
  • Modifies Internet Explorer settings 1 TTPs 4 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 37 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 32 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 32 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6926861abc5e60e35309e6bd1f40ddd2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\6926861abc5e60e35309e6bd1f40ddd2_JaffaCakes118.exe"
    1⤵
    • Checks computer location settings
    • Writes to the Master Boot Record (MBR)
    • Suspicious use of WriteProcessMemory
    PID:4128
    • C:\Users\Admin\AppData\Local\Temp\minidownload.exe
      "C:\Users\Admin\AppData\Local\Temp\minidownload.exe"
      2⤵
      • Executes dropped EXE
      • Drops file in Program Files directory
      PID:1832
    • C:\Program Files (x86)\SogouSoftware\SogouSoftware.exe
      "C:\Program Files (x86)\SogouSoftware\SogouSoftware.exe" /Loader /DownLoad?status=true&softurl=http%3A%2F%2Fxiazai.sogou.com%2Fcomm%2Fredir%3Fsoftdown%3D1%26u%3DYRyEVuHeM45mBjjEUSPVUEJm8GF_McJfVdEjKPrgnocp6RPTnPFSKls2-N19zn1VfMOrRMA_6qOhShbA1gDZ21gXJ8-dW6ZyJd2HMCZpOTvLIGNafI07QZpggfaFdLzRilLVZzhV53fF-ago-P3fECJIPRI-Fuc_AxfASetSfW-LPCjVth8Sku5Jp5e2TsHIa3kHHvOR8h0rNkC1O-u-OP-8wtI1ff_KDaem0Ixui-eXWHnXXzHlFg..%26pcid%3D-5387338580520352447%26filename%3Ddjyx_22_1412837413_djyx_22_2014-10-9_VIPDL_signed.exe&iconurl=http%3A%2F%2Fpc3.gtimg.com%2Fsoftmgr%2Flogo%2F48%2F15296_48_1398674358.png&softname=%E5%AE%9E%E5%86%B5%E8%B6%B3%E7%90%832014&softsize=3.39MB
      2⤵
      • Checks computer location settings
      • Executes dropped EXE
      • Loads dropped DLL
      • Writes to the Master Boot Record (MBR)
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1200
      • C:\Program Files (x86)\SogouSoftware\tmp\ExternalApp.exe
        "C:\Program Files (x86)\SogouSoftware\tmp\ExternalApp.exe" /Update
        3⤵
        • Checks computer location settings
        • Executes dropped EXE
        • Loads dropped DLL
        • Adds Run key to start application
        • Writes to the Master Boot Record (MBR)
        • Drops file in Program Files directory
        • Modifies Internet Explorer settings
        • Modifies registry class
        • Suspicious use of WriteProcessMemory
        PID:1604
        • C:\Windows\SysWOW64\regsvr32.exe
          regsvr32.exe /s "C:\Program Files (x86)\SogouSoftware\3.2.2.58\npdownload.dll"
          4⤵
          • Loads dropped DLL
          • Drops file in System32 directory
          • Modifies data under HKEY_USERS
          • Modifies registry class
          PID:3760
        • C:\Windows\SysWOW64\regsvr32.exe
          regsvr32.exe /s "C:\Program Files (x86)\SogouSoftware\3.2.2.58\npdownload64.dll"
          4⤵
          • Loads dropped DLL
          • Suspicious use of WriteProcessMemory
          PID:5036
          • C:\Windows\system32\regsvr32.exe
            /s "C:\Program Files (x86)\SogouSoftware\3.2.2.58\npdownload64.dll"
            5⤵
            • Loads dropped DLL
            • Registers COM server for autorun
            • Modifies data under HKEY_USERS
            • Modifies registry class
            PID:2128
        • C:\Program Files (x86)\SogouSoftware\SogouSoftware.exe
          "C:\Program Files (x86)\SogouSoftware\SogouSoftware.exe"
          4⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Writes to the Master Boot Record (MBR)
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of SetWindowsHookEx
          PID:2088
        • C:\Program Files (x86)\SogouSoftware\download\download\MiniTPFw.exe
          "C:\Program Files (x86)\SogouSoftware\download\download\MiniTPFw.exe"
          4⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Suspicious use of WriteProcessMemory
          PID:4024
          • C:\Program Files (x86)\SogouSoftware\download\download\ThunderFW.exe
            "C:\Program Files (x86)\SogouSoftware\download\download\ThunderFW.exe" MiniThunderPlatform2024-05-2300:33:48 "C:\Program Files (x86)\SogouSoftware\download\download\MiniThunderPlatform.exe"
            5⤵
            • Executes dropped EXE
            PID:1448
        • C:\Program Files (x86)\SogouSoftware\update\UpdateService.exe
          "C:\Program Files (x86)\SogouSoftware\update\UpdateService.exe" /Install
          4⤵
          • Executes dropped EXE
          PID:4168
      • C:\Program Files (x86)\SogouSoftware\download\download\MiniThunderPlatform.exe
        "C:\Program Files (x86)\SogouSoftware\download\download\MiniThunderPlatform.exe" -StartTP
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Writes to the Master Boot Record (MBR)
        PID:4908
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
    1⤵
      PID:432
    • C:\Windows\system32\svchost.exe
      C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
      1⤵
        PID:408
      • C:\Program Files (x86)\SogouSoftware\update\UpdateService.exe
        "C:\Program Files (x86)\SogouSoftware\update\UpdateService.exe" /Service
        1⤵
        • Executes dropped EXE
        • Suspicious behavior: EnumeratesProcesses
        PID:4772

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\CommonState.dll
        Filesize

        83KB

        MD5

        6e888d41691f655ab9ec752384e009eb

        SHA1

        6c54689dc6fe3070e2d24011a9f8e710f5444d66

        SHA256

        a5adc7b2757172c55834a3720731c0b3eb22ddd1766cc531c06de537bcef786d

        SHA512

        5995cb6a7bc4573d5593904fb518bef91401b4f44fef808ed915017a0b7f0589bb5b810fc183b196ea57de32ec4a0e63b54ce89dde3283e41ff706c6999c4977

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\DuiLib.dll
        Filesize

        827KB

        MD5

        28ba86c039552346dafff7e9363ce02e

        SHA1

        0c7848c17f84f7fae9f058ae49658dba4371975c

        SHA256

        49837458d579b16b25f81d0d477922c0d363867e120e0114577c2eb0506639a9

        SHA512

        60fa470134c5a9dfeacf2ebf615d656fd84d80f00ce0c3ff6d617e73f7942b5d48501b1073cd76fa717a0323d69b246170af5f8232ae7d4af3bc45b0325e7283

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\SogouSoftware.dll
        Filesize

        1.2MB

        MD5

        fb7a98797d8601196a79545775864de7

        SHA1

        0148ce7895eab4725b95a57e0fd3469a21de579f

        SHA256

        ffd9ab6a997659efee084a1493784c2755010a04f5a2ab03cd0ea74c637b3e96

        SHA512

        3afbef824abb40ccf128bdfa52cb7357b7340fe9a65139b6a2f42a17425548a96a7c95c3154728517aa784d8b00c0a5834a4af95f04bdc590eb8cfab9c24f75a

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\npdownload.dll
        Filesize

        272KB

        MD5

        c97af614b96b1d7adeed67261b3771c0

        SHA1

        f67f94dff7a78953d4a9a6af63d30fc7dfe40a8e

        SHA256

        98f283754465cae416af646c9c68e4c1a60eea088616bb5a265cfdd9c896b1b8

        SHA512

        972cee7e0fe258ec1d62cbe7b077380010a5ab4a02c24791d23e10047f5d2a16e847b2a33bde9f7b27e6a59483f61371d98186281ef40a3a370629f546f6d322

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\npdownload64.dll
        Filesize

        315KB

        MD5

        b256f88501223e358c03ea2a172e0f7f

        SHA1

        9ee8c5b3db6d7076742c488b001a76741fc3aefe

        SHA256

        2fc446c8fdb3ad5711e6e83c720379062accd40cf9203c6e484eea83faecb840

        SHA512

        10f9d2bcf55d2241cb92dea7b1f7833f7d2536e93c7906d3c483df25f8515f24bd3fa57659f8972b888cf57457ae5bd5a9f564e9326278ddc66ed7201e52d19e

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\GIF\loading.gif
        Filesize

        19KB

        MD5

        e063c8184a9e97620dbd79c0e24c97a7

        SHA1

        ce1d307184e4789e60616afab606fdffd99b0735

        SHA256

        3fe39e316a3cd05ff277100c85841d18db9d85080f80f35cb41e91cf1d513601

        SHA512

        e9aad74aae57de6e5f23407ca548cc1c29de8fd6441a91318e8d4fb8f6f096b3f2345d18a9e8a6b12e7154ed6a90f8026803c756321460db37108e94d8e0dfac

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\GIF\refreshing.gif
        Filesize

        4KB

        MD5

        a660c1df04d00ec5f1c27c882a5ad99b

        SHA1

        db5dd290a4afe1657a2524984d07d1631e680bd7

        SHA256

        a235a0e9c357de24a274e1db993dc0616fe656159bfeb3ca753dcf7e005d9e29

        SHA512

        3a87f7caaacab936d2698442382cea9bb6ab4476f8a001d8da8083cc9c9a92bd5936a835f2cc2655db42e8463fe71c473ed9f649d970f3c31e640f3eb7a4d12a

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\MySoftwareManager.xml
        Filesize

        23KB

        MD5

        f5f5698ee6b73535a7a55ffc9df6f38f

        SHA1

        76b4f170b339481149f72a7294218ad7ea5f9ecd

        SHA256

        613125461abb68bf1535c2b28d3cbf1efc3fe04484acdb89c0e961296837f1ec

        SHA512

        5c83a38a0a0639bada0666592bcd73754e3f161b52ffcb14f066ce11ddac2f818de39ac5a36ebe3d026c202d087fcd1284d6fd5b65d38a112c6c1647274a3bc1

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\.svn\format
        Filesize

        2B

        MD5

        c30f7472766d25af1dc80b3ffc9a58c7

        SHA1

        136571b41aa14adc10c5f3c987d43c02c8f5d498

        SHA256

        aa67a169b0bba217aa0aa88a65346920c84c42447c36ba5f7ea65f422c1fe5d8

        SHA512

        0354672b288ac5ccd92c7336f24c3b5a9e669d95bf3036241d3919bae5aadba2c312742d7b422cb04347d6ce98151019baf81a3390e12de140365f17a9cf9afc

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\all_updated.png
        Filesize

        8KB

        MD5

        54fa38a675e31cb61c4d684857401bfa

        SHA1

        548d9fae0de3f34a40c66400524a48a4d9295491

        SHA256

        5bee78015e52f35c0e604a38b4045d04d174950a26658201714a770e4176f02d

        SHA512

        61bb5f5cbc3cb5ff9e05984678e2d12b5914340ab2dbf812ad1a519aa4938b3f4b220234c5b33d198efc2d8a90e6a947f8a20b352bd2862a313e57c43aad8fda

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\download_btn_icon.png
        Filesize

        1003B

        MD5

        6e30b0f37668df11c09a638ec2901959

        SHA1

        62f3c4379d14c86261724942016e8b30777049cb

        SHA256

        bf08172a35630a61b905c438f4c7f33df2a57ad078e24125de41b77880ee7e53

        SHA512

        f82eb5a5efcb8994a89a30ec47fc43173964adc5913f5277ac30adfd5c7f7a5c8cddbb6dcdff6ae49dc5391bed38884633482600e1fca84ce9738e52ade08cc1

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\driver_fresh_progress_bk.png
        Filesize

        950B

        MD5

        a0151daa5f849bb6b22e20abbab78436

        SHA1

        0f8a2ae2f4982fd562221cf8567cd6a5e68bad1f

        SHA256

        4443ee00c111715fdfbcc9f221c44bef3333de7e887b70c39417c61ec7369728

        SHA512

        b9dfb5c784a762ea9ee6b0b3fa514dd3c96242019d79c1919f11f195984c9626b934e668480152ee56c8b88ac2ebd0e028cc6af0c33f25573bb5fd019781071e

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\driver_icon.png
        Filesize

        1KB

        MD5

        af5deb4ef4870c69e6a7edf2f38faef4

        SHA1

        16bc05409d7da0a8121da977607af958d10e96fb

        SHA256

        638a6fd479b267e2a2b349953604a149bd521fc3f9d8f1ccd4b53aaef0a78513

        SHA512

        153714ebf00226c67d2a6d2cd88c1226bd16b951704cde38df869d7c488e2c753d2bfcc9389f504558578af4819e4573fdcb1f0bf478fe227ccc9c3f31294054

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\grin.png
        Filesize

        23KB

        MD5

        0d5b69334bc73302a52bc3bab5a5ac27

        SHA1

        da23a6f5ce158774ca047f7761e834258d907f52

        SHA256

        42030cb3333c77d3019180f5aca1deb1345de55cd33a1816db5b1a276445ac84

        SHA512

        c2d54552b7a874d8189adfb15d35af852d5b5b4526b76e72b914ea2fc4b022e632f5e583ff6528ad9bde2f2639d976d7215d9e76c5bf9376b1e33c84be1a3fb5

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\hwinfo.png
        Filesize

        1KB

        MD5

        bd0f970f72b8b9064dfaab084fc55fea

        SHA1

        c792935e9f72bea9b4ecc555b28ebb5fdf03ddfb

        SHA256

        6234d5b195a6f28da3e7fff79c4a95262ce33a176e8e8355b94a36f61e96913e

        SHA512

        cfcc5608056bdaf647361416e5c51a58caaed58548c1d32942eb946d177f781f76e984e997f1326abd07395ec42fff6fe47b1553a83728e9b1c4bbb849fd13bf

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\logo3434.png
        Filesize

        1KB

        MD5

        4c74aab2bcf16cb617837aaeaa7cfa1b

        SHA1

        37925cfde22e94db3f4ad04df39d8fb20ca55c17

        SHA256

        8092dffbb4bc611d6f92786fbab70fddf7da5634f84d423c6fc20afd26172628

        SHA512

        62d96a3dc3001b396907855f12f91073a9d9e1d602e111a859c84a3207431c12564e46d0f052f293692cb130b56eb4b9e6fe7310ec2db0b401e4225f7afefc2f

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\logo3636.png
        Filesize

        1KB

        MD5

        fa6fd08affac19e21aa47df7a50eacd4

        SHA1

        fff56332d1d2e2386ca874c9bd8540b3306f59fc

        SHA256

        97f1d1b373351f9593227c67cb5e8dc073641a962d81df936920f33cb8d3c4cc

        SHA512

        9f4ce00d51450ef25e06dfe64587fcf8a5e9d65288ac9c44af733e10825e2173f40ea1e37d4dd1c39842b4b23b8a53cf9d0a0aeb609261ef0a3ee394c6f3ddd8

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\logo_text.png
        Filesize

        1KB

        MD5

        9876c5a2a2433a1d0d12dc272c2c226b

        SHA1

        508fbfb0a0164ce84a83c1f8fe257035e3b62929

        SHA256

        e182eb30de511bbc685548a771daa015a42299c207989c495bba0e8c9f5d0c1b

        SHA512

        5c89ba6180d0b22cf45db507b4d90e61e4d32b0753703f5735d36caf442e25d2ee4a617495ff022a6cedbb9fd0949912d5feb068afcb6aecc2451a7541edeeef

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\pcinfo.png
        Filesize

        1KB

        MD5

        ee3e7acb4e6cbd2bd2280af9f3b61805

        SHA1

        3173f5a908928a464ce97181e20b84bc67e7adc8

        SHA256

        7f721406c23540bef70c6f91abc63b98ca26bca59f13605f96005612e56e5e7a

        SHA512

        4adec1dbff9bf684f2637df46094f2e344b71c960775ebce7885b45fe71ac9f356cad868ee18b04d7cef54e52cb5d98756f1c2f3397a9fc3b30ac4f4ce6697dd

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\search_bar_nor.png
        Filesize

        17KB

        MD5

        6e0e5b09e6b0dbcd105c1dcfd13025bf

        SHA1

        421f47fb759a3b8a68dfd33e980ee01a3312677e

        SHA256

        d4bf4bf16ea64e57391cebd9d85d8cbbad866b7dfbb32882ecc7f8a29b19f5e0

        SHA512

        783070dc6a31297c942ca857a04c6d1c3542456b63987cf9ca54c7b7c22d6fc0b3bd78c7e7a7d0a8d898307a0c1740554096640991ffcf0d21baac96266a9f65

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\shy.png
        Filesize

        5KB

        MD5

        41e22dc53a45821cf4755dfd512097fa

        SHA1

        9009f852a32c89dc6a2a01c6a658579389f0907c

        SHA256

        81e89178822622014427ff3d3b11179d392ec4f222b331d6483214667e8e9749

        SHA512

        3770f8c789bc51b8d9354cd8de7e70072d4f4d09f66e37e6030e830f28a8f3b2f4aea90db53bf5e713d2a7b38b86f150e0f9b44ea4f56fe3362cc508feecabd4

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\PNG\software_icon.png
        Filesize

        995B

        MD5

        db61ef6be10662bde9e80c76e3b51854

        SHA1

        f48725f24dec25548d1a778dbc9fa95146a042b2

        SHA256

        478ce132c5472395f0ccfe3853a6b60dc727c2ee1c8d525c05e8717e264fd176

        SHA512

        dce39e93e47089104cc9fd1a73abcc506ccb4b29132e2b56adf8f052c9bc6dc6a05452bf7e44c60363705467af13a1cfefb87fede4f15aee6e73272a07e72f95

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\dlg_feedback.xml
        Filesize

        1KB

        MD5

        0a95dc62283f289fb8feb00fd107a331

        SHA1

        54e454742851cdf104c188f6ef0893e1317c5ce0

        SHA256

        6d120d20402014fac1815bb274b4eb852aec8a459a4f752e849b6cd67b964de2

        SHA512

        983531f33d9fb8509cc2ca504b2a7bcf1ee26c3bf923577e554a59d37a29f17873b51c8932af1fef27b071bd17767995a5bfa3127c1e1b6bb1519d2d30f47ffd

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\dlg_settings.xml
        Filesize

        6KB

        MD5

        c4a2e75b5e971eabb129a0ad55cace99

        SHA1

        fcb5884b88ce9236b5f84eb49593542daac132d2

        SHA256

        b90df94918f79633c5dbd2513523668f347f708c72bb5d7490cb3127c99b32c5

        SHA512

        6bb4a3fa8761bb9396868f8d6602f92cfecac39e5678f75a2ee37053ecd3752680ca07357521edae4fd87090a996acfb968b4f2b53b0b88d3ea1e1ebdebcedbc

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\driver\bottom_shadow.png
        Filesize

        4KB

        MD5

        292cae7ef8a682ebc2fb855afcf54f2d

        SHA1

        2401ce33d598bf417859eee779127703fdaa4762

        SHA256

        9ccfd9c2c1a3b12aa881d6c4a52375595a50a7f3f2d8ba157dd12ffcdf1d75f7

        SHA512

        8f1b781676ba8dd945f9974282715be65f4b4302dc07196e7a1377b3fcbb73c209836be42e912a079879d5db0af9d411dd614a53fa5533d232b5dce5ea50055a

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\driver\dash_line.png
        Filesize

        946B

        MD5

        1e8fb34ac9925d9bad14a75ec8ea5f56

        SHA1

        bb197cb5dc01c484788f958fcc4ada2b129fa5ef

        SHA256

        9f98ab7d58b34d7ce6bb84eac14edfb3ae263b315c1e8e6a3c161b31c19ed0a5

        SHA512

        9b9643a36bf239c78d77668e9b61bbb7247cc86ad03ff542fb2863c32775b1bd9f4ba964b23519e95c573cbae67389ea37697dd222dbca100cd3c2ea847b997b

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\driver\driver_backup.gif
        Filesize

        3KB

        MD5

        2b5b82e25df6f7a29c85bc8936ad0372

        SHA1

        7974e774b772e55140a33ac38f30d648823ea0df

        SHA256

        a95dcb15124070565400eb6f6037d65c1941af8289ac4595d9d45bcbd35bf326

        SHA512

        dea76ec643fecb6edcca319bf51e7b42ea8db13f0a1a827b9467e6d2da92478081501c54b2030c7a1d103ce3bae9ed7f6b5dfdeedd13fffb677add2298bb098a

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\driver\driver_freshed_waring.png
        Filesize

        1KB

        MD5

        e3e5a56632c8620a18044e695ba7cdb7

        SHA1

        bd2d52b5a6afcfc331117b6aa8e51b8c5db3e66e

        SHA256

        dfc05aa1d37f984f68db0303d2c4cf894b190659ebfc94486eda228d6b5fa95e

        SHA512

        c5808e1e035bce16e4599f0c0c7fcc54c007ea548c945a8c2bfff7c75efecfdc3a80da1b5fd9db70d60af05194b8b22842b501c76378af88a4f92f6e72bd2723

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\driver\driver_scan.gif
        Filesize

        6KB

        MD5

        4816c26075e36885f8bb2425c45ef0fa

        SHA1

        26ba99e1abb5f2d521bbcf1200bf52d17c7cd619

        SHA256

        ada53503c33b6926f97032a4ebce51d831729ff1b76f74a2979be0f4dc8d8ee5

        SHA512

        a5b5ae94e3fa4347e06fc51becde42be56159d09c78a5c70ae9ad6f01ef57f064585c321541cbe8a56039f5a138dee13886d0ebc74f7736673a48f673b19e633

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\driver\driver_uninstall.gif
        Filesize

        6KB

        MD5

        d16c01bbcfa1f9f0a0de089476a769c3

        SHA1

        222bab8900096282379f281e6ce8d0c5d1ae4264

        SHA256

        b5ae0f6777e4fb5923543135a918bebab7945bcb175d2eb293c590c791c9b7e9

        SHA512

        31335a7f62e698dd6cb67e811a82f5eb442df5b8d4ddde453528689ce2e61c9ece75652483ae58c45f4c269475d75125b111405380ff4aaf980e6918f1c0cf8a

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\driver_backup_page.xml
        Filesize

        8KB

        MD5

        99c91df6c81dadcd064743be25f50480

        SHA1

        da5af0368ada0b3ecb6eede6137a5a01ea388113

        SHA256

        f8e4a1dfa021ebea8f705739f0d1eeaa29824af0f7283eee268d72cc3b53a1f8

        SHA512

        b703ef1330337dca4499ae204e5e23aec8dff6b47f361257e56e6abc499650266f86133effd5843c0dfc076cde32b2d8b46ac67608366b815d0f2e8035abde10

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\driver_restore_page.xml
        Filesize

        3KB

        MD5

        0075ebe78309b52bd59fb132c31f912c

        SHA1

        dc931227e1f076abbce19c89245f38e303890665

        SHA256

        f7267655ec266625f19be5845a005da04da328cdd5ff91d239388a5ef21c0616

        SHA512

        fcfb1f872c5012db302f5330f12b2f6d5ee6ed86c3cd36f29ba4b57204f909f4be18692f4e2c887ef31cec009721191602f7c8d9647e3b293c168e674bb2563d

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\driver_scan_page.xml
        Filesize

        7KB

        MD5

        273805210c8d49fd526e45ba8caca3c9

        SHA1

        0a45b0d24a345dbbae8be8f157af3288cc73a29b

        SHA256

        69931a6debab54157d1b5c0bdb124f36a6831ed7ae110b98c8f00cd886215f87

        SHA512

        f14df0ad40667999cc45710f342978c981a89cebd27a726e7b02bebd6dc807985db2cf1a2df6227ce8834c15763ecb6b9f3f161071c1bc4d7103ef39471e566e

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\driver_uninstall_page.xml
        Filesize

        2KB

        MD5

        5add447f7599a9bacc6c870c6d9e8c3d

        SHA1

        429cefa6b79b2bc2abe0923e6e222b102eff3228

        SHA256

        0fc1ccdcb753da863531b1da84ffcc482ebd2ef9f9e5bc2c0c1c5c9674527a6b

        SHA512

        f9ee6ce2c7a0e2f7574b4730a9dd7824f0c1926332743ab00a9772aadd600cd668ccd76a0b07a3a901ebcedd43aeed3b6c4624b4a2d23396c0342be669dcc2e7

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\hardware_info_page.xml
        Filesize

        5KB

        MD5

        25eff46b9c07384eb6514c3056cf3edc

        SHA1

        a2703aa571978fd4405a548f9ca3c58924c5451d

        SHA256

        a31e6b90ae103837c49da3037458b843248b58ce4a6a79e551dd9b4f30129c33

        SHA512

        3ef4c686657683c0b23b138b025ed0f1318a07cbb4013d009d0d980c09c43088548aabbe34c95cc586838f130f9d76f2421311387f0bb5e5e69d966081b8d5d1

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\recommend_classify_table.xml
        Filesize

        5KB

        MD5

        74b9cc551416a9e012ad8d30d309e754

        SHA1

        22168c14cfeaff5d9ad1399fba131a3c5d4ee67c

        SHA256

        a004641143d10d28fb7302963e1afc77b16b4df41fb3df6b752944f3a190fff3

        SHA512

        989ce2b5520976a0c5cbc9d44149e5cb86444614557ddcaaffbad580ae1b38b8868fe6bca09768d2ce7b868c2335920e744cf530f24658bac78ed877875b83d8

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\skin\soft_search_list.xml
        Filesize

        1KB

        MD5

        70d0733d91369221657da75972aa2996

        SHA1

        96f083da2839e79d1abfd48a59814184abaa32b3

        SHA256

        af03f14213c248c7fe7b670a7aa2d9dea1a1c724330c32f01352cf386ff5e57d

        SHA512

        3999d25b5d0cf7f94f60f20b78704161aed4a3871cbf508b9f575e93081cc7a23a8bd950d0eb3c9b08e0c86f8b7775f33efe047a1fa3f08c21390430b2b057a1

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\3.2.2.58\sqlite3.dll
        Filesize

        589KB

        MD5

        ae8a8778ac495b47070774f33089753a

        SHA1

        24b443630adbf79b12c920f8fa2586abdf8ba6d2

        SHA256

        bc35883beeb5da827d8eceb32d30bd07a838ad6c8ffa07f0dc7708a118ab4a39

        SHA512

        1bd8933a7ca742769bce5463190d774ecfb70b984e500ab8b0229330eb7c4aa5e7c8432385459f4cc8e528504d2d5382e8379f7d6c13daa7a7506184fef3b125

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\SogouSoftware.exe
        Filesize

        232KB

        MD5

        0bc2d003fcfe3fa65f4c3ba7a015fa41

        SHA1

        72ed85bc1c57259b4f2ed36d16ce3fed4e30607c

        SHA256

        388069590fb9569b6c498f941d0565416cb52fc803648ee21b8c59917c63eb4b

        SHA512

        ae8d83e6ca21ee9b0d5e5845fac3a4dc01c6038243da36b4360b2f42763478265cdafc89072c47672b9738de1930e5e5191e2bf91715055cbd16a949d313ff24

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\SogouSoftwareLoader.dll
        Filesize

        450KB

        MD5

        b1ce2dba9515e144908aa34ac77f5a46

        SHA1

        0a3e601eeba273a16d815c5e59793eb73db9daad

        SHA256

        5a7349e46f16ec394af8575b666c132c010bacaa2c59da472b842ffeccc5623f

        SHA512

        d0a78b5de9126b8126b531fb8f72ae375aac898930dccd8a61f173c28470895daab56b368c34a5925020dfdc642785651445967904d8756bb1ce7c1d2f95525a

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\download\download\.svn\prop-base\atl71.dll.svn-base
        Filesize

        53B

        MD5

        113136892f2137aa0116093a524ade0b

        SHA1

        a0284943f8ddfe69ceec90833e66d96bdf4a97f0

        SHA256

        ebbf7e8800c3446bc3a195fa53573bde1073b0bf7581a614372f1391a9286d02

        SHA512

        d3201cc19ae702a9813aa8bc39612ebaa48138903e9ede64dcadff213691f6e711876aa4fa083887c545325d5d8bf70649523c528090542459f2b01697180e99

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\download\download\MiniTPFw.exe
        Filesize

        58KB

        MD5

        58bb62e88687791ad2ea5d8d6e3fe18b

        SHA1

        0ffb029064741d10c9cf3f629202aa97167883de

        SHA256

        f02fa7ddab2593492b9b68e3f485e59eb755380a9235f6269705f6d219dff100

        SHA512

        cd36b28f87be9cf718f0c44bf7c500d53186edc08889bcfa5222041ff31c5cbee509b186004480efbd99c36b2233182ae0969447f4051510e1771a73ed209da5

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\download\download\ThunderFW.exe
        Filesize

        71KB

        MD5

        f0372ff8a6148498b19e04203dbb9e69

        SHA1

        27fe4b5f8cb9464ab5ddc63e69c3c180b77dbde8

        SHA256

        298d334b630c77b70e66cf5e9c1924c7f0d498b02c2397e92e2d9efdff2e1bdf

        SHA512

        65d84817cdddb808b6e0ab964a4b41e96f7ce129e3cc8c253a31642efe73a9b7070638c22c659033e1479322aceea49d1afdceff54f8ed044b1513bffd33f865

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\manifest.cfg
        Filesize

        29B

        MD5

        dbdddb37dffafd829b9dddd86c8cbf57

        SHA1

        4fd1a652c7bfe2eb39e98a795cd77bc415b13d07

        SHA256

        e661aadd4b5793e960bebdb4862589720b757d7f2c9849c73a9490c162830466

        SHA512

        f1883accc58a7098f9b15a1a7225e7ef0e2ce3175dde6f5b2851c63654ee02919db734e41b45e74f998ba4c5e4f1fdc96abb5546a7fa1b02cc32ffe7d0c5fe36

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\tmp\ExternalApp.exe
        Filesize

        11.9MB

        MD5

        1ea611695a4d643cf4c63a60151b9387

        SHA1

        7210cc8750b0c8c4d5cf0c49ad5274f1aab2c724

        SHA256

        9c2f73221152802fd96b407477ee23b75f1ce9c9dc7de0c019e95f9d9b453ff2

        SHA512

        68b50b8facba55b416b4160849c8ef4d79cc2af3969de14f26b96aeb9ed610ecfc201202a3f542030e5f26fb021e85acbb8c0602f1ef285387bfbac4b39e1a87

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\update\UpdateService.exe
        Filesize

        168KB

        MD5

        3d3e5a0455863ae5b4db90b07c974967

        SHA1

        d6316c15eeccb0942a2779636812be9b3da333d7

        SHA256

        8671d4570f9462ff5c4cca67094baaecefebea212b2c8f27ad29d38f76ff312b

        SHA512

        37178f6ce1bb692b3eb19767955089be56649a02b8eaa940522fcac29397030e2510a3c7419f3e72be0b595b2e8c8f13ce6d4ac723f22a52103d669e6490331e

        Download Submit

      • C:\Program Files (x86)\SogouSoftware\Èí¼þÖúÊÖ.lnk
        Filesize

        1KB

        MD5

        07d4dbf4117006df3e840eafc881aa52

        SHA1

        8bc3fea434d3bc01a9898886f0443d17c6038961

        SHA256

        e43e5d1ed2f541bf9c4e6e5b74224a13f1c91e82ca9265bdf605a15bdf62a33c

        SHA512

        edc6d8e8664e847ad3605302d4af95f1064051e38475c0e486ab79acc003e79704e34cc86d80deaac8d1c0c9c6a80ecd9730abf1743fb3a201fbcd0cce32c2e5

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\minidownload.exe
        Filesize

        1.9MB

        MD5

        0618e9851ea4a522abeded8d40c2f19e

        SHA1

        c6772967fdf545e32d28f3b46e97aec5b9ff99f5

        SHA256

        506c374fbdf14420306e2da8d123c2138c2ceabd2046178317508a25949d3dc4

        SHA512

        b8c4816d81aa14646a3b690da76c0d33f59b7d419305638747503dba6bb84a63b906fe7d0ced59850ad25db37c1e0e6f3bd614a902f2f5ffb3d2bf74ec4e571f

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\nsuEAD.tmp\System.dll
        Filesize

        11KB

        MD5

        c17103ae9072a06da581dec998343fc1

        SHA1

        b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

        SHA256

        dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

        SHA512

        d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

        Download Submit

      • memory/1200-56-0x0000000000EA0000-0x0000000000EA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1200-57-0x0000000000EA0000-0x0000000000EA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4908-1118-0x0000000000400000-0x0000000000456000-memory.dmp

        Filesize

        344KB

        Download