18aff447c435b8c8d88d2758720a8936eac149eeb3b2527e00f94b9c2d2df60e

Resubmissions

23-05-2024 08:59

240523-kxqwnabd7s 7

23-05-2024 08:47

240523-kqa7mabb9z 10

Analysis

max time kernel
261s
max time network
121s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 08:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ERICA-2.0.225-setup.exe
Size

88.1MB
MD5

abd8206a60f21b728d9b5fdcb6659b7d
SHA1

a1baf5dd7880d0e0f197dfce759d3303a3e1056f
SHA256

18aff447c435b8c8d88d2758720a8936eac149eeb3b2527e00f94b9c2d2df60e
SHA512

b55a1af986dffcd8a507c4ccad974f8319be07204568e5ecc2506efa3bbcefa5b9d66bb7465ee6a0934c43ac9da8794be5e65f6083d43cad1bc282f959872b34
SSDEEP

1572864:iMoxt6r5rKwtwrIdLGINdaktrhUMcc0fe0GHq+g/KYa7KHKYEAY1aat8HP:ipxt6VrzCINdPtrHluqq+g/KYrHKt1HY

Score

7^/10

discovery evasion trojan upx

Malware Config

Signatures

Executes dropped EXE 4 IoCs

Processes:

ERICA-2.0.225-setup.tmpUninsHs.exejavaw.exejava.exe

pid process

1956 ERICA-2.0.225-setup.tmp
1700 UninsHs.exe
1812 javaw.exe
1288 java.exe

pid	process
1956	ERICA-2.0.225-setup.tmp
1700	UninsHs.exe
1812	javaw.exe
1288	java.exe

Loads dropped DLL 30 IoCs

Processes:

ERICA-2.0.225-setup.exeERICA-2.0.225-setup.tmpUninsHs.execmd.exejavaw.exejava.exe

pid	process
1368	ERICA-2.0.225-setup.exe
1956	ERICA-2.0.225-setup.tmp
1956	ERICA-2.0.225-setup.tmp
1700	UninsHs.exe
1700	UninsHs.exe
1700	UninsHs.exe
1116	cmd.exe
1116	cmd.exe
1116	cmd.exe
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1288	java.exe
1288	java.exe
1288	java.exe
1288	java.exe
1288	java.exe
1288	java.exe
1288	java.exe
1812	javaw.exe
1812	javaw.exe
1288	java.exe

Modifies file permissions 1 TTPs 2 IoCs
discovery

File and Directory Permissions Modification
T1222

Processes:

icacls.exeicacls.exe

pid process

2368 icacls.exe
1636 icacls.exe

pid	process
2368	icacls.exe
1636	icacls.exe

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
\Program Files (x86)\ERICA 2.0\UninsHs.exe	upx
behavioral1/memory/1700-571-0x0000000000400000-0x0000000000412000-memory.dmp	upx
behavioral1/memory/1700-580-0x0000000000400000-0x0000000000412000-memory.dmp	upx

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Checks whether UAC is enabled 1 TTPs 1 IoCs
evasion trojan

System Information Discovery
T1082

Processes:

java.exe

description ioc process

Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA java.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	java.exe

Drops file in Program Files directory 64 IoCs

Processes:

ERICA-2.0.225-setup.tmp

description	ioc	process
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-S18LR.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\lib\is-F2AG2.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\lib\cmm\is-CJNCG.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\lib\ext\is-TIDUF.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\lib\is-76VPG.tmp	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\servertool.exe	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\dll\is-2F12A.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\dll\data\is-L9MH7.tmp	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\dll\BIOTA_DCCJNI.dll	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-3DRET.tmp	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\jpeg.dll	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\UninsHs.exe	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\dtplugin\npdeployJava1.dll	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\dll\is-BD0O2.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\is-EJS8I.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\lib\ext\is-O1TGG.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\lib\is-J4E9P.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\lib\is-39AKJ.tmp	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\dcpr.dll	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\WindowsAccessBridge-32.dll	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\fxplugins.dll	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-DMF0T.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-P014V.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\client\is-EL85S.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\lib\deploy\is-A5LLP.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\lib\is-I8I6B.tmp	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\client\jvm.dll	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\is-KDJI1.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-P7AN1.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\lib\is-2LQCN.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-A7IP5.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-EK0QF.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-8B7UE.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-KCCDL.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\is-143PS.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\dll\is-DM871.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\dll\is-3PADV.tmp	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\jp2ssv.dll	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\is-GCOD3.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\lib\is-8FU1P.tmp	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\jfr.dll	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-C039K.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\client\is-JOOMP.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\plugin2\is-F2JPG.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\lib\is-27VK1.tmp	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\decora_sse.dll	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\instrument.dll	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\dll\dcc_dll.dll	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\lib\ext\is-ECQI9.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\lib\is-UM05F.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\dll\is-7LO0A.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-4BPJ8.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-8DVGS.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\lib\is-TN6M2.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\lib\is-DT2T6.tmp	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\jsdt.dll	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\javafx_font_t2k.dll	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\plugin2\npjp2.dll	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-5EQO1.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\lib\deploy\is-545RF.tmp	ERICA-2.0.225-setup.tmp
File opened for modification	C:\Program Files (x86)\ERICA 2.0\jre\bin\kcms.dll	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\dll\is-7RHLL.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\dll\data\is-3GE79.tmp	ERICA-2.0.225-setup.tmp
File created	C:\Program Files (x86)\ERICA 2.0\jre\bin\is-MGQNA.tmp	ERICA-2.0.225-setup.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 6 IoCs

adware spyware

Modify Registry

T1112

Processes:

java.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	java.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main	java.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl	java.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\java.exe = "9000"	java.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	java.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	java.exe

Modifies registry class 10 IoCs

Processes:

ERICA-2.0.225-setup.tmp

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Ecafile\shell\open	ERICA-2.0.225-setup.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.eca	ERICA-2.0.225-setup.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Ecafile	ERICA-2.0.225-setup.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Ecafile\ = "ERICA Assessment Tool Project File"	ERICA-2.0.225-setup.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Ecafile\DefaultIcon	ERICA-2.0.225-setup.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Ecafile\DefaultIcon\ = "C:\\Program Files (x86)\\ERICA 2.0\\eca.ico,0"	ERICA-2.0.225-setup.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Ecafile\shell\open\command	ERICA-2.0.225-setup.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Ecafile\shell	ERICA-2.0.225-setup.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Ecafile\shell\open\command\ = "C:\\Program Files (x86)\\ERICA 2.0\\start.bat -file %1"	ERICA-2.0.225-setup.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.eca\ = "Ecafile"	ERICA-2.0.225-setup.tmp

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

ERICA-2.0.225-setup.tmp

pid process

1956 ERICA-2.0.225-setup.tmp
1956 ERICA-2.0.225-setup.tmp
Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

ERICA-2.0.225-setup.tmp

pid process

1956 ERICA-2.0.225-setup.tmp
Suspicious use of SetWindowsHookEx 11 IoCs

Processes:

javaw.exejava.exe

pid process

1812 javaw.exe
1812 javaw.exe
1812 javaw.exe
1812 javaw.exe
1288 java.exe
1288 java.exe
1812 javaw.exe
1812 javaw.exe
1288 java.exe
1288 java.exe
1288 java.exe

pid	process
1956	ERICA-2.0.225-setup.tmp
1956	ERICA-2.0.225-setup.tmp

pid	process
1956	ERICA-2.0.225-setup.tmp

pid	process
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1812	javaw.exe
1288	java.exe
1288	java.exe
1812	javaw.exe
1812	javaw.exe
1288	java.exe
1288	java.exe
1288	java.exe

Suspicious use of WriteProcessMemory 37 IoCs

Processes:

ERICA-2.0.225-setup.exeERICA-2.0.225-setup.tmpcmd.exejavaw.exe

description	pid	process	target process
PID 1368 wrote to memory of 1956	1368	ERICA-2.0.225-setup.exe	ERICA-2.0.225-setup.tmp
PID 1368 wrote to memory of 1956	1368	ERICA-2.0.225-setup.exe	ERICA-2.0.225-setup.tmp
PID 1368 wrote to memory of 1956	1368	ERICA-2.0.225-setup.exe	ERICA-2.0.225-setup.tmp
PID 1368 wrote to memory of 1956	1368	ERICA-2.0.225-setup.exe	ERICA-2.0.225-setup.tmp
PID 1368 wrote to memory of 1956	1368	ERICA-2.0.225-setup.exe	ERICA-2.0.225-setup.tmp
PID 1368 wrote to memory of 1956	1368	ERICA-2.0.225-setup.exe	ERICA-2.0.225-setup.tmp
PID 1368 wrote to memory of 1956	1368	ERICA-2.0.225-setup.exe	ERICA-2.0.225-setup.tmp
PID 1956 wrote to memory of 1700	1956	ERICA-2.0.225-setup.tmp	UninsHs.exe
PID 1956 wrote to memory of 1700	1956	ERICA-2.0.225-setup.tmp	UninsHs.exe
PID 1956 wrote to memory of 1700	1956	ERICA-2.0.225-setup.tmp	UninsHs.exe
PID 1956 wrote to memory of 1700	1956	ERICA-2.0.225-setup.tmp	UninsHs.exe
PID 1956 wrote to memory of 1700	1956	ERICA-2.0.225-setup.tmp	UninsHs.exe
PID 1956 wrote to memory of 1700	1956	ERICA-2.0.225-setup.tmp	UninsHs.exe
PID 1956 wrote to memory of 1700	1956	ERICA-2.0.225-setup.tmp	UninsHs.exe
PID 1956 wrote to memory of 1116	1956	ERICA-2.0.225-setup.tmp	cmd.exe
PID 1956 wrote to memory of 1116	1956	ERICA-2.0.225-setup.tmp	cmd.exe
PID 1956 wrote to memory of 1116	1956	ERICA-2.0.225-setup.tmp	cmd.exe
PID 1956 wrote to memory of 1116	1956	ERICA-2.0.225-setup.tmp	cmd.exe
PID 1116 wrote to memory of 1812	1116	cmd.exe	javaw.exe
PID 1116 wrote to memory of 1812	1116	cmd.exe	javaw.exe
PID 1116 wrote to memory of 1812	1116	cmd.exe	javaw.exe
PID 1116 wrote to memory of 1812	1116	cmd.exe	javaw.exe
PID 1812 wrote to memory of 1636	1812	javaw.exe	icacls.exe
PID 1812 wrote to memory of 1636	1812	javaw.exe	icacls.exe
PID 1812 wrote to memory of 1636	1812	javaw.exe	icacls.exe
PID 1812 wrote to memory of 1636	1812	javaw.exe	icacls.exe
PID 1812 wrote to memory of 2368	1812	javaw.exe	icacls.exe
PID 1812 wrote to memory of 2368	1812	javaw.exe	icacls.exe
PID 1812 wrote to memory of 2368	1812	javaw.exe	icacls.exe
PID 1812 wrote to memory of 2368	1812	javaw.exe	icacls.exe
PID 1812 wrote to memory of 1288	1812	javaw.exe	java.exe
PID 1812 wrote to memory of 1288	1812	javaw.exe	java.exe
PID 1812 wrote to memory of 1288	1812	javaw.exe	java.exe
PID 1812 wrote to memory of 1288	1812	javaw.exe	java.exe
PID 1812 wrote to memory of 1288	1812	javaw.exe	java.exe
PID 1812 wrote to memory of 1288	1812	javaw.exe	java.exe
PID 1812 wrote to memory of 1288	1812	javaw.exe	java.exe

C:\Users\Admin\AppData\Local\Temp\ERICA-2.0.225-setup.exe
"C:\Users\Admin\AppData\Local\Temp\ERICA-2.0.225-setup.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1368

C:\Users\Admin\AppData\Local\Temp\is-6551N.tmp\ERICA-2.0.225-setup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-6551N.tmp\ERICA-2.0.225-setup.tmp" /SL5="$400F4,91490528,831488,C:\Users\Admin\AppData\Local\Temp\ERICA-2.0.225-setup.exe"
2⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:1956

C:\Program Files (x86)\ERICA 2.0\UninsHs.exe
"C:\Program Files (x86)\ERICA 2.0\UninsHs.exe" /r
3⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1700

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /C ""C:\Program Files (x86)\ERICA 2.0\start.bat""
3⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1116

C:\Program Files (x86)\ERICA 2.0\jre\bin\javaw.exe
jre\bin\javaw -Xms32m -Xmx1024m -Dsun.java2d.dpiaware=false -Djava.library.path="dll" -classpath startup.jar se.facilia.ERICA.startup.Startup
4⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1812

C:\Windows\SysWOW64\icacls.exe
icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
5⤵
- Modifies file permissions
PID:1636

C:\Windows\SysWOW64\icacls.exe
icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage\be46a166438a6164.timestamp /grant "everyone":(OI)(CI)M
5⤵
- Modifies file permissions
PID:2368

C:\Program Files (x86)\ERICA 2.0\jre\bin\java.exe
"C:\Program Files (x86)\ERICA 2.0\jre\bin\java" -Djava.library.path=dll -Dnativeswing.localhostAddress=127.0.0.1 -classpath "C:\Users\Admin\AppData\Local\ERICA Tool 2.0\lib\DJNativeSwing.jar;C:\Users\Admin\AppData\Local\ERICA Tool 2.0\lib\DJNativeSwing-SWT.jar;C:\Users\Admin\AppData\Local\ERICA Tool 2.0\lib\swt-4.3-win32-win32-x86.jar" chrriis.dj.nativeswing.swtimpl.NativeInterface 1 50492
5⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1288

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\ERICA 2.0\UninsHs.dat
Filesize
245B

MD5
07a80de288b1f28153b3f8476d5fd63c

SHA1
d83c2ee5c43b3a5fbb790da1dff6fbc1fd0689f0

SHA256
6d32b7bf0f0ef2bf031d84840815a0f3039811a3e55ee3af60407259d0c24e8b

SHA512
562e18a705bb3b1fd707a5f6948f070960cdb08344fd3c08a8bfa70e6194c649796aba14537370aed4de783e6324850aa1acfecb86b90eb8179edb9bb08a9563

Download Submit
C:\Program Files (x86)\ERICA 2.0\jre\bin\client\classes.jsa
Filesize
12.1MB

MD5
10ac16fd3fed40027f6ae2e46615ffce

SHA1
01b4dafa28998d103c7086bbb6c7e3e17616b854

SHA256
9adab194f9981a110a8fa3274cd9786c3c6c391abef99aa3a6f0240307d4f590

SHA512
249d0a230b008482a82d127bf58d114ef54089381025981bb235637d2be7fce7041783672a02464ce45896844899a9fdb3f7f7c5e2350aa0ab7fa515914a92a5

Download Submit
C:\Program Files (x86)\ERICA 2.0\jre\bin\javaw.exe
Filesize
187KB

MD5
faf6d8db7e0492567a9e114db9ccbb2e

SHA1
87df9491d911eab3c72b9a647fa03afffd63bbfc

SHA256
7ea493dcaaf57eddf0028937e9d8c9d6f85a99b1f3c4530afd35c2b7c7303552

SHA512
709526e3adac62582cb965f0747f980f999300b7e4e64dbb9037cfb862d47daca7f6b9d2b5a0d597d15e8a5251f30edcd5686ad2eb833f9c340562cafdf4dbfb

Download Submit
C:\Program Files (x86)\ERICA 2.0\jre\lib\ext\meta-index
Filesize
1KB

MD5
77abe2551c7a5931b70f78962ac5a3c7

SHA1
a8bb53a505d7002def70c7a8788b9a2ea8a1d7bc

SHA256
c557f0c9053301703798e01dc0f65e290b0ae69075fb49fcc0e68c14b21d87f4

SHA512
9fe671380335804d4416e26c1e00cded200687db484f770ebbdb8631a9c769f0a449c661cb38f49c41463e822beb5248e69fd63562c3d8c508154c5d64421935

Download Submit
C:\Program Files (x86)\ERICA 2.0\jre\lib\i386\jvm.cfg
Filesize
623B

MD5
9aef14a90600cd453c4e472ba83c441f

SHA1
10c53c9fe9970d41a84cb45c883ea6c386482199

SHA256
9e86b24ff2b19d814bbaedd92df9f0e1ae86bf11a86a92989c9f91f959b736e1

SHA512
481562547bf9e37d270d9a2881ac9c86fc8f928b5c176e9baf6b8f7b72fb9827c84ef0c84b60894656a6e82dd141779b8d283c6e7a0e85d2829ea071c6db7d14

Download Submit
C:\Program Files (x86)\ERICA 2.0\jre\lib\images\cursors\is-BQVGF.tmp
Filesize
153B

MD5
1e9d8f133a442da6b0c74d49bc84a341

SHA1
259edc45b4569427e8319895a444f4295d54348f

SHA256
1a1d3079d49583837662b84e11d8c0870698511d9110e710eb8e7eb20df7ae3b

SHA512
63d6f70c8cab9735f0f857f5bf99e319f6ae98238dc7829dd706b7d6855c70be206e32e3e55df884402483cf8bebad00d139283af5c0b85dc1c5bf8f253acd37

Download Submit
C:\Program Files (x86)\ERICA 2.0\jre\lib\meta-index
Filesize
2KB

MD5
91aa6ea7320140f30379f758d626e59d

SHA1
3be2febe28723b1033ccdaa110eaf59bbd6d1f96

SHA256
4af21954cdf398d1eae795b6886ca2581dac9f2f1d41c98c6ed9b5dbc3e3c1d4

SHA512
03428803f1d644d89eb4c0dcbdea93acaac366d35fc1356ccabf83473f4fef7924edb771e44c721103cec22d94a179f092d1bfd1c0a62130f076eb82a826d7cb

Download Submit
C:\Program Files (x86)\ERICA 2.0\jre\lib\security\java.security
Filesize
27KB

MD5
a2c4dcf57249e8f40202f603a031e87a

SHA1
ecaaf769b61a3a577726d697f1228cc0a23b7a3c

SHA256
45af59704cfac8d4e793ee5c4a23b3fb11da521289c0249faad5fb6e80c9a6d9

SHA512
45f4b98170751227e8ef98587aa13b4d347ffa9b048b7b477867fe4668acbcafb683a97c8f707446f938d628ec5d301556022215bb1d3fccf3180b00d89119b6

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\DJNativeSwing-SWT.jar
Filesize
542KB

MD5
bafa6191e066efb27d7649bc1502cf5d

SHA1
6fd0e5d5bdc91bec85336292ea7b501f6c9f75ea

SHA256
f17cf659accd1ff06103495e7c953b66b8c3b2570943af91a9f47edbc3c22e23

SHA512
9823ab52dcd9005ccc4176ca1365badc35cc3cdeb07344c714f77c87078fb8e956661b4e7f94aee9f7f409f7fdf28e513b23a9fbe737e4ee013c386b7db697b7

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\DJNativeSwing.jar
Filesize
110KB

MD5
572bf6129af668183d3fc381ce38f47c

SHA1
2630c44cac2d3d1c502afa51e9e4e12a62bfee16

SHA256
5f3ba39bd04393da4aeec11cd3b12ac722961f576ecd46b46de80d967416a5c8

SHA512
df9f5d360d3aaac0489cee8ef2789278b9a47bc7bde54d3d4f05cc8d9a7bd762f40c2be21d107fc4157c256ba2f3d9a9d7aca2eb8d0fc42bf13397c3d69aa313

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\IeEmbed.exe
Filesize
60KB

MD5
6cdfd2337186ef869e0bb8255115fc09

SHA1
da9cc5150d24c9a26eeae55bc5655bce0ce106b5

SHA256
21e512787d4fdc8b637f0357f1a5df9aabbb35546a4f2d3abc6bd1d5fd8fcb40

SHA512
b7e5348618c05a3d33f1224cf087d6a8889db7d99f631b0b8d88a2dc279a1d58c44fec69309e2bd1ad394af2b966c5adb6fa649d57229c0a13c3104c0686bdf5

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\MozEmbed.exe
Filesize
188KB

MD5
43a6053e823ad884b1e2c83024eb3663

SHA1
47f2f0d112374d7cc1ee9f1f583bd8743fb8ad28

SHA256
4dbec81be9650aa9310a83d6cc63f862117daddcc5ce05facea72ca93316d45b

SHA512
f249b16af007d7bdc8aa836715e1a5656d4ce6519aed9e6685edd22853a42e47a73a6c2c5c8b375399c91c870f63cb59cb3470578754d85a8d6ec7246ce2936c

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\colt.jar
Filesize
568KB

MD5
f6be558e44de25df08b9f515b2a7ffee

SHA1
0abc984f3adc760684d49e0f11ddf167ba516d4f

SHA256
e1fcbfbdd0d0caedadfb59febace5a62812db3b9425f3a03ef4c4cbba3ed0ee3

SHA512
da651ddbc27c9b5fb6d8cfda289b692fba277aadbdebb86517951bb68fa82ae3d974d8bd9a69822dcc35f2fc10dbc433e7e5852d50b0dae6c46326c514b273d8

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\db.jar
Filesize
4.8MB

MD5
200a6db89bcf9a6aa1662763265f8ad4

SHA1
2dd24613b34c22bbea1cd3842b679e65890b6b4e

SHA256
276f0a953059061b86efa1b1c714d94740692bceba7f696601f7e7c18a789155

SHA512
4bd239a46e3e8591a397615b4ce00a036d4abf9ed9999600cb217a013dc5c96d13242c39cd6211b9eb5fa096c660f42710a47c03b81c4491251b4bc6cbbb4341

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\ddb.jar
Filesize
720KB

MD5
f653c4e68c4ebd2dd61631380c8b0dc5

SHA1
e080c5e155d61944bc54458ef851e6bd039a43d5

SHA256
35766d29b3cea3f2d13819effe2f5cd043b062f61c05e8e1938df36577017b85

SHA512
023d5901f4e6bf264d82a79822c30f67853091ee260f0917578ce194ae46ceb222cff47d0f6d0951f947f9873ee22794d0148356914a18b53e1e5ae17efa9531

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\doc.jar
Filesize
3.9MB

MD5
62f58f82f2d2774506750ceb9f784dae

SHA1
1245053437707e4249d6b0f2a27c04760c9123b9

SHA256
5672fd6c258bca558cb41b461f85d88ebd5e9e2220d72362e8df0e1b55b4d0ad

SHA512
bc58453e4e96d2c09bc9274496038c901bd24054dac96ad3eb3ab01d024eb32bae2e94f9255c3d5286ea2ad39b21fd79c04354d7eef55c85e57b28b7dd6679d1

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\dom4j-2.1.1.jar
Filesize
316KB

MD5
f5710c1d5f5627ae5ce850a0b12ea87a

SHA1
3dce5dbb3571aa820c677fadd8349bfa8f00c199

SHA256
a2ef5fb4990b914a31176c51f6137f6f04253dd165420985051f9fd4fb032128

SHA512
547da0752ffb12ce40800449376f2f7e20f053f816de4ae8adf1a4fad5a3b87ce4e98e95650671a6c9cdcbbf7c20a4b61e711e5ae8d324c923d508bcb07e02e1

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\erica-dynamic-marine.jar
Filesize
45KB

MD5
262d774cdbe7a0ab0b0a912ad3b6036c

SHA1
aea375329751f047ed121f1acf3cf32998a145a4

SHA256
8a23af3ec69ba9444776038db1b99ae07d9c85c9b334b60afd9180ad51631bb5

SHA512
98d98ca6b7c2ac2534ce84393a6161d4673b82d1618f4a3dfaeb22ac20bceb06df38cef2d4cd8fddfb0276da94a57161c4becbf8cd87e194c6d268d00fb27bee

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\erica.jar
Filesize
1.5MB

MD5
251d9699e872038572fadce31d7b8d8b

SHA1
088e506ea5a30e2fc05ddcf0d10f4165f6f10d29

SHA256
ebcb2aa76e8355de1d91626a6a878b35dbe4736094e3006e93e4261d993fe7b5

SHA512
f9321da6f0688b3bff6e26eeb1dfa30c9c4539366cc9dfbeee860d4776a277610f4330fc567002ac9a94f1ad01c318a789c922a47eba6ca60498f588ab3403fe

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\facilia-lib.jar
Filesize
884KB

MD5
a31b0147eea36e9235e2fa57b318f9de

SHA1
271a535fea09cf5f56d44bf2a595751cb9b3f797

SHA256
5f3c3fc9bd45dd025bd7baefafd432c8740ecc0edd76fb1af0f1e656f0c31178

SHA512
0d91205c67f9779555f136842a695df71d0860b2e92fdd73a6a3d8d21da411451987f7e6045080db87097eff38cb5a4cac79843023820a6716b603f15de5d6d4

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\facilia-math-7.0.14-SNAPSHOT.jar
Filesize
1.3MB

MD5
4c15901d62fbd2f312dd46337e48ef5a

SHA1
6c80b9f9f7c1b3ff6d3d160d2225928d5cf0b9c1

SHA256
b6eb8edf6c74a4ec9fd37779097e53dfd8aec1d2bfe2584ea7bce8ad33d389d9

SHA512
657fa94222b7469610cda2f7f8ea93f94e087c3c2a2b08d10121571d20c0f64515552a62d95bd4b3b149c18b1a2bca155c779f97d1b583f04b4195702554d7bf

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\flying-saucer-core-9.1.16.jar
Filesize
1.2MB

MD5
78a0a251a9806add8a92fb15f591b143

SHA1
fcbcc1f10806b51967b0b60c5b28666b065180bb

SHA256
9b714eaa8b70430882550371049172a5c8a08a161fd9e33775658110741cc500

SHA512
22c90417b0d2e04d6abe38550bb5aba5574909cefe89d1df8cc64fdf9b67b00a486e3d7e14f857ff728e742f03698f09bcbe38a1d10204e8f4b4b5c2ad926da1

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\jama-1.0.3.jar
Filesize
36KB

MD5
ac8f1fe2704b378b347a862b12f5f5d1

SHA1
8bcf5a314b76cadd68daa37eafe0a46d8909ab47

SHA256
c7325ee29be1aac1287ddac690f73671f1cd911ca9eca7c619990e86310556fd

SHA512
76806233b67c0e758df2ac0976e7fc1d035b4d998d90e80c62bb32abc6642be3e53c29c53971cfc0d3fb475ab8491843a560f02dd00d522b324fc9d4be66a4e6

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\java-uuid-generator-3.1.4.jar
Filesize
38KB

MD5
d33c23cd9ef69038136769e77973bb2b

SHA1
ae83b2b74ee694812130dc1b3eec17df04498f3a

SHA256
e44e8315e7c34e86d566cb3d61a9d697ebe274a35dc83e569050967519c38d77

SHA512
d2948aea38de67c5d9ca1d60c31fa1f2d4d49a00a7a0c1dc4e7fc26dc28419e1a70b29b3259b375411ca391232fd28f16ff951217339d24de7107e8d6acdc0d7

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\jcommon-1.0.16.jar
Filesize
302KB

MD5
9b67a2a8ba65bb07611e5732da60fe0e

SHA1
348f9e02dfd982b105133aea7f702baca4427364

SHA256
2993af89ce598a1c2164dff4bc92166d8f787796a656525cf6c1f21813febeed

SHA512
7584dad500247aa3fdf040fa198567a54e0065070ccfe4b585e13829913fa3f329051c8d4ccf73ec6bba3caca808d445cada5055c284ad7c43313c6194884723

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\jdnc.jar
Filesize
208KB

MD5
bf7ad89956319e79a0d334848ba266c2

SHA1
8ead16de32000a59fa68a19f74b7f2d1c2cd2394

SHA256
4e2bb6d09abbc61aa544c113af2cd8eb5f7d5710c20e866a3f566ef633d138c0

SHA512
7ad0a605faa4d963348b8a807b5300b0e7b37919c8a4f137b740e6212a95cf4d9e38d47a15e58e63a2a4a6e297f22d57216bafe4aaf117647904bfb3334e081a

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\jfreechart-1.0.13.jar
Filesize
1.4MB

MD5
dbf0feb10bdcc245b14e1e48a039b7a5

SHA1
8ceb15028cf9b99c25c88775ab292faa27d3030a

SHA256
fe5389166de53bea053d2bc414e627ef2c46677ff9c22a020060714b8f749c32

SHA512
c37eed0ec438ec3b0d6ab820fd1bc4d4190033ff8bb1256bd854f071f7663ee7432fc8937063614b922f057693d25181cb1b646e0beeabfff95ad172aaac9034

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\jgoodies-common-1.8.0.jar
Filesize
35KB

MD5
9efb791e475730e67007bb23dd286f4d

SHA1
d4bca11ba89cf082960f78597f79d8d1f8ce1943

SHA256
bc2336a74aaf7233aae156a1750953941248544247ff0d97fa58d84e3ebf0735

SHA512
2e0ce30ccfce12794b94ff640d3446ecbd7e3f24f3b5cc77b532bd71661a48d94d42b7af4d85e6ae790ca58eda6addbbfce7e7d8cb6e8f6430e41595c4cbb8ff

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\jgoodies-forms-1.8.0.jar
Filesize
116KB

MD5
37e4059f79a934c99fa1fbd08648beb2

SHA1
5b4e37f8d48cf99905297e40988af9528750d542

SHA256
a2ae46793814fa6c42dabb561c59336029907a3c03d1b82f977f1ed6a4e5011e

SHA512
333d03e8a7acbdfd96d901a29f4a33b1d4ddc753d028b9807da66cf8ec0266870423ca2545c2fc16413d8a3b994f90dcf4bb917c40c2ffe6a79e9d6de0857e02

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\jgoodies-looks-2.6.0.jar
Filesize
392KB

MD5
14e1666650a61e97721dc4cead5e36a0

SHA1
4e0351106ce5fc089eac41afc0c4927bed477af2

SHA256
536fb1e76cf49c76ca336368b1d133294bc48358be6fc5160087a60d38599227

SHA512
ba76e8a4753246bbb76f6b6b192265bc1e0e7bc897a50d7d78decb5a6224207cf4a64756b905f925774795d6fe50eda76e970e72b87da887f9f9dc88b615fcaa

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\jgoodies-validation-2.5.0.jar
Filesize
43KB

MD5
6e8d2ed438b031f4468bcfe5c4e0a2f1

SHA1
4674540e21654877c257fc1ebaabf1486aa04128

SHA256
ae0d17cb9ef6abfae9237193540643b137376c3bd164861a4f524ec1dd83a100

SHA512
1341d0ce0f71f32c5a9c6309904bd71e84eb61aa6589996a0c01c84f1494ac4277eb84965e2751fce9a60f040d0047fb0ddf71cae6394e127cdc7135671393db

Download Submit
C:\Program Files (x86)\ERICA 2.0\lib\jide-common.jar
Filesize
1.4MB

MD5
1f2b706062886b2f80c98cf42e13dfd1

SHA1
6ea72246fffd07d0ab8204bca2d18347a2c02cd1

SHA256
51db8b3047939acd9c74a764b8e3c6d026e56d3ac7294cf00e414943d1b488c7

SHA512
cdb2f601610481b1b53afe7f200aab200183175d118777289488724ed9e74ab67938170115485d176e1969fcc034f0caf3be22eb36f94d1114f0a8222bd83d17

Download Submit
C:\Program Files (x86)\ERICA 2.0\start.bat
Filesize
1KB

MD5
d712e887c1ddcd0ec7c834acc9fe7334

SHA1
fbd0e161e8222e4cb0ddf1b714e7f831c1744fec

SHA256
1f172fb188f9cce6265bb478795921f0150a231271c4ecbe6516ba83045b3378

SHA512
a966bdc67a8155a433af8bd508d9623189d85707d745d4bd3f1859d3155529ffe7327c4e770ae1db17f55c082dd725b120369bc7b9cb7e5ea421ca2770b83cfe

Download Submit
C:\Program Files (x86)\ERICA 2.0\startup.jar
Filesize
7KB

MD5
6188cf3e3652dc3955f2e2099d3c8b16

SHA1
acab3c9b4c07de50c541f61634e84c203b315fda

SHA256
5c936c5f2223c0a13dd26712e1f2d3847eceffa226fd1473c25a844fce88366f

SHA512
6e34f7ba012c7b399aa46f7f816d2e48a2902fbf2314920118845eb0450dbda0e7432ca033613c0f58cfca9c8a29d70831d419bff306c5ee4c20580b029011e4

Download Submit
C:\Program Files (x86)\ERICA 2.0\startup.txt
Filesize
6B

MD5
f0ae55588b494b8b28ecdb0f7e738b80

SHA1
0738c1b3bc7ba2b508cc1d92eef9848ef6e05a7a

SHA256
fdeb00eeb693bc6a53e7f52abe05b355423c4be7d8bdb3ac04fb42cc37d96f09

SHA512
28a35c96a209f6a709adcd4aa9c1c36e7b9520d69e7c37807bc6ff10c2b0663b6aff27f95f9a407be974b8b45ccb8700d25b635993caa289dbb566db25b0a3fb

Download Submit
C:\ProgramData\Oracle\Java\.oracle_jre_usage\be46a166438a6164.timestamp
Filesize
53B

MD5
7bfc8de06cc43aadd9d64fd948ee4e82

SHA1
7dc25d77469f10a6111a58ecdefcceaaf9c5f6eb

SHA256
b2f83394c692cadcab0dbe1523e49c82751b4e908a38727be8c8be32946bc017

SHA512
018b9223bc209cbc8f07891f17073df3abbebf1b86f020504456ad3bba45884b4d29e463bda8faa0329e25232b1e5e13e1a1c4234dbcb7572c9656531aa04f9a

Download Submit
C:\Users\Admin\AppData\Local\ERICA Tool 2.0\lib\poi-3.6-20091214.jar
Filesize
1.5MB

MD5
c6466994e25ed1246a7d541d485aee67

SHA1
3f9d1a3dd2561f6ef09e268aa284e9f0807bcc68

SHA256
70b8bfc173468ee2dacdd3ed085b012bf1893346bbe50787feca3a4bb0c4a954

SHA512
af9cb0fb429772a3946d16360cdc0a8075eebaefe025c940c81847fdfc6c74ea78b9f71f32986a328b7ddde62b1fe7a0b4f62587ab77db75795aa82b293f54df

Download Submit
C:\Users\Admin\AppData\Local\ERICA Tool 2.0\lib\poi-ooxml-3.6-20091214.jar
Filesize
403KB

MD5
32e0b3d5e183c273f618e22b9da1a7a0

SHA1
a465f156379acf5fc68a171beb467420deb0de04

SHA256
dc844897ec534977353a6e6786ce3c4a6fbbbd92fdb048c7afa0a8b3d94a7578

SHA512
695fa54f2f8bca7216a33464e4c54336e5656e2ddcf19d37aa2feb78972b373b3d9d0f715f9b541c9e91557687fbc144140002ecd2bdffe570b326eee5d27f15

Download Submit
C:\Users\Admin\AppData\Local\ERICA Tool 2.0\lib\poi-ooxml-schemas-4.0.0.jar
Filesize
6.2MB

MD5
5b543060c11bc5249c36708fade759e7

SHA1
125f9ccd2cf652fa4169b1c30e9023362e23324f

SHA256
029ab12cf1f2303091f7f93ea694a4a66d6b397d970447677479a84caf2dc18e

SHA512
f1ee9ada0726932694e0a9699535b9729bb785826f4168ee7329754ad1bf750092fbeb075d42f8110665b0b56dde9421e3241d55d1fbbc7155151145352d7c81

Download Submit
C:\Users\Admin\AppData\Local\ERICA Tool 2.0\lib\resources.jar
Filesize
3.4MB

MD5
7886ffe2c55af0cde220908825d48f71

SHA1
b18f53fcbf9447f0d04c66b06a1b93f9bd4e5f86

SHA256
5dcff0648a43ad1b041293ab1d23ebb22f2269b288d02a2ab9a19f0a5ba99402

SHA512
b4439735a8b2d6c48ad673b2e01e93f6a2e31cbabcc074d9d6fe76ab87f2204433c5faa492d5a9183c897b5fb9e9ca904f5fc33f4748289a8a10ea57c08a4b8a

Download Submit
C:\Users\Admin\AppData\Local\ERICA Tool 2.0\lib\swingx-2007_03_04.jar
Filesize
1.1MB

MD5
088e2b935780dddfb56d641fd174f9cb

SHA1
c185cf4e49ad409e3774d059b7492258855dfe8c

SHA256
a2ebe6b273bf16cc921da5475daa588830a723fd17a372046c208f15b5359292

SHA512
923977e22223a66106e3a87e2d49a02d1b2494234a2587a5d3f2cf53e3e42c1dd0f87b09f5a50e443519b27564598d6d8129b4cfa839b1ba66b18b6d5c059efb

Download Submit
C:\Users\Admin\AppData\Local\ERICA Tool 2.0\lib\swingx-ws-2007_06_03.jar
Filesize
283KB

MD5
4f5f847169f2ae740235d0a468aa31e9

SHA1
aa23627155b46ff4d259dbc403282305aab68dc2

SHA256
ad062112f452c045e23a9023b1ef9e5c5291ee0600769d62ed114ee9d4243c19

SHA512
0186b24cb6632eb4eab087b703c112da5cda204f937aca9a4238ad17c04af8d5243d5f84865a1fca660a47bef4f7965117d0659191f3408df6fbbdd96f2a5b79

Download Submit
C:\Users\Admin\AppData\Local\ERICA Tool 2.0\lib\xmlbeans-3.0.2.jar
Filesize
2.5MB

MD5
9a0067e2716f06a886176b578e910f3d

SHA1
b9870982e53200b11c11800f4438620290522272

SHA256
416469b17233e544159022fdd9664da82b65344bdb869026f76919da62946b9b

SHA512
b5cea180f0a72a6b724dfd2d687d9328bee07f2e7cf5e90bc193d8159a404246002a278894e115ad41a230b5f64f015e0bb28332c26522834eaaf9727c99c0dc

Download Submit
C:\Users\Admin\AppData\Local\ERICA Tool 2.0\updates\swt-4.3-win32-win32-x86.jar
Filesize
1.8MB

MD5
02c558b5e1efccb88f88609e9e7e9208

SHA1
a5d40ef3582cb71631d493cf71d5dd559390f640

SHA256
be0cdc13c30dccf963644ab6a60de77adbe5a87b8863416032d7184f94604b73

SHA512
a96f732ba06e36763fd1269bc8ad005496c80f15a971fcd93748e7e35558200e80263821844fafa9938c39363c83360151e4581fa7a7b0cb87124a8a4a9b2ba3

Download Submit
C:\Users\Admin\AppData\Local\Temp\imageio110521430220739152.tmp
Filesize
2KB

MD5
fcd6d9bd3421797fa151b6e9b5c4a3cf

SHA1
01afef8a9abb5834ebf2ab48909ef74d85849944

SHA256
45669ba0ebce92e87b33c1fa86735af3ddcbab4f3b14ee099fa826258e20b661

SHA512
4440def1a725c59ba92f1c2cc2986ced481dc97c9f934dc04b53dea9977a2913a5af44be00167c8114b98a5e9d0cce5f5f60d85b9bdadf42c4b1bc7be07d9adf

Download Submit
\Program Files (x86)\ERICA 2.0\UninsHs.exe
Filesize
25KB

MD5
529dbe60afd8ecb5bac2e4d1854ac9b1

SHA1
ef2940e37d7699a6553da2d96eb09092b13dee1c

SHA256
100b769057daa1475b69c601fe12b95c2fd5132851ab16d0475941834f477443

SHA512
71948d223c39c58a384cf7ad0f6d9f01ebb450980d138eb91a5f4977c0f2751238fdd17e354bdde71305a0330a2a4a164e98bff481da63e4eb4a2b118dcf8f3f

Download Submit
\Program Files (x86)\ERICA 2.0\jre\bin\client\jvm.dll
Filesize
3.7MB

MD5
e44b5becbd810e01177c25f5006624af

SHA1
b95e4a07612e8b9a359792b92fa8eff63ff75c8c

SHA256
2aee4e5d7647a2d029cece529f2e9446336f0d7288408ee14152129989bc0858

SHA512
d20cfff34d9978d9d4b589ed8496f1daa1adb90ecf44c63037382efaa93d8e8762c5f4e612b78bf6c8b87bb3818b7a5ab86d089f495e30670c066900b3da594d

Download Submit
\Program Files (x86)\ERICA 2.0\jre\bin\java.dll
Filesize
124KB

MD5
22766629320155ff96d52d47e824b690

SHA1
59c83ac58678077e8d57ab2ecf1ecb73a35f9079

SHA256
46d73eca1e3692ae4f42c60243ac24625a2a9e5c863ab965cc1a2eb7486f3f11

SHA512
e23cd860b21058dc6efcd5fc432f36d291e926dc477f25903196d839ff15026671550a7e52e2dc5d0fa39248a94920de7ee98b2e9c0890f7e918ea3ef854fcd2

Download Submit
\Program Files (x86)\ERICA 2.0\jre\bin\msvcr100.dll
Filesize
755KB

MD5
bf38660a9125935658cfa3e53fdc7d65

SHA1
0b51fb415ec89848f339f8989d323bea722bfd70

SHA256
60c06e0fa4449314da3a0a87c1a9d9577df99226f943637e06f61188e5862efa

SHA512
25f521ffe25a950d0f1a4de63b04cb62e2a3b0e72e7405799586913208bf8f8fa52aa34e96a9cc6ee47afcd41870f3aa0cd8289c53461d1b6e792d19b750c9a1

Download Submit
\Program Files (x86)\ERICA 2.0\jre\bin\net.dll
Filesize
78KB

MD5
ccbb169009b6b60ddf426be45900a857

SHA1
ad1dc49a031a756b92a196940cc6fdc895262843

SHA256
1e83ca7edb8a6f3a9e92288e1363dcc92e8ca0ceeb905e56cfc76ba9da95ed14

SHA512
74a695886d52bb5449cc49a1cbd9863c3415e90154970d68b59669511caa52bc14f4f01ea7bf2775859966f5450d9e3e8788b541efc1774ac4daa1b2ae4d6cd9

Download Submit
\Program Files (x86)\ERICA 2.0\jre\bin\nio.dll
Filesize
50KB

MD5
060d4d85b36f2f3b8feeaa79d5f9a826

SHA1
8576a18f2bc223f13e7ba305e718981ea5b86c12

SHA256
694c2373719b5acc2392c5ce25aae96bf9003bc71027c3af28555e580e49f9bc

SHA512
b7cabaf9c9fceb73144ad323337f09dcaa59833c0483c78655e1fc8f364bc54a32a0d4386bde48b95b6942c234c28ac903de47e9995c78b388efd3499e3d3844

Download Submit
\Program Files (x86)\ERICA 2.0\jre\bin\verify.dll
Filesize
38KB

MD5
b70554c68470a7ac3da06d9252464fe0

SHA1
1f297790978620a2b9dd3ae5b9a83416c9d083c1

SHA256
ed6abc7fab7a8fe467919d883a2ee4db9ca84cec1e11e17cfa925027e4240b8c

SHA512
b8e963456a7613fd3859813055b6e45fe59137348cc32ddde28b21d607558cf689d8c7fb138c5664f0a9ea15062a1f9581eff546b0afcd3b303c692af867cf32

Download Submit
\Program Files (x86)\ERICA 2.0\jre\bin\zip.dll
Filesize
68KB

MD5
f41fbad9db9892e6b9fef7173eba3d34

SHA1
18e99f47f58ce94e72c87d7e2348c10f29c4cf8a

SHA256
49f48b12163c04ee3e2b32bb77b9658cf8d3477689e580d27418918665295ebb

SHA512
02b8792700a006741281eca6183b87eaec3c061a14bb00f03035ab72112fafd12e83ad94024af7b9bcf3f6f4a4c964dcc79c295d8e4aa7709a25818d783f4a0e

Download Submit
\Users\Admin\AppData\Local\Temp\is-6551N.tmp\ERICA-2.0.225-setup.tmp
Filesize
3.0MB

MD5
c0c251694ffebfcb2a6dfd7cba931747

SHA1
b8917b21134a9830173e83736141b090298be0a4

SHA256
91b85db1f2fcae7842aac88388f710f5ac0b9a611e9b395883e19dcac55d2869

SHA512
a57c0dfd7940484f54154941907ea1b3b448843ab1e5ebbf0cd6740b0e17eaa34e60a0fcbe2d1fe03af244a198c5f7a0ea4ba1a57197937f5a239b43eaef33d6

Download Submit
memory/1368-594-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/1368-2-0x0000000000401000-0x00000000004B7000-memory.dmp

Filesize
728KB

Download
memory/1368-501-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/1368-0-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/1700-578-0x0000000000020000-0x0000000000032000-memory.dmp

Filesize
72KB

Download
memory/1700-571-0x0000000000400000-0x0000000000412000-memory.dmp

Filesize
72KB

Download
memory/1700-580-0x0000000000400000-0x0000000000412000-memory.dmp

Filesize
72KB

Download
memory/1700-579-0x0000000000020000-0x0000000000032000-memory.dmp

Filesize
72KB

Download
memory/1700-577-0x0000000000020000-0x0000000000032000-memory.dmp

Filesize
72KB

Download
memory/1812-742-0x00000000001E0000-0x00000000001E1000-memory.dmp

Filesize
4KB

Download
memory/1812-740-0x0000000000210000-0x000000000021A000-memory.dmp

Filesize
40KB

Download
memory/1812-751-0x00000000001E0000-0x00000000001E1000-memory.dmp

Filesize
4KB

Download
memory/1812-820-0x00000000001E0000-0x00000000001E1000-memory.dmp

Filesize
4KB

Download
memory/1812-741-0x0000000000210000-0x000000000021A000-memory.dmp

Filesize
40KB

Download
memory/1812-1907-0x0000000000210000-0x000000000021A000-memory.dmp

Filesize
40KB

Download
memory/1812-1906-0x0000000000210000-0x000000000021A000-memory.dmp

Filesize
40KB

Download
memory/1956-583-0x0000000000400000-0x000000000071A000-memory.dmp

Filesize
3.1MB

Download
memory/1956-9-0x0000000000400000-0x000000000071A000-memory.dmp

Filesize
3.1MB

Download
memory/1956-502-0x0000000000400000-0x000000000071A000-memory.dmp

Filesize
3.1MB

Download
memory/1956-593-0x0000000000400000-0x000000000071A000-memory.dmp

Filesize
3.1MB

Download
memory/1956-581-0x0000000000400000-0x000000000071A000-memory.dmp

Filesize
3.1MB

Download
memory/1956-567-0x00000000045F0000-0x0000000004602000-memory.dmp

Filesize
72KB

Download
memory/1956-555-0x00000000045F0000-0x00000000045F7000-memory.dmp

Filesize
28KB

Download