c24867593c1e7e435dd18ddc3be471fbe304ad558c9ed2076f6004736fc79082

Resubmissions

29/05/2024, 08:14

240529-j4zxgagh94 1

29/05/2024, 08:11

240529-j3aaesgh36 1

Analysis

max time kernel
149s
max time network
123s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
29/05/2024, 08:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

VBS test 2 IG.vbs
Size

109B
MD5

58f1742a367dbc21d7a8209489bc7237
SHA1

84d06505ba2136717223a6e6b01e0849595a96f9
SHA256

c24867593c1e7e435dd18ddc3be471fbe304ad558c9ed2076f6004736fc79082
SHA512

24f13aae4292da6468ed138446828e7eedeecd4959d6b95213b88dde324df6df89c44e951c82ab78c7a93d8837fa848d2c9969d998745e35301b34b716b351b5

Score

1^/10

Malware Config

Signatures

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3571316656-3665257725-2415531812-1000_Classes\Local Settings	taskmgr.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe

Suspicious use of AdjustPrivilegeToken 3 IoCs

description	pid	Process
Token: SeDebugPrivilege	3156	taskmgr.exe
Token: SeSystemProfilePrivilege	3156	taskmgr.exe
Token: SeCreateGlobalPrivilege	3156	taskmgr.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe
3156	taskmgr.exe

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\VBS test 2 IG.vbs"
1⤵
PID:3952

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /7
1⤵
- Checks SCSI registry key(s)
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3156

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2072

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\System32\FNTCACHE.DAT

Filesize
292KB

MD5
b68b9189f4358df16177f75688dbb154

SHA1
d0105380fd84f540c20b2953fb0da2fe6ca44cc5

SHA256
b4df1cbc7652b162c75f293bd0010e8b77db66a83f8ac3e2676a3b4a2e49d87a

SHA512
8097717c5c48efaa632df800f87e70812158e40eb1f81fa436a5973c7df4cb6e741db3e67f0daf0d16f70261d38689f69e2da99545347ef98aaf42a0604f64c2

Download Submit
C:\Windows\System32\dssec.dat

Filesize
210KB

MD5
8c6f56f4cdde6a1fd01f4fcf2773298e

SHA1
b634c8f6da05df2d00c0702739b0f3a177c8419e

SHA256
d469dc38744a28a62a05100f25d78ad66abba93dd70df0893516466361f28e58

SHA512
41df763589f11bccbdf744f8a00520b913902b9493bedb650f28231446ed7eb529d43ef0445aaef4e5314856fabc356aaf50d0500361323eb3506ffd5a500cfc

Download Submit
C:\Windows\System32\license.rtf

Filesize
538B

MD5
59519775ee63f3b837d0675d9474b9f7

SHA1
a765815d8260b9f8c69a15910d38ec6233cdc64f

SHA256
e1a066a9dc0c08bccf9a793bbd77643b8c6bcaac4319a1f4965e62ebbd550727

SHA512
17a9d671e9e5b8ca91a7863aa63431789884b8a3c0a8d9fde2753fc8595647cb04a21a8505d04837b1944caae2427d517c541699a423a14c4e4604a3459ab25a

Download Submit
C:\Windows\System32\mfc100.dll

Filesize
5.3MB

MD5
7595386afba54a95aff3bdd3fa5ffc48

SHA1
ac705d856efdc42eb037bbe07403c441009b1fd0

SHA256
ef2e0df287af95855b6b13173259df847a2cb8a1872ba3d4573e82abd4fb9699

SHA512
2af789b574c06d0f2f1444788169e7dfac70e7886435bcf49e5eae582f1037d0f21206706c59fd521f9b8cc13c73134ac16044aeefc0b3ccf638e4128b7070b9

Download Submit
C:\Windows\System32\mfc100chs.dll

Filesize
35KB

MD5
e4e0d9802f5953cea56e1d8087cd8ffa

SHA1
3beda00d873dd2b1d1ad52fc11b44c2a3eb4196c

SHA256
7243ed6b185b0b56e21345f98a46ddee996aaa0b6d6eb6355cf2161bf0cda800

SHA512
149bb22540f8f5a07904ac74634b63796461c673b362ec1e651dbd02607540bd5b5ec7f7f0a868a1378bff1eb52fa1dd0ce6f76291810ea87cc6c8684164f8a2

Download Submit
C:\Windows\System32\mfc100cht.dll

Filesize
35KB

MD5
5e6350f5c5fc70c15d745d08d1fe3470

SHA1
93cdf823d6f367a4ea90b428a682b9d865c65428

SHA256
fd16b3dffdb056663d3c2639d9e48dd2df5c834713e0ff92738fbff178ddd8d1

SHA512
d4dd2f9fe49104b4314194b709a440201703ec78dfbabdc42c3a61a0818e19fce728542fae6dadb95cafdbd024be4a1e0651ddf6aca62984b5a3a77bf9d9b599

Download Submit
C:\Windows\System32\mfc100deu.dll

Filesize
62KB

MD5
9d3e70686f38d26f9111920f0a4f2202

SHA1
0a6fdf53c5a765d8dfc0749a76c3603c9eb23af3

SHA256
4c7290366b3f7e5c62efe63f1440a139e5eac2ad5ca47d632426bf399d7510bd

SHA512
84114c5051608b6a37fea26e86280ffa3a6a110bf8b8d85804755f5ef0645dea4455772fcf30b398572824fd9a7fd74e73beb167cfb2e24547634a3e81ea611e

Download Submit
C:\Windows\System32\mfc100enu.dll

Filesize
53KB

MD5
5e2f28a979a0ce9b43f1815a593617c5

SHA1
a2414a20ffcfd558a9ef5c10bfd6be96c91d87eb

SHA256
ce0905a140d0f72775ea5895c01910e4a492f39c2e35edce9e9b8886a9821fb1

SHA512
4687af53512eb29ad72c213cbcd27bfd5454c3791a727a8f35808f5fc74c54f2bdfe3267e708433041ed2acd65a8fe59a791a83f497dfc0131c45ee1c7693390

Download Submit
C:\Windows\System32\mfc100esn.dll

Filesize
62KB

MD5
998d295ec34c4c9c941023cebd35da99

SHA1
047dd73d5f65b3bf690033644abde4a9d05393a4

SHA256
21ec0a8b0e8ee838f06ada9749454de4d9b46120f35fc921f7b3b1fb7df8eab1

SHA512
ace05f624fbfd451e88ceaca27ce1ce43da6d789186e39562badc9917bac8ed8ee92182b04c750d5cd9e75698b8a2687025e13e5c540614a91a97639d7261186

Download Submit
C:\Windows\System32\mfc100fra.dll

Filesize
62KB

MD5
df163bb07b5b4946d641aaec38c9d30e

SHA1
c398c289efe5198dc9a167cc1dcb1e79c030c0a8

SHA256
ab46c53baed60e4b414d1b66b05440247577850e309d8c49c4f6eff963560b0d

SHA512
d1d46c9e4be425ea9fa66662d51fa34c0a943aa0b21b42e2b82616061ff1a968c3368ef1e806ff4634a0663f9ff7ee366436ccf0103536162e72db405f43762c

Download Submit
C:\Windows\System32\mfc100ita.dll

Filesize
60KB

MD5
74df761a1b88c115b122e4cace0d572f

SHA1
fda99e7a07a0474f3a2e79664fbcff8478d3165a

SHA256
2a094431718cb5b30138edc47bb1742583178ca075eab692c84c30322e02e88c

SHA512
17164a5f170ab3c0f85a8461aff9270695b3716835eac650ba1a909633d891272eec8a4c83712026aa5faa3bf7ba9d947dc936e386d776ac5ffcfd10cf8c8d5b

Download Submit
C:\Windows\System32\mfc100jpn.dll

Filesize
42KB

MD5
d349e4f73637b2d93f4e539f1b688fba

SHA1
cfbd02463cc55dbe303991e36c4a971156ebc127

SHA256
7f5d9d16f21362d9f76a9c5dfe2ec7cc844339d0fdbb6e895d6b466fd2014882

SHA512
192ec438a16caa3a6ba07a035373bf6f13deaa9027661080ab4488018ea5d85f79aac5d725e6575a5993c2dbb71344234a87294f79522e4f36ba25130db198e9

Download Submit
C:\Windows\System32\mfc100kor.dll

Filesize
42KB

MD5
7de94fc198911821d00d19f1df0b13a8

SHA1
13fadbdf4aa8a235fb143c610a20dbd977ba637a

SHA256
ce9fd8d107522c4facd911b3d129d377b9d53855da92829ee12b81d3897143d3

SHA512
e55c1cd8dd17059b5675d1501501073c34c1ceb9dd16103471992103284c7b1b5c526cff4f4767e0be75cd4d9a82b1213e324eb6c0e460f92aa8e686317230d5

Download Submit
C:\Windows\System32\mfc100rus.dll

Filesize
59KB

MD5
2a3690bb6f39ea0764083c16d3106279

SHA1
0844d3a781da0ec802d21c1985bb9b6c0a3524ce

SHA256
af94f081de3cd96be6fb04dfe69ae54124813b61dc994051b1ab6118aee55393

SHA512
ac6dbab8169c97b520a54dc5d3a28573c78ed3a3647f2f2f05b7896a11eaaee20a21e95276eed26778fce7a4d64c578546478850902cac692e819b15a44b696f

Download Submit
C:\Windows\System32\mfc100u.dll

Filesize
5.3MB

MD5
85ed13922df97474af9979ca456c6748

SHA1
d79cdd200b6543e06d18ed67e44c7bba50de7d85

SHA256
4c33d4179fff5d7aa7e046e878cd80c0146b0b134ae0092ce7547607abc76a49

SHA512
dcf9bb66a621d49d036f418337c2c454c3a3212c3d008c2dfe764b374ffaed1ce7ea3c6fb30f0c30a64ae3b901146fe474427e9bf4931e01e1a5cb5dcf2b5033

Download Submit
C:\Windows\System32\mfc110.dll

Filesize
5.3MB

MD5
ed15189b63c78cd4453954e0c9aceab0

SHA1
4cd2b0ed839d4ce4216b179f61f8606c94ce84b4

SHA256
18fca73cf08bd9d27511b2da1ec6573c352ee7d00bc5f2504a8ff56b28a73551

SHA512
a48ad34dcc68d2afd8f06c585a3cea9a6e3fdb926feb25c89ace8fa864d56265267f0205779753d50343fcc9548cdfd5559f936e036011b33a8a6e49feecf68f

Download Submit
C:\Windows\System32\mfc110chs.dll

Filesize
45KB

MD5
10ae8bff037a69718ee6f4aea2a3c752

SHA1
2909ac4ec88bdadd947c8fe82db5e1ea6f0f31f9

SHA256
ba804369560a31d6e9e623f37abaea3e5bf06cca457de3fe8a1c26786f2d1238

SHA512
3175f7e3a01159542cea1fc82257d40bff47c832a2ca2e168e31633dfc6c50bd4981784469a2deaf44309d7888276ec9d36a795c993cf2cf261baaf7d25ca9f5

Download Submit
C:\Windows\System32\mfc110cht.dll

Filesize
45KB

MD5
405e6cee49f463f406c0a51af82eb964

SHA1
3f77052afdaeb6317ce6c2b682bb65f9a5c2ca00

SHA256
06b7b1bdd83b32c621d4a9349280ab99455c830643d97a78e78ed844fb30e5ab

SHA512
2b70fba962fa1b39e1e134bf5157db7e9016808779f6413d9f9aed909b59cd11daaf85c61d3ae0862019c8c87f1d21d7b49960cfedb10fccfb5d0b5ab3754517

Download Submit
C:\Windows\System32\mfc110deu.dll

Filesize
73KB

MD5
c2dcb7fd239b310896985d2b31c089f7

SHA1
ae3ecc96b21d3a3b32e8d77c3922c90f440f4913

SHA256
70969f6ffc7dddeb26588410cf3bee5c40d27761d4116859f4e25b083656bce6

SHA512
e9af9ad4b2df18b5efdf641b97fed8dbf6d528fb9737d2437e68971a8c8f1bf3d18b2480df6be41ecb05af8d96568f07894b1ff59cf4bd28820cf810ed9cf9da

Download Submit
C:\Windows\System32\mfc110enu.dll

Filesize
63KB

MD5
2f41fa824c59cdc2c3e057d55069f826

SHA1
67518ca99b7d14876aa560108bb48b4591e82eac

SHA256
6279e0d79f7f5cb25431de09a76d6c6db197e6b2a6713b9329a1d2273271ccd6

SHA512
82fbb139cce703381560cd4936cc9f9c3e3d7dbf6ff82034544b469c37513134a797ed1bdb103bc1d021436ac629bf35fce8c0dc17da33a1fb86b2d09f04e8c6

Download Submit
C:\Windows\System32\mfc110esn.dll

Filesize
72KB

MD5
99542f773cc9b80e91a870ad771728b6

SHA1
0857599bca0fa9df2705d4dfc46239566fa7e815

SHA256
272cf9f204737851f31161d6e6a31347918b33dfc052d0ad046f5d7a9c2ad14d

SHA512
890b8d839748872e7503c16d66597d24ae0d36a7f0137301b15af9579dd862908d109ab9ed648c3be0749fe058be68d69845267e61db3aef6d7ec9a6855e252b

Download Submit
C:\Windows\System32\mfc110fra.dll

Filesize
73KB

MD5
44fe45c7fb65697649cdd60f1c57e022

SHA1
b93fe4a462b6720587e898068961f6c601b57db1

SHA256
90d556905811217470a98de3d08d0b523313729dd7b799d324a9424cdb618600

SHA512
e02fb3058748b25a94eb669d69859b6b2083926c96899ad02132574f2448844f255a60589cf8152d948d2f51a899b52c0fbd1f668a81671aa92ce59c521cb954

Download Submit
C:\Windows\System32\mfc110ita.dll

Filesize
71KB

MD5
5c2cc00020b825e82217fe4fd99037fd

SHA1
aaa698a70436bf5b3963976441b727dc56558513

SHA256
5dedfc5fabb64875918cf846628a133744bb8812bc9319f517e9e584b181aada

SHA512
6fd9307e9b15a7f5f036e3f3829dbef8763764b01b26a2cbc510b42d8b68a4205f9a8136c76837a2da420e145dd5202ae707a8afdf8ef66a951eda72435461dd

Download Submit
C:\Windows\System32\mfc110jpn.dll

Filesize
52KB

MD5
87a1daf7680142e4962e0e7776c53877

SHA1
fd82ac55ddedb62b24b4510f65ca8bc2361d5628

SHA256
b3aab7a77d7d1379be3b5e87bc627dd933074cb6897300c479ff2a5c67fe8efd

SHA512
f9fed03fbc0120f8401caee090d2fe2559e0f765a04604aa53bdb6d535d7f2820d25bd9d3691898934e3292306328da9c9612694d5b6432cf63c2bdc01cbdd6a

Download Submit
C:\Windows\System32\mfc110kor.dll

Filesize
52KB

MD5
3172360933d603020c082f87a482a457

SHA1
1ff5de6b281566c6b474d073d5749bd6f137065f

SHA256
cead3aab9ec7d02c826b0701292a11222cbc213b47ac1f3f040f38730a3202e0

SHA512
b2016ace0188d6f28a28d26fbb74688412b55f94b7b13d6e46c739d8f3bf461916e3fcf1cd666d5217d868153ae3ea91a1fbe42d800f395a301667e43b4cf8ba

Download Submit
C:\Windows\System32\mfc110rus.dll

Filesize
69KB

MD5
ed679e821b2ed9b9e38c18ef3549a292

SHA1
8f8a88fdf786117a9dff9bb528e03cd55e176833

SHA256
972e7259cb56ee54a4e5e31df1324f78fe22703535fc6ffc8e9f5eb4ae421ab5

SHA512
beaee5974ece2f92143e92e064ff470b11a842747deed2ff8f429f986635c269e004aa7330a6101e329f9bea8703531cf42382d1a4e107b759bd6e250f986113

Download Submit
C:\Windows\System32\mfc110u.dll

Filesize
5.4MB

MD5
f110cf19d56f58606eaae8a685279338

SHA1
1f5f9b99929fb39cb7ff002fb0d7a21fcd43063f

SHA256
49559ea7183464f3564c562e7d216ce78ef1e66ac9dea2ece32dae00905f385c

SHA512
98c6aa12a16bdb450759fe9bb344e740f51c498426011372f81cd6bf8a20ae6eabbffb131a3c6c0e0e3f2a9bf687aff98ab3cad8891f5f2b2c522f2c00456f43

Download Submit
C:\Windows\System32\mfc120.dll

Filesize
5.3MB

MD5
a6d08e8e290c80822842015cd877d405

SHA1
2ee9d28e20a73facff20be87092e482b562dad41

SHA256
950ff7746d747de51cc09c1aaaf88fbc2fc97c59865f574cc3fb10243ae7b906

SHA512
b6dfc3d0ef4f57c116d44b201fae187c9427d4fe7cad969f50f9408af40071d811e88698134491f479923b259a47d0b528e7ea23790248314e902ee24d0b93a2

Download Submit
C:\Windows\System32\mfc120chs.dll

Filesize
45KB

MD5
f96a9a88487a27de7b3e15c733cf1fe1

SHA1
0a4157f064349b0370b8ee3f244f44debd04b4c0

SHA256
cb531679be2881677a93d11067c71274ec30b30aadf1cdcf1543dddd6b1d7b61

SHA512
df5390b235157e65efa3a9385a7ffd6d5f4f2471306625f01370ed463c65b81c4274370f93b5b0d04d44175c57322d2f2fb1cdd2bcbc123997f4ae4ae9557f0b

Download Submit
C:\Windows\System32\mfc120cht.dll

Filesize
45KB

MD5
6a5e17d5a4b24e5c2b947a343a182949

SHA1
ddf5ed505953e073f09b17e8e2bdecf2766c6a4b

SHA256
0301c5dc6e762788891356987e9c8cd0d40b262df06e8384bf5796b1f20f083e

SHA512
8a383192f9f6e6c4fab24645cf7c30fa927881451f0e65175b724717151cca6fcc49ed3394cc689407f19a7b1afd6b462688bccb898912762b804eeeb7cd8d97

Download Submit
C:\Windows\System32\mfc120deu.dll

Filesize
73KB

MD5
bfc853c578252e29698ff6b770794e6a

SHA1
1091dced7b18bdd7eda2be4d095ac43cfd342b7d

SHA256
80e0f29ff6b7ada892f23927f17021783575ad80f9f6c8a268a6c2a7ce35e5d6

SHA512
306445384614b48d3182a91c8adf8d8206c36efd88abf23753800566f9650518af382164ca1a17ed000888e6a99c175478ad621d0a0d46c9bc7d5359113e05fb

Download Submit
C:\Windows\System32\mfc120enu.dll

Filesize
63KB

MD5
19b7b852ac2dec695e6a52801e59c421

SHA1
cd72265e1a6a64c761984980895d92cb93bc61b7

SHA256
e463f38fa6b6157398ad224a462538bd8e36b75031fa711e567c5505a9092df6

SHA512
d0fd9f75820d3dbdc4001ed6262a940f062655ebb5f31f3d45d984e38b1bae2e5a958665b79b5b4aeb899e39348ba987c82148bfd85477e69249d3a59a076017

Download Submit
C:\Windows\System32\mfc120esn.dll

Filesize
72KB

MD5
9ef2dc352d20b615a556be53b449b17c

SHA1
933b2a39f3d730c6b5d437558d0db68c5d2c22b7

SHA256
db4fc3652d24224d5375d1a5696144ac8881332cc20f5992ed1488236e64c120

SHA512
8031a4d0e44beb290c48292a0987108ed6d6f56950dfb17ee4671e692407fcbb8dc652d82907d8f98db2f841689f9480aee6fbce60cf2bfa1d0d6294c3f6da91

Download Submit
C:\Windows\System32\mfc120fra.dll

Filesize
73KB

MD5
06473191b67c8b3d1a26b76474c5daeb

SHA1
94c72bb597c365cb77f621e6e2cf3920954df2d7

SHA256
e7cb6c2818ca27c864bda635d5b5d9f7bdb308f4b5d4bbc206ee1e135b7dbbf7

SHA512
237c144cd3cd78c4a4eeb5c6a22043a8e604bdbd7182b89bacb81135b1e3de08780061dfa3664508cfbdc01e918fa2610e317f9441b10c4df8def1ca444de4eb

Download Submit
C:\Windows\System32\mfc120ita.dll

Filesize
71KB

MD5
713e30e13c1998e035cf4ace66b03230

SHA1
2d244e01c2bd9f3f17dfa0b74c19ce6bc512e1b5

SHA256
9cfc5985440df4e70b57869b32c8ee69eb6fc570a98cc94a53141a0dc7535e10

SHA512
8a2581aaa125eb45543e679e58be7040d151cfcfe0625f6e62dccc3fcf87872d3504b30082036d5219dc4c8493600838d31b2ddfde3ba0bc1b2b6ef97078e29a

Download Submit
C:\Windows\System32\mfc120jpn.dll

Filesize
52KB

MD5
689b5f0061a67ac95f59a64744702186

SHA1
52227dd2c8a66c0528bff28475846faf7036340f

SHA256
83fb72fd2142d54bff6280e7c4d4ff22d43c3a81fa4ff8881003abbe5e21ec3b

SHA512
30b4e01d20c6c3ac1b799dd4d23fda3ca988eadb59356f84aff0a0760572b5c4119ef21467494e47a7d74dd6b136633a6ae40f45ec051d5cacbe44b5d6255d42

Download Submit
C:\Windows\System32\mfc120kor.dll

Filesize
52KB

MD5
7d03ffc6a8fb686abd660efdc3aaf223

SHA1
3d04c53971a525cc3255ff1eab05ff0cbad75bb7

SHA256
b2c7fc2c95b13bac36316d298c94d842dd2574f78e9c22e4d4e4af1c3fcc0fd9

SHA512
b5d41294630e342f2242a91c9dcf9085cddbd2389860e14c741147cb695425971cf79339b523d28fd3189589e5f948115359b89f59a03186e3c6a103f854f4e1

Download Submit
C:\Windows\System32\mfc120rus.dll

Filesize
69KB

MD5
a99ad214ccd1e7bc1f609b972467b0ca

SHA1
9ee79954fdb2338026c3c81da00ab6e7e6c2e1ff

SHA256
3238676035d9c1595248ef65ef5b044384b473ab9bdfe8d1077e10e4fe7bc983

SHA512
da1f8a4dd82559635ea53dfeac1817a9ced1d247a170a8153a54c05c371fc80aa2fa958bc5c515c026815c505f70fb374178f8ccf94836b66c4a7e23dab1c083

Download Submit
C:\Windows\System32\mfc120u.dll

Filesize
5.4MB

MD5
ee4af4ceb4b7fded7cdda37faef69704

SHA1
5ab8f2ace2f4a1892ea4a2a26df5ee7e9cd497b2

SHA256
75497de4aec4b5f0f258164672db2eb55eef5138c028317860e05f11030f7b7c

SHA512
4f807157e6bd57ac37bd1d8a52ffdc38e330e517101a1ea603096d8728b04c9c2ae96e510b961c87536e957587ce169fdece6bc3ed5e5025aa87c0f276da0ece

Download Submit
C:\Windows\System32\mfc140.dll

Filesize
5.4MB

MD5
206bfa90285b72daa81dc09f2aaab86d

SHA1
27318d91c0af817f2d613548e91e18cc86ee03f1

SHA256
44680057882c13cda6f120ab8e5d8876506f62b43ff947a71e2409f8729787fd

SHA512
58af46ed6ed0ee7b08d9f47b5027b748137b72d8fb4489fa1447edc88787828a4598a2e0664a8fad40802e93038fca1a0703a4cd2ca2a5971b9295731cbd5247

Download Submit
C:\Windows\System32\mfc140chs.dll

Filesize
38KB

MD5
14f2552a22556da83cc4742413b2b55f

SHA1
088f99b57f65c6736c5462ee3aee5f30f9d5a0ea

SHA256
cc451e0346c7715926ab439b9d9b89776433d4838d5d6fac7c905d6e99079a8e

SHA512
07e0e855f5121803262c5ac18dafdbc22f37621d58d365bba33a5a35bc9d94ce434745faeb04b4c67b7096cf30e64aa5cfdbf5b9d6de49407e8015a848ae2c62

Download Submit
C:\Windows\System32\mfc140cht.dll

Filesize
38KB

MD5
d5183aa1ef18900b560a263acd709d71

SHA1
4626172750b0ae95bd1c8490f3c563bbdb9f6c1c

SHA256
7b406b0708ab49ba48a6e00c6591c83a46f9628a87da473374819fa318305a8e

SHA512
e5c88f4fdd56d7a802195e6edff0d56b39420778d8a7d3b48de3c87ae5f998e9784e1ac2133e69312ddbfaa84d82378c30d76589c033fe4a2c4608a0cc6b733c

Download Submit
C:\Windows\System32\mfc140deu.dll

Filesize
66KB

MD5
3f92b816f23c02e265027d13507b4ae8

SHA1
5e7de591292cfd98e8790b80dcc69fd14e0d5ebb

SHA256
8ec4f5693de3bffd78feac692ffe10773ca944872a6ac45676eb1eb01b75ff89

SHA512
2345bdce3c606d83be0a4437ab613e96825e2155d9dc5d6b1b47cedde6af4f5cea07c4c35a01a75b7034a73df3f612658b957fb248270569fbd7ecc49182aed4

Download Submit
C:\Windows\System32\mfc140enu.dll

Filesize
57KB

MD5
91b3bc8cba3416cb751101243ac49151

SHA1
63d78def993d2bfceffd11511c3621b48cbc83b4

SHA256
28936d73efe44d81cd79d783cad986f8bc419e24dc377e0fe092794e81e5de58

SHA512
a70fca635df33102a02de93c8a6e4dd5f810e65b0a06dea3e79decaf36d01367963aaeba685f2b5faf74f1d28897859a466f5c2d33592e7287ebac1ded35a30f

Download Submit
C:\Windows\System32\mfc140esn.dll

Filesize
65KB

MD5
a473bb19bbae40ed4b2cf9148944df4e

SHA1
e0102363f2c725b5289fa1745b565064d3ae8f81

SHA256
2a173cee1c9cce79191cfa6d0fd2e0f3ef51c19d858f2414578e337664be4fe6

SHA512
ab25769bc34504a91684f3520e8c33a193e235f05def73d60f1a5f2a0f912aa7ab41be13d55275775d22749d59bd9e2af0dd7cba7ecc20a51081f5a88fdc8044

Download Submit
C:\Windows\System32\mfc140fra.dll

Filesize
66KB

MD5
fe4952bd1254da197838303dbbcbef40

SHA1
c7c92c77a265653961d827a175784e2d0e0de770

SHA256
60dcb2b2310b5731e5d6c63b9983f1c6436f3a08d80c9bfe73087a584bb56019

SHA512
5fb0062ede09efcb91d7e872a9ed9c63c419226b0fc2eb4336a39585325fe73f4b226e9ac57019ce5e0bd93615bbe080ce0c6293b080a096e080d92220eb51d5

Download Submit
C:\Windows\System32\mfc140ita.dll

Filesize
64KB

MD5
159e783665818ccbd75ffc9af1c60ad8

SHA1
709ac0976a89fe854cbe65c972f05986459da8af

SHA256
89e0af48e0a3df036fb21d2dd0ee2a16d0b1286758a495445ab5090d998bbb25

SHA512
31f7341c5626f186ce5f3142572241f44b684da6eeaf640c82783cb1f59185ee9955fb37eba264c2f217965563df465c6b73d1327143a61af8b871da0a4f7293

Download Submit
C:\Windows\System32\mfc140jpn.dll

Filesize
46KB

MD5
f962dc50170213ef2206ee4638903cfe

SHA1
6495a3da2d99d3c2464b4e7b6b6d1da42a1e54cd

SHA256
79e1852dd1febda8fe125e49fa78f5a0f55146170180d4599e1e7092dda507b7

SHA512
7296b5e0f7c03e505f63b0265ecf70bb0f193cd876e308ac3abb876073a150dda78ce7c00c7f6c3f92bd2db96e1a9ccb96ca1f30041799f2640c4395ff38baac

Download Submit
C:\Windows\System32\mfc140kor.dll

Filesize
45KB

MD5
2433afec176b1d5fe2afbc1d28901efb

SHA1
0bedc4703f280569c0c7026b4dbb92c4ef69d903

SHA256
06c225eabe6bf84c6f82c4215aa6b8a61eba5d0076bad3e97344236d57253232

SHA512
25855bacbe88f98e84095ac74e2325e9fbda8e23a15cf855010774bac8abf0a5d5214ed73ec82ceac154153be7e1ea106d54be2795fe1705f669268a9fce445c

Download Submit
C:\Windows\System32\mfc140rus.dll

Filesize
62KB

MD5
344e6d41bb27e94a37f6515d62ddd5c1

SHA1
df89a9b7a1f0e6c21f404a5d5b959e90e33c01fc

SHA256
3cdee3f0f92c3b831a46db916cbdd5a5835f049512b28f8779ccd51f7abdc17b

SHA512
7da0f2d6435cfc8299c9943975ac659b5dbd24851c375f3d51e9e5b29b9e9c2fc5ebd45c4f7f4b9d989ed5d6d7da61fdec8802b01c411d835fa7364a4e7ee6b0

Download Submit
C:\Windows\System32\mfc140u.dll

Filesize
5.4MB

MD5
09d45d46f97b1b08450b58c943803746

SHA1
a9a8a6cd7df5035ec70fd931e18e8bc12dc990ff

SHA256
183c851a0dc535066811f33c16555f6319ffaacacd04d346758769931f61b19a

SHA512
02400b48b85837f6b9040bd896d632fcd98833177c9646989aff9ee95952a48378def03c3ad1f5611d77ca01c92f6bf13f5d54a73f3961c551a393d0f0933b32

Download Submit
C:\Windows\System32\mfcm100.dll

Filesize
90KB

MD5
0abd7066fd6c679996544fc6b1c9c900

SHA1
0f25dc20b014e96163536e9b4a154503b011d9ae

SHA256
a7ee3365ed136de6a1118a482e29d27cb22a1fb7e6480b43576d97f7c206521a

SHA512
93915ea7166bfba65d0f009930df052218f9330e2bd2f5703f94cf3a686780d72b60dcbb4c83e8d9bbdb97cf8f12ef6396a94fc5aea03217023bf86def5f4a59

Download Submit
C:\Windows\System32\mfcm100u.dll

Filesize
90KB

MD5
2ad5e2d97bd3e07e269966ca53536606

SHA1
0559c47d1370b2574109f087d4cf4b5ff6f44f05

SHA256
cd133448efce4fb3ab517a78d8138455fbd90ed02e8748c63d10c381ad89276e

SHA512
59ab40aa814ac909a3df0b09c02f75a34e997a91fb6b83fee290204e66265b68609950a6240eacc8382b55cc1a5b5f8e57f6433a9cddfa4cf538f9068a31a3e1

Download Submit
C:\Windows\System32\mfcm110.dll

Filesize
88KB

MD5
4e3685c1423c10273102efffad418ceb

SHA1
46e59eca1fe8af6a6f4a0803492acb3b1471852a

SHA256
8d8e108ab7b57de812db4736811311595e1b785deebff1868dea739720290b84

SHA512
ab6be1bb9384435e08ebe2ca103f1e369eef5927c494c6cdfc2a223c49f49c05a47b76811acfd803b2b75394dcf9b0e675556989152534a1c4c56e82330b4560

Download Submit
C:\Windows\System32\mfcm110u.dll

Filesize
88KB

MD5
41a15a02c343bc5640a0a8dab6cee181

SHA1
1794f16ea26d1d214b7568787361525da8a4ae67

SHA256
4fd4dad2f823aae2f65f0ade89b22bba24edd35e0bac685c91ab3be0efa104e9

SHA512
7a0949836956b557f0ea9a8f7ea879d8002f8be8a09616a041a5c5feb6254a439eff8d82ddcfe2de3550d75d7bcf18816c3013ba7025c3c46953916dbd2aba8d

Download Submit
C:\Windows\System32\mfcm120.dll

Filesize
89KB

MD5
0d5451a0050f7acc970ca02459c63d9a

SHA1
2de9febca0b1d48014081907e835237c832c65b0

SHA256
864958960b8dd2890d47f2774ba836954f2c4f5ad6e4d529b13138caefcce73e

SHA512
4d0b3d3d494c1774ae4575eb945f3c0742b723d6583d98dd36cc51a1d099b8f1a090d4b18c54897d1d58a67381b800604724cb609447860105bc2e0e8d5094a8

Download Submit
C:\Windows\System32\mfcm120u.dll

Filesize
89KB

MD5
43aae7bfb0c911e7e98003e2b45667e6

SHA1
0c6c7d96cd0eca734e425b1ddef178c3ab6c31ce

SHA256
a78e7988c9f99bcbe02d29441b0dcbdebafa616d2a4652aad867b81f554a0476

SHA512
33d1293a7905ee9ec58b9a7744981006d6dadafb75ef64769723de02ba273f344a20e20d206d64d2453746549fe471328a035e2b5cc8e485e7cfd2c2fbc7c6a9

Download Submit
C:\Windows\System32\mfcm140.dll

Filesize
82KB

MD5
03a89df609a58fda9cffda3bf9dca2c2

SHA1
1e66f7a0868aee41b7d74833ad4798c600ad164a

SHA256
1e69e33abafe40106a86ceb9356a39765a421559dc8bf91e5c3064aa4bd46ec8

SHA512
31867b48379cce5d5af19fccc556c791771dedb77d256456b755b494f42ad7264b74e0af65828867970ed867406c9f5387f4fb3af37da0966e529d8d25954b9e

Download Submit
C:\Windows\System32\mfcm140u.dll

Filesize
82KB

MD5
b5a8f56782eae79c2940b53c8f02e88b

SHA1
e2eb25645906f566311e6819d38aef5f4eb5d3bb

SHA256
8e315873e5077828d9e047ac93e9b28eda07dcc7aea380180019a188d56e52ac

SHA512
f0b0df97fa691677a2e6e0081e666a9499f98467d87fb355d1e1e3f6b95d974c35fd2be0d5488e6387a8f11fdd72a101813bb22afd28b5254261cc3b482296aa

Download Submit
C:\Windows\System32\mmc.exe.config

Filesize
3KB

MD5
c8bf077b236ed2803347bd95de29bf68

SHA1
acd67284d5cf33682ecad9114705e4eaa864af28

SHA256
d41daac98acea38dbf45a849049dbfa777bc5f26e898866fbc6c21e73347b8bc

SHA512
86b11ffb51948aa1b6af7a9d11dccea58b8ed361a26cb0db16911383efa55bb669a244dfae4d4c967a13f6fb063a7c440d99107f8a7dd07f6b628f21b1ba30ba

Download Submit
C:\Windows\System32\msclmd.dll

Filesize
225KB

MD5
8aa430c2b710080dd150509d562f22a2

SHA1
5334086eb474835ea384c31e9a3d91dfc8bfb944

SHA256
d24a9f20f160c2e0a2c3eb5735efc491b533a29882af0a51dd4a5931b3b6217e

SHA512
68fddb7d3677ba03befbe7901a74a9d42937f8c453ce066153cee046ed21625d105e28bcb198bdb88813925cff5c96aac7b71559c5bc7344ac2e9b823dd0af38

Download Submit
C:\Windows\System32\msvcp100.dll

Filesize
593KB

MD5
d029339c0f59cf662094eddf8c42b2b5

SHA1
a0b6de44255ce7bfade9a5b559dd04f2972bfdc8

SHA256
934d882efd3c0f3f1efbc238ef87708f3879f5bb456d30af62f3368d58b6aa4c

SHA512
021d9af52e68cb7a3b0042d9ed6c9418552ee16df966f9ccedd458567c47d70471cb8851a69d3982d64571369664faeeae3be90e2e88a909005b9cdb73679c82

Download Submit
C:\Windows\System32\msvcp110.dll

Filesize
645KB

MD5
7caa1b97a3311eb5a695e3c9028616e7

SHA1
2a94c1cecfb957195fcbbf1c59827a12025b5615

SHA256
27f394ae01d12f851f1dee3632dee3c5afa1d267f7a96321d35fd43105b035ad

SHA512
8818af4d4b1de913aae5cb7168dcec575eabc863852315e090245e887ef9036c81aabaf9dff6dee98d4ce3b6e5e5fc7819eccf717a1d0a62dc0df6f85b6feeb8

Download Submit
C:\Windows\System32\msvcp120.dll

Filesize
644KB

MD5
edef53778eaafe476ee523be5c2ab67f

SHA1
58c416508913045f99cdf559f31e71f88626f6de

SHA256
92faedd18a29e1bd2dd27a1d805ea5aa3e73b954a625af45a74f49d49506d20f

SHA512
7fc931c69aca6a09924c84f57a4a2bcf506859ab02f622d858e9e13d5917c5d3bdd475ba88f7a7e537bdae84ca3df9c3a7c56b2b0ca3c2d463bd7e9b905e2ef8

Download Submit
memory/3156-6-0x000002287E9A0000-0x000002287E9A1000-memory.dmp

Filesize
4KB

Download
memory/3156-7-0x000002287E9A0000-0x000002287E9A1000-memory.dmp

Filesize
4KB

Download
memory/3156-2-0x000002287E9A0000-0x000002287E9A1000-memory.dmp

Filesize
4KB

Download
memory/3156-1-0x000002287E9A0000-0x000002287E9A1000-memory.dmp

Filesize
4KB

Download
memory/3156-0-0x000002287E9A0000-0x000002287E9A1000-memory.dmp

Filesize
4KB

Download
memory/3156-8-0x000002287E9A0000-0x000002287E9A1000-memory.dmp

Filesize
4KB

Download
memory/3156-11-0x000002287E9A0000-0x000002287E9A1000-memory.dmp

Filesize
4KB

Download
memory/3156-10-0x000002287E9A0000-0x000002287E9A1000-memory.dmp

Filesize
4KB

Download
memory/3156-9-0x000002287E9A0000-0x000002287E9A1000-memory.dmp

Filesize
4KB

Download
memory/3156-12-0x000002287E9A0000-0x000002287E9A1000-memory.dmp

Filesize
4KB

Download