ac420f407b79a37a3ad79a85522e3cbd5e0f238acd2617e989af579da54b6d51

Analysis

max time kernel
1800s
max time network
1176s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
03/06/2024, 02:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Best Free Keylogger Pro v8.0.1 Setup.exe
Size

6.4MB
MD5

df3de3660210cef8bdaca24c513534ac
SHA1

5f88e340793636ff4432073485b822beaedecb41
SHA256

ac420f407b79a37a3ad79a85522e3cbd5e0f238acd2617e989af579da54b6d51
SHA512

9cb4846b94458e0f04256579387659019594f04dc6633b9dcfc64966ec7abf63e7419442e1f7de78185ad358f13d4110bc5ee05002caa45d241ca650b6ffa3fb
SSDEEP

196608:/uMExpTLImdW0otCBuWJxV/ubejCP670fKq4H:XEPrddBujuCy70yqy

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4060	syscrb.exe

Loads dropped DLL 1 IoCs

pid	Process
4060	syscrb.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1696768468-2170909707-4198977321-1000\Software\Microsoft\Internet Explorer\TypedURLs	syscrb.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1696768468-2170909707-4198977321-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\syscrb.exe = "11001"	syscrb.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3908	7zFM.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: SeRestorePrivilege	3908	7zFM.exe
Token: 35	3908	7zFM.exe
Token: SeSecurityPrivilege	3908	7zFM.exe
Token: SeDebugPrivilege	4060	syscrb.exe

Suspicious use of FindShellTrayWindow 3 IoCs

pid	Process
3908	7zFM.exe
3908	7zFM.exe
4060	syscrb.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
4060	syscrb.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
4996	Best Free Keylogger Pro v8.0.1 Setup.exe
4996	Best Free Keylogger Pro v8.0.1 Setup.exe
4060	syscrb.exe
4060	syscrb.exe
4060	syscrb.exe

C:\Users\Admin\AppData\Local\Temp\Best Free Keylogger Pro v8.0.1 Setup.exe
"C:\Users\Admin\AppData\Local\Temp\Best Free Keylogger Pro v8.0.1 Setup.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4996

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {c82192ee-6cb5-4bc0-9ef0-fb818773790a} -Embedding
1⤵
PID:1624

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2132

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Best Free Keylogger Pro v8.0.1 Setup.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:3908

C:\ProgramData\BFKData\bfk\syscrb.exe
"C:\ProgramData\BFKData\bfk\syscrb.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies Internet Explorer settings
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:4060

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\BFKData\bfk\KeyCapEngine.dll

Filesize
26KB

MD5
083643570444d158735032f9dc798ea9

SHA1
ecdbddfe1fa0e0ecdb15145d834d3b319582888f

SHA256
bf1ebdbbc0f61937b1294809cb780f9b1bfb19e7e034c4b5ae2855fa57db66d6

SHA512
e5122f9b3d98836b3a86ad96a656aa0d944713893128d6ffa9d1a817ba3f24027311d2dc74c592333dc6f29a7d2a5c7f59e9e316488f9e7d2353fd84e24bc217

Download Submit
C:\ProgramData\BFKData\bfk\MonthC.dll

Filesize
108KB

MD5
cb38efd3df6ed66af57ab565a1b519a5

SHA1
55e4089a7253cd689160b8816e070e0a04d89d4f

SHA256
64cd39bdd9334183c323cde4b504175bf351bc1ae87230153340bcf2e28d9133

SHA512
8e0a965de4ffeddf3fcbb27bdcd291bb215b96241cf542d36aa0e07599a6e28f9ce5327dfea45db408ab66bc582a54bd862ffcecaa235ec907ba6a8f28d96bef

Download Submit
C:\ProgramData\BFKData\bfk\System.Data.SQLite.dll

Filesize
364KB

MD5
ef87f3a7a83e8c8eaec34e77d287038b

SHA1
fdf339ab2fa3d16aa82b37af1c3b35ceba65d3f3

SHA256
20e649398108757f398a1a2ed0c8aba1b64b6fe4ec12dc81cd23a0291612d621

SHA512
821f900bdad60eece268076817d25b2378abf3633dd6666a32666d45f39b4fb35f8f103a6445b6a47da91298048616dcdd9f162cb697ac1c2d78c2a8ab9341bd

Download Submit
C:\ProgramData\BFKData\bfk\hotkeyMan.dll

Filesize
23KB

MD5
ea62c53cdc9fefcd7d3ee0a41f7ac5fa

SHA1
3533d55bc75d32f1c37fb726a88b9045e08300ec

SHA256
4b19d2903b3c6476da323bb4cdf125a8b0caf7da4d0fb9f1e0a8b1bf69c2a02c

SHA512
bf1e23f0964449339929de829339d6a2235631873a989055dcf9981865b8aa1038f52abc0e1ec41f7c4e96c54c28ef85617a244830a62e56cf431247dcfacf8c

Download Submit
C:\ProgramData\BFKData\bfk\syscrb.exe

Filesize
2.5MB

MD5
20b9c36bfa2362a636d4c6dbdf2bf053

SHA1
b544007a457eea1464208d01792485b53f9a0498

SHA256
f6381b008ce41bb022ceb83e6f592f0d5eddcf0d9e698ee8fd556d0bd08aa1d3

SHA512
f1bdf907d17fc63760576f5a2e76ed20b0bb3a9e031d720325a8d8a2e10194dd2d1b53030fe5e547c13a0762248d4da1d677ddd8820e5ce3c17336b121ac7156

Download Submit
C:\ProgramData\BFKData\bfk\syscrb.exe.config

Filesize
1KB

MD5
7af3ac9508c308eb00e10727a12233fe

SHA1
e906019cb9fa74c8e26874554c201198eb421e43

SHA256
1aeefa0f3906b7f34a3663661cc79fd9f0a5edefdf203b5e6ad929e37bb3d61c

SHA512
77551ff9d8c1dda6da0d0da70e7010c6da04e89291905aa5ccc8a9695d5ffc44cdacba90deea2ef9d8725a5cd5d4fb6624765244d23a2792c09deeacc7d96278

Download Submit
C:\ProgramData\BFKData\bfk\x64\SQLite.Interop.dll

Filesize
1.6MB

MD5
e20a7930ce2e9a3640e99ed255262d20

SHA1
0a57fbf10d068b34796c2f9e6a01f10035fe5195

SHA256
4ac47f70d6099095d9296659329008776c61bc8a482bd1f38fb38d950ad96291

SHA512
859bf14f6c81a60d63844954dfe52405c7c2da8e247e07ca6027f30cf2a09546f6a105c9cbeb318c457ca0f1d12d91ae60e4ce9a5b9a808206258a0102c4d967

Download Submit
C:\ProgramData\bfkdata\BaseNm.dll

Filesize
13KB

MD5
dda19770d88b7b549d3a44bd2121371c

SHA1
0ca421b58efca895cd11ce51327f58e2797ff6c6

SHA256
e4c3885600082174b422d471f8e36ffe3025e15f37e4479d5de8bc1974a7a182

SHA512
e27e33a1bb54d59a308f932207a7fb0b4c0a85ca1ba6ae334b6c0f1b7984e4945be3293e56a1b19cb3301fab725d68b6f4db5c3170fe61e5852e296e5b4abaf4

Download Submit
C:\ProgramData\bfkdata\af\docs\AVException.rtf

Filesize
49KB

MD5
6f219ad9d9fff1eab961cf013fb4741b

SHA1
781849fa89bdb7018a90987c73de4ff3a8d48a73

SHA256
c15c12776bbc044db8baea300935d0a32b22137bd4da90bc85e28959ccc12aac

SHA512
9cfcb0e8f9be91871604d8786471b691af73b8a3afe42e802a3b3a656f1102d026ab0583072021c191b95082a04d1068b1c386a07d50f2f507fd905ed05b1a82

Download Submit
C:\ProgramData\bfkdata\af\docs\License-Agreement.rtf

Filesize
44KB

MD5
4346877e4fa8d591f87d975d3ce5186d

SHA1
6ffc4b0735eb440df459d1355a0ff02227d8d5eb

SHA256
512d61855fb728d07ea8069dd66cc6496af6bcb8769803c48cbf2b8f350e3679

SHA512
92533fbbf453852d659096c9ab4521b05689873f1445347b4bfdefa5d6c972755956f808421283bcec0a49d7e9c651d299209acbdafb4bce959413e861b4b59e

Download Submit
C:\ProgramData\bfkdata\af\docs\config

Filesize
831B

MD5
9a92a32b82982c02122899727ec820cf

SHA1
798137fbb67c4d76051496d44c6328622f6bec5a

SHA256
ade14db3eae20dde7e1c37b751a4275a1dfa3b5a8721531dd292f3144160eb57

SHA512
7d4695ff1a9eb2b2d849485994ffd3b9ae4b915aa2f076d0620b5edf3b31a62862a3c331b308dfde6ae9752b579cd64164cd6b2ace5ec6ac252c3601a8c6a4ee

Download Submit
C:\ProgramData\bfkdata\af\icons\bfk-Icon.ico

Filesize
16KB

MD5
2578b7330c18d677b6cf3c21562b540a

SHA1
997d8fa89c070243de71ddae42bedd435cf7e0cf

SHA256
b15d73d2d31dab08b88c4786f275f9a782bd686c4f70383569e8afd0546f2bc5

SHA512
5f4405654ec95073ede2978d9ded71cb874f33c1bcc19ffecbaf2e213102f9a7a71f63c8013c43932ebbc0d11a6d5abee1719c02c5f9852e0bf4cb9e63b9b38f

Download Submit
C:\ProgramData\bfkdata\af\icons\bfk-Icon.png

Filesize
1KB

MD5
890bc1268981e692f0e234d4dc0235e0

SHA1
787128760ad4246b55a9a9393e0e3144a4e70821

SHA256
0e65b1f2793679e0cac31be510b682d9a0143789b118704aef0b63ea11299659

SHA512
c1d9af2d56f91c8a41ed1672997ede374c932f3717d3e3ed7e29417f48c5d2e09f4c5cd5e104b388a5df74cc51cb60e387e8e2aac99557578044b2754df09e10

Download Submit
C:\ProgramData\bfkdata\af\syscrb.exe.bak

Filesize
2.5MB

MD5
811620702659cf36f3e0bf0a499b1566

SHA1
80ce6926b0ec0b1ba8d91444a9fa543a3c39f500

SHA256
79fc5c10bcf7fa203ad23df148c073ae60c22b19443d6c1baccd64c4d605f42c

SHA512
9d902711fc4c43a9e029633207fbe9ddde6079dd0b5b6a4ef4e9fbbab42e6e08ae4e7227a742c8ba4aec6233f9c8c27122a3d1727f9f14c02fa989bec18f561c

Download Submit
C:\ProgramData\bfkdata\af\unhiders\BFK Unhider by SmilerRyan.exe

Filesize
28KB

MD5
719c9c71700bfdae1709ce90ed11a2eb

SHA1
2f878847dfdcd18ce17bed80fc9dd8e3b1e9fa5d

SHA256
07981231a2b0e0d2357d1f29e5b978a4edbec5fa3dda4d4533e4b62986c1a7b6

SHA512
bd6e33e63aa95893f3d706138ae67653458234a54b71c36d42fb8afad3d4be330f7c7102780673a8a0ca7d126770e37e852134b1373211463ce9dadf58c1a045

Download Submit
C:\ProgramData\bfkdata\af\unhiders\bfkemgunhider For Windows 7.exe

Filesize
60KB

MD5
5d13756cfe99e8ad9b499a685ccf2350

SHA1
0b8d17719e2eaf60cf84e7e2f26bc74a99cdd6dc

SHA256
ea3cc586a673cd095fb68ad17a9064aa225912503aa7bcee3e234e28423f6f35

SHA512
f796024931957566b8c77cf9ce68d25a3201963e2899d5e718d1dde9b5455b0e3cbf0792751843d710f15ee6dc32536417875d3106bf50932c6d531ee48574d4

Download Submit
C:\ProgramData\bfkdata\af\unhiders\bfkemgunhider For Windows 8 and 10.exe

Filesize
61KB

MD5
acc0329724713a20cbc2a6e8a4fe017a

SHA1
9e55fc5feddeaefbe1823dd7ae62e4e71030e3af

SHA256
323a0f3b0159baa0c57905479b84527bec13a645d716024224bb17c998c9ada1

SHA512
49f16c20179f58a65827f3b7d10b9c21d3f9fc538c81b7d6055368a51eb363b30451526096ef7eebd45bfab830b688a3c5f4b5ca6bb5044d36294967fe2f8815

Download Submit
C:\ProgramData\bfkdata\af\uninstall_all.bat

Filesize
127B

MD5
8103a27f8ca01452951954fbfc9a0f1c

SHA1
7eb22406f75a974d8d4660e49e59a3595f626a03

SHA256
c3a0fc6aacdd474d92418caa08cdaec37687e01807ac3a54a58d880dd86a678c

SHA512
0ee5c19e92839e7aabc9f9657f5dbdc15bca5eb4595def9f5e5065a45c5ea753441d89cca0230a815af6ccc628dac987a91b76e2447acfb3523902c581d9b946

Download Submit
C:\ProgramData\bfkdata\bfk\7za.exe

Filesize
722KB

MD5
43141e85e7c36e31b52b22ab94d5e574

SHA1
cfd7079a9b268d84b856dc668edbb9ab9ef35312

SHA256
ea308c76a2f927b160a143d94072b0dce232e04b751f0c6432a94e05164e716d

SHA512
9119ae7500aa5cccf26a0f18fd8454245347e3c01dabba56a93dbaaab86535e62b1357170758f3b3445b8359e7dd5d37737318a5d8a6047c499d32d5b64126fc

Download Submit
C:\ProgramData\bfkdata\bfk\CBAccess\CBAccess.exe

Filesize
24KB

MD5
880bc48473c99cd781ea6db706fc2ed3

SHA1
7058a945e026df75ca3ceb597bf4f77aeefcec30

SHA256
36e26df41bbb09719050563fcfc195ac10098f8ca98b8121a9b4fd20f5910d42

SHA512
3d2cdca3e39f2d996915112b719588ccb5333dc9716346180d81a7ccedb50a9baa5f212cc5d98ee7929272022bac20051b0e768eb42d1604c4e0b4dd919b6607

Download Submit
C:\ProgramData\bfkdata\bfk\CBAccess\CBAccess.exe.config

Filesize
1KB

MD5
31f0c834367614812ad999358c3a5e8a

SHA1
5bbc13eb7d20cf4eac3612c8d331abc15ed6b7ec

SHA256
35f93677119e5d576582c49809824e6473b04e5b4826b2b055ea81dc712f4f3a

SHA512
2526674cf45cd2b521a4b801338c671499e122bbb413533ba7b19a03c8a68c6567c6f019e6730b423f4eaa31e0b4a3c565215c138190bf2be5be519e8d847d8d

Download Submit
C:\ProgramData\bfkdata\bfk\CBAccess\CBAccess.xml

Filesize
123B

MD5
5608a97b2e87436561a08e89337c19bd

SHA1
6e91be8482aef5b9f4467a3f9bb41cb2a571b984

SHA256
0a1b526c45438984325158054229026dd036133493759c38f1a2222546af8034

SHA512
f604177f7529d2b9f1edac4bf61b41d2ba0c755d10ad0b37bfc9d46deaa268977363118440aa635e7cd46ede9d756ae07325aad583a4d971cff329ac74e7234b

Download Submit
C:\ProgramData\bfkdata\bfk\CBAccess\Newtonsoft.Json.dll

Filesize
503KB

MD5
79cb5c5f345f3ab63bcac4c3ab4d6be8

SHA1
b36b9995f0cf30251f760902757b865d63f5da27

SHA256
c69b18993d8236e5dfe3f0580a4392e7bc0b5f525911737318117c91d43b3ea5

SHA512
378b3c4af19be84bd3abfbb622b7a4e09cbaed78b03080c9e80b8c2b421b8b61a8ed5e3c6565b4a530a19865b3191d724128cfcec99315eb542b85cfc16a0e2e

Download Submit
C:\ProgramData\bfkdata\bfk\CBAccess\Newtonsoft.Json.xml

Filesize
541KB

MD5
76b0457c71f838783d774df1c8daa3e6

SHA1
d1b88f302be6fd6c79a15935aafd2a198bc3bd4f

SHA256
1b2239dd13b34ad94b1e70d7bd07e4110a3bb7f286666e61d6dd53c732c29882

SHA512
9a2a2f7136aa88eeb65973adac0d4a46e5fbb133b5a656e5da528b0f338946b3bfbae6c4e99613a6d37b7b64776acab45ff65a8ed3b35b354bafe29ef0304bf8

Download Submit
C:\ProgramData\bfkdata\bfk\CrypUtil.dll

Filesize
14KB

MD5
ffe14cdf4c49193f62e04dc6a14c0f61

SHA1
29bd3a572776ec124d7a6d15ec43c8c97ad29920

SHA256
4f6b6045ae012474bdd746d634b4627d0843595a9b4264251b3a056acba6d542

SHA512
6687bcce18e7947d228cfdbcaf7e7553f2dff58deb272bd0b2bbfafd369f26797895bb322fdf169f7e07f49bc3c577ea8368e791a0fc20ffcb4b01adfd834e36

Download Submit
C:\ProgramData\bfkdata\bfk\EntityFramework.SqlServer.dll

Filesize
577KB

MD5
0a63136cddcba92209170aba6915613c

SHA1
6167dfb910446bcc0c636ba96db7c2ad17cd3964

SHA256
bd780bf0edc07a01ae381bdd874a87f0143ac7d1d3a5c74bff870d4f46af2587

SHA512
89a85cccb9311f0a16fa6db83ecfaa5eae40b09969bd8f3e1ca87e586690bb89add56b4b9349428426fd7e314e42b6a87b52bef0b60748c81f4e6236b0a50253

Download Submit
C:\ProgramData\bfkdata\bfk\EntityFramework.SqlServer.xml

Filesize
159KB

MD5
2d1549c365902d6cbee20e02a985b68b

SHA1
771acc938ba3adcc0ee7a44252b95fd62a2f5ac4

SHA256
902f57044baf104dd9a491dadcba4c787b6f64531880dc3b11345d5758d7bd81

SHA512
08105286c2bc2491542dc9f1e0c937ef844aadcc9eea00b421e20836b895d04f42f76af4e761db0f392bd02c450b977222d6da549b74e5b125c42cec70d90175

Download Submit
C:\ProgramData\bfkdata\bfk\EntityFramework.dll

Filesize
4.8MB

MD5
491ac51395b1ffcbe99695bebb077ef4

SHA1
89c2d1d75c2c0ade8c4976e0a1790d7bda3dd64e

SHA256
d3615e988314389d01def30feb6ae1dfba57635ca50f9f1d25e04d7dc6c29189

SHA512
d99065fabf2889dfd7e379a9d47318014556af713801475d60de13efd2c21c40fb4bb0f4f0671870012f4fbd6f91166a6656f89c34e73c81e577246bedb3cfa9

Download Submit
C:\ProgramData\bfkdata\bfk\EntityFramework.xml

Filesize
3.6MB

MD5
0a5e4e13df59e4473a58c1e2643675a8

SHA1
c6dccdb0008e04c7108a43cdb774b1136843b642

SHA256
521a3343fb43f50fde1108c047559d7b3fdd348a08ac56acd6116c2122a1d282

SHA512
7611cde36a9231b7fdfc6e093c9afbcee9b1a9f5a1355378725c42260495cadb2bb81a02ff41386a66a4471fcbb9dce7fc9dac7dfcdafc7acbbfbb4516ce73f5

Download Submit
C:\ProgramData\bfkdata\bfk\Newtonsoft.Json.dll

Filesize
695KB

MD5
195ffb7167db3219b217c4fd439eedd6

SHA1
1e76e6099570ede620b76ed47cf8d03a936d49f8

SHA256
e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d

SHA512
56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac

Download Submit
C:\ProgramData\bfkdata\bfk\Newtonsoft.Json.xml

Filesize
696KB

MD5
d398ffe9fdac6a53a8d8bb26f29bbb3c

SHA1
bffceebb85ca40809e8bcf5941571858e0e0cb31

SHA256
79ee87d4ede8783461de05b93379d576f6e8575d4ab49359f15897a854b643c4

SHA512
7db8aac5ff9b7a202a00d8acebce85df14a7af76b72480921c96b6e01707416596721afa1fa1a9a0563bf528df3436155abc15687b1fee282f30ddcc0ddb9db7

Download Submit
C:\ProgramData\bfkdata\bfk\System.Data.SQLite.Linq.dll

Filesize
192KB

MD5
5d5a1f8544f965ca3ec8c1153fbdd173

SHA1
564b6ac128752463b787d5c192986a5d7e51e657

SHA256
bb1c88cbcb64f7e5599a32402d166c646a56ea30a259b7e77e54e0f84995ffb6

SHA512
10f433dbfde7c45634b3383732f9a468b1d8afc694a5bdb0f02f4c8d3a36ed8e7318d7e085d07561d6bdbaf6b66724d9d6f5294ceac08228510af5bfcd46f205

Download Submit
C:\ProgramData\bfkdata\bfk\Test_File.txt

Filesize
448B

MD5
89f136d44ac149ff1cc7fc48fd089ac0

SHA1
f79c78510fd1a02edd7cce749291b985220278e8

SHA256
4603f5434f03d421026f7dac64480f0b317700d3733008e904443e6c150453eb

SHA512
ff47bb672acd2de6dca65b1a9a341f775e1981b4a63987445098073b9927813feb57545b34cb08df55ede754b5a2ba3fcf52a07350b5c49ff58bf1b17549a810

Download Submit
C:\ProgramData\bfkdata\bfk\Uninstaller.exe

Filesize
30KB

MD5
086b46bd5f108f6aced4d9b7176c6cb6

SHA1
f521149a4754c11007a8ab9a38285d1715b49dd0

SHA256
b0f53b24ab13f9439c345588451be2c718bca3284113f3c37cf1f0290dab5ba8

SHA512
5b9b1b2f799d51239144990b9009fa08377546bd037334ea99feb489e3ba7bf0c8f86b776658d4ab050065ff4a59c3e386a02b32f88e4ca20d14c3a7e9219691

Download Submit
C:\ProgramData\bfkdata\bfk\Uninstaller.exe.config

Filesize
166B

MD5
4fab004bd01a97acd61b2d52386e33fc

SHA1
68ac580633293427abfd7f6cb78f57b83ea22a17

SHA256
b5dcee32166122654501a926108de3bd2218177f67cea84ddda9146f3de0579b

SHA512
f53fbd4e98d22ddc259f7d656a19efa68cf79b58766c604834d8e60b312521d91402f5052a91d5552d9890ff32efc9d6adf4091e9e4845d5065f839c550954cb

Download Submit
C:\ProgramData\bfkdata\bfk\actstc32.dll

Filesize
24KB

MD5
b1a439a923122dc65a2521394f2a30e7

SHA1
83ff73ca9deb206bb20a26ac9d8e7586f291bcaf

SHA256
f57035608b7f69c76805bde109eff4d2ed25b24fe112afba7249ebc9a50cfe32

SHA512
b86c57a709780df3225fcf0dd4cf58e44a385f1c64f380e161be5a291a0273b41993a4ff50afa2fdabe26d0d82523466bbdd434f499ac21fe76c8b4924fb1ff2

Download Submit
C:\ProgramData\bfkdata\bfk\bwurcap.dll

Filesize
26KB

MD5
1cc7d9c19d2188d0b3f2dfcd8da90d82

SHA1
55d70d6287fc1a1208f107c61bf035d4a9d25cdb

SHA256
34bedda19921a184b2caf9883d889359d40a9f321bbd45e6a080a90daeb8731b

SHA512
a51ab287658ba689fd33192eaef61c8fb7dc699edcbc0b08ec2166b05aba931b8743333bf032a2f17592f8148e860b40931f1fc765a1642297fb7bd7d0c7783c

Download Submit
C:\ProgramData\bfkdata\bfk\syscrb.xml

Filesize
121B

MD5
1961ca780816a5c2c3e589d6fccfbe02

SHA1
f8688b471e0031d01b4edb0e82ac3d27ffb6eaf5

SHA256
f6e8bd4cd8f32a3c78abb41a26e52e190ed82cca60ff482a751c78143d77e90b

SHA512
0a0081b342c31947bcfa083b1105c4d62bbf67bdf408dfc2e65e52efcd586c7a28c0d29da3cf8fe190540837178d675f5625fd5397bf0e3832362ec7f43942b1

Download Submit
C:\ProgramData\bfkdata\bfk\tgrid.dll

Filesize
19KB

MD5
7980ff72cfafc160deaef108b652f9a8

SHA1
db11bbd8be097df26a9cfb232d770840474f7e79

SHA256
826a95afcc133018c0601dc6c2ec53b64664caceaca0d090694ec26fa0e1ce1a

SHA512
e0b29cdb87db33ea22a13f95af7fbdd5d2ba0d9d0c0bc01b0f041a33453e6daa3c8400dc69034e7132fcaa225c9c1b6609e76104fae5f6e628b86556f171fece

Download Submit
C:\ProgramData\bfkdata\bfk\update\35\BfkUpdater.exe.config

Filesize
403B

MD5
6d11b6b18f7d9992fa6c6f8a3a29d278

SHA1
6ebdbc8c5037b9492dce2f29f4b391aa064ba734

SHA256
c02952fdf109f7534151b569a270ee252362ed3a9e1c2b98946b4c2cbfd80148

SHA512
b031708e93bbeeeb3560e0ee7affb54f9378f1f48aa099787012143e47ed02b95d6c2d45dd0ba9be04c483dd5db0a133ddd133a6ce81cd08373960753fe00a21

Download Submit
C:\ProgramData\bfkdata\bfk\update\35\System.Data.SQLite.Linq.dll

Filesize
192KB

MD5
0bdce12bbcacbafe1763d146381068a9

SHA1
48b7186276f3fe772326dcc28fb66ca9d3666edb

SHA256
a229127068cc87dfa73b44bab851fe8d746be2d37ae2df5e58e166daa821b6f9

SHA512
a19def31356004fed44adc7b034cefcc1c9f30cd9f0682e37fbcbe78f8d9f9cd684601a7050eac99c04e46d5d712be056908d3830dd13ab0ccfeb4f32202417c

Download Submit
C:\ProgramData\bfkdata\bfk\update\35\System.Data.SQLite.xml

Filesize
1.0MB

MD5
5c6d3d38b1ebf5b912fdfa9225cceeb4

SHA1
53922e3952343b677b8f99b794f3e1924fef2a15

SHA256
5a580235c06d48ff2c4f27ce1570d07739bc48cea96f93bd3a36d67debb4e295

SHA512
5d5df30aa84750653a16a2c77be07b3448644742dfcc7bef74892b4102ee811b01b7170c11fe1efe6092ef12479305b868eceb5a233cf4d94bc7bc25f412765a

Download Submit
C:\ProgramData\bfkdata\bfk\update\35\x86\SQLite.Interop.dll

Filesize
1.1MB

MD5
538f10902ad0ea1050269374ef3b35df

SHA1
26e556fc00f6f08b70510ddf3f1cb6c56e5cc425

SHA256
d10d6fc4d7eea8eba6ec98ae010e3dd909d2619c740ab19f9abebd352c48d936

SHA512
2f792eabc24d25e7fdf6cab3716040ca89c9bb591903b0113fd94f58d9a15b2a5d0ceb9be30048949e283564fde605b039ac0f9817be961be46fccd239b14b9e

Download Submit
C:\ProgramData\bfkdata\bfk\update\451\BfkUpdater.exe

Filesize
163KB

MD5
9437885b28b2a058c15f84949ca3e129

SHA1
51e04b6d025d14d65faac2d943c8ad1c9da76dfa

SHA256
9b8de6031f43563f05db1f798ca9d3eacbe67ddfbe47531449cfdac81cc60edc

SHA512
a976a8e433f1befee97a9c2dc0e61077b5b7186c5d79fdb1e8fe9a5a23174e357becd280aa1b942019ccab87977751ce40dc9172df3c8499aa4242d7a764ab96

Download Submit
C:\ProgramData\bfkdata\bfk\update\451\BfkUpdater.exe.config

Filesize
1KB

MD5
b78c5e62763e971418af75224aea4642

SHA1
3b7e5e0172ed14e9ad2231869659213a3003c1b9

SHA256
cd7a44b7c29f0486ef8a30091044b11a8c161374ef82c4734d5c5e8ef3eac8ee

SHA512
267ac73ec491638322510d9d8c72653a82ef4bc019e432fca2cb404367c5cc4af042db8c50baa522455714e8306049556e2fec8d3d8e33088fcdc70f42d9ef92

Download Submit
C:\ProgramData\bfkdata\bfk\update\451\BfkUpdater.xml

Filesize
125B

MD5
863826784385f48d9307522085872ecb

SHA1
ae7757582b038176806e57d8b9b8faa3d0ddfb90

SHA256
d16aa7e1c317833a3693a5b69526489f3ce5f3676938102891ee0065f1ccd04a

SHA512
669c525b1f8c5e16ae47087a32b76b772a365a5a92df3132dbf2dee1230553688c0808e8dc682319e788136884a15ad6d513dbd2fd635e73567d2350ef6dd6ac

Download Submit
C:\ProgramData\bfkdata\bfk\update\451\Ionic.Zip.dll

Filesize
451KB

MD5
6ded8fcbf5f1d9e422b327ca51625e24

SHA1
8a1140cebc39f6994eef7e8de4627fb7b72a2dd9

SHA256
3b3e541682e48f3fd2872f85a06278da2f3e7877ee956da89b90d732a1eaa0bd

SHA512
bda3a65133b7b1e2765c7d07c7da5103292b3c4c2f0673640428b3e7e8637b11539f06c330ab5d0ba6e2274bd2dcd2c50312be6579e75c4008ff5ae7dae34ce4

Download Submit
C:\ProgramData\bfkdata\bfk\update\451\System.Data.SQLite.EF6.dll

Filesize
182KB

MD5
eafbcbed5445e0416c4f4062cfc3da79

SHA1
26419f63ec366cdba6a1ff0e0ee350811f39b1ad

SHA256
073fe0b06ea59e894c62c871b954e8ed82ad0faba6d9023d21e41af038f24d02

SHA512
c4e36e8389bc06c817ae254c024cf06c5c5f8f96fd4b2d5360b8c8971d95c094f0b6f896bca1340ce360aa1b92ca4a15d5bfe640d51236a3f0dee74e6cf628a9

Download Submit
C:\ProgramData\bfkdata\bfk\update\451\System.Data.SQLite.dll

Filesize
355KB

MD5
00a3abfdb36d722427e2898560af58e6

SHA1
d6c51eefe93020ec0e19e2d6139cf01b8d21da03

SHA256
2229240874cb86363b01bfb117e75fcb5e1a3884f59d7ecac013dad1d36cb730

SHA512
57546615d5fa6a59b664c825cfa1675556df3799ace2b646aa90a1f8a778bb6c829e43d0516f84de6c085326a7d2dcbd0156a593e8bf1c21389d09f444c0d69d

Download Submit
C:\ProgramData\bfkdata\delbase.dll

Filesize
8KB

MD5
bf9d7421313eab501a9a112a980fa21b

SHA1
d2bb09924f3b51605edad5f75d45f0af252369a7

SHA256
a4fa5fb539675b7fb32ec81f6cbe1dc2c8a9214c6981ace33e864c7d641685db

SHA512
91203cfe508b785180ddf69cfd18d9ed7b99c11cf80ffbe7bf3d82cb707226048b6519036e5087769454fa8c76e2343b7f798faa0e96e1e1b6a99df83be45d29

Download Submit
C:\ProgramData\bfkdata\stackTrace.dat

Filesize
12KB

MD5
24232c202567820c1fd360ab16143607

SHA1
691c43a69de42d40772a6ec67baeb646c3d02f61

SHA256
0a6e3a6cd24e337119adc74d612bdff204384de3dc83c783401ae97549581fb8

SHA512
713103ebae5162eca034ac455b5fd4e027e68a9c6b01cdd0000b3b0096d61549be4f90730dc761e638c5b5e72d1a96cb656cf1230ae613ab63fb06f4138e1233

Download Submit
C:\ProgramData\bfkdata\stconfig.dll

Filesize
109KB

MD5
e4ca6183ff570598998c2e2a795a2cbc

SHA1
5a28cd73f50862a5d146b40420e2e6de8d82fce9

SHA256
014647329bd502e9991f74921e5bbc43bf755ac2bf853f9adeaab5a7c57a398d

SHA512
f9e56f0e674ca4be778d3fcffdea64dad67b23b1ee8062930408c43b836937c9dde6d4f3beac75417796db4908a084ccfbdfb623f820e205e0199741550001ad

Download Submit
C:\ProgramData\bfkdata\update.data

Filesize
20KB

MD5
123b30637ea342c76813d604e9d6d879

SHA1
0c78b4e8d09bb018cd1489f0d9f93a10e2cfc46c

SHA256
8e12f40c1c3fa3c39da518c659b79a455cbe99bf983a11d82a30977e67a33daa

SHA512
505d0c71221cc83cc17cd4e94c7583040b5e0bbc340bab4ae15efd17a54642a0bfbbb5b0ad9af617348128fd1f33fecc93aeb469eb586382f09cf7d7ef3d827e

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE44F70F08\bfk\update\451\System.Data.SQLite.dll.config

Filesize
736B

MD5
8ab01db32f56322275cbd0864feb5d55

SHA1
cbdb70f5fc04485af0d09ef7484faa7f8b3047bb

SHA256
cde00e0a0f52ed121d52c17338da42ffd9656d4f81a76df2dceda05c88f783ef

SHA512
e52a5e341309bae40a4f69d67226a92dfc42b08d4e815da3a7df7295d68da6dcad8973d32af84f269692bd98634c4657e1394366574f5ec299eb50fa3d1db468

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE44F70F08\bfk\update\451\System.Data.SQLite.xml

Filesize
1.0MB

MD5
a638c65b8f892d391478b78333cb2d80

SHA1
4707b1f2249a67c37d271095dc171fb3523817cc

SHA256
500afea41b671d0097e091a40c9f462d9d84a70a30267a5e544ef8c4731cf832

SHA512
e822307080d5f3fa15a40f1e999d576edd69e3a85f15685b8a91af8dd6dc7ec616b856cdefacb4e3b1b01574ff39a439df821478bc48b115284da71e24b51001

Download Submit
memory/4060-169-0x000001D267B00000-0x000001D267B0A000-memory.dmp

Filesize
40KB

Download
memory/4060-231-0x000001D267C00000-0x000001D267C3A000-memory.dmp

Filesize
232KB

Download
memory/4060-163-0x000001D24E1A0000-0x000001D24E1C2000-memory.dmp

Filesize
136KB

Download
memory/4060-171-0x000001D267E30000-0x000001D267E3A000-memory.dmp

Filesize
40KB

Download
memory/4060-173-0x000001D26D310000-0x000001D26D36E000-memory.dmp

Filesize
376KB

Download
memory/4060-161-0x000001D24C060000-0x000001D24C2EE000-memory.dmp

Filesize
2.6MB

Download
memory/4060-232-0x000001D267BC0000-0x000001D267BE6000-memory.dmp

Filesize
152KB

Download
memory/4060-164-0x000001D24E1D0000-0x000001D24E1EC000-memory.dmp

Filesize
112KB

Download
memory/4060-233-0x000001D267CD0000-0x000001D267CDC000-memory.dmp

Filesize
48KB

Download
memory/4060-235-0x000001DA6F200000-0x000001DA6F9A6000-memory.dmp

Filesize
7.6MB

Download
memory/4060-236-0x000001D26D370000-0x000001D26D37C000-memory.dmp

Filesize
48KB

Download
memory/4060-240-0x000001DA6EB10000-0x000001DA6EBC2000-memory.dmp

Filesize
712KB

Download
memory/4060-242-0x000001DA6E630000-0x000001DA6E63C000-memory.dmp

Filesize
48KB

Download
memory/4060-243-0x000001D266E30000-0x000001D266FE3000-memory.dmp

Filesize
1.7MB

Download