Malware Analysis Report

2025-04-14 04:18

Sample ID 240609-jqv2csfg9t
Target OpenHashTab_setup.exe
SHA256 9966e3ed6693dfc42904a2aaa1b294a2cd1edd059ef795729a76956cc21cd239
Tags
discovery persistence
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

9966e3ed6693dfc42904a2aaa1b294a2cd1edd059ef795729a76956cc21cd239

Threat Level: Shows suspicious behavior

The file OpenHashTab_setup.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery persistence

Executes dropped EXE

Loads dropped DLL

Registers COM server for autorun

Checks installed software on the system

Suspicious use of WriteProcessMemory

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-09 07:54

Signatures

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-09 07:52

Reported

2024-06-09 07:56

Platform

win10v2004-20240508-en

Max time kernel

141s

Max time network

94s

Command Line

"C:\Users\Admin\AppData\Local\Temp\OpenHashTab_setup.exe"

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\OpenHashTab_setup.exe

"C:\Users\Admin\AppData\Local\Temp\OpenHashTab_setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-3PQJM.tmp\OpenHashTab_setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-3PQJM.tmp\OpenHashTab_setup.tmp" /SL5="$B0058,9830692,832512,C:\Users\Admin\AppData\Local\Temp\OpenHashTab_setup.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 144.107.17.2.in-addr.arpa udp

Files

memory/940-0-0x0000000000400000-0x00000000004D8000-memory.dmp

memory/940-2-0x0000000000401000-0x00000000004B7000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-3PQJM.tmp\OpenHashTab_setup.tmp

MD5 0ad5f016db8d7c911ba2bd2470fa707c
SHA1 f2a546b69086c0e6f58ed101306b260ed6572d41
SHA256 0578254906516cdcf2237fe7793c80643e1793b063f82be214b04c57515c36e2
SHA512 cff8782dbe8891d4b53ef596b0f5b3b8e7455f1d1de3ba0937a979ad5f483f23e324a2d90846a64e0c506eb7bcba2bf9f358f952e00b8d8c2d4a6982d008f389

memory/5000-6-0x0000000000400000-0x000000000071C000-memory.dmp

memory/940-7-0x0000000000400000-0x00000000004D8000-memory.dmp

memory/5000-8-0x0000000000400000-0x000000000071C000-memory.dmp

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-09 07:52

Reported

2024-06-09 07:56

Platform

win7-20240221-en

Max time kernel

120s

Max time network

125s

Command Line

"C:\Users\Admin\AppData\Local\Temp\OpenHashTab_setup.exe"

Signatures

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\OpenHashTab_setup.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\CLSID\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9}\InprocServer32 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\CLSID\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9}\InprocServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Programs\\OpenHashTab\\OpenHashTab.dll" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\CLSID\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9}\InprocServer32\ThreadingModel = "Apartment" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A

Checks installed software on the system

discovery

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha1sum\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha224\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha512 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha512\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\OpenHashTab\ = "Checksum file" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\OpenHashTab\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\OpenHashTab\\StandaloneStub.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\OpenHashTab\DefaultIcon C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.xxh3-64\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sums\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\CLSID\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9}\InprocServer32\ThreadingModel = "Apartment" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\AllFilesystemObjects\shellex\PropertySheetHandlers C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha256sum C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sfv\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\CLSID\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9}\ = "OpenHashTab Shell Extension" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha256sums C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha3-384 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.blake2sp C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.xxh64\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.hash C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.hash\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.ripemd160 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha1sums\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha3-384\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha224 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha3-512\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha3-224\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\CLSID\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9} C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\OpenHashTab C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.md5 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha384\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha3\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\AllFilesystemObjects\shellex\ContextMenuHandlers\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9} C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.md5sums C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha1\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.xxh64 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.xxh3-128\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.md4 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\OpenHashTab\shell\open\command C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.md5\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha3-256\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\OpenHashTab\shell\open C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha1 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha1sum C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha1sums C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.blake2sp\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\CLSID\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9}\InprocServer32 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\CLSID\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9}\InprocServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Programs\\OpenHashTab\\OpenHashTab.dll" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\AllFilesystemObjects\shellex\PropertySheetHandlers\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9} C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.md4\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sfv C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha3-256 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\AllFilesystemObjects C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.md5sums\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha512sums\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.ph256-528\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.xxh32\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\AllFilesystemObjects\shellex\ContextMenuHandlers C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.md5sum C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha3 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.k12-264\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.ph128-264 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.md5sum\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha224sum\ = "OpenHashTab" C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.sha3-224 C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp N/A

Processes

C:\Users\Admin\AppData\Local\Temp\OpenHashTab_setup.exe

"C:\Users\Admin\AppData\Local\Temp\OpenHashTab_setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp" /SL5="$70120,9830692,832512,C:\Users\Admin\AppData\Local\Temp\OpenHashTab_setup.exe"

C:\Windows\explorer.exe

"C:\Windows\explorer.exe"

Network

N/A

Files

memory/1676-9-0x0000000000400000-0x000000000071C000-memory.dmp

memory/1676-8-0x0000000000400000-0x000000000071C000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-TKQOK.tmp\OpenHashTab_setup.tmp

MD5 0ad5f016db8d7c911ba2bd2470fa707c
SHA1 f2a546b69086c0e6f58ed101306b260ed6572d41
SHA256 0578254906516cdcf2237fe7793c80643e1793b063f82be214b04c57515c36e2
SHA512 cff8782dbe8891d4b53ef596b0f5b3b8e7455f1d1de3ba0937a979ad5f483f23e324a2d90846a64e0c506eb7bcba2bf9f358f952e00b8d8c2d4a6982d008f389

memory/856-2-0x0000000000401000-0x00000000004B7000-memory.dmp

memory/856-0-0x0000000000400000-0x00000000004D8000-memory.dmp

memory/856-10-0x0000000000400000-0x00000000004D8000-memory.dmp

memory/1676-14-0x0000000000400000-0x000000000071C000-memory.dmp

memory/1676-16-0x0000000000400000-0x000000000071C000-memory.dmp

memory/1676-55-0x0000000000400000-0x000000000071C000-memory.dmp

memory/1676-58-0x0000000000400000-0x000000000071C000-memory.dmp

memory/856-59-0x0000000000400000-0x00000000004D8000-memory.dmp

\Users\Admin\AppData\Local\Programs\OpenHashTab\OpenHashTab.dll

MD5 20e816a518b540c57b20e602b9b80815
SHA1 8bf329a5f89079738084dd0cdc13a87c8d22d737
SHA256 4d106bb9f1d43fd17c9f710dc6e9a8d6962d4c6adf3306fce1ed96bc08f6f02b
SHA512 b5de9bd67360a5674b505eb2dcd736b9fed3f58185fe015731b550e87a6455fec8744d46265ced0ebea9ef032df4b65d953f74fca2770fab296e9f14fdf06cb0

\Users\Admin\AppData\Local\Programs\OpenHashTab\AlgorithmsDll_SSE2.dll

MD5 8d15352ee978639c38fe10c7685c54d0
SHA1 d2af35377c0bca45e3174f6079f749345d9eb36e
SHA256 7688bb081b8284d79efb47de464863e00c4d1ce92f82e26ab9684a9934ee2c04
SHA512 cce27b696af8a47dcbe00d0f679d5c310d53af40648b181e4254abbca9fdc7127cbbbb4de33117abe70ea076c19b835a1b8e42e061663ee4393e949ef1096e9a

\Users\Admin\AppData\Local\Programs\OpenHashTab\AlgorithmsDll_AVX512.dll

MD5 f8be4899d77a7a8bf9ff9b8ad1dc264f
SHA1 9dd0008dfe8bf9ff0325e892ce445121e4513237
SHA256 60bbc0e3f6d9a129eb17e1c8395f027b4bfc03d9cd637b8577033ef59df80f6c
SHA512 2be3b5652536ee7c9cabf9019271639d4e02c67f8ba6c6e696074113b8be8f5d2f4368a64f6104552963748d47524ad8a11792dad5fff52dcfb97c056ca7f0bd

\Users\Admin\AppData\Local\Programs\OpenHashTab\AlgorithmsDll_AVX2.dll

MD5 464e0d21c1146e5055f8d585f14e7698
SHA1 a97d691ad14d262a5fe465087760716adca52433
SHA256 208fa335987d1f9a3daaab317d38f2c7dbc8c2eccada5b801d37c4008a5bf363
SHA512 87ac0e3805bd0ba4e853087e7d0adccfd9661ccc880951f2f26d8be9e7c22407e541a5008d3442829e5d5c8523926b2a101cd0e198efce9b4152cecb411f4718

\Users\Admin\AppData\Local\Programs\OpenHashTab\AlgorithmsDll_AVX.dll

MD5 8c8d31710423915facaf2f9eecf3f05a
SHA1 f03a6fc79991b09492ab2801a74c90a34ed8132c
SHA256 09193aa394884b51e246080c8677779c05d900c5338fbfb9c4a45e075109212b
SHA512 40bfa84c9a604bf48027fba9aa5c1147c543c6de2e00d44bbdba6dd8176651fdc9f5f5e36ad393398c3d32c737d912887c4771878d3d46d42920e14f84c4cdf8