Resubmissions

10-06-2024 03:15

240610-dr6llaca75 10

10-06-2024 02:53

240610-ddpqxsbg48 10

Analysis

  • max time kernel
    638s
  • max time network
    649s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-06-2024 03:15

General

  • Target

    MBSetup (1).exe

  • Size

    2.5MB

  • MD5

    4e19e70399076ab58d1160d0fa2664ec

  • SHA1

    e7ca7e0f1895c6bf60a14d6fbb0ccd4fb10a3134

  • SHA256

    b9ee60f31be0b7dc3f814c8abbc7caacb6a3e1dc7eb1504b8e831dd42277f8d8

  • SHA512

    f6338b52cb5a80d960e6b1ec72a28538614782a75d0270cb89e911160c0a0e8e3a4d0f93fb902c70c37cc5f4da0529043776e2c0b59287096f976addb7e584d8

  • SSDEEP

    49152:6VCZ7CYG91YEzNIbd18dStQyfvE0Z3R0nxiIq2dd0ZyWmX4:eCZ7CXQEzNwABKtQRq2RX4

Malware Config

Signatures

  • Suspicious use of NtCreateUserProcessOtherParentProcess 1 IoCs
  • Drops file in Drivers directory 6 IoCs
  • Modifies RDP port number used by Windows 1 TTPs
  • Sets service image path in registry 2 TTPs 2 IoCs
  • Checks BIOS information in registry 2 TTPs 6 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Downloads MZ/PE file
  • Enumerates connected drives 3 TTPs 46 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Drops file in System32 directory 64 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 5 IoCs
  • Executes dropped EXE 9 IoCs
  • Loads dropped DLL 64 IoCs
  • Registers COM server for autorun 1 TTPs 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks SCSI registry key(s) 3 TTPs 26 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 10 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Delays execution with timeout.exe 1 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 5 IoCs
  • Modifies data under HKEY_USERS 64 IoCs
  • Modifies registry class 64 IoCs
  • Modifies system certificate store 2 TTPs 29 IoCs
  • Script User-Agent 1 IoCs

    Uses user-agent string associated with script host/environment.

  • Suspicious behavior: EnumeratesProcesses 36 IoCs
  • Suspicious behavior: LoadsDriver 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 32 IoCs
  • Suspicious use of SendNotifyMessage 28 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:3336
      • C:\Users\Admin\AppData\Local\Temp\MBSetup (1).exe
        "C:\Users\Admin\AppData\Local\Temp\MBSetup (1).exe"
        2⤵
        • Suspicious use of NtCreateUserProcessOtherParentProcess
        • Drops file in Drivers directory
        • Checks BIOS information in registry
        • Drops file in Program Files directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of WriteProcessMemory
        PID:2548
        • C:\Windows\SysWOW64\cmd.exe
          cmd.exe /C timeout /t 1 & "C:\Program Files\Mozilla Firefox\firefox.exe" -install -extension "C:\Users\Admin\AppData\Local\Temp\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi"
          3⤵
          • Suspicious use of WriteProcessMemory
          PID:3244
          • C:\Windows\SysWOW64\timeout.exe
            timeout /t 1
            4⤵
            • Delays execution with timeout.exe
            PID:1436
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -install -extension "C:\Users\Admin\AppData\Local\Temp\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi"
            4⤵
            • Suspicious use of WriteProcessMemory
            PID:3652
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -install -extension C:\Users\Admin\AppData\Local\Temp\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi
              5⤵
              • Checks processor information in registry
              • Suspicious use of FindShellTrayWindow
              • Suspicious use of SendNotifyMessage
              • Suspicious use of SetWindowsHookEx
              • Suspicious use of WriteProcessMemory
              PID:4276
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4276.0.1332608539\1602719050" -parentBuildID 20221007134813 -prefsHandle 1736 -prefMapHandle 1728 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {93c106a8-76eb-4684-ba49-cb7c3cde2ab4} 4276 "\\.\pipe\gecko-crash-server-pipe.4276" 1828 1178dcb9158 gpu
                6⤵
                  PID:4656
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4276.1.488700337\866435603" -parentBuildID 20221007134813 -prefsHandle 2292 -prefMapHandle 2288 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b4c530ed-ca79-4f06-8557-cd296935fc48} 4276 "\\.\pipe\gecko-crash-server-pipe.4276" 2312 1178dbe6558 socket
                  6⤵
                  • Checks processor information in registry
                  PID:1696
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4276.2.814612517\935001379" -childID 1 -isForBrowser -prefsHandle 3128 -prefMapHandle 3124 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1276 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {58c54609-cd1c-45f1-84bb-7dc4e07a5cd3} 4276 "\\.\pipe\gecko-crash-server-pipe.4276" 3140 1178dc61958 tab
                  6⤵
                    PID:3264
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4276.3.754192362\185166836" -childID 2 -isForBrowser -prefsHandle 3068 -prefMapHandle 3148 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1276 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e36846d5-16f2-4cef-a196-cf15c645118d} 4276 "\\.\pipe\gecko-crash-server-pipe.4276" 3548 11795483258 tab
                    6⤵
                      PID:5136
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4276.4.1476768413\2095204527" -childID 3 -isForBrowser -prefsHandle 4864 -prefMapHandle 4908 -prefsLen 26286 -prefMapSize 233444 -jsInitHandle 1276 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {23cadbe2-ed65-48d6-a217-04b2ee0eb7c7} 4276 "\\.\pipe\gecko-crash-server-pipe.4276" 4904 11782265358 tab
                      6⤵
                        PID:5756
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4276.5.1159033193\528635596" -childID 4 -isForBrowser -prefsHandle 5056 -prefMapHandle 5040 -prefsLen 26286 -prefMapSize 233444 -jsInitHandle 1276 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b781da2e-2478-4e6a-adc7-7acea1c237da} 4276 "\\.\pipe\gecko-crash-server-pipe.4276" 4912 11792ff2558 tab
                        6⤵
                          PID:5784
                        • C:\Program Files\Mozilla Firefox\firefox.exe
                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4276.6.354831664\1447480863" -childID 5 -isForBrowser -prefsHandle 5220 -prefMapHandle 5224 -prefsLen 26286 -prefMapSize 233444 -jsInitHandle 1276 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4bc6b2f6-8b56-45b1-a587-e377b35bed18} 4276 "\\.\pipe\gecko-crash-server-pipe.4276" 5304 11793550558 tab
                          6⤵
                            PID:5808
                  • C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
                    "C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"
                    2⤵
                    • Executes dropped EXE
                    PID:5608
                    • C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
                      "C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"
                      3⤵
                      • Executes dropped EXE
                      PID:3372
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4048 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
                  1⤵
                    PID:4184
                  • C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
                    "C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"
                    1⤵
                    • Drops file in Drivers directory
                    • Enumerates connected drives
                    • Drops file in Program Files directory
                    • Executes dropped EXE
                    • Loads dropped DLL
                    • Modifies Internet Explorer settings
                    • Modifies data under HKEY_USERS
                    • Modifies system certificate store
                    • Suspicious behavior: EnumeratesProcesses
                    • Suspicious use of WriteProcessMemory
                    PID:3956
                    • C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
                      "C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe" /installmbtun
                      2⤵
                      • Drops file in System32 directory
                      • Drops file in Program Files directory
                      • Drops file in Windows directory
                      • Executes dropped EXE
                      • Loads dropped DLL
                      PID:3480
                    • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
                      "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Service /Protected
                      2⤵
                      • Drops file in Drivers directory
                      • Executes dropped EXE
                      • Registers COM server for autorun
                      • Modifies registry class
                      • Suspicious use of AdjustPrivilegeToken
                      PID:968
                  • C:\Windows\system32\svchost.exe
                    C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
                    1⤵
                    • Drops file in Windows directory
                    • Checks SCSI registry key(s)
                    • Suspicious use of AdjustPrivilegeToken
                    • Suspicious use of WriteProcessMemory
                    PID:2100
                    • C:\Windows\system32\DrvInst.exe
                      DrvInst.exe "4" "9" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf" "9" "4ba9030c7" "0000000000000154" "Service-0x0-3e7$\Default" "0000000000000148" "208" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
                      2⤵
                      • Drops file in System32 directory
                      • Drops file in Windows directory
                      • Checks SCSI registry key(s)
                      • Modifies data under HKEY_USERS
                      PID:1140
                  • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
                    "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
                    1⤵
                    • Drops file in Drivers directory
                    • Sets service image path in registry
                    • Checks BIOS information in registry
                    • Enumerates connected drives
                    • Drops file in System32 directory
                    • Executes dropped EXE
                    • Loads dropped DLL
                    • Registers COM server for autorun
                    • Checks processor information in registry
                    • Modifies Internet Explorer settings
                    • Modifies data under HKEY_USERS
                    • Modifies system certificate store
                    • Suspicious behavior: EnumeratesProcesses
                    • Suspicious use of AdjustPrivilegeToken
                    • Suspicious use of WriteProcessMemory
                    PID:2432
                    • C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
                      "C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe" nowindow
                      2⤵
                      • Checks computer location settings
                      • Executes dropped EXE
                      • Loads dropped DLL
                      • Suspicious behavior: EnumeratesProcesses
                      • Suspicious use of FindShellTrayWindow
                      • Suspicious use of SendNotifyMessage
                      PID:4508
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://links.malwarebytes.com/link/pricing-inapp?version=5.1.5.116&x-prodcode=MBAM-C&x-token_secret=0RJqCl-jr1uEbqGi4UPgLl05A4q6PxvRZV3o-90KR4iZkcYWbcpkMOcR2QQ9iH7JJBFOqNGNGidkJ6tJlK9L00sJlOu_H6h_ZIEIhPTPoEr5m8eOrLGRXCZpED5QoUGv&ADDITIONAL_machineid=18e531be88f745adecc4af1492e653d803938bc1&days_since_install=0&varID=mb5-onboarding
                        3⤵
                          PID:3972
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://my.malwarebytes.com/registration
                          3⤵
                            PID:2808
                        • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe
                          "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe" "C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\staging" /db:dbupdate /su:no
                          2⤵
                          • Checks BIOS information in registry
                          • Executes dropped EXE
                          • Modifies data under HKEY_USERS
                          PID:3104
                        • C:\Users\Admin\AppData\LocalLow\IGDump\sec\ig.exe
                          ig.exe secure
                          2⤵
                          • Executes dropped EXE
                          PID:4912
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5020 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
                        1⤵
                          PID:2216
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4308 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
                          1⤵
                            PID:3820
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=1020 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
                            1⤵
                              PID:1808
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5400 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
                              1⤵
                                PID:2656
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3440 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
                                1⤵
                                  PID:1876
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5804 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
                                  1⤵
                                    PID:916
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=3468 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
                                    1⤵
                                      PID:3620
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=4292 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
                                      1⤵
                                        PID:1780
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1600 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
                                        1⤵
                                          PID:404
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=5500 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
                                          1⤵
                                            PID:3912
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5844 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
                                            1⤵
                                              PID:4820
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4308 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
                                              1⤵
                                                PID:5328
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
                                                1⤵
                                                • Enumerates system info in registry
                                                PID:5396
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.52 --initial-client-data=0x238,0x23c,0x240,0x234,0x2f0,0x7ffa2d402e98,0x7ffa2d402ea4,0x7ffa2d402eb0
                                                  2⤵
                                                    PID:5292
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2096 --field-trial-handle=2100,i,13717100392841679177,6881025597311502987,262144 --variations-seed-version /prefetch:2
                                                    2⤵
                                                      PID:5896
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2292 --field-trial-handle=2100,i,13717100392841679177,6881025597311502987,262144 --variations-seed-version /prefetch:3
                                                      2⤵
                                                        PID:3068
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=2468 --field-trial-handle=2100,i,13717100392841679177,6881025597311502987,262144 --variations-seed-version /prefetch:8
                                                        2⤵
                                                          PID:5988
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4088 --field-trial-handle=2100,i,13717100392841679177,6881025597311502987,262144 --variations-seed-version /prefetch:8
                                                          2⤵
                                                            PID:3972
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4440 --field-trial-handle=2100,i,13717100392841679177,6881025597311502987,262144 --variations-seed-version /prefetch:8
                                                            2⤵
                                                              PID:5352
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4440 --field-trial-handle=2100,i,13717100392841679177,6881025597311502987,262144 --variations-seed-version /prefetch:8
                                                              2⤵
                                                                PID:5792
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4716 --field-trial-handle=2100,i,13717100392841679177,6881025597311502987,262144 --variations-seed-version /prefetch:1
                                                                2⤵
                                                                  PID:3724
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4784 --field-trial-handle=2100,i,13717100392841679177,6881025597311502987,262144 --variations-seed-version /prefetch:1
                                                                  2⤵
                                                                    PID:2228
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5216 --field-trial-handle=2100,i,13717100392841679177,6881025597311502987,262144 --variations-seed-version /prefetch:8
                                                                    2⤵
                                                                      PID:3556
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --mojo-platform-channel-handle=5284 --field-trial-handle=2100,i,13717100392841679177,6881025597311502987,262144 --variations-seed-version /prefetch:8
                                                                      2⤵
                                                                        PID:4432

                                                                    Network

                                                                    MITRE ATT&CK Enterprise v15

                                                                    Replay Monitor

                                                                    Loading Replay Monitor...

                                                                    Downloads

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\7z.dll
                                                                      Filesize

                                                                      128KB

                                                                      MD5

                                                                      c9f986485c18fefcf80c5af9a7b9bbd3

                                                                      SHA1

                                                                      28c7c3ad73b9d5ed66b3c07a4e4e869c5aaba35e

                                                                      SHA256

                                                                      ae3dba5be2864bade0f63f022b75aaabe05bf9c8bf24fcbb54b99843edbd6f26

                                                                      SHA512

                                                                      0be54b3f4a88eb0a6827b694ed95929c1b3c3cb46a29597bf744cf9fa886f659064b9d65cca9bf8d143f9a264d78b5c83e7de88145790966a6ca91b86c286151

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\Actions.dll
                                                                      Filesize

                                                                      2.1MB

                                                                      MD5

                                                                      0e6c18ce76944d78a4949b3ae1cdfb9a

                                                                      SHA1

                                                                      23e173b4519e5cd2e32a1df6ecac282dc47e1fcf

                                                                      SHA256

                                                                      23e87a9a2d3fd140fbda133afde9e4c9408f610af83363aa0e49d25a4c98b497

                                                                      SHA512

                                                                      2143778b2ad407ab2eab70d4aee35c70bc07b51ffc48cf1cde5274b3a6d44df976c02f890bf8fde33959b4fdd61ac23a60011de4952ee324ece14285048540eb

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ActionsShim.dll
                                                                      Filesize

                                                                      2.0MB

                                                                      MD5

                                                                      0954a50e6cc69b8760f78246e123c2f4

                                                                      SHA1

                                                                      317da650742c11ab9bc863ecdd8bcd17fccbca9a

                                                                      SHA256

                                                                      f46c5c8e3874e9e1eddf20ac67cbdb0f53173c5e4d7f81e9c6975d515d30cf39

                                                                      SHA512

                                                                      fdb5ae918307cf339c652a041522ca67d896907069beb97bbdbe0b551fc11624a206bc8f7adb5fa427e147b6e3aa5d8febeef8ebd56d3d831f6edd1bd35c14bd

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\BrowserSDKDLL.dll
                                                                      Filesize

                                                                      576KB

                                                                      MD5

                                                                      a4cc0f93568aedf4892c6540c5ee43e5

                                                                      SHA1

                                                                      824c112a8caea4109466cb4c5ca609290554a1b5

                                                                      SHA256

                                                                      3abf2098b9f5abe6e14fb225b9ef79275d9b8fb5c0a03de545c8f8957f0d6e61

                                                                      SHA512

                                                                      f3185bed52ffeddcc7ff52e1af00dd7e663391d41d17459f7ed1e25f2209784f46c1d1a252a0572c4667af909751017bbcbe550a50c7ffa18e24fb6cac1b5738

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CleanControllerImpl.dll
                                                                      Filesize

                                                                      1.2MB

                                                                      MD5

                                                                      002489ae38fcd08e362e51d32f5a544f

                                                                      SHA1

                                                                      7ca95bd787fc0bcecd400742caae680746f5ba8b

                                                                      SHA256

                                                                      f12f766678c45f51eb856465d06ac895895b917ef1e78a7ce5673d46ee277aff

                                                                      SHA512

                                                                      d5874a6f4aaf9a424163a9a7e78a67e172fcf886d8518756cd4939a100ca227d27ba2a18225338f848f375919396b4346b7f715c02e2912c3885bd95e64f98e6

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CloudControllerImpl.dll
                                                                      Filesize

                                                                      576KB

                                                                      MD5

                                                                      eecdb9672ebc864945287e50c3867939

                                                                      SHA1

                                                                      715d22f044d35b0f86da68fa1aab7ff785a1e551

                                                                      SHA256

                                                                      7cc2c24875a0c85098380011ceebde1a65b4199a01e4e986904d089deec28d65

                                                                      SHA512

                                                                      29c8f8a94a4c25e64a043c3bdeecb58fbd5e61017185d6c76052656edd3373687decac6174e2ea139b0501d79b5cd8be5765c8cd8bb6971d25327838e8a785af

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\LicenseControllerImpl.dll
                                                                      Filesize

                                                                      3.6MB

                                                                      MD5

                                                                      702b2ffbfc901954c4ad2e8ddad90551

                                                                      SHA1

                                                                      eea50836372e244519939f97eed058497ebee639

                                                                      SHA256

                                                                      4cfa41ca45f26028bce2b29edefdb6e946d56011ab62742c64b4665d664b253e

                                                                      SHA512

                                                                      99e694a98a5839d555e1ee6efdcab7ccb6865ff17d5b8c2bb4f28f843c26d98ddd8d12a9778cb7a808e66dea2376d691cd27e41d98ebbc15eb7a445f668178c9

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll
                                                                      Filesize

                                                                      512KB

                                                                      MD5

                                                                      41304f2f0fea8eb92babdadb6925adb0

                                                                      SHA1

                                                                      305292bba98c5bf79679aab4718699257a978d0b

                                                                      SHA256

                                                                      333410f73415a161c720feb98d6fc2262c257af5c392ccf53cd34e55755fac10

                                                                      SHA512

                                                                      4c66d4d2b84da74a675726f48b9c5481401f6ca0b95b7ecb855da4e0f01888ea998dc1beaf8d2b580954af74593a931fc1722170e9c23a0a5bae295fbaa20d93

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMShim.dll
                                                                      Filesize

                                                                      512KB

                                                                      MD5

                                                                      fd141224920839d8c2e124eb419aeb22

                                                                      SHA1

                                                                      ac5c20cb3f141539432ee38a0d576a2f7387b3a8

                                                                      SHA256

                                                                      f9a8857f7d04c83ebbbe33adf1b52905fd434a791a1bd6eb2b9e090353545fc0

                                                                      SHA512

                                                                      552ca1a3115bd3f579eceaed2ae501e460bce290d7b156d09ebc07379dc88b6025eba4a450d221c69695dfe7436d0de31bae87e6bc6420d14258eaa77b203762

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
                                                                      Filesize

                                                                      1.8MB

                                                                      MD5

                                                                      1fef61c41de230ad3977ce0f5e5021f1

                                                                      SHA1

                                                                      2b956887940c52930d25e1235092f06ad46bc942

                                                                      SHA256

                                                                      5b97f3c8e79319f7b9fcf740ad1cfab68a9765d7d463fcdc38d4bd1a0c95dd0b

                                                                      SHA512

                                                                      072daafc3410a349053075231c1dcafcd8084fee648385fa86f225bb642407bad4b45096b5a73a8f937f2ae975b3f7af842c4b4aad95c799d14a60c4bd6f2b91

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ScanControllerImpl.dll
                                                                      Filesize

                                                                      448KB

                                                                      MD5

                                                                      162164867fa4ad7e873d24831e7cdbbd

                                                                      SHA1

                                                                      7bec4ca93f9bd27f48f2c9de6bb75f5d9b910738

                                                                      SHA256

                                                                      66c164b536441fea7c64c45ef39b80412b6ee2b01ade4518076f490e74caf422

                                                                      SHA512

                                                                      96954906a6d6cd0d1952434ac9477e7cc09cb4bb16b6404d567d010ac2d321eacebd477647f5bb6014455a00580b4007ee26ec310bc290df6300bf99450066fb

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\TelemetryControllerImpl.dll
                                                                      Filesize

                                                                      1.9MB

                                                                      MD5

                                                                      becafcb40dcaf83a39128705dbd36082

                                                                      SHA1

                                                                      2460acbd76261c98209eacfbce6008a717a7e6aa

                                                                      SHA256

                                                                      95e046cd9d013c2b772b049728ffe7e9a4ad1684b1353bb9d48d74e3c2b35074

                                                                      SHA512

                                                                      1f7ce29d1b35092b6c93fd890dfaa09dd225f5c58a3f963bbc1019060dca603f640a877ebe939995e2beb2a3ee5ae492324fe82d29983f40a37786b00155c5ae

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\UpdateControllerImpl.dll
                                                                      Filesize

                                                                      3.8MB

                                                                      MD5

                                                                      7357e806738fc72fc7e396c0fc7363e0

                                                                      SHA1

                                                                      659dc4129e770040bb7d22a742d0c49cc1d5d175

                                                                      SHA256

                                                                      1da44d9da26113e49ffedd8c44c9d22d87adfdb517425b3b63dd9bfa60484905

                                                                      SHA512

                                                                      77ede08e472106acf43a40ab7a70354f95cf9d08ae416b86b3c3baead98c7a86f60d7f57bdb155b6d001f29a83667702854634ba656a9f83950518f00ec98852

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
                                                                      Filesize

                                                                      512KB

                                                                      MD5

                                                                      af38c5777956fd1a958201270fd5ef44

                                                                      SHA1

                                                                      f86c6b8c922e3b4a01f55bb85891be17144d3aca

                                                                      SHA256

                                                                      af8b4c46545ce7655c439ea2776992f975f2ebadcea860ab0d0d8b3f4c580870

                                                                      SHA512

                                                                      fd117ae0d7a727e19b6619bebfaa53b441e61e4b7ba5d35d7c5591004a7622dc19c490609686ddf8dcffc14a45c89dcd4a893d629fea605b002c99a8b1dc8bd5

                                                                    • C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\sample.dll
                                                                      Filesize

                                                                      448KB

                                                                      MD5

                                                                      2032f9692898fa331874ad9eed31f816

                                                                      SHA1

                                                                      0d7c6405f8329696913ae4e196f14d21fdf239d9

                                                                      SHA256

                                                                      6e5d158663cc707e98381083e93292da2c05fd18bf5abbaa6e66a2588cee4ca9

                                                                      SHA512

                                                                      c38287e4740bca6e3d5a2779c11d59eb6090bae1141ef4c662cff244a1ddc61a442f4d1388e6fd4f033d7b257dfe6e0cdad65938b251b358925850f7595b50b8

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\Global.sr
                                                                      Filesize

                                                                      448KB

                                                                      MD5

                                                                      e87eb48299e8fbd049fb699bca9566fe

                                                                      SHA1

                                                                      50721418fca9dbc7d21b6e6354645523ef07b9ce

                                                                      SHA256

                                                                      d45bcf46891ec62e97e144d1b722a02fa01a8219c077f0e84c4d97367c3e73b1

                                                                      SHA512

                                                                      821e094881c9101ca1e34fa802777c86a3a5cf919cf9b74568bfcff719371f5e671ab14884111e3234267e9f377034fecac1a4c673c0454ad890d14f8730485d

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb
                                                                      Filesize

                                                                      13KB

                                                                      MD5

                                                                      00945996048ff756b87a69413ba9ac20

                                                                      SHA1

                                                                      78e8211c2d65063a33597a97a6d176643e9b2631

                                                                      SHA256

                                                                      cb420edf38866fb3efa0999f7cc8b277028eb61190fe0d2a3a40324bd852d0a3

                                                                      SHA512

                                                                      69b166dee924fa6768ecb77284700254b9899a4a355358af868415ef28cc2ff6e5e7fab8fd259f376320cf907aea1f369f5f3e5f633e8ffed8904a3b66efc89b

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbmanifest2.dat
                                                                      Filesize

                                                                      924B

                                                                      MD5

                                                                      de6af8e7cb358a9ae31c37eac064fa3b

                                                                      SHA1

                                                                      4b7dca3efc886d404ed7e9b6985ab7f49de4cefe

                                                                      SHA256

                                                                      f751fe98372307081ac8be0bd2095c4e01bd1c7ff2f59d8616211c1a73048823

                                                                      SHA512

                                                                      c02410678af925e408157643e9640c8a75678fa84d74cd31cd5f7b56b99fde8961537c34c3c170ea64b2a9d109c6ccb5a8642494c434cf6df9b007502f23d055

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dynconfig.dat
                                                                      Filesize

                                                                      39KB

                                                                      MD5

                                                                      10f23e7c8c791b91c86cd966d67b7bc7

                                                                      SHA1

                                                                      3f596093b2bc33f7a2554818f8e41adbbd101961

                                                                      SHA256

                                                                      008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc

                                                                      SHA512

                                                                      2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\exclusions.txt
                                                                      Filesize

                                                                      23KB

                                                                      MD5

                                                                      aef4eca7ee01bb1a146751c4d0510d2d

                                                                      SHA1

                                                                      5cf2273da41147126e5e1eabd3182f19304eea25

                                                                      SHA256

                                                                      9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f

                                                                      SHA512

                                                                      d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\mbdigsig2.dat
                                                                      Filesize

                                                                      514B

                                                                      MD5

                                                                      90ae986da076b33809956a63292f8ece

                                                                      SHA1

                                                                      f59a271ef9d30beeca4d96746b1960ff1e35379e

                                                                      SHA256

                                                                      184dd97b61c0f6cb22d600925bf9170ed9ccad99c57af78dc42c149fc34c7b54

                                                                      SHA512

                                                                      7be9fd019a72f2a6072aa1438a5a27fd392b8e93365492861a9de77d68e4730e2b96ca98e8727aa0c6ab7e6b505c33f9061f8e4a83c6522c5c3eb348e0e35e3c

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\prot.mbdb
                                                                      Filesize

                                                                      24B

                                                                      MD5

                                                                      546d9e30eadad8b22f5b3ffa875144bf

                                                                      SHA1

                                                                      3b323ffef009bfe0662c2bd30bb06af6dfc68e4d

                                                                      SHA256

                                                                      6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f

                                                                      SHA512

                                                                      3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\rdefs.mbdb
                                                                      Filesize

                                                                      24B

                                                                      MD5

                                                                      2f7423ca7c6a0f1339980f3c8c7de9f8

                                                                      SHA1

                                                                      102c77faa28885354cfe6725d987bc23bc7108ba

                                                                      SHA256

                                                                      850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55

                                                                      SHA512

                                                                      e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\rules.mbdb
                                                                      Filesize

                                                                      3.1MB

                                                                      MD5

                                                                      827f373fae73fb1f11ccefdf38f57dd3

                                                                      SHA1

                                                                      397f4ea58faa62f85221ffc699c578dd7332fb17

                                                                      SHA256

                                                                      6ebffca1215249485488bd337f461588de23337f5b3bcc759a8b9d3f1e82394a

                                                                      SHA512

                                                                      57b08ec234964144966b4eb49fbfd77b3ef1c1977d4d08fd80800a319645c484238c4569f9eacd74aefc96e870265fa5f35223b6321added0f7821149d593902

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\scan.mbdb
                                                                      Filesize

                                                                      128KB

                                                                      MD5

                                                                      782a4babe3099d778d7c03487acdecc0

                                                                      SHA1

                                                                      35ca7a7f5d83145e58fa9da68749e263a1af7f0a

                                                                      SHA256

                                                                      000c9ecacb10b0fe54af660b483de2d71a231026944c4ce6a29cf2a63117658e

                                                                      SHA512

                                                                      eeae3b2753fccdb5cdb05ef7cdb16a14d0f0e7d277adf39712e7466791501cdb857518ce156c53834203842bc722c5b66ef53bf6098f2dc65bf3236c117c006f

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\tids.mbdb
                                                                      Filesize

                                                                      169KB

                                                                      MD5

                                                                      0924fc85d03912f161b581ceade05232

                                                                      SHA1

                                                                      05071c9f501b21b9f2f5ac43a9bf1b72cacf1a31

                                                                      SHA256

                                                                      814047df1cac7072bb3549162147e799fc84aee53e4ccfeaa5b912a0caf63bbb

                                                                      SHA512

                                                                      50430b3b5814a035cdb3dad25bddfebf6d0634e0dfb1d94b5c6ac3450457484eae14afcda7a29aea8daa9e5a73df0a01326f3ba727517ba7fd2a30a098ad9cb4

                                                                    • C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\wprot2.mbdb
                                                                      Filesize

                                                                      1.2MB

                                                                      MD5

                                                                      a01658bcee0ffadd042a76ace6e7c8a9

                                                                      SHA1

                                                                      3f0ecae2bc830fb4fb825e4169b35bf52275363d

                                                                      SHA256

                                                                      713375325c86c00122123fc0f46d342d6794ee054b6da72d5a385c7de770681f

                                                                      SHA512

                                                                      9320509dde539693828e8cba5fcf79a431a80d4e81b4acdd90a7cb6af0ba2b4bc4305e5770de0ec1dab0000cdafee59ea280fdf7778e2361223037eb97587e95

                                                                    • C:\PROGRA~1\MALWAR~1\ANTI-M~1\mbtun\mbtun.sys
                                                                      Filesize

                                                                      107KB

                                                                      MD5

                                                                      83d4fba999eb8b34047c38fabef60243

                                                                      SHA1

                                                                      25731b57e9968282610f337bc6d769aa26af4938

                                                                      SHA256

                                                                      6903e60784b9fa5d8b417f93f19665c59946a4de099bd1011ab36271b267261c

                                                                      SHA512

                                                                      47faab5fff3e3e2d2aea0a425444aa2e215f1d5bf97edee2a3bb773468e1092919036bcd5002357594b62519bf3a8980749d8d0f6402de0e73c2125d26e78f1e

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\7z.dll
                                                                      Filesize

                                                                      192KB

                                                                      MD5

                                                                      a802e11a15727e3534cdf11c61b47955

                                                                      SHA1

                                                                      e0c96b1d33c1e67e1031ffe21bf70e7750c159b7

                                                                      SHA256

                                                                      bf864c3641662c8eb966796912e1194bc6e3860bf35332dbc5ab0e90ae885f4c

                                                                      SHA512

                                                                      320da23b27dc3b7b097ed5341123085022bb735eccf05a3d1eddb90f94550215e314f9a8e7f36ba7e900ccf7921a763b32ede2b2efed386ed5d392261a16d06e

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\ActionsShim.dll
                                                                      Filesize

                                                                      576KB

                                                                      MD5

                                                                      4a345ac3f848c4f2be3df54945d8cd64

                                                                      SHA1

                                                                      c9bc4d24b64aabacd0dc2e421eca02f795dd42d6

                                                                      SHA256

                                                                      aff8dd46f399f749cc78bacf761f1988fca140b0408b3a8d2708695f84505bb8

                                                                      SHA512

                                                                      1bdb0815fca7bd8dcfaa2ba4889132c4f574d3b956d2554553ef54248b4fee078c1535e99ea8fb0db3924950f69e699ddd885c46a3d428030f34ada80fb7fb06

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\CleanControllerImpl.dll
                                                                      Filesize

                                                                      2.0MB

                                                                      MD5

                                                                      f1864dcf36748eae7cc7fbf2ff6f1be6

                                                                      SHA1

                                                                      ca794a40603acdd06d0e02651a0b61f54f035a6a

                                                                      SHA256

                                                                      62e7cd2036a608fdd0ba5b924aabb99fb4bf78c6b02e6345516e00b87f303496

                                                                      SHA512

                                                                      df8e4b0aa2558ec915aedfd3ce5dd0e9a85a5aa8b2595a041c80c3dcccb9fd963c140567200c5bd5d79092778f7f137bbf3adbc4501ec53173a0de692ad94bb4

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
                                                                      Filesize

                                                                      9.6MB

                                                                      MD5

                                                                      a545b29abb9db951e9e2508a1bbc8d2a

                                                                      SHA1

                                                                      061494912b29c965638263b7321a54b9e0399417

                                                                      SHA256

                                                                      7607ca2abc8f5dfe7a100ccf73d885375ec599b0648ebd964ffb8bff39c821df

                                                                      SHA512

                                                                      e7e33f5e49570ea74d427e12c049a7f0f89f7e4d3c7c511f59170cfb166bb5dd49ebfaa5a968dfdc15758f3177d7d39beebce26e593629aa0eac630748b403f1

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
                                                                      Filesize

                                                                      2.1MB

                                                                      MD5

                                                                      b259331297947e69ca89098c8a51c1f1

                                                                      SHA1

                                                                      31b166af9c5246e377afdcd6201fccc9c5742b35

                                                                      SHA256

                                                                      7e0f4c8b8f675c319f5633f36f46fb8d146d82779f6d342f09037b02e3b7b8eb

                                                                      SHA512

                                                                      6e93a1cad80f091115683927b02ddeb01195c7458176be8862306828fad309b588d5279b8c5fc2394fbfde0f91563611fc8ce99b7b43890ef3e32af897d1449e

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
                                                                      Filesize

                                                                      3.6MB

                                                                      MD5

                                                                      49eb28031bb0d40d0f62206fa54db5de

                                                                      SHA1

                                                                      1cc505b8b991fbb205c5f1be1f3b7a6ef1dd1d89

                                                                      SHA256

                                                                      1a84789aa12cc4920d4cb49467be451a4844b9032a9b21c9555627e9bd16ecfd

                                                                      SHA512

                                                                      e0d5da21cc1c0e643c9bc181dc16202a2dd8a9934ddd058f46dca8285adf2528b90e1b31f686a8bee4f99186ba7dd1b26a2acbbba171c0d4eaacaa38d3d645bc

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
                                                                      Filesize

                                                                      2.9MB

                                                                      MD5

                                                                      46f875f1fe3d6063b390e3a170c90e50

                                                                      SHA1

                                                                      62b901749a6e3964040f9af5ddb9a684936f6c30

                                                                      SHA256

                                                                      1cf9d3512efffaa2290c105ac8b7534026604067c9b533e7b7df2e017569a4ec

                                                                      SHA512

                                                                      fdfb348061158f8133380e9a94215f4bfc0f6ce643a129d623cb8034c49144f1489de56cd076da645478506d9fbddc7590fe3d643622210084b15fdf0d16b557

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
                                                                      Filesize

                                                                      288KB

                                                                      MD5

                                                                      23f1360ae0e948d300f0f62b53200093

                                                                      SHA1

                                                                      e44fd6f0248e0a02525ee67664d83b535d9cb7d3

                                                                      SHA256

                                                                      40dfe0689b744e0812ce857f7221ff85431ca37315d9b4f75ca40892af5870da

                                                                      SHA512

                                                                      6e34d2546626736aa26b369a86745bdb9816138244fba3d5b5e29de4585cf4e66d52c35b5c5a577f252b62a137e340dd9de36c08a06f5395baec5a726ffb5222

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll
                                                                      Filesize

                                                                      3.1MB

                                                                      MD5

                                                                      5557e886d8981d10a12a954dec4bd103

                                                                      SHA1

                                                                      622c9e9e6c98a1d18df162dbd83b7a9651607719

                                                                      SHA256

                                                                      99bc675421b15dddd928f82b3bb8865a1301b65a9699b43b3c31d15bbfc843d5

                                                                      SHA512

                                                                      5b6c401b890a591fea2fc611a6be3de55837a3dee26f4d4552267cb6abe752de917f6652d751a80de673c142fa2a9e6d5c794ffbffd324a07051e630323ff032

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll
                                                                      Filesize

                                                                      128KB

                                                                      MD5

                                                                      e5766890c20c1babcb99498c39025b2b

                                                                      SHA1

                                                                      6bfeb3b4deff705882f16f15c83b761ec90d368e

                                                                      SHA256

                                                                      56d6f3193d6bbbf9416cb51b7e1ada182571fa4aad8a94282eb1c8724b3b7bf4

                                                                      SHA512

                                                                      44be428240e9c17da7eb53edd692b3869122f72358d9fd370f132575b5058a33e1dbd350a7cf8aea69866cf34325cd926f53d09837bfb3356bd60d3707d985c8

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
                                                                      Filesize

                                                                      621B

                                                                      MD5

                                                                      88b95b7116045866fd204987f3c35677

                                                                      SHA1

                                                                      b5ccf414b58ca667045b2bcbfc5c041cfe3d7815

                                                                      SHA256

                                                                      cc9fdb0e29ec17cacd4e534663f8e22ca4e0739a3a29dbf3d53802d3c9483b8f

                                                                      SHA512

                                                                      537279612464091da5baff08b090149864297c14e1b059554e0b1229433618082baadaf5463d6c0088e202a510ca0f5e6e0e689a31e25e471ccde5d0782b900e

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
                                                                      Filesize

                                                                      654B

                                                                      MD5

                                                                      5c3593a211bae28cd788d42b71fb5f63

                                                                      SHA1

                                                                      e114e15f619f943a4c0ef566bfa69684e3a8f733

                                                                      SHA256

                                                                      0aa55c478ed634f0f090648fd2f9d71dd5448f83301edb4e3d651189a7afb985

                                                                      SHA512

                                                                      7978bbc22bed98df5ea52bd80df1eb12f8cee19a544ea054258372ceb5c54aefa43ccad34a2f7c59374294e1ee14854c98000a1504a97ca26f402ddc28cd5ffa

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json.bak
                                                                      MD5

                                                                      d41d8cd98f00b204e9800998ecf8427e

                                                                      SHA1

                                                                      da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                      SHA256

                                                                      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                      SHA512

                                                                      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\TelemetryControllerImpl.dll
                                                                      Filesize

                                                                      448KB

                                                                      MD5

                                                                      b1a4d8866dda0a7c71d54cae048c1216

                                                                      SHA1

                                                                      b03b6b8366af332b73328d5d81c86b9fbd53e1d0

                                                                      SHA256

                                                                      88f74617e4f6fd30959d52e1f065d63f4405b5512835838347c2403a2c9d004e

                                                                      SHA512

                                                                      21aface4d1835ddd682b816bc2d4738c6b66dd106eaf7387aca46f71716dc161896e3d4c6928ef34abfe67912a88129da05e6f7f170393f9daa09dbe1a39c362

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll
                                                                      Filesize

                                                                      3.1MB

                                                                      MD5

                                                                      da3608ff85764a876ed7a7f7a640e57e

                                                                      SHA1

                                                                      84553bd9359b92e5b335b1bdd7a7a8533926b7a3

                                                                      SHA256

                                                                      a5005427d65f83e20b13ba5b57b1d71940128896909e41702948c9c44c771264

                                                                      SHA512

                                                                      f389fc879616e8cc68a6b30dd67297443f5089c2955db3e27426a47db5a71ebe3c98e639e5fc8ec0ea42e8b617ea053e882188e6fe92603031e572b19907c168

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\ctlrvers.dat
                                                                      Filesize

                                                                      8B

                                                                      MD5

                                                                      dbee8e7bbcba63adfa242c00f228afb0

                                                                      SHA1

                                                                      6aae8d9e4053cb52a2f1b6847e65ec6335dbc0fc

                                                                      SHA256

                                                                      c01415842abaa4bb6ada941a44c132a4a41c55097fb7e931decd04e8b5d6d380

                                                                      SHA512

                                                                      1e82896df024fe6a2390e415bcf8dd92f71125639daebed99e115bd9ac219b5667201d29c6b2390a2fcd505c3780ba112ddfca128137b665da0cfdbd4d63f038

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe
                                                                      Filesize

                                                                      3.8MB

                                                                      MD5

                                                                      d289d84c0406750cef937bdcdbd32740

                                                                      SHA1

                                                                      89a8a040a62bc0d2c2809177773f6a10bb83fae9

                                                                      SHA256

                                                                      e21d1060a4a2ad8d0cc781d0ec252b497d96915b648fbc9d1ab46ab750c8d00d

                                                                      SHA512

                                                                      c8abdac9756ba299ecd3285a134219ccc222acc9f005a71eae85fd815a93b17b8857ac1e446a8122755e8702a39b76c13df962ba79f45855c752e3347311e09b

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll
                                                                      Filesize

                                                                      2.9MB

                                                                      MD5

                                                                      3bc4d2bb173c005c678da34697c17d99

                                                                      SHA1

                                                                      2e07b4f3af7dc82d8f7a5fdc920578f6e908a0cf

                                                                      SHA256

                                                                      fbcfade08f8d2617b6e9f2e279f81ce3b5e1fc0cce5bcfd927cde1335114f6da

                                                                      SHA512

                                                                      36864cef0ba96899d1c9ce088ae931b10461f1360a21fe8791b61acbd6ff1b30786a0f6745eac6acbdcfbcd3f05347aa1aa05fdaaf9e36e8fd0da3768ae78a17

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
                                                                      Filesize

                                                                      1.2MB

                                                                      MD5

                                                                      36a4ce53e0aa4d9c5851ce01f1b1f249

                                                                      SHA1

                                                                      9d26250d0bb42e7caa9e768456c1c70d4d45992b

                                                                      SHA256

                                                                      f39ef1786c08ede63c1e7c4590a07c7c3625d7d8ba1e919757f111953c64b08e

                                                                      SHA512

                                                                      fad03a0efb89f026ac463d4f178164f9a188e96b0e7ef3e03864c424f415b493f621fa674d9d23326a16a8a0e801827af586ca73465b6e3c6ecfd02eca14dcd0

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
                                                                      Filesize

                                                                      2.0MB

                                                                      MD5

                                                                      cb0262588c155b66991c739e156613d7

                                                                      SHA1

                                                                      6d39cd12679c51edfb73e93129113a102576b6c2

                                                                      SHA256

                                                                      73580a98c0c0b98dd5a37e51623dc2efc7f5c24978ba0bb2761dd3ab65cb5e5f

                                                                      SHA512

                                                                      dac666df37352c8b540ab55f6c7b13921198c283e83236c38f9c2ec838e08d57a0049402a27550898ec65c4a7ad550483cf781630ebd72f42c18a9643f0732a3

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\mbtun.dll
                                                                      Filesize

                                                                      2.8MB

                                                                      MD5

                                                                      2bbf63f1dab335f5caf431dbd4f38494

                                                                      SHA1

                                                                      90f1d818ac8a4881bf770c1ff474f35cdaa4fcd0

                                                                      SHA256

                                                                      f21a980316bd4c57c70e00840ab76d9ad412092d7d2d6a2cff4f1311f7c05364

                                                                      SHA512

                                                                      ebb9834323329dc01ba2c87e5fad1083a4cb86f5ed761cb63299ac5336a9843a1aadd42fbed706797c2295117af1c00f96806422338352653c8e0255fecc2fd5

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      5d1917024b228efbeab3c696e663873e

                                                                      SHA1

                                                                      cec5e88c2481d323ec366c18024d61a117f01b21

                                                                      SHA256

                                                                      4a350fc20834a579c5a58352b7a3aa02a454abbbd9eecd3cd6d2a14864a49cd8

                                                                      SHA512

                                                                      14b345f03284b8c1d97219e3dd1a3910c1e453f93f51753f417e643f50922e55c0e23aab1d437300e6c196c7017d7b7538de4850df74b3599e90f3941b40ab4a

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll
                                                                      Filesize

                                                                      114KB

                                                                      MD5

                                                                      f782f049b0e8c13b21f8e10e705bd7e5

                                                                      SHA1

                                                                      5c11f955e3983c50ea46b5d432c97c9148ac8e9f

                                                                      SHA256

                                                                      16c450a310edbea07f578f31368f168ec338011cd117406898593e86ebb83dae

                                                                      SHA512

                                                                      eed29c42b14ff26a030f53d61d6dc8e3971e478dc7646b26189f14f16699b6bedc170c4bcc37efe2e8f3048bde37480033b49eaf1a4712b88464f5da0efc18f2

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\srvversion.dat
                                                                      Filesize

                                                                      9B

                                                                      MD5

                                                                      5e0e2d584de048ec8e1d96a8402b9074

                                                                      SHA1

                                                                      bc939970e17845f19b5487ebc0f1962aa4f5a756

                                                                      SHA256

                                                                      2b7b5bc2a6db622fd284281cd712081dc0a8c2650ac55133a96d2a719306f41a

                                                                      SHA512

                                                                      8481bc8a5a7188e3d242f426d9daee162ed372101327ef6c452bdabb64cc3b5c38814715705d8341303a3ae1b377e6a0c77b8e0d7258376f563af8f9d21131f9

                                                                    • C:\Program Files\Malwarebytes\Anti-Malware\version.dat
                                                                      Filesize

                                                                      47B

                                                                      MD5

                                                                      7f0ac115d34db24927ad71f77412a171

                                                                      SHA1

                                                                      6ba631008cb4ac76d6a59b83630d08e0f7eda6e7

                                                                      SHA256

                                                                      8ebe68a5e88f08f98fb9825c9f55302d0452c45294c5ea89fe3882503f6b01c0

                                                                      SHA512

                                                                      0ee0e5e0fae00ba3195b07c5b3a7fb68e8163f9e5e0e708da8ae9d4dec43529242801f733d58b4a4b74945ff93b9a1a92d912055953b46236cd4d5deef597086

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      66f4587b608612a64352df9bd0949b33

                                                                      SHA1

                                                                      412df353c39b038ad4ca34cbeecd185f5bcbc5f3

                                                                      SHA256

                                                                      8228ddf0d0ea912afab633181d2b96446f5a7e986af658b6b033b43f23a9ae21

                                                                      SHA512

                                                                      cea0676bd15c5fe627cb50341c279871efbe945e0fa1437a5910be6dcb694e7dbd4595b4f3d8baa838c4f5df3a204c031846b1f2e3531296e8a031acd7d1fd7e

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
                                                                      Filesize

                                                                      47KB

                                                                      MD5

                                                                      4244abe4890d991b6ba081cc51d77436

                                                                      SHA1

                                                                      9ad0e8bb718d4d8681860437a67b91fe60d832d7

                                                                      SHA256

                                                                      0befb7e87603036c9be7529392d8d2b16f54cdf28f4deda47844ae062af112e5

                                                                      SHA512

                                                                      e99d3111d22cc0d508b97b94bb4d9aebdeb3f04f146981c5ab6c2e6ad9dcde19af350c9efc9be431c3ac95e150fa71416eedd8985fe9addb2ae73f14833c72ef

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
                                                                      Filesize

                                                                      66KB

                                                                      MD5

                                                                      756807c5948fc3c686af148a51c7fca3

                                                                      SHA1

                                                                      8fec0d8d0b010346b5d644c55ce5cee8f3bef1fc

                                                                      SHA256

                                                                      8ff46c6e3a9eb71e0f733a2b444ca878546a3220fde8ac9061b91d1fef59756a

                                                                      SHA512

                                                                      e93ad4efe0d615aa6b760b9016a1b5d4d678813e8f09029c1892ee871f39322736f9b8bd3060c16314b967825edbf00bf9203294df55a0554b372e5c2ab361f8

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
                                                                      Filesize

                                                                      66KB

                                                                      MD5

                                                                      b1cc3143f6c5f44d09cebaaafd4f8ecd

                                                                      SHA1

                                                                      347909203a50f273e5e49c198cc0f913c6758c61

                                                                      SHA256

                                                                      397101d3f703e62ff6d26a2d377a30e4343193485a6823d7a0d9d8d3fb2b9331

                                                                      SHA512

                                                                      c25238632eb6506dfaf659cf9c39d1de41ee7125683abcb093cb645644448af9c2391fcce9067fe4f1e6a8f543141fb1528515c62ea5e59486a7b999ed613176

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
                                                                      Filesize

                                                                      607B

                                                                      MD5

                                                                      2d763a90abcd5bfecc3f9ea28119544d

                                                                      SHA1

                                                                      d4868c954cca233e1ca869dc117cee44dfee1a67

                                                                      SHA256

                                                                      df50719b06d37955fd7aed6a8d7c2e0955c4f9cf936e25f1e1284ede1f6e27a1

                                                                      SHA512

                                                                      4e60e4147e1fc6ea03e656d02bd031f5d2f2f7c398b3a1a3ed53a3d5615bd5f60d6adeca1434453e58dda765ea54582d64567527f43eaf814be01d2f9c0597b9

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
                                                                      Filesize

                                                                      847B

                                                                      MD5

                                                                      9e77dc58178a05febfd15bad8130074b

                                                                      SHA1

                                                                      bf72068ad2b361bf60661dfc00955af507bd853e

                                                                      SHA256

                                                                      280b593c5b1bf9e95637eabfd08f4a2912a2b0c61993d80ee36d05e8cc0b31b5

                                                                      SHA512

                                                                      30a53aaac9c60e15ce9313587819fb8796c192fc16da5517c739c46b7767ddc3583ecb06f06ec9c519303ad49de420055c9f6611096664a6b681afbb22435952

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
                                                                      Filesize

                                                                      846B

                                                                      MD5

                                                                      38e9c2c8236469cd1b3f3d5d36e68f4a

                                                                      SHA1

                                                                      1d8c6e4026bd2629a2369c8c6cc623b6ab69ea82

                                                                      SHA256

                                                                      4fc67360562b09210dcd1a7a2091d3ae2060633e2f00e21f7d50d8c2833879d2

                                                                      SHA512

                                                                      6cab5ba16933797fb86d6162b3bc8c9d0b8e9b807c6d75a316a2dc7e9400046809e9841bd20dde8ee296452b8881f7b9f020e8eea0d0646cc110709f96acd3cb

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
                                                                      Filesize

                                                                      827B

                                                                      MD5

                                                                      edd0e31ebdc194d4ea847eb352e5fd76

                                                                      SHA1

                                                                      c66297808352c2e7850e5bcfc188ecb196c7ca6e

                                                                      SHA256

                                                                      08ded32935f044c1b6fe4874a270d3764a32c03e19c21da4fd29a3bc5ecd4a98

                                                                      SHA512

                                                                      38c00f9499b0fe6daea278f31d52ddd08945d9cd4564a4418418f0304890d5738ac72a106e90704e7eb4dc0773b12c00382db780cb2b3ab39cbf92013c78c854

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      6a229a4b6705714512fee328ff295004

                                                                      SHA1

                                                                      c0e2ee811242571f9bcac56a8062c321473b9526

                                                                      SHA256

                                                                      f164f29397c304218f75291004e37e477d12de03732685e5ec27baa9a3e46d7a

                                                                      SHA512

                                                                      929be6914e4bf3bfbbfe3dfcb26ff34e092139321755e180728d130820224dedee9c812d4501a84de530f06d1e1c0dcbd7066ba233f7ee1138770bd7abffc607

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
                                                                      Filesize

                                                                      11KB

                                                                      MD5

                                                                      b03e071b831ea455d2138b1cf046d4b6

                                                                      SHA1

                                                                      7115c2acaf011c5d0b8b9415b60046c1514c3559

                                                                      SHA256

                                                                      da5c0ab150447897a10c9309201e7333959cf23089f3d2167b8337c100bcf2f3

                                                                      SHA512

                                                                      339c765c3cd53048b1ace918b3f10bace3f4cc5a28508ac4cd155ef5cb7ea726ccce245ffc928a0446a553847a27f090275d532b9c1709d7b8cc6af07be292e1

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
                                                                      Filesize

                                                                      11KB

                                                                      MD5

                                                                      91bdcf1752a4dcb9c378c51adc90bbd1

                                                                      SHA1

                                                                      f50edb6ad3c9457063b8b6d576321736325b3b0d

                                                                      SHA256

                                                                      fd2a42633bd21d63470aebc1ed5756684ac0d028c1ec0a9662a4f026e62aeeb3

                                                                      SHA512

                                                                      5b62bbb4b304bb49d9c93b604b8da99c6c835c9db982e9805b5d082911e5f9acd9c4277b19db394ecd4251a56f9189df5d4e3693a917613db054bebc3ad12292

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
                                                                      Filesize

                                                                      11KB

                                                                      MD5

                                                                      e9860344e0b057366c02ba0ed1f0e925

                                                                      SHA1

                                                                      dbf8d4b98dd76362bf09936e0130e5e18d0ac0d4

                                                                      SHA256

                                                                      41e23ddcc03cdaf901e55d8cf9054b95789db780bfb9d7257671189cd36b40df

                                                                      SHA512

                                                                      4da81223ac6a37a71a5ce5aa353e05b70c27607443cf79b3913f72cf8abf10bafff199a57495811eaa3f931bfce56d5d639784d9ae39e902f50e39c8449d099a

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
                                                                      Filesize

                                                                      11KB

                                                                      MD5

                                                                      9978cc1e22b65b6fe2bd93fa3c6422d3

                                                                      SHA1

                                                                      ac5cf0df31be6f8ee32b6ad21e78dd72d1b4bd6e

                                                                      SHA256

                                                                      216c5ef73ff0925350a3f7c2150f5a45532f9e44d693840ae7b1879e28720d32

                                                                      SHA512

                                                                      cb91b0ce6465989730cf6fa32565c3d8f89f98d626ee630bf2ab3d5c03da67cf7b832bf8f5db4fc29cd7d89afc876f5d87bbdb83100f071d987e8cbc038631b9

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      66f247486a8022b571da6d4d096fca54

                                                                      SHA1

                                                                      2cefbcc4250ef7e085cd3d8c3774d019d5fd4f71

                                                                      SHA256

                                                                      acdccaf1fb2bd041e061a5ad6a26b62b7f067672855fb66c121a4a31a283650b

                                                                      SHA512

                                                                      98acbd6e933f2f36c2637d377d860676425a065732246e12092e0a2b7b180a0f0cb9ae9d504ddbe8636b04cceed21d4a047da18f6f20657fa14d478655ce7fe8

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
                                                                      Filesize

                                                                      2KB

                                                                      MD5

                                                                      ede4587cd474fe68037c10fe0057266f

                                                                      SHA1

                                                                      54abda3322ce2d61fe4986988f5efcf544ca5495

                                                                      SHA256

                                                                      75b8a75840d92c018ee8bdc936a916a990352572345c8d961c4cfc4e8c9991ff

                                                                      SHA512

                                                                      3b3852fd747a2d780bcd9e0e4b862a705dda75f8db434c053b985e2dcd8ac030b6dc0cf49656127ae0b37ae773b2fec06b8de28958cd227f06ac9d899a756c8c

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
                                                                      Filesize

                                                                      814B

                                                                      MD5

                                                                      a37e4272ae8983b3b3d6fac2385b8456

                                                                      SHA1

                                                                      7d76f53fd68e846cfae81ed722316a5ca9273f53

                                                                      SHA256

                                                                      be87270cf49dab363491bb4717e6b27fe13d174be5284dcf6bdd2b23b8eac13d

                                                                      SHA512

                                                                      34d295b6ff89ff23c361b4b17949d8c3e7aaf17e20db31d256a4b0fe69880c346fe6aa5ebf3d0fc3c3056f3d9ecc9ec21a6a97560f65dd93fdb4956128f8d733

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
                                                                      Filesize

                                                                      816B

                                                                      MD5

                                                                      7a2b5081b205846dc06bd24b24994766

                                                                      SHA1

                                                                      14e6d3916f95305be8e6b7fd7556ca73f7206160

                                                                      SHA256

                                                                      25dee790d66bd87d2a6a8fa5ef0310a4bc9b9a96d6283b4a18f83a99523bf3a1

                                                                      SHA512

                                                                      36e979551c024233ddc334d301ee23481562ab8875978b3279d14e51b71b4f6446f85507b5a933be85a0d7e4c21d253c654cc21a3277ef94b6aa89ee3adaacfe

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      cbd4c73446eebcbf0eae9fda81eceaeb

                                                                      SHA1

                                                                      6c80b408b98548945eee3df55dce39eb15195ddd

                                                                      SHA256

                                                                      ffe0ed465ab51b9d9cda3a2933ea1f5e6cc0817c187d506f646a3731dc545ba6

                                                                      SHA512

                                                                      e7b93ab30e57ce72af7db2c73a76df1f9d4ec7420c0564db4ed51053ddeb5c9eadfcb558330f4466c38a1615bcdee7993bb6d0d13f78a63f4553d6090c78080f

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      af9a7cab0be64a5a02d207a5fa4784df

                                                                      SHA1

                                                                      ea733834fc4bd8b32605e71c495a00e917f3a56d

                                                                      SHA256

                                                                      8240d072fd788cb4bee3a6327c25519b053366de38f21bb4ccf7c21f7e4f4b88

                                                                      SHA512

                                                                      726eb2d4e522496620f0f1ffffe1c4287a02e108cc341acdb9e285f03b059914e83e3c8197f9dca69dd0c2d993680f91890a82818b85c43695a4157d981092b0

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      0ccb148902b07e39d2bc542ed1f0617e

                                                                      SHA1

                                                                      c66ffe14dd28eec310f66080b64626230c7c302e

                                                                      SHA256

                                                                      99b634c673d7f76e438f7f080eae7e769ff3b74de0975afe2a1fdd6f71d1bc71

                                                                      SHA512

                                                                      1debfede8bda96b6cfeb0dfae6302d79719dd4cb614a3789a667d3fff28892dacc33742ee4b8482fe05c49abd474a4243eca62c1a90a4c0a245887034136279b

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
                                                                      Filesize

                                                                      2KB

                                                                      MD5

                                                                      cc4df95d984d5d058116dfef8aa369df

                                                                      SHA1

                                                                      6155ebf046f62299dd3da800f919103b99a3f5b1

                                                                      SHA256

                                                                      95cf89c620293c1d5c4f05e40c7d52a0265e26c5c9c3f6e40e47a7de07ca6051

                                                                      SHA512

                                                                      1a7c954d5fdba17495c0007c2f7dee79b108147b6d35244133376f1a54a0d7f7eea55746ade3d97b917db5bf9cc2fbc012f0dffbbab6453d99f90ea3a06077a0

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
                                                                      Filesize

                                                                      4KB

                                                                      MD5

                                                                      e44e7bfa2ead35a91410925091485dfd

                                                                      SHA1

                                                                      47bc32df1fd9f9124916740186601dc5664f585f

                                                                      SHA256

                                                                      0aad79e1786bb4c03c9ca77aafce8e5a5e6383c838c2b79ec790c2eb72a7e3a1

                                                                      SHA512

                                                                      6bfabd467856968866f7da97e24a4caa36a2c9d931cdb8b9aa4050041a179029850d2c830ea3597a2fe2b733fca632fe92448a1f0b0fa27c8decc2f933edfe52

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
                                                                      Filesize

                                                                      4KB

                                                                      MD5

                                                                      8966a6cf2d6a96bad7ef1c9d6a281024

                                                                      SHA1

                                                                      f5ad15890941af8e18d11f2dfb8831663711d7a4

                                                                      SHA256

                                                                      73d38e04c2d15eaddeb1a31c35237c640cf9927e12941d8e54bca0020aa77bfc

                                                                      SHA512

                                                                      6f303948c94da4aebd82cf31b95416fe846675803bc30944e1b0ca03a9b87a24dfc7e6e50ffae6fa32d3a97e2824ed0878c9b0fd84c59dcd6d5b24cc3c96828c

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
                                                                      Filesize

                                                                      4KB

                                                                      MD5

                                                                      758a3dd0602a88f0261c3b2f12d9416a

                                                                      SHA1

                                                                      97bc29a7e4243b163dae8383fa32a1d435b6018c

                                                                      SHA256

                                                                      f2af74eb2cdbf976ea77a7fb561631e5297ee895072a25184484944bd1466737

                                                                      SHA512

                                                                      654174bd3cd5b4559b3ad77ece4c3bb2c90d327e010701d5447120856efff3f71d1d573f2f5c199883fa8f25d1ef8e98ded71d3ea17eaf2bf07640d15ebc1727

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
                                                                      Filesize

                                                                      11KB

                                                                      MD5

                                                                      0479c57539f8eb2f239ed1a76083ef8a

                                                                      SHA1

                                                                      b5553b41fa4abb435f87a2c118ecb197c7a07560

                                                                      SHA256

                                                                      cd651c014e87a01d5dc473edf024beee0d90fbdc2858bf60d828b7ea03621e34

                                                                      SHA512

                                                                      a12e2433b8078a613acacd190d421120e6da293f443b82652eaffca3dee31a1366db39090fe9ef6d1f8a0a631cf7d6bb518f1db852a923b1ff83f818e6adfb26

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      84e5381bd4bf1b6d6db9dd8418c8e4d0

                                                                      SHA1

                                                                      c880e4e1a0590b2be0488adf3895201327394cd2

                                                                      SHA256

                                                                      065386e6986c41c23f45b8cbc0498b337763c630ebee0093519fbdee86b6ce82

                                                                      SHA512

                                                                      2120c3409d07898ab27a6170b2fc255f8b9dee8ebb70d63fd10d8d81e701388d8ab3b629c3c5e918f7873f596ac4215cf46f6afebb81891199f8750a5b979d58

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      197f77715179326a5b3205066045f79f

                                                                      SHA1

                                                                      01bcf72dcb7ddfff8a087f8b2fdab997d5ba986e

                                                                      SHA256

                                                                      c434d678efab31ce92d2afc07f260761baaa48c22b74e79ee9549c8eead45364

                                                                      SHA512

                                                                      2d8e3929d15a2bfd6550bad78ed491214221d46541522f1eb7e938afb20421ec0371b54f4008621def8b29140655ff7dc7c98dfb8939aa61154ea3bb0143c610

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      25ad045a2047c3802e1e737d48b1e877

                                                                      SHA1

                                                                      a0cea1b94c4a462eff9676a5881e1626d04e6013

                                                                      SHA256

                                                                      d69b809ed4559da05c49b6181fb315079bf33dcb3ca966976df06b893bceba4d

                                                                      SHA512

                                                                      42fe4dd5ba3b449af0944e2549df9eb8bfbd95f87f312e5b2e21758db0c0d57f92efcafca21054d0ad7d564ea27aaaa1edb259d7151ab4cef6b64f23b553b7d0

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json.bak
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      2f81194bf9eb1240f4b0a0b8364069bb

                                                                      SHA1

                                                                      46594c8cd1481c130252a6eacfedd3cf2bde7953

                                                                      SHA256

                                                                      cd2acc3dd22a239cd1f58400a1b6a22c6e47a4e22937d667d18b5e56dd0bb9df

                                                                      SHA512

                                                                      ca4e6c78bd4f20e74951c19e1b134c6e138a6011473bb639b36c94a6040f9f267670d21b74e4585db53884c527b9988f287c35d3fc7cb91e8fc99a25c2bd23fb

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      a3b9c2936e9c21e83a3a082e8cb4ea4a

                                                                      SHA1

                                                                      6b135af6a83d657fff334299430e034de6bf796f

                                                                      SHA256

                                                                      41447e33e29003f39e0e81f7b6a9b172cd09c57c5fd2b28ce90287e9077f3614

                                                                      SHA512

                                                                      d09742b9576104d5ad147e336e753331c265eaf16189a7402e3aec176d1749fc994b87717ec180dab4f614be0da4c24a47678a864dfdcbf50903b16a80b3e950

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      bf8bd2c2b03bda4aff12b610bb701c86

                                                                      SHA1

                                                                      10308b7b2ac87ff8ca84317afd96d13f3963c159

                                                                      SHA256

                                                                      14004ed4a00b64bf40e8473db03d2eaf4113ef7a86b867244a3c10f1a7790755

                                                                      SHA512

                                                                      bf2d85386e290c07c610e0f333a2ef7d5fcac04a9c306248c1aa1c2ea1eb22df2dbc726dbb47278d2b313cb182862b3b31d3d81fa92c340941dbd7bb643771ee

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      d67d08746a95b2f5caa48614cd70f448

                                                                      SHA1

                                                                      3a7cb9a4aa364968254bd3bcf5b5eee973892efd

                                                                      SHA256

                                                                      b588ddd30fc2d8a8063490b3aeb3cb630780005826ae7a1d80ce59a6d9f4ebb4

                                                                      SHA512

                                                                      c7e0c72798c85a0ae488672b0c32e4fa137d2678bf4cf1ff2892cab3a9b29eebe886488d5ce5b83c81b5b15a22579ff84ae38debc0a49e1450fe5bc9eae6ddf4

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      92075abb95a027c3215954f18dd81480

                                                                      SHA1

                                                                      ad9513836d246017c184b60e2b3333e24b8ce79e

                                                                      SHA256

                                                                      c7605f8e5d5cfbde385472e9732597fb57fe0922852d450d4051b6db65846301

                                                                      SHA512

                                                                      019ed8530cfef951f4d6516549621124cbbc6ae5046111e907b002521fe36f626958da61d75cb471840869449d24026f70ea85aede3c4fd52f9ca572f6f4e5b0

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      67136c18211d2857763214dff5d4164f

                                                                      SHA1

                                                                      74bcb7fe9641c1315b49330dd5f3a8869ac40eca

                                                                      SHA256

                                                                      029129c046798b02a35dcfc3c27810fb27795004b86be2ab149047a790464d30

                                                                      SHA512

                                                                      15091e3917548e42d17a896ae5ebce401a48d257cc3eecaea306e127b9610d34b393a73c6b0eaa26886ec63056ff79e639fcf8d242c833f0f23429e645136722

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      c98cbbaccf2fbcc3e3c41d36d4961922

                                                                      SHA1

                                                                      48c1b5e13dbb82c0ff99fe49e4ff6bb56c7cf41f

                                                                      SHA256

                                                                      3984ed5d816c06310e0ca1ed7cf60a280e45e70f6d79a4e3cd1f67b77382d872

                                                                      SHA512

                                                                      c18b673bc9d23c6aeefc245bb60ef3cf0ca80bd7173820842c8e2325db9cd010f63d5a05065544891f1f2dbc01f851a74f5e8267fee923cc85230d86fe9447b7

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      3c15392db6fe80271b626b9e1a8445b8

                                                                      SHA1

                                                                      7ad6166d33af832c7f9b5b694f075cce51a75dc9

                                                                      SHA256

                                                                      27b046dda577c3f39b298d56ab07a1e541304141173f1c466d036666eb7bb1a3

                                                                      SHA512

                                                                      b638f9cea6879d6ca3a6632c9127200fce08d9500cfb809edf7b19c7fd9f4db6f5ff3f64fc872bf1c5e53566e32a18ce6c4246ee25197a8e9e2d90f9482a6f1a

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      c287c0ff2b52446fa3648e4e60dcac82

                                                                      SHA1

                                                                      3639d187f44402298c5d945cd3eb80f7285f0d77

                                                                      SHA256

                                                                      413c3b38714e661ee2100a64d382db85fb04a2c925df3bc69b9a8bb60988eddc

                                                                      SHA512

                                                                      221dd85023f75f1b2f330d0d358867b8d378ca2c9ebcbdceeac5189f086a804d9963d9db653dd083b6aefa508c3a0b5ab51e77b6f0fe422715fdc5586110d705

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      86ba5203f1ac2f4a2ba2d4e4df50edf1

                                                                      SHA1

                                                                      a9a49255a7f4eb4bf27c44b23f3aae704ac82a98

                                                                      SHA256

                                                                      03c2a3b9412c74a30f40d3c5c85acfe17eacba9ccff35f5c0e575b24675d16fc

                                                                      SHA512

                                                                      1e3919f0a812560af4a4e43634bf8ddb159ce16da01ea132d13489f714b1ea0c2eaa567badc8ce6594f046e495ceb9d6af566dcf909839ff8dede53d1123e694

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      1ac91ffee47081a7a5dda2a19affd6db

                                                                      SHA1

                                                                      3b86b5a63e619f062e1e62a5c645b1a83ceb2664

                                                                      SHA256

                                                                      50aff4c73d28ebe620832e48ef657546d3347886c29244e8f561ede1d5097efe

                                                                      SHA512

                                                                      275a448afcc7e037945836568f2213375c79250e7c72eaa37d9634f8ea2d165eea8b746ac216a242d3633840ed886051195b8afae344bf5b9119917c828c114d

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      612e5b42da0ec8728ad286d4e73bf9bf

                                                                      SHA1

                                                                      cfbb648ca8e8d435fd552d56842310ea4f6e4d28

                                                                      SHA256

                                                                      f88312f403f89c00586f670f0e17d7da03ab7a21dbcd4c15cb197cbb9119f6a8

                                                                      SHA512

                                                                      6e3150852eaf41e2c9a018140ffa14dd55764db255e4f7bcf369b5582b1599ab7d319cf11cacb875501ba513e2d9808261bd37676ad06bf84b94a0eef0511ae0

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      41b123ed7749d14b830fd57c977a0047

                                                                      SHA1

                                                                      3422d013b502756062a4aed1ed6ace4649dd71fb

                                                                      SHA256

                                                                      3cf52fab0b0cda74647fa0e3b0e7a03c20569f401d6eed7e133c33f52f03aaa1

                                                                      SHA512

                                                                      be77486ff610d98fffc59f14fdf269ac9554e00f37ed36a210649564ee9e3472bbb4d9e78535d4ea163b13d25fd173c485754666aad43ecbbc9803a5bf9f71b6

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      2e0840f995a8757c49d5edbfe4e782f9

                                                                      SHA1

                                                                      9b46d3a6dcf9ae66d180e433cfbe0813b6c27cd9

                                                                      SHA256

                                                                      e7fcada17ee06cf7b628e677a44f2986086e4cac288ef1832a97d4cda1cce5c4

                                                                      SHA512

                                                                      fde165d35d9941687638f98a937c0c84113ca04152130d930976fc456230e52764380074a0a9d1f68e53f171e4b44e15a6a4a3ff37e043fa2848c39e55931e62

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\config\VPNServerListConfig.json
                                                                      Filesize

                                                                      125B

                                                                      MD5

                                                                      c086314d7ca26f4e32a6eae238a6541c

                                                                      SHA1

                                                                      4e99213bacba72df99f21cce80cd6139aaef3e99

                                                                      SHA256

                                                                      9602143a8b59ad218dac9928d8f44a75587f9f6f4dd448cb24ff65f5453492b7

                                                                      SHA512

                                                                      526131703f64f417acc17407a6eb39e2c57e94af3879caf7ec5f7e908fcb828cd7d75b461c56fd90ec866d312594d935027678bbe6f40cd7b69c4f20a92a3ab2

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll
                                                                      Filesize

                                                                      576KB

                                                                      MD5

                                                                      b757f9268b222971f04b2eb0dab2d929

                                                                      SHA1

                                                                      2382981ee4df3360b895517d2459591fdcaa6800

                                                                      SHA256

                                                                      8d6096366067928ea6975a4f836a2bdc11af9c6f6d8fd13ab744af951f06b2ff

                                                                      SHA512

                                                                      7464f0579458374fd71660bb5dd44a7fb5e75c379fbd8844fdde07874429efc46a896b1227f5f0f57af02854619a4bb5f1629fd6d6369c06d57bbb96d9c62a35

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll
                                                                      Filesize

                                                                      512KB

                                                                      MD5

                                                                      8fa77131342ad19dcbd23bf31244997e

                                                                      SHA1

                                                                      0a6968613af393ba924bd40d526bbef59a4ee527

                                                                      SHA256

                                                                      74eaa6c68066960cb40bc787efacbc4bb0f4562f049fac2f6d57f2415884d1dd

                                                                      SHA512

                                                                      ca28092361a252963ffda908e2c7d9639b3a84d793736e594d8c30b3543bf344cfd4c240eb9db4b291e2f09e0aaa167cf43db0f921825524bcd181dab2d77d1a

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.nm
                                                                      Filesize

                                                                      335KB

                                                                      MD5

                                                                      ac14203c4b95e98e76b2a698632fe35f

                                                                      SHA1

                                                                      7269c981f1893e54d61f746f528f509af416bbd6

                                                                      SHA256

                                                                      2e50639db2b22a71eb0ee13f33c0eec9ffbbf8bde52c3f7479de34727939193b

                                                                      SHA512

                                                                      d3c39b9ff3c48553ea7f49135272a7757ba13505cf85815de3a34f3c99a1b91e3c5b49ac5b0ba358adf9c2c97aef8806aab3052311ceb328c39f4bd369904340

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.sr
                                                                      Filesize

                                                                      576KB

                                                                      MD5

                                                                      570a375934b543458b08970a56d63a9e

                                                                      SHA1

                                                                      a64af9e056e677efe90c3c4618938aaa185bcca4

                                                                      SHA256

                                                                      7b96af8badccf36559835fedeb1142891dcd35b08396d3854cdebd5b369a11d1

                                                                      SHA512

                                                                      55908bf09eab473780c43845db28651c1bf986a184f12bfc07c9f21729a27a4b1570dfeceb03486329c4ca744648aca0cbcec8c66980ae735b44522a18e95f34

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\cfg.bin
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      634c582955715ab32ddfe83406564b05

                                                                      SHA1

                                                                      79c0a481c1ff351c2e622e440bf7e6795ca6efff

                                                                      SHA256

                                                                      4783d65126b8c83fd9aa8ee0e8428d10c20adb3daee6b6c92dab9aaa26964a67

                                                                      SHA512

                                                                      38af39912704bed274cbea2c8cc0d136b94e328433cc02bfa7f04fdd9313473e11f6e6cd34a7b4614de55de0d8746ade1040a9eca4f37fff178a07d3e8f5b1d6

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe
                                                                      Filesize

                                                                      1.8MB

                                                                      MD5

                                                                      5f4f4838ed0a41b4ae61b16cbdb7c41c

                                                                      SHA1

                                                                      c9e300e9f5245d736d6fcc42dfb990b2639aac52

                                                                      SHA256

                                                                      cd1e8db650a73bfbc124467737b96fe2080f27f27e031e1043ddc76a9844fb06

                                                                      SHA512

                                                                      9bb1ac32b62fb1398616081574b03c0eac37377b4102641299202601f4881fe64c98111334f783d013b509f7eb36ec9b79a7b71bf07436632c280c1ae3142755

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb
                                                                      Filesize

                                                                      448KB

                                                                      MD5

                                                                      2d3124670fea1df012f99e728c3ce571

                                                                      SHA1

                                                                      9ccdbfd1a3f70bb43885382daaf7f7306b813ea2

                                                                      SHA256

                                                                      161074d827ef1efdd66a99a3e731c2fd9981894aec2cab20b153121bd0778f8b

                                                                      SHA512

                                                                      86f75b4ff3b085303b9daa0d61260758fc61aa3ae8a0768d6bf279536d7566a370e8334e685e728b569749f229d5df556c643f9d87b9e4737b6160155e7c0256

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll
                                                                      Filesize

                                                                      512KB

                                                                      MD5

                                                                      ff5845b201b6d21e8353801035a11939

                                                                      SHA1

                                                                      dcc64e798f069260ea86855fa7bbd59ea859f190

                                                                      SHA256

                                                                      39b75cd597b6a56c47a70737c1bbf8e6662e1f15fb7184b5fd8ac1ff96a1b48b

                                                                      SHA512

                                                                      8b2364d77ade5acd93a40ce87ba41cd64453613d1af3aa177d1030dad509d9eb5a56f8e827a4c72410c211a0f09d133c5972e3b95199880d9403d927381879fd

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb
                                                                      Filesize

                                                                      448KB

                                                                      MD5

                                                                      56eb84516aeaf6dde353d07321c450a7

                                                                      SHA1

                                                                      f74f98ea4620678e6790f16e896c2fdce5029943

                                                                      SHA256

                                                                      c5d082577c3445e4a5e37beb2954aee2d58a69bbe99f981dfe2b13c5a7cfa00d

                                                                      SHA512

                                                                      19ee13daca63e2e8be394cedd86f792e1803d16257d129e5ca456d50deed3682df78c95132efe7ff5ee5f09285dee7f0e8ecf198ac09997bd1844c378adf3c68

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb
                                                                      Filesize

                                                                      2.0MB

                                                                      MD5

                                                                      77c22b7f42708e12f3afa221af2cae6a

                                                                      SHA1

                                                                      520953438889145a924e4df64cdfb509a179b008

                                                                      SHA256

                                                                      7df22b3352679fa20383690ce7671df863cacd0c9092c5d02829fe06e72158b2

                                                                      SHA512

                                                                      7625e2d0d5006943fdf4338a75e692553cde2f59bf98cdf6e1d6e296c6781a3d7ddd82d02025d06d3f6f0649fb47c2baafc7430237181c23dc15cbcc7e4cb959

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\pkgvers.dat
                                                                      Filesize

                                                                      75B

                                                                      MD5

                                                                      9e9dc6735769b685f617f19037ff89bf

                                                                      SHA1

                                                                      e51e3d9dbfd734b37e4cdf56f4c369cf4d7b7caf

                                                                      SHA256

                                                                      7e8fbeadd706a6092cbf7a02280029a748232ac4d11ef298bb48a911ac91e78e

                                                                      SHA512

                                                                      dff4781825fedea13e86697da134418b28d5d23d4bd715ecc49dd22f10b913503991b8cb86c4782d4448d61430562e1604b7d00fe70c2821c70ec2663c6de787

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\SdkDbUpdatrV5.dll
                                                                      Filesize

                                                                      2.6MB

                                                                      MD5

                                                                      5c4b6998682070ad73cd246eae251ccb

                                                                      SHA1

                                                                      d4e3eef6332a6598e5d63741f3407574c7de5f5b

                                                                      SHA256

                                                                      54e0e90cc5cfef91ceab363c6cad54c7190cfbbecf6353181779938a3f8de8a1

                                                                      SHA512

                                                                      e1f844ecb631b628ff37068ef474b070e22c5be6453c77acde53e886b7e9109f22d09748a7902e64237f5cc9d05818080c0bb5697918235ea2d4ceefb68b8524

                                                                    • C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\mbupdatrV5.exe
                                                                      Filesize

                                                                      5.9MB

                                                                      MD5

                                                                      ab258c2dec1945b65cd09b302652e8d5

                                                                      SHA1

                                                                      90e660cd3502d9bde40227ec0c0c2820958bab3c

                                                                      SHA256

                                                                      c488c36827fc5505fc797e4d7f9bc56c2c2ab9d8c432ff9eb55657179bbe5e36

                                                                      SHA512

                                                                      de9e9d01f7cfe40fb64ff4e9ca83ae8f7a87b2e460d89b1fd6717f007afbaffb8cd4dd34e13352c46bbc00372c3ff7f9d9027f54df44f2fba16bd0dda4cfe7fc

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                      Filesize

                                                                      280B

                                                                      MD5

                                                                      01f23613bd4e76dfe06e94f295e67b8b

                                                                      SHA1

                                                                      295b0e53c6d51197803483de59f9c7a20683ff3f

                                                                      SHA256

                                                                      242b801564567816049f89087a4d5ea36d9a00438389ab1fbd947dd79add91b4

                                                                      SHA512

                                                                      e33ffe4a73bd780944a0ef471bafacfc0a3860d66ce6e9e8a362b4a48d3a28e5e8486fac9c8ae1db65901218e95ac490969e0bfe98105eb6cd2f2ebcc054bd3b

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
                                                                      Filesize

                                                                      2B

                                                                      MD5

                                                                      99914b932bd37a50b983c5e7c90ae93b

                                                                      SHA1

                                                                      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                      SHA256

                                                                      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                      SHA512

                                                                      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                      Filesize

                                                                      6KB

                                                                      MD5

                                                                      13a85eb16c8b4543e10ed1f35f2157fd

                                                                      SHA1

                                                                      ffbd7347e26c6d6b49f7a765b19350f7980eea17

                                                                      SHA256

                                                                      174657068aa10ae5498aeb4e88499c05b97434451864fcb0724d71c8e4411c1e

                                                                      SHA512

                                                                      07f296b4b3c287ca31bffb2cef314a15fa2f8bad5c4eb898c9d88176c1cca99339327dffd2e25bdd40929c6702e6588d5a1428e4400f91d2e9892a750f131ac3

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
                                                                      Filesize

                                                                      2B

                                                                      MD5

                                                                      d751713988987e9331980363e24189ce

                                                                      SHA1

                                                                      97d170e1550eee4afc0af065b78cda302a97674c

                                                                      SHA256

                                                                      4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                      SHA512

                                                                      b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
                                                                      Filesize

                                                                      40B

                                                                      MD5

                                                                      20d4b8fa017a12a108c87f540836e250

                                                                      SHA1

                                                                      1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                                      SHA256

                                                                      6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                                      SHA512

                                                                      507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      d56d660acd8fe0e6ba567fba0883b2fe

                                                                      SHA1

                                                                      bfa5fadef40f972a55a87748a87c79ebac39fff5

                                                                      SHA256

                                                                      12a01750e6e846dc61c78821b1cea75bf6c57958ce4b6a1de33c7daf9adf1e51

                                                                      SHA512

                                                                      53cd581b6d7ec6ff914c67f3d659f04f161ef26a3ba0b0353e5183658bf08d3c49f1ca90f2bbef8f70d3f2eeeb6af7497de33cec770cae4fff9ae5f3526164b8

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                      Filesize

                                                                      12KB

                                                                      MD5

                                                                      ef62c2388c8006b6cdd83508ea46dbbd

                                                                      SHA1

                                                                      dad24faa68d856e6b5a9c70c5e0ca8b22aaba94f

                                                                      SHA256

                                                                      e1555e89f3ae043b2d464353f42c2fd603cf1d9a33f03f4de95c7001bce2c1d7

                                                                      SHA512

                                                                      2d78033a109f67ca57248e56a2b404b899b67b27cf011907fbe1bedf0db512092559fc51b511b60339bd400a07ed5653d0c7a7f2fc7ed3559bc2e5773b7ef2b2

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                      Filesize

                                                                      12KB

                                                                      MD5

                                                                      7bb401bdcc79885d7b76b31bba144d94

                                                                      SHA1

                                                                      9765e416110027489c9839d0862c2a3978233d57

                                                                      SHA256

                                                                      c9004a0ee3e08aa340ed134524b6ea17b9740f0262069c254ebf33ebca57ce1a

                                                                      SHA512

                                                                      b2eb8aa71f149f8c7bb6dd0582020cfd94e93f1374d81aa200fe39742febd3d71d1cce455fc6468f3178f73522552da240e51d713a76f4ab6945efe9067d2bd5

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                      Filesize

                                                                      33KB

                                                                      MD5

                                                                      e123213efd7d279e5e65a69e1946874d

                                                                      SHA1

                                                                      8c4c6f56e867cfd55db7d9ff4ba8fbd8232dd2f2

                                                                      SHA256

                                                                      7643b74772c497059a869d5c0fd781226325dfd3acdb8a4be233c88e5de4bd57

                                                                      SHA512

                                                                      d5dbd86272b7d621b12e7c9cca78eba4cb6837dc020c922a1a33a6ef769df4d15f4a56f98ffd13c7a9891059e29a52913097ce05ab3bf36f3274452c2be55d42

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1
                                                                      Filesize

                                                                      264KB

                                                                      MD5

                                                                      ff87a2995369aea1cb9940c718317b9c

                                                                      SHA1

                                                                      5132d63a352dd37f8a92b31986059858d56cb4be

                                                                      SHA256

                                                                      82a2384fafd2eb6fb8b1a8ebe83fef9ddaedb14dda5361dadceaadae115b3bb0

                                                                      SHA512

                                                                      ba6321418df27d9d400b181a6d18b5173f9f9a55163c80caecdce059f37b91eb07747c1cd530e53e39436d6a1cd4bd93e356ae35ce10de333ccbb053a35857ec

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                      Filesize

                                                                      72KB

                                                                      MD5

                                                                      18944e00b54ba4196c1c4511619babd5

                                                                      SHA1

                                                                      72ef2ef7f49c23c08af8fddda229b00f980cbc38

                                                                      SHA256

                                                                      f2e162bd14d9c1bf8717b34c3ff699eb6d0fe118305b106ddef0c4882425f33c

                                                                      SHA512

                                                                      e6b30c511f5817149917c4a061b7ae00fed04c83bcaf0359bde2ddf6d19efddeb220602f9fbb43e9e935845472aef0bd42d19f2f9deb112371fe46ae53ccf647

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                      Filesize

                                                                      69KB

                                                                      MD5

                                                                      51e12dd744e641b44de08a9c8422edb6

                                                                      SHA1

                                                                      939da19556ec3972d0612db1f23a557de6ca39e3

                                                                      SHA256

                                                                      3bbfaebc8fc33c10d1449c8f2e46f2cc69846a8d1a70e51ec509109b0a1b6e52

                                                                      SHA512

                                                                      2fd4f2fc0014f8fa2462fd84097c7dafd65844db92ecd7f52cbacc87a16390c503d57cc3eb3dcd034baeb02008b4eea531b253f54bdeb156584f64dfd240a023

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                      Filesize

                                                                      69KB

                                                                      MD5

                                                                      5c3036e5bb01bc97c8bc20be2de74ae1

                                                                      SHA1

                                                                      7c481cae1e852e748127e703f0294b48e00432c0

                                                                      SHA256

                                                                      bf4fb630d38e1f3584d435c4d45a85f59f12470e5f8dc149cf1f65012ea1b794

                                                                      SHA512

                                                                      9c773def3b91b5c22646ebe886448056c2198e76fc4abc92d86b55b2aa62ccf98cb61bf8f8ea712d8a244ab3a60d48a9b848b899d2e320709c516c394cd25f15

                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\datareporting\glean\db\data.safe.bin
                                                                      Filesize

                                                                      9KB

                                                                      MD5

                                                                      cec636b3b052d43b2c9c767114bbad1c

                                                                      SHA1

                                                                      1c9cd91c6d8c73d9da997718d6f4d8c86266e7ed

                                                                      SHA256

                                                                      26d3680f02e043d609f4cb92e96dbbfebbbafee6fddf342971505cef2da0f55f

                                                                      SHA512

                                                                      7706f058c56f197972364bb28dc9f6ca65823f244ecbb5f079745521b5b422091d1fb74d55ada1c5f2da2086ca5c15a5540eb66522d9b1e9483fb75b242f5871

                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\datareporting\glean\pending_pings\b050411b-2b0a-4651-8709-7cd533bfd70c
                                                                      Filesize

                                                                      734B

                                                                      MD5

                                                                      0da2e7fd54b4f183b7d7cf6bcfd162f1

                                                                      SHA1

                                                                      6bbbd1a273f3c18b6d0ff3acfd7b79bce2da0782

                                                                      SHA256

                                                                      c2fea97b6c7faf30b97685c117f4a28a9d9ee74a88f54f4c3a9672e962d0eb85

                                                                      SHA512

                                                                      5758af570833c6b5a1e331b6d398e8c405a77998cff7514feb9c517c72630f29c58eaefd41dfbfaa465bfc8658b884783d06484f464f5caf40f9968578a3d94c

                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\prefs-1.js
                                                                      Filesize

                                                                      6KB

                                                                      MD5

                                                                      52e2d90aeeaa3a2a1c726360938f48f0

                                                                      SHA1

                                                                      4da2341cd3305dfa7af94a83bc896723883819c2

                                                                      SHA256

                                                                      ecb7d72b316087cee223f3f6e23ebca09d8fda149a26870ddd73eaf5935b40e2

                                                                      SHA512

                                                                      c1a2d626e79211bb605b47c59f69d416a763e5c1fb4703710254b25638a5a0305e945bc488d5c7910515ede2dc2cc432bf7fc4a6eb6195958bcbbab78766fcdc

                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\prefs-1.js
                                                                      Filesize

                                                                      6KB

                                                                      MD5

                                                                      afecf499b6dd14685f7e1fcf9ff06d28

                                                                      SHA1

                                                                      39cdca91dc599f29e9af23c00064237415d6b04a

                                                                      SHA256

                                                                      811941ea74368168fe9c2465434a50de2f65e78537f71370ada6a67cd703931d

                                                                      SHA512

                                                                      c32a48621494ae4a9787ff8a36d92d98c99762e1d928c710aac60586113f82c9b8a4580ce417f9fda7092c60bef474e872599cb99b505cb8ac5eb9b58d3857be

                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\prefs-1.js
                                                                      Filesize

                                                                      6KB

                                                                      MD5

                                                                      f79536321e001fe7a0568041488e90de

                                                                      SHA1

                                                                      c9db06788e0458c6ac2a9e4fb63240c6607c8511

                                                                      SHA256

                                                                      b824a2b0ce97c48128bf111e53742c67e261289dbcbe4b076fda12ad896b6c0d

                                                                      SHA512

                                                                      1535fab83abda52c9384830e55fe40769f294a7cecd059e61c00c1d64e5111d798028ae1d30deecd86ec6905b248561a343c3614ae2c343435325ecd8e3ab5b9

                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\prefs.js
                                                                      Filesize

                                                                      6KB

                                                                      MD5

                                                                      7774314ba2acad8ac9f40887f9e389de

                                                                      SHA1

                                                                      22f45ac77e14d5d248a0e4621855fc5592a7912a

                                                                      SHA256

                                                                      c01248aaa07a18c5123e917ac0e9997654de0d8cd58c88f82ff41b76594ffb8b

                                                                      SHA512

                                                                      bba556e4ce37aa8551db49bc40c69f0bddcd4e8d97f712aa6517621f080fe5dab1ab888dcc2f93a61642641590e553311d46dfa89cf0038bffad6ba30be9aba4

                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4
                                                                      Filesize

                                                                      989B

                                                                      MD5

                                                                      2735555235faa129dde30d2d4a9a2024

                                                                      SHA1

                                                                      9516481cfb3da8921e0bd0e46a075da3ddf10d28

                                                                      SHA256

                                                                      69f6f8d130dd949b48821e484446356df35d565107fc713cae01f2f978f7a4e3

                                                                      SHA512

                                                                      9a0d602d50ba426eb2537dc7745f87ca2affc2f01168d0ac7b24ca267ec61cef36c16ef90a8ce9018deb36672a709d2853d257608d88ab9d9d68a53c29806c1e

                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore.jsonlz4
                                                                      Filesize

                                                                      458B

                                                                      MD5

                                                                      896a7064bdd38f41500a1acc76d56d7b

                                                                      SHA1

                                                                      f46cd08670ad5749a865b8e2605f9a4bf1842223

                                                                      SHA256

                                                                      c65639f8d8d261517f4f1a9c2d134ebb986b7087a27c736e5b10fd29d4bced85

                                                                      SHA512

                                                                      f23039afea5c4b34d49c87827bca2b250f02d2ff05d8c6e29656146bedc376438d2976ad57ebee1c06333176cb78789515621a01e2b1202d0a5a2cae6de4bf01

                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
                                                                      Filesize

                                                                      184KB

                                                                      MD5

                                                                      b01efd0877d8bb4a5d754d6d5a5922cf

                                                                      SHA1

                                                                      6dfaecd4219afbb206185171c64c777e9c73ae21

                                                                      SHA256

                                                                      ef1ebedd446ce18b79317f09953ff8a6069f92749188b45945567c315388aa90

                                                                      SHA512

                                                                      6f5fce89b6dc7e6979fdb01493c0811bcd55cb945d7665cd9a23e93419a5aa28207b3f614461103f04b0406741e8020c35252fda5529e41e3e918e42fd89c086

                                                                    • C:\Windows\System32\CatRoot2\dberr.txt
                                                                      Filesize

                                                                      19KB

                                                                      MD5

                                                                      f182870a641edc4f19b0ba491dc6bc92

                                                                      SHA1

                                                                      c37356bc388e33b7c03aba125e324eecfcb26b31

                                                                      SHA256

                                                                      77692e9b2da62df3bd9fd2d7b8f2ec8e99590967017960da753d99fc1b6500df

                                                                      SHA512

                                                                      52eed92f6543830fada28e837bd6ac9207064a3ce370906fa2496b40f840a1321c54d295f3a1b329ba682aff76f84a923b7dd769813cf42c7d010d7fad40eddc

                                                                    • C:\Windows\System32\DriverStore\Temp\{9eb96a88-2d2f-8042-a7e2-9548098b0fae}\mbtun.cat
                                                                      Filesize

                                                                      10KB

                                                                      MD5

                                                                      8abff1fbf08d70c1681a9b20384dbbf9

                                                                      SHA1

                                                                      c9762e121e4f8a7ad931eee58ee60c8e9fc3ecb6

                                                                      SHA256

                                                                      9ceb410494b95397ec1f8fa505d071672bf61f81cc596b8eccd167a77893c658

                                                                      SHA512

                                                                      37998e0aee93ff47fe5b1636fce755966debe417a790e1aebd7674c86c1583feef04648a7bc79e4dedaabb731051f4f803932ac49ea0be05776c0f4d218b076f

                                                                    • C:\Windows\System32\drivers\mbamswissarmy.sys
                                                                      Filesize

                                                                      192KB

                                                                      MD5

                                                                      29cab46fc7a117efb911fa2f6d15dac0

                                                                      SHA1

                                                                      006b1ff6942078339865dd3f30224a46bbe96663

                                                                      SHA256

                                                                      dc7718443d1ac29d1d0325803f0be60ef9a7b6395071cfb1847e7a746e790d23

                                                                      SHA512

                                                                      a179481edfcce87a44520feadf0a81a2c2881957c89a066c94b08db72244dbfb91708880bcf9e8f91f3b97da5dc06b2e10c742e031646ec202bf07262c16f9d7

                                                                    • C:\Windows\Temp\MBInstallTempe02577d126d811ef8b33d6c6679d10a6\7z.dll
                                                                      Filesize

                                                                      2.5MB

                                                                      MD5

                                                                      a144e24209683e3cba6e29dab5764162

                                                                      SHA1

                                                                      ab2112cce717bec8f5667721a072d790484095ec

                                                                      SHA256

                                                                      b2ff9dbf90cbd0c45cd7d95ce4892377ec7e92970e05f2e56b0ce93861190348

                                                                      SHA512

                                                                      2c823981b53b7eb7c1b726468d3b28c234c7e555aab35e759e88d38658566d267a20867f1cb18d96c830e7d53643629a9fa313eecee8b553703086fbb64cc984

                                                                    • C:\Windows\Temp\MBInstallTempe02577d126d811ef8b33d6c6679d10a6\ctlrpkg\Malwarebytes_Assistant.runtimeconfig.json
                                                                      Filesize

                                                                      372B

                                                                      MD5

                                                                      d94cf983fba9ab1bb8a6cb3ad4a48f50

                                                                      SHA1

                                                                      04855d8b7a76b7ec74633043ef9986d4500ca63c

                                                                      SHA256

                                                                      1eca0f0c70070aa83bb609e4b749b26dcb4409784326032726394722224a098a

                                                                      SHA512

                                                                      09a9667d4f4622817116c8bc27d3d481d5d160380a2e19b8944bdd1271a83f718415ce5e6d66e82e36819e575ec1b55f19c45213e0013b877b8d61e6feb9d998

                                                                    • C:\Windows\Temp\MBInstallTempe02577d126d811ef8b33d6c6679d10a6\ctlrpkg\mbae64.sys
                                                                      Filesize

                                                                      154KB

                                                                      MD5

                                                                      95515708f41a7e283d6725506f56f6f2

                                                                      SHA1

                                                                      9afc20a19db3d2a75b6915d8d9af602c5218735e

                                                                      SHA256

                                                                      321058a27d7462e55e39d253ad5d8b19a9acf754666400f82fe0542f33e733c6

                                                                      SHA512

                                                                      d9230901adeecb13b1f92287abe9317cdac458348885b96ef6500960793a7586c76ae374df053be948a35b44abe934aa853975a6ccd3788f93909903cc718c08

                                                                    • C:\Windows\Temp\MBInstallTempe02577d126d811ef8b33d6c6679d10a6\dbclspkg\MBAMCoreV5.dll
                                                                      Filesize

                                                                      6.3MB

                                                                      MD5

                                                                      9bbcbee54b8adda7eb979322ee9c803a

                                                                      SHA1

                                                                      82d1c65ae32210b6ec3df6c2dc5a395ea6b7a9ac

                                                                      SHA256

                                                                      fe5c67c1e19c1137a4d4b3928d8b37db1845ac6d4b3f13d7b4d4bf4b325e331a

                                                                      SHA512

                                                                      fc0637f2f55698775840720480bc65fd40911913a509f0fe70cd2653aa2bdfb0605e4db24283da56a83ed7d74eb5837d2eab876c3025a94606bdfa6715ce19d9

                                                                    • C:\Windows\Temp\MBInstallTempe02577d126d811ef8b33d6c6679d10a6\dotnetpkgtmp\shared\Microsoft.NETCore.App\6.0.28\mscordaccore.dll
                                                                      Filesize

                                                                      1.3MB

                                                                      MD5

                                                                      3143ffcfcc9818e0cd47cb9a980d2169

                                                                      SHA1

                                                                      72f1932fda377d3d71cb10f314fd946fab2ea77a

                                                                      SHA256

                                                                      b7fb9547e4359f6c116bd0dbe36a8ed05b7a490720f5a0d9013284be36b590b7

                                                                      SHA512

                                                                      904800d157eb010e7d17210f5797409fea005eed46fbf209bca454768b28f74ff3ff468eaad2cfd3642155d4978326274331a0a4e2c701dd7017e56ddfe5424b

                                                                    • C:\Windows\Temp\MBInstallTempe02577d126d811ef8b33d6c6679d10a6\servicepkg\MBAMService.exe
                                                                      Filesize

                                                                      7.1MB

                                                                      MD5

                                                                      2a04ba83060427c8dab782517a07e01b

                                                                      SHA1

                                                                      f4573f20473db0ab32c3348e536e2287151c4c4f

                                                                      SHA256

                                                                      569379dfd0bac0b2ef4408c2786c982a9b4bf5bcf530518564ec7db1af764295

                                                                      SHA512

                                                                      749e66f94cb516fd98b2acd9219a2adfeba49729510b255ecabb5f1610f75eff214d361a4fbb2e2efb59a0eff25b9d49b8758b6e0c4592e5713e59df6a194ebd

                                                                    • C:\Windows\Temp\MBInstallTempe02577d126d811ef8b33d6c6679d10a6\servicepkg\mbamelam.cat
                                                                      Filesize

                                                                      10KB

                                                                      MD5

                                                                      60608328775d6acf03eaab38407e5b7c

                                                                      SHA1

                                                                      9f63644893517286753f63ad6d01bc8bfacf79b1

                                                                      SHA256

                                                                      3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59

                                                                      SHA512

                                                                      9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7

                                                                    • C:\Windows\Temp\MBInstallTempe02577d126d811ef8b33d6c6679d10a6\servicepkg\mbamelam.inf
                                                                      Filesize

                                                                      2KB

                                                                      MD5

                                                                      c481ad4dd1d91860335787aa61177932

                                                                      SHA1

                                                                      81633414c5bf5832a8584fb0740bc09596b9b66d

                                                                      SHA256

                                                                      793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3

                                                                      SHA512

                                                                      d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830

                                                                    • C:\Windows\Temp\MBInstallTempe02577d126d811ef8b33d6c6679d10a6\servicepkg\mbamelam.sys
                                                                      Filesize

                                                                      20KB

                                                                      MD5

                                                                      9e77c51e14fa9a323ee1635dc74ecc07

                                                                      SHA1

                                                                      a78bde0bd73260ce7af9cdc441af9db54d1637c2

                                                                      SHA256

                                                                      b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0

                                                                      SHA512

                                                                      a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186

                                                                    • memory/2432-4127-0x000002A339BC0000-0x000002A339EFF000-memory.dmp
                                                                      Filesize

                                                                      3.2MB

                                                                    • memory/2432-4366-0x000002A339BC0000-0x000002A339EFF000-memory.dmp
                                                                      Filesize

                                                                      3.2MB

                                                                    • memory/2432-4234-0x000002A339BC0000-0x000002A339EFF000-memory.dmp
                                                                      Filesize

                                                                      3.2MB

                                                                    • memory/2432-4044-0x000002A339BC0000-0x000002A339EFF000-memory.dmp
                                                                      Filesize

                                                                      3.2MB

                                                                    • memory/2432-4193-0x000002A339BC0000-0x000002A339EFF000-memory.dmp
                                                                      Filesize

                                                                      3.2MB

                                                                    • memory/2432-4498-0x000002A339BC0000-0x000002A339EFF000-memory.dmp
                                                                      Filesize

                                                                      3.2MB

                                                                    • memory/2432-4198-0x000002A339BC0000-0x000002A339EFF000-memory.dmp
                                                                      Filesize

                                                                      3.2MB

                                                                    • memory/2432-3892-0x000002A339BC0000-0x000002A339EFF000-memory.dmp
                                                                      Filesize

                                                                      3.2MB

                                                                    • memory/2432-3156-0x000002A339BC0000-0x000002A339EFF000-memory.dmp
                                                                      Filesize

                                                                      3.2MB

                                                                    • memory/2432-4521-0x000002A339BC0000-0x000002A339EFF000-memory.dmp
                                                                      Filesize

                                                                      3.2MB