Malware Analysis Report

2024-10-10 12:04

Sample ID 240613-sadxkstcnb
Target MARVO M358 mouse setup.[20230506](1).exe
SHA256 3fe0b7957368cdf72a550854e72e11d67fb15a1d49254da1d7d39d94ec5aa6fe
Tags
discovery
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

3fe0b7957368cdf72a550854e72e11d67fb15a1d49254da1d7d39d94ec5aa6fe

Threat Level: Shows suspicious behavior

The file MARVO M358 mouse setup.[20230506](1).exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery

Executes dropped EXE

Checks installed software on the system

Drops file in Program Files directory

Unsigned PE

Enumerates physical storage devices

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 14:55

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 14:54

Reported

2024-06-13 14:55

Platform

win10v2004-20240611-en

Max time kernel

15s

Max time network

7s

Command Line

"C:\Users\Admin\AppData\Local\Temp\MARVO M358 mouse setup.[20230506](1).exe"

Signatures

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-22JN4.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-Q79OA.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-D8NSS.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-Q0526.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-VBCD4.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-GE2JV.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\0_INI_CN\is-P9MTD.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\MacMenu\is-RJA23.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-ASI1J.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-6A7NN.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-I6G38.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\0_INI_CN\macro\is-A7GPH.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-CLU1V.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File opened for modification C:\Program Files (x86)\MARVO M358 mouse\Gaming Mouse 3.0.exe C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-M0DKU.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\0_INI_CN\is-IEVCV.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\0_INI_CN\is-5L9ED.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-VF1LE.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-H9BN4.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\unins000.dat C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\Gun\is-7HS0U.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\0_INI_CN\is-0G288.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-QGHA8.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\macroReset\is-URVN4.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\Gun\is-636R2.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\MacMenu\is-H6MBR.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-VMG30.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-CKT46.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-58K57.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-QEKRG.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-5F3EE.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-3IHR0.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-P2DPN.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-IFUOL.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\macro\is-5UB24.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\is-HSEL6.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-C3P0K.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\0_INI_CN\is-QRMVI.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-353P4.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-8EF5E.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-0OU3M.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\Gun\is-58HO3.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\MacMenu\is-EMD07.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-3B4P7.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-RQCKG.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-HJCTJ.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-B7DAO.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-R3O90.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-S7UNS.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-OFDRR.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\macro\is-CFF5C.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\config\is-GBLTH.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\config\is-4P3TE.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\config\font\is-K1244.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\MacMenu\is-HN164.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-FR34B.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\0_INI_CN\is-7FD7A.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\MacMenu\is-FGDUB.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\is-740NL.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-OPLM2.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-KVH0A.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-C6ON3.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-AMRQV.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A
File created C:\Program Files (x86)\MARVO M358 mouse\skins\is-9ANKE.tmp C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp N/A

Enumerates physical storage devices

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\MARVO M358 mouse\Gaming Mouse 3.0.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\MARVO M358 mouse setup.[20230506](1).exe

"C:\Users\Admin\AppData\Local\Temp\MARVO M358 mouse setup.[20230506](1).exe"

C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp

"C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp" /SL5="$401C2,3815441,314880,C:\Users\Admin\AppData\Local\Temp\MARVO M358 mouse setup.[20230506](1).exe"

C:\Program Files (x86)\MARVO M358 mouse\Gaming Mouse 3.0.exe

"C:\Program Files (x86)\MARVO M358 mouse\Gaming Mouse 3.0.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 13.107.21.237:443 g.bing.com tcp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
BE 2.17.107.128:443 www.bing.com tcp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 98.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 128.107.17.2.in-addr.arpa udp

Files

memory/2000-0-0x0000000000400000-0x0000000000457000-memory.dmp

memory/2000-2-0x0000000000401000-0x0000000000412000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-LPKIO.tmp\MARVO M358 mouse setup.[20230506](1).tmp

MD5 2d3f134be86ce48cedc3c8e86b0f755f
SHA1 b0b6aea277b45c26cdc233e771a73dfbe8d2c6a7
SHA256 f86e7565c99e293a352e04e40a8c13300042f7d7810dbe9573c51f71bc6f9f95
SHA512 c59d579aa59eb6ef63c6569cfe3385a85119665c7f629beace5e7b948625c5c0565b20909aa31e383c6d9a9a19cdb59300cbba9c87500c37c18c53cd1c47f7ab

memory/1108-6-0x0000000000400000-0x000000000055D000-memory.dmp

C:\Program Files (x86)\MARVO M358 mouse\skins\is-S2IDM.tmp

MD5 aad3b6c3519f0a96f45c44df7694c776
SHA1 f38dde54b60aa11c6915a802e80f93bfa6bc82cc
SHA256 53a7d423b30c4c30ae5994c558d1b69acbdd4ab9dbf185e1b7d3d87984a5b113
SHA512 c6913e08b5f74eb1af6fe89a3f85353f1a55bf220e7571718689f6c3412b9d19bf94074e8995f4711e12b1bb92f4276816acca33e75e1405be88abeeaa6f184b

C:\Program Files (x86)\MARVO M358 mouse\skins\0_INI_CN\macroReset\is-KROFC.tmp

MD5 42823aa1d29e0f460838537530c27fdd
SHA1 67d9de2a2967d736e3e8406cdce3e449f308e6d6
SHA256 e294c86660c8ff04ce280624ac6c410f77243425314f984117af74f958ebd053
SHA512 76499351d84030fa36d8e8eed6bc717091a731cf6ab1c412e772925ba3c3e8c2962ec5dc8b36352fe74bad90f1abc1f23f412d3a8b1a44919bca2bf806daec87

C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-5F3EE.tmp

MD5 c7ac194a9bdd758206ba8f27e692c28c
SHA1 124a02fee6a2d6798574798803d82930679787c4
SHA256 0455836c75b4162aa336649a7a95871112203416d2ab7f82eae68fc48c1e3569
SHA512 ab3b037dd631c34238ff450c7c0cf2d1982097b83d0f69c82cc85bcdb0b1414ce12b4d1db82d4fb3c09e13cc1578520e0a2d24b385e867833de9382f1f170b77

C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-LN6OI.tmp

MD5 aaee3adafc19b031a0b02a5271b48ebd
SHA1 038becd522277cd8e8a1793c0a73d6d2303fb9d4
SHA256 066ddaf8e913724736f1de771d9f39a023b4d8d831ac24774cc8fe99fce63c56
SHA512 4bfe9554568a1d78d31a7d68c5d7e2f5e7adfcf01b9d90011aff9c6663c2bbdb305dfb57e6d58a9a888135a0aa8bdc3fbcae17dee2f30338b1da3987a444fc8f

C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\is-VF1LE.tmp

MD5 fae15143f7faed50c175fe01bba808dc
SHA1 37aa85498eb63e99c6feb9e51a0b8e2e22657730
SHA256 ccb7fdbee0aac0de4c084a0ae2490e0f548220969621e2298d8bb62bea9ef8bc
SHA512 121a13638099a90b209a3c2250933d84b279727cdaa19db26fe543e414a87876d170a16cad220b67c880498fd7ab600744921dabf12aed2c45efeeb42d260d6a

C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\macro\is-CFF5C.tmp

MD5 e86da7ca0068d0cb6c552ff1c2700142
SHA1 e22e96628eb87f3a52810709c66629071d83bc13
SHA256 dec4171891a954b8332ec53ffa4207c87c8b07789b12ec45946d80fd7bc25c28
SHA512 02b2e3747bff0daa2a433327c28650978f93abb2c9dc0c86237c25f3839d0b0911ad4100a8f0522bd9023fe482d26a2977dccb108e0242c1933e04686eee78ab

C:\Program Files (x86)\MARVO M358 mouse\skins\config\is-PE3DF.tmp

MD5 c92b3ad86ea108c600bdf97623b969b5
SHA1 49f7bb9b16fa5177a5d2ccb3c61a933c26434632
SHA256 35fd116a76366a0f1871fcf2c47e2fd1eeba0217928c7dc20390f42576892a2b
SHA512 e49ae6e876cf2f535175d55ab69302fb9d240b5c28ddfad2c803c488a2ea1b4d3eedfc5754b7676da448ff71791eca0cc15d17443c31c2e08bb3fa1c3f226bd1

C:\Program Files (x86)\MARVO M358 mouse\skins\config\is-GBLTH.tmp

MD5 ed48dfcdf4f9d4c262302062547cc712
SHA1 5ad9938e0e852700013a5dd24e1d7e08441e2305
SHA256 3dac2542ef2df0fdd59fdf296bdd0c7751ecda0aa57a08839817ea303552914f
SHA512 1c0ec635e37223eb865cd8f7f18b913e319a9d4882ee43de7181250da6c4a9751ad24cf803857a5a92ace045aa024790303371a276ab0c86504ed471fa4a1cee

C:\Program Files (x86)\MARVO M358 mouse\skins\config\font\is-KQ1ER.tmp

MD5 5673da52c98bb6cb33ada5aaf649703e
SHA1 a18dcbf99c8d2325c2fbf22a64e8cc28a0cf4d3b
SHA256 16466ef65064e6f3885a6d2806b8949ac1ac38b524dd0cf8fc96565eb4cc28e8
SHA512 9728536f1e67069b4c44effc3245d81f61fb79c811a4bd2d3879f57eb220e475dfee0639dbecbe03f411aa8f1e2e84fc38a966ba38982b0b35e2b2a98549583a

C:\Program Files (x86)\MARVO M358 mouse\skins\MacMenu\is-B3087.tmp

MD5 a4825f7ac8461d9d6a90b48475e97279
SHA1 ff0cb4769c829dfa48c0fa100bc6754ac1f7f6e5
SHA256 097931238ce6757b72f26de221ea87cb22e655c61b88333664a91cad30bccd77
SHA512 9e5ebdd7e1c9aae4e42f62cb224100637c564820473b05bbdbb0402731e8a4e3110cbc3974d07ca49633d8d6aa18e809ba7e66f361c2e3a204754a80bded2ce4

C:\Program Files (x86)\MARVO M358 mouse\skins\MacMenu\is-DSV9P.tmp

MD5 ff5ffd33126bd7470978578e03f59181
SHA1 6d5156db80170e4847aa0132aaef9b50dcd452f9
SHA256 6a0e0b77e36e91a685446b661a42d30910fc14d59efc30c6b85239845417817e
SHA512 741dbf9a1117a18df56fd9af65543051f7bdb768a4744d304107210f80a7172bfc54e51389b53034ef20896dce79d04c9b4ff4aeb3bd96b85cf09220a1e4c7db

C:\Program Files (x86)\MARVO M358 mouse\skins\MacMenu\is-H6MBR.tmp

MD5 c0e4aa2df74b52c2ef0ffe0dc62f56f9
SHA1 562da02df98b7450e08158fdbcf39e8edb6ecd5a
SHA256 26e89092509c27ce85d2e6202d7c1d1d9d50af0b0b9db48f258b1ec61dd48e16
SHA512 85180b791897d483d51ec6b5993d5c6ddc725488fb37266d25bf67c86b02747153850b2c1f1dedda9f0c9d333c6215907e914a0a2a73027f5183631e241072ad

C:\Program Files (x86)\MARVO M358 mouse\skins\MacMenu\is-RJA23.tmp

MD5 e29dd6b507260763c35791f38433ff06
SHA1 7436aa9e48eb0fcfff167120441ff3a170bcbb8e
SHA256 980880feeb902f20a1477023e65dc2829a46dbe3cbc9648536005b19cc9297de
SHA512 b0874ec1b17d96acd979911a5d35f886a0f31bdd5c52d0c3475543dd7017c82d5b4cc5fb07b5619383c0c9ed9c5605f10c4b93eea362f50b7cc644fdb4924445

C:\Program Files (x86)\MARVO M358 mouse\Gaming Mouse 3.0.exe

MD5 48b5de558ed287d0e2e6ca61e510e83d
SHA1 b1b4fe460c488f53a83ebb7fb8bd7abff9812661
SHA256 f736d1262582f031206bc30d0f3e6f528f92fe6cf64bd066ce7de7fc045c30ee
SHA512 9cb17fa7543a37242c12b7faacb7b1004db8a069b4affdd28dea4a7d74b3628548c50ed3b385128160837708c228d18c02ec790b9a035963cff262a49c90e12d

C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\LanguageText.ini

MD5 b32e83c49e205feaa725adce59212038
SHA1 1f8a35523da218e6717aec32a242ea0bc0a04a15
SHA256 22a98a09d61f6a96dc08720e7d2959359055b396e39cf4e0b48c816f27234206
SHA512 ec2315c18eb629c45e7d5c81761fd0ae9877e91ac38219963e5b3ed36d2d9dab574247c3681578d655e488ab915e8bd5f2a1b91ea1aa5ed5a514543c3de80c14

C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\skin_color.ini

MD5 4b104a9fbd57a415302c9438689582c6
SHA1 c106da0f57f5c2620bec76697068bc244129004f
SHA256 f7aecdbfc8e622340a316a33ef8141aadcfae6530e66fe525dd720b50208a73f
SHA512 bc1cd6fb73875efed690a50f91149d886a04fd1adaaccc8180b2d7cdf78ebf24a8ad39003f3ab3322d5f73874f9e517fdd3c0003fea8cfef0bf74a1bbc93595b

C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\skin_main.ini

MD5 195e097f18e844dd5ec9b4f24d057106
SHA1 f41df437c709e01d0d8b211bdae3d7f84d494e59
SHA256 b7ae75ee40a28bb7a17b9ac88e323a01c85ab52c387974a4cbf96d291221ac93
SHA512 20c82bb67763537e71bca6493c197a57930979370e350a500204af3ee00a9ec574b05d706590d2b3bf21e43bd8078ec25eeb9e18e6c5745cda57a11e19e55746

C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\skin_advance.ini

MD5 2eec902e29851a380c97bddecfd8506c
SHA1 ddc3e459beb98a6e31405dbe16d9454682cca638
SHA256 b097b559f0c46f0eb0ad5eb3c216322222042e2a31de21a8e46f7a482cdda10c
SHA512 ba8fa4775846d09c3907d3eeae44baedf3ee1fcb1b6dc9e33b47efa133376395b1c8f6ebb8c33e74f66f75e8ac508f1bfdd540391fbbe92ee69c338a4e91f797

C:\Program Files (x86)\MARVO M358 mouse\skins\1_INI_EN\skin_mac.ini

MD5 8cf626cf3ae6ea379d38cac68e6fcca7
SHA1 4a035d77d66f58be824fe697d751a443fda0217e
SHA256 3c41b9e3e455dd314152414f850f00c72a59064284590578fc7552c3ec0ab2be
SHA512 2a7f832ecc1be330ef71b4b7d66970a021c20736ae4fdb5cc98bb48c100cf3fd4308b3f97533dfdea57fd84812fc6620a6fba237322d851ca4e029cd15c4e551

C:\Program Files (x86)\MARVO M358 mouse\skins\main_mask.jpg

MD5 3dda7f2fcda64bc878bfb21fa2344e01
SHA1 8bc4e89256458b3d7e12ee495ba9a131c8e95787
SHA256 2cb33ba0263b20b4979d9624a203eda7a3776bd0ab8b7aaf258c312f2726e3b8
SHA512 8d68e94c3a27501dc05b58a8cc1614129e7ba002011ce6cce2876bb742ff8adfde48a4fe161497643c60b0872d1be5c879e87ac34921341aa7e152dcfd752875

memory/1108-644-0x0000000000400000-0x000000000055D000-memory.dmp

memory/2000-645-0x0000000000400000-0x0000000000457000-memory.dmp

C:\Program Files (x86)\MARVO M358 mouse\skins\warning_mask.jpg

MD5 5c8ca7356300dd95250947231a672ddc
SHA1 f2e147e48c72ed903c5f7eeb39e65e64316fb8ed
SHA256 2fdac0d0f7d69d23d324ee4eb0470bdba0ac71f4877052f45f4348113f7bfc2e
SHA512 fdb2fa9cbd07202ff8bcb92c17c88988ceb317e5f236e0d300c6b7782150d14cd3909ca2fe0aeb7d91e864e5720c065fe521f32e9d8cb0d35cb1a8723ebb0516

C:\Program Files (x86)\MARVO M358 mouse\skins\warning_over.jpg

MD5 63ae1e3592b07f24c4c23c576f0b7720
SHA1 bf5c850a7235ea2368baa7357443c9340d2bc326
SHA256 64a533967ee01c5d8244199846469be422b6c8acfe4c26e64b62b2b9e6f302eb
SHA512 73fa399ff9fd9d3ad07b93f36a1e5dd3014c5c270e6c307a579cd7530765bfce4d7bf8bdf430fee83ec45203779cc5071d8f241c49768d07d796fbaf8c0d4c3e

C:\Program Files (x86)\MARVO M358 mouse\skins\warning_normal.jpg

MD5 af2ee8465e40188de4f382f3f52983f2
SHA1 cfa7e0f8688e498cb6f46afe127906267e11d06a
SHA256 059c38c55f569c5ebe9580e24c7504556de860eea2d2eea318508010bb13e091
SHA512 3c3e77094392485617f9959b4f789ee51b798534327baadc4bf9e97b0ba285cf6da77222f1e7b7df8adabbd87ea0b92cd753d59f8e87a62cd0a28dc29a6fd609