Overview
overview
7Static
static
3ugene-50.0...64.exe
windows7-x64
4ugene-50.0...64.exe
windows10-2004-x64
7tools/pyth...loc.py
windows7-x64
3tools/pyth...loc.py
windows10-2004-x64
3tools/pyth...tty.py
windows7-x64
3tools/pyth...tty.py
windows10-2004-x64
3tools/pyth...tle.py
windows7-x64
3tools/pyth...tle.py
windows10-2004-x64
3tools/pyth...pes.py
windows7-x64
3tools/pyth...pes.py
windows10-2004-x64
3tools/pyth...ing.py
windows7-x64
3tools/pyth...ing.py
windows10-2004-x64
3tools/pyth.../uu.py
windows7-x64
3tools/pyth.../uu.py
windows10-2004-x64
3tools/pyth...uid.py
windows7-x64
3tools/pyth...uid.py
windows10-2004-x64
3tools/pyth...ngs.py
windows7-x64
3tools/pyth...ngs.py
windows10-2004-x64
3tools/pyth...ave.py
windows7-x64
3tools/pyth...ave.py
windows10-2004-x64
3tools/pyth...ref.py
windows7-x64
3tools/pyth...ref.py
windows10-2004-x64
3tools/pyth...WS.txt
windows7-x64
1tools/pyth...WS.txt
windows10-2004-x64
1tools/pyth...on.exe
windows7-x64
1tools/pyth...on.exe
windows10-2004-x64
1tools/pyth...n3.dll
windows7-x64
1tools/pyth...n3.dll
windows10-2004-x64
1tools/pyth...12.dll
windows7-x64
1tools/pyth...12.dll
windows10-2004-x64
1tools/pyth...nw.exe
windows7-x64
1tools/pyth...nw.exe
windows10-2004-x64
1Analysis
-
max time kernel
144s -
max time network
143s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
14-06-2024 13:16
Static task
static1
Behavioral task
behavioral1
Sample
ugene-50.0-win-x86-64.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ugene-50.0-win-x86-64.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
tools/python3/Lib/tracemalloc.py
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
tools/python3/Lib/tracemalloc.py
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
tools/python3/Lib/tty.py
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
tools/python3/Lib/tty.py
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
tools/python3/Lib/turtle.py
Resource
win7-20231129-en
Behavioral task
behavioral8
Sample
tools/python3/Lib/turtle.py
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
tools/python3/Lib/types.py
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
tools/python3/Lib/types.py
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
tools/python3/Lib/typing.py
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
tools/python3/Lib/typing.py
Resource
win10v2004-20240611-en
Behavioral task
behavioral13
Sample
tools/python3/Lib/uu.py
Resource
win7-20240611-en
Behavioral task
behavioral14
Sample
tools/python3/Lib/uu.py
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
tools/python3/Lib/uuid.py
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
tools/python3/Lib/uuid.py
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
tools/python3/Lib/warnings.py
Resource
win7-20231129-en
Behavioral task
behavioral18
Sample
tools/python3/Lib/warnings.py
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
tools/python3/Lib/wave.py
Resource
win7-20240611-en
Behavioral task
behavioral20
Sample
tools/python3/Lib/wave.py
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
tools/python3/Lib/weakref.py
Resource
win7-20240611-en
Behavioral task
behavioral22
Sample
tools/python3/Lib/weakref.py
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
tools/python3/NEWS.txt
Resource
win7-20240611-en
Behavioral task
behavioral24
Sample
tools/python3/NEWS.txt
Resource
win10v2004-20240611-en
Behavioral task
behavioral25
Sample
tools/python3/python.exe
Resource
win7-20231129-en
Behavioral task
behavioral26
Sample
tools/python3/python.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
tools/python3/python3.dll
Resource
win7-20240508-en
Behavioral task
behavioral28
Sample
tools/python3/python3.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
tools/python3/python312.dll
Resource
win7-20240508-en
Behavioral task
behavioral30
Sample
tools/python3/python312.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral31
Sample
tools/python3/pythonw.exe
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
tools/python3/pythonw.exe
Resource
win10v2004-20240611-en
General
-
Target
ugene-50.0-win-x86-64.exe
-
Size
224.2MB
-
MD5
b42bb289071ff91ac1f7c095496a2171
-
SHA1
bb1caa1d21df183722b81edfa6267b4270a7e048
-
SHA256
a2792b8d2290310062cfa14c52036192f8359af62ee7ff3be63e86ddbf637d75
-
SHA512
1c9d4b3a452639607f0221f4a499b380aab98f0531115e396ae1199889c52f0eed2877beb3c7144170edf980c7c50680d52ed10a0e2dfb39e76f1a0d58e6aa5b
-
SSDEEP
6291456:8Hri1nn8MoFEpMBTztP9TIUtkjQfu0w/RSOfrUwoTqItwm:OE4+psTzv0UgQJw/9TUwoTqIt5
Malware Config
Signatures
-
Modifies file permissions 1 TTPs 1 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 64 IoCs
Processes:
ugene-50.0-win-x86-64.exepython.exepython.exedescription ioc process File created C:\Program Files\Unipro UGENE\tools\perl5\lib\pods\perlko.pod ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\python3\Lib\lib2to3\fixes\fix_operator.py ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\snpeff\scripts\gsa\bayesFactor_correction_scoreCount.sh ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\data\position_weight_matrix\JASPAR\insects\MA0460.1.pfm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\java\lib\management\management.properties ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\dumpvar.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\auto\Sub\Name\.packlist ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\auto\Win32\Clipboard\Clipboard.dll ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\python3\Lib\__pycache__\linecache.cpython-312.pyc.2663061435568 python.exe File created C:\Program Files\Unipro UGENE\data\position_weight_matrix\UniPROBE\GR09\Rds2.pwm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\data\sitecon_models\prokaryotic\NARL2.sitecon.gz ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\mfold\gs\gs10.02.0\Resource\CMap\90msp-RKSJ-V ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Module\Runtime.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\python3\Lib\site-packages\pip\_vendor\cachecontrol\_cmd.py ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\data\sitecon_models\prokaryotic\MELR.sitecon.gz ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\unicore\lib\InPC\TopAndL2.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\python3\Lib\site-packages\pip\_internal\network\auth.py ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\data\position_weight_matrix\UniPROBE\Cell08\Hmx3_3490.2.pwm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\mfold\gs\gs10.02.0\Resource\Font\C059-Roman ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\python3\Lib\site-packages\pip\_internal\index\package_finder.py ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\data\position_weight_matrix\UniPROBE\GR09\Oaf1.pwm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\data\sitecon_models\prokaryotic\TORR.sitecon.gz ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\mfold\gs\gs10.02.0\Resource\CMap\Adobe-Japan1-2 ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Perl\Critic\Policy\Variables\ProhibitReusedNames.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\auto\share\dist\DateTime-Locale\ast.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\mfold\gs\gs10.02.0\Resource\Encoding\CEEncoding ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Compress\Raw\Zlib.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\python3\Lib\site-packages\isal\_isal.cp312-win_amd64.pyd ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\snpeff\examples\intervals.bed ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\python3\Lib\json\__pycache__\encoder.cpython-312.pyc.2556848874256 python.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\auto\share\dist\DateTime-Locale\en-ER.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\unicore\To\Bpb.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\data\position_weight_matrix\UniPROBE\Cell08\Lhx5_2279.1.pwm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\DateTime\TimeZone\Atlantic\Azores.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Moose\Manual\Attributes.pod ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Moose\Meta\TypeConstraint\DuckType.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\auto\share\dist\DateTime-Locale\ca-ES-VALENCIA.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\DateTime\TimeZone\Asia\Yerevan.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Moose\Meta\Method\Accessor\Native\Hash\shallow_clone.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Unicode\Collate\Locale\is.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\DateTime\TimeZone\America\Indiana\Vincennes.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\python3\Lib\importlib\resources\readers.py ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\unicore\lib\Nv\7.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\java\lib\deploy\messages.properties ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\mfold\gs\gs10.02.0\Resource\CMap\UniJIS-UCS2-HW-H ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\mfold\gs\gs10.02.0\Resource\Font\URWGothic-BookOblique ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Moose\Exception\MetaclassMustBeDerivedFromClassMOPClass.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Specio\Library\Structured\Tuple.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\auto\share\dist\DateTime-Locale\mk.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\auto\share\dist\DateTime-Locale\sg.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\snpeff\examples\samples_cancer.txt ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\data\sitecon_models\prokaryotic\ISCR3.sitecon.gz ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\DateTime\Locale\vo_001.pod ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Moose\Util\TypeConstraints\Builtins.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\PPI\Structure\For.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\Perl\Critic\Policy\ValuesAndExpressions\RequireQuotedHeredocTerminator.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\python3\Lib\site-packages\cutadapt\__pycache__\modifiers.cpython-312.pyc.2556848920400 python.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\DateTime\Locale\kln.pod ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\PPIx\Regexp\Token\Comment.pm ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\pods\perlfaq3.pod ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\unicore\lib\Ea\W.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\DateTime\Locale\en_AI.pod ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\perl5\lib\unicore\lib\InPC\Overstru.pl ugene-50.0-win-x86-64.exe File created C:\Program Files\Unipro UGENE\tools\python3\Lib\mailbox.py ugene-50.0-win-x86-64.exe -
Executes dropped EXE 64 IoCs
Processes:
ugeneui.exeplugins_checker.execlustalw2.exehmmsearch.exetabix.exebcftools.exeiqtree.exekalign.exerpsblast.exesamtools.exetblastn.exebowtie-align-s.exeblastp.exebedtools.exebash.exebash.exebash.exebash.exemfold_datdir.exesed.exebash.exeSpidey.exeblastn.exeFastTree.exeblastx.exejava.exejava.exepython.exemakeblastdb.exepython.exejava.exejava.exebowtie2-build-s.exepython.exemb.exepython.exebowtie2-inspect-s.exeClustalO.exebash.exebash.exedirname.exebash.exebasename.exebash.exeuname.exebash.exebasename.exebash.exebash.exebash.exegrep.exebash.exebash.exebash.exegrep.exebash.exeversion.exebash.exeexpr.exebash.exeenv.exemktemp.exebash.exebash.exepid process 3856 ugeneui.exe 4888 plugins_checker.exe 5024 clustalw2.exe 2636 hmmsearch.exe 4916 tabix.exe 1512 bcftools.exe 5088 iqtree.exe 2412 kalign.exe 3016 rpsblast.exe 1188 samtools.exe 1036 tblastn.exe 3564 bowtie-align-s.exe 1492 blastp.exe 4332 bedtools.exe 5004 bash.exe 4612 bash.exe 3080 bash.exe 4356 bash.exe 2488 mfold_datdir.exe 3520 sed.exe 3356 bash.exe 3984 Spidey.exe 3840 blastn.exe 2444 FastTree.exe 4532 blastx.exe 4244 java.exe 1544 java.exe 2480 python.exe 1580 makeblastdb.exe 4708 python.exe 4012 java.exe 1088 java.exe 4308 bowtie2-build-s.exe 5104 python.exe 2620 mb.exe 4728 python.exe 1412 bowtie2-inspect-s.exe 1720 ClustalO.exe 3356 bash.exe 2016 bash.exe 3872 dirname.exe 740 bash.exe 2912 basename.exe 3700 bash.exe 4044 uname.exe 1956 bash.exe 3020 basename.exe 2052 bash.exe 2168 bash.exe 4092 bash.exe 5088 grep.exe 2704 bash.exe 4856 bash.exe 2884 bash.exe 2280 grep.exe 2268 bash.exe 4684 version.exe 2020 bash.exe 4392 expr.exe 3656 bash.exe 1184 env.exe 3616 mktemp.exe 1876 bash.exe 3300 bash.exe -
Loads dropped DLL 64 IoCs
Processes:
ugene-50.0-win-x86-64.exeugeneui.exepid process 852 ugene-50.0-win-x86-64.exe 852 ugene-50.0-win-x86-64.exe 852 ugene-50.0-win-x86-64.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 64 IoCs
Processes:
ugene-50.0-win-x86-64.exedescription ioc process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Swiss-Prot file\DefaultIcon\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe,1" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Stockholm alignment file\shell\open\command ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Clustal alignment file\shell\open\command ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.genbank ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\UGENE Workflow Language\shell\open\command\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe \"%1\"" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Clustal alignment file\shell ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\FASTQ file\shell\ = "open" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MSF multiple sequence file\DefaultIcon ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\NEWICK tree file\shell\open\command\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe \"%1\"" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SAM genome assembly\shell\open\command ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\UGENE Database ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GFF format\shell\open\command ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\NEWICK tree file\DefaultIcon\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe,1" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\UGENE Workflow Language\shell\open\command ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Genbank plain text file ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Genbank plain text file\shell\open\command\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe \"%1\"" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\UGENE Database\shell ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\UGENE Query Language\DefaultIcon ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.gff\ = "GFF format" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MSF multiple sequence file\shell\open ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Stockholm alignment file\DefaultIcon\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe,1" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.fas\ = "FASTA sequence file" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.fastq\ = "FASTQ file" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\FASTA sequence file\shell ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Unipro UGENE project file\shell\open\command ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\FASTQ file ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Genbank plain text file\DefaultIcon ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.srfa\ = "FASTA short reads file" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\UGENE Database\DefaultIcon\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe,1" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\UGENE Query Language\shell\open ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.emb\ = "EMBL file" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.gen\ = "Genbank plain text file" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\NEWICK tree file\shell ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Stockholm alignment file\shell\open ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.em ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\FASTQ file\DefaultIcon\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe,1" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\NEWICK tree file\DefaultIcon ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Protein Data Bank file\ = "Protein Data Bank file" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Protein Data Bank file\DefaultIcon ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\FASTA short reads file\shell ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.sw\ = "Swiss-Prot file" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.fasta\ = "FASTA sequence file" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.seqs\ = "FASTA sequence file" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.abif\ = "ABIF file" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.aln ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\EMBL file\ = "EMBL file" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.bam ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\FASTA short reads file ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\UGENE Query Language\DefaultIcon\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe,1" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\ABIF file\DefaultIcon\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe,1" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Genbank plain text file\ = "Genbank plain text file" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\EMBL file\shell ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.fsa ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\FASTQ file\shell\open ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.sto ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\UGENE Database\DefaultIcon ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.uwl ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Unipro UGENE project file\shell\open\command\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe \"%1\"" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.gen ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\BAM genome assembly\DefaultIcon ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Unipro UGENE project file\DefaultIcon\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe,0" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.fna\ = "FASTA sequence file" ugene-50.0-win-x86-64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSF multiple sequence file\DefaultIcon\ = "C:\\Program Files\\Unipro UGENE\\ugeneui.exe,1" ugene-50.0-win-x86-64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SAM genome assembly\shell\open ugene-50.0-win-x86-64.exe -
Suspicious behavior: AddClipboardFormatListener 2 IoCs
Processes:
ugeneui.exeplugins_checker.exepid process 3856 ugeneui.exe 4888 plugins_checker.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
ugeneui.exepid process 3856 ugeneui.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
Processes:
hmmsearch.exetabix.exebcftools.exekalign.exesamtools.exebowtie-align-s.exebedtools.exebash.exebash.exebash.exebash.exesed.exebash.exebowtie2-build-s.exemb.exebowtie2-inspect-s.exebash.exebash.exedescription pid process Token: SeRestorePrivilege 2636 hmmsearch.exe Token: SeBackupPrivilege 2636 hmmsearch.exe Token: SeDebugPrivilege 2636 hmmsearch.exe Token: SeRestorePrivilege 4916 tabix.exe Token: SeBackupPrivilege 4916 tabix.exe Token: SeDebugPrivilege 4916 tabix.exe Token: SeRestorePrivilege 1512 bcftools.exe Token: SeBackupPrivilege 1512 bcftools.exe Token: SeDebugPrivilege 1512 bcftools.exe Token: SeRestorePrivilege 2412 kalign.exe Token: SeBackupPrivilege 2412 kalign.exe Token: SeDebugPrivilege 2412 kalign.exe Token: SeRestorePrivilege 1188 samtools.exe Token: SeBackupPrivilege 1188 samtools.exe Token: SeDebugPrivilege 1188 samtools.exe Token: SeRestorePrivilege 3564 bowtie-align-s.exe Token: SeBackupPrivilege 3564 bowtie-align-s.exe Token: SeDebugPrivilege 3564 bowtie-align-s.exe Token: SeRestorePrivilege 4332 bedtools.exe Token: SeBackupPrivilege 4332 bedtools.exe Token: SeDebugPrivilege 4332 bedtools.exe Token: SeRestorePrivilege 5004 bash.exe Token: SeBackupPrivilege 5004 bash.exe Token: SeDebugPrivilege 5004 bash.exe Token: SeRestorePrivilege 4612 bash.exe Token: SeBackupPrivilege 4612 bash.exe Token: SeDebugPrivilege 4612 bash.exe Token: SeRestorePrivilege 4612 bash.exe Token: SeBackupPrivilege 4612 bash.exe Token: SeDebugPrivilege 4612 bash.exe Token: SeRestorePrivilege 3080 bash.exe Token: SeBackupPrivilege 3080 bash.exe Token: SeDebugPrivilege 3080 bash.exe Token: SeRestorePrivilege 3080 bash.exe Token: SeBackupPrivilege 3080 bash.exe Token: SeDebugPrivilege 3080 bash.exe Token: SeRestorePrivilege 4356 bash.exe Token: SeBackupPrivilege 4356 bash.exe Token: SeDebugPrivilege 4356 bash.exe Token: SeRestorePrivilege 4356 bash.exe Token: SeBackupPrivilege 4356 bash.exe Token: SeDebugPrivilege 4356 bash.exe Token: SeRestorePrivilege 3520 sed.exe Token: SeBackupPrivilege 3520 sed.exe Token: SeDebugPrivilege 3520 sed.exe Token: SeRestorePrivilege 3356 bash.exe Token: SeBackupPrivilege 3356 bash.exe Token: SeDebugPrivilege 3356 bash.exe Token: SeRestorePrivilege 3356 bash.exe Token: SeBackupPrivilege 3356 bash.exe Token: SeDebugPrivilege 3356 bash.exe Token: SeRestorePrivilege 4308 bowtie2-build-s.exe Token: SeBackupPrivilege 4308 bowtie2-build-s.exe Token: SeDebugPrivilege 4308 bowtie2-build-s.exe Token: SeRestorePrivilege 2620 mb.exe Token: SeBackupPrivilege 2620 mb.exe Token: SeDebugPrivilege 2620 mb.exe Token: SeRestorePrivilege 1412 bowtie2-inspect-s.exe Token: SeBackupPrivilege 1412 bowtie2-inspect-s.exe Token: SeDebugPrivilege 1412 bowtie2-inspect-s.exe Token: SeRestorePrivilege 3356 bash.exe Token: SeBackupPrivilege 3356 bash.exe Token: SeDebugPrivilege 3356 bash.exe Token: SeRestorePrivilege 2016 bash.exe -
Suspicious use of SetWindowsHookEx 7 IoCs
Processes:
ugeneui.exeplugins_checker.exepid process 3856 ugeneui.exe 4888 plugins_checker.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe 3856 ugeneui.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
ugene-50.0-win-x86-64.exeugeneui.execmd.exebash.exebash.exebash.exebash.exedescription pid process target process PID 852 wrote to memory of 3856 852 ugene-50.0-win-x86-64.exe ugeneui.exe PID 852 wrote to memory of 3856 852 ugene-50.0-win-x86-64.exe ugeneui.exe PID 3856 wrote to memory of 4888 3856 ugeneui.exe plugins_checker.exe PID 3856 wrote to memory of 4888 3856 ugeneui.exe plugins_checker.exe PID 3856 wrote to memory of 5024 3856 ugeneui.exe clustalw2.exe PID 3856 wrote to memory of 5024 3856 ugeneui.exe clustalw2.exe PID 3856 wrote to memory of 5024 3856 ugeneui.exe clustalw2.exe PID 3856 wrote to memory of 2636 3856 ugeneui.exe hmmsearch.exe PID 3856 wrote to memory of 2636 3856 ugeneui.exe hmmsearch.exe PID 3856 wrote to memory of 4916 3856 ugeneui.exe tabix.exe PID 3856 wrote to memory of 4916 3856 ugeneui.exe tabix.exe PID 3856 wrote to memory of 1512 3856 ugeneui.exe bcftools.exe PID 3856 wrote to memory of 1512 3856 ugeneui.exe bcftools.exe PID 3856 wrote to memory of 5088 3856 ugeneui.exe iqtree.exe PID 3856 wrote to memory of 5088 3856 ugeneui.exe iqtree.exe PID 3856 wrote to memory of 2412 3856 ugeneui.exe kalign.exe PID 3856 wrote to memory of 2412 3856 ugeneui.exe kalign.exe PID 3856 wrote to memory of 3016 3856 ugeneui.exe rpsblast.exe PID 3856 wrote to memory of 3016 3856 ugeneui.exe rpsblast.exe PID 3856 wrote to memory of 3016 3856 ugeneui.exe rpsblast.exe PID 3856 wrote to memory of 1188 3856 ugeneui.exe samtools.exe PID 3856 wrote to memory of 1188 3856 ugeneui.exe samtools.exe PID 3856 wrote to memory of 1036 3856 ugeneui.exe tblastn.exe PID 3856 wrote to memory of 1036 3856 ugeneui.exe tblastn.exe PID 3856 wrote to memory of 1036 3856 ugeneui.exe tblastn.exe PID 3856 wrote to memory of 3564 3856 ugeneui.exe bowtie-align-s.exe PID 3856 wrote to memory of 3564 3856 ugeneui.exe bowtie-align-s.exe PID 3856 wrote to memory of 1492 3856 ugeneui.exe blastp.exe PID 3856 wrote to memory of 1492 3856 ugeneui.exe blastp.exe PID 3856 wrote to memory of 1492 3856 ugeneui.exe blastp.exe PID 3856 wrote to memory of 4332 3856 ugeneui.exe bedtools.exe PID 3856 wrote to memory of 4332 3856 ugeneui.exe bedtools.exe PID 3856 wrote to memory of 2092 3856 ugeneui.exe cmd.exe PID 3856 wrote to memory of 2092 3856 ugeneui.exe cmd.exe PID 2092 wrote to memory of 4948 2092 cmd.exe chcp.com PID 2092 wrote to memory of 4948 2092 cmd.exe chcp.com PID 2092 wrote to memory of 2160 2092 cmd.exe cmd.exe PID 2092 wrote to memory of 2160 2092 cmd.exe cmd.exe PID 2092 wrote to memory of 5004 2092 cmd.exe bash.exe PID 2092 wrote to memory of 5004 2092 cmd.exe bash.exe PID 5004 wrote to memory of 4612 5004 bash.exe bash.exe PID 5004 wrote to memory of 4612 5004 bash.exe bash.exe PID 5004 wrote to memory of 4612 5004 bash.exe bash.exe PID 4612 wrote to memory of 3080 4612 bash.exe bash.exe PID 4612 wrote to memory of 3080 4612 bash.exe bash.exe PID 4612 wrote to memory of 3080 4612 bash.exe bash.exe PID 4612 wrote to memory of 4356 4612 bash.exe bash.exe PID 4612 wrote to memory of 4356 4612 bash.exe bash.exe PID 3080 wrote to memory of 2488 3080 bash.exe mfold_datdir.exe PID 3080 wrote to memory of 2488 3080 bash.exe mfold_datdir.exe PID 4612 wrote to memory of 4356 4612 bash.exe bash.exe PID 4356 wrote to memory of 3520 4356 bash.exe sed.exe PID 4356 wrote to memory of 3520 4356 bash.exe sed.exe PID 5004 wrote to memory of 3356 5004 bash.exe bash.exe PID 5004 wrote to memory of 3356 5004 bash.exe bash.exe PID 5004 wrote to memory of 3356 5004 bash.exe bash.exe PID 3856 wrote to memory of 3984 3856 ugeneui.exe Spidey.exe PID 3856 wrote to memory of 3984 3856 ugeneui.exe Spidey.exe PID 3856 wrote to memory of 3984 3856 ugeneui.exe Spidey.exe PID 3856 wrote to memory of 3840 3856 ugeneui.exe blastn.exe PID 3856 wrote to memory of 3840 3856 ugeneui.exe blastn.exe PID 3856 wrote to memory of 3840 3856 ugeneui.exe blastn.exe PID 3856 wrote to memory of 2444 3856 ugeneui.exe FastTree.exe PID 3856 wrote to memory of 2444 3856 ugeneui.exe FastTree.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\ugene-50.0-win-x86-64.exe"C:\Users\Admin\AppData\Local\Temp\ugene-50.0-win-x86-64.exe"1⤵
- Drops file in Program Files directory
- Loads dropped DLL
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:852 -
C:\Program Files\Unipro UGENE\ugeneui.exe"C:\Program Files\Unipro UGENE\ugeneui.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3856 -
C:\Program Files\Unipro UGENE\plugins_checker.exe"C:\Program Files\Unipro UGENE\plugins_checker.exe" --plugins=biostruct3d_view --verify --ini-file=\"C:/Users/Admin/AppData/Roaming/Unipro/UGENE.ini\"3⤵
- Executes dropped EXE
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
PID:4888 -
C:\Program Files\Unipro UGENE\tools\clustalw\clustalw2.exe"C:\Program Files\Unipro UGENE\tools\clustalw\clustalw2.exe" -help3⤵
- Executes dropped EXE
PID:5024 -
C:\Program Files\Unipro UGENE\tools\hmmer3\hmmsearch.exe"C:\Program Files\Unipro UGENE\tools\hmmer3\hmmsearch.exe" -h3⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:2636 -
C:\Program Files\Unipro UGENE\tools\samtools\tabix.exe"C:\Program Files\Unipro UGENE\tools\samtools\tabix.exe" -help3⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:4916 -
C:\Program Files\Unipro UGENE\tools\samtools\bcftools.exe"C:\Program Files\Unipro UGENE\tools\samtools\bcftools.exe"3⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:1512 -
C:\Program Files\Unipro UGENE\tools\iqtree\iqtree.exe"C:\Program Files\Unipro UGENE\tools\iqtree\iqtree.exe" --version3⤵
- Executes dropped EXE
PID:5088 -
C:\Program Files\Unipro UGENE\tools\kalign\kalign.exe"C:\Program Files\Unipro UGENE\tools\kalign\kalign.exe" --version3⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:2412 -
C:\Program Files\Unipro UGENE\tools\blast\rpsblast.exe"C:\Program Files\Unipro UGENE\tools\blast\rpsblast.exe" -h3⤵
- Executes dropped EXE
PID:3016 -
C:\Program Files\Unipro UGENE\tools\samtools\samtools.exe"C:\Program Files\Unipro UGENE\tools\samtools\samtools.exe"3⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:1188 -
C:\Program Files\Unipro UGENE\tools\blast\tblastn.exe"C:\Program Files\Unipro UGENE\tools\blast\tblastn.exe" -h3⤵
- Executes dropped EXE
PID:1036 -
C:\Program Files\Unipro UGENE\tools\bowtie1\bowtie-align-s.exe"C:\Program Files\Unipro UGENE\tools\bowtie1\bowtie-align-s.exe" --version3⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:3564 -
C:\Program Files\Unipro UGENE\tools\blast\blastp.exe"C:\Program Files\Unipro UGENE\tools\blast\blastp.exe" -h3⤵
- Executes dropped EXE
PID:1492 -
C:\Program Files\Unipro UGENE\tools\bedtools\bedtools.exe"C:\Program Files\Unipro UGENE\tools\bedtools\bedtools.exe" --version3⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:4332 -
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\Program Files\Unipro UGENE\tools\mfold\mfold.bat" -v"3⤵
- Suspicious use of WriteProcessMemory
PID:2092 -
C:\Windows\system32\chcp.comchcp 650014⤵PID:4948
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c cd4⤵PID:2160
-
C:\Program Files\Unipro UGENE\tools\mfold\msys64\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mfold\\msys64\usr\bin\bash.exe" "C:\Program Files\Unipro UGENE\tools\mfold\\mfold-3.6\bin\mfold" -v4⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:5004 -
C:\Program Files\Unipro UGENE\tools\mfold\msys64\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mfold\\msys64\usr\bin\bash.exe" "C:\Program Files\Unipro UGENE\tools\mfold\\mfold-3.6\bin\mfold" -v5⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:4612 -
C:\Program Files\Unipro UGENE\tools\mfold\msys64\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mfold\\msys64\usr\bin\bash.exe" "C:\Program Files\Unipro UGENE\tools\mfold\\mfold-3.6\bin\mfold" -v6⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:3080 -
C:\Program Files\Unipro UGENE\tools\mfold\mfold-3.6\bin\mfold_datdir.exe"C:\Program Files\Unipro UGENE\tools\mfold\mfold-3.6\bin\mfold_datdir.exe"7⤵
- Executes dropped EXE
PID:2488 -
C:\Program Files\Unipro UGENE\tools\mfold\msys64\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mfold\\msys64\usr\bin\bash.exe" "C:\Program Files\Unipro UGENE\tools\mfold\\mfold-3.6\bin\mfold" -v6⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:4356 -
C:\Program Files\Unipro UGENE\tools\mfold\msys64\usr\bin\sed.exe"C:\Program Files\Unipro UGENE\tools\mfold\msys64\usr\bin\sed.exe" -e s@/$@@7⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:3520 -
C:\Program Files\Unipro UGENE\tools\mfold\msys64\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mfold\\msys64\usr\bin\bash.exe" "C:\Program Files\Unipro UGENE\tools\mfold\\mfold-3.6\bin\mfold" -v5⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:3356 -
C:\Program Files\Unipro UGENE\tools\spidey\Spidey.exe"C:\Program Files\Unipro UGENE\tools\spidey\Spidey.exe"3⤵
- Executes dropped EXE
PID:3984 -
C:\Program Files\Unipro UGENE\tools\blast\blastn.exe"C:\Program Files\Unipro UGENE\tools\blast\blastn.exe" -h3⤵
- Executes dropped EXE
PID:3840 -
C:\Program Files\Unipro UGENE\tools\fasttree\FastTree.exe"C:\Program Files\Unipro UGENE\tools\fasttree\FastTree.exe" -expert3⤵
- Executes dropped EXE
PID:2444 -
C:\Program Files\Unipro UGENE\tools\blast\blastx.exe"C:\Program Files\Unipro UGENE\tools\blast\blastx.exe" -h3⤵
- Executes dropped EXE
PID:4532 -
C:\Program Files\Unipro UGENE\tools\java\bin\java.exe"C:\Program Files\Unipro UGENE\tools\java\bin\java.exe" -version3⤵
- Executes dropped EXE
PID:4244 -
C:\Windows\system32\icacls.exeC:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M4⤵
- Modifies file permissions
PID:1276 -
C:\Program Files\Unipro UGENE\tools\python3\python.exe"C:\Program Files\Unipro UGENE\tools\python3\python.exe" --version3⤵
- Executes dropped EXE
PID:2480 -
C:\Program Files\Unipro UGENE\tools\java\bin\java.exe"C:\Program Files\Unipro UGENE\tools\java\bin\java.exe" -jar "C:\Program Files\Unipro UGENE\tools\snpeff\snpEff.jar" -h3⤵
- Executes dropped EXE
PID:1544 -
C:\Program Files\Unipro UGENE\tools\blast\makeblastdb.exe"C:\Program Files\Unipro UGENE\tools\blast\makeblastdb.exe" -h -help3⤵
- Executes dropped EXE
PID:1580 -
C:\Program Files\Unipro UGENE\tools\python3\python.exe"C:\Program Files\Unipro UGENE\tools\python3\python.exe" "C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2-build" --version3⤵
- Drops file in Program Files directory
- Executes dropped EXE
PID:4708 -
C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2-build-s.exe"C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2-build-s" --wrapper basic-0 --version4⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:4308 -
C:\Program Files\Unipro UGENE\tools\java\bin\java.exe"C:\Program Files\Unipro UGENE\tools\java\bin\java.exe" -Xmx8042M -jar "C:\Program Files\Unipro UGENE\tools\snpeff\snpEff.jar" databases3⤵
- Executes dropped EXE
PID:1088 -
C:\Program Files\Unipro UGENE\tools\java\bin\java.exe"C:\Program Files\Unipro UGENE\tools\java\bin\java.exe" -jar "C:\Program Files\Unipro UGENE\tools\trimmomatic\trimmomatic.jar" -h3⤵
- Executes dropped EXE
PID:4012 -
C:\Program Files\Unipro UGENE\tools\mrbayes\mb.exe"C:\Program Files\Unipro UGENE\tools\mrbayes\mb.exe" ""3⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:2620 -
C:\Program Files\Unipro UGENE\tools\python3\python.exe"C:\Program Files\Unipro UGENE\tools\python3\python.exe" -m cutadapt --version3⤵
- Drops file in Program Files directory
- Executes dropped EXE
PID:5104 -
C:\Program Files\Unipro UGENE\tools\clustalo\ClustalO.exe"C:\Program Files\Unipro UGENE\tools\clustalo\ClustalO.exe" --help3⤵
- Executes dropped EXE
PID:1720 -
C:\Program Files\Unipro UGENE\tools\python3\python.exe"C:\Program Files\Unipro UGENE\tools\python3\python.exe" "C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2-inspect" --version3⤵
- Executes dropped EXE
PID:4728 -
C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2-inspect-s.exe"C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2-inspect-s" --wrapper basic-0 --version4⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:1412 -
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\Program Files\Unipro UGENE\tools\mafft\mafft.bat" -help"3⤵PID:3756
-
C:\Windows\system32\chcp.comchcp 650014⤵PID:3404
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c cd4⤵PID:4612
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help4⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:3356 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:2016 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\dirname.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\dirname.exe"6⤵
- Executes dropped EXE
PID:3872 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
PID:740 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\basename.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\basename.exe"6⤵
- Executes dropped EXE
PID:2912 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
PID:3700 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\uname.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\uname.exe"6⤵
- Executes dropped EXE
PID:4044 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
PID:1956 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\basename.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\basename.exe"6⤵
- Executes dropped EXE
PID:3020 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
PID:2052 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help6⤵
- Executes dropped EXE
PID:2168 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help6⤵
- Executes dropped EXE
PID:4092 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\grep.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\grep.exe"7⤵
- Executes dropped EXE
PID:5088 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
PID:2704 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help6⤵
- Executes dropped EXE
PID:4856 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help6⤵
- Executes dropped EXE
PID:2884 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\grep.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\grep.exe"7⤵
- Executes dropped EXE
PID:2280 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
PID:2268 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\lib\mafft\version.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\lib\mafft\version.exe"6⤵
- Executes dropped EXE
PID:4684 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
PID:2020 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\expr.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\expr.exe"6⤵
- Executes dropped EXE
PID:4392 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
PID:3656 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\env.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\env.exe"6⤵
- Executes dropped EXE
PID:1184 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\mktemp.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\mktemp.exe"7⤵
- Executes dropped EXE
PID:3616 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
PID:1876 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵
- Executes dropped EXE
PID:3300 -
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:2484
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:2632
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:4148
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:3460
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:3860
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:4612
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:2008
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:4264
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:3644
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:4756
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:1852
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:1844
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:1684
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:1512
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:4488
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:4492
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:920
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:3184
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:2056
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:3344
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:1132
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:1276
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\awk.exe"6⤵PID:32
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exe"C:\Program Files\Unipro UGENE\tools\mafft\\usr\bin\bash" "/usr/bin/mafft" -help5⤵PID:3840
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\rm.exe"C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\rm.exe"6⤵PID:1876
-
C:\Program Files\Unipro UGENE\tools\blast\tblastx.exe"C:\Program Files\Unipro UGENE\tools\blast\tblastx.exe" -h3⤵PID:1680
-
C:\Program Files\Unipro UGENE\tools\bigwig\bedGraphToBigWig.exe"C:\Program Files\Unipro UGENE\tools\bigwig\bedGraphToBigWig.exe" ""3⤵PID:4624
-
C:\Program Files\Unipro UGENE\tools\bwa\bwa.exe"C:\Program Files\Unipro UGENE\tools\bwa\bwa.exe"3⤵PID:3372
-
C:\Program Files\Unipro UGENE\tools\blast\blastdbcmd.exe"C:\Program Files\Unipro UGENE\tools\blast\blastdbcmd.exe" -h --help3⤵PID:3776
-
C:\Program Files\Unipro UGENE\tools\bowtie1\bowtie-build-s.exe"C:\Program Files\Unipro UGENE\tools\bowtie1\bowtie-build-s.exe" --version3⤵PID:2940
-
C:\Program Files\Unipro UGENE\tools\hmmer3\phmmer.exe"C:\Program Files\Unipro UGENE\tools\hmmer3\phmmer.exe" -h3⤵PID:2256
-
C:\Program Files\Unipro UGENE\tools\cap3\cap3.exe"C:\Program Files\Unipro UGENE\tools\cap3\cap3.exe"3⤵PID:1264
-
C:\Program Files\Unipro UGENE\tools\cap3\cap3.exe"C:\Program Files\Unipro UGENE\tools\cap3\cap3.exe"4⤵PID:2580
-
C:\Program Files\Unipro UGENE\tools\hmmer3\hmmbuild.exe"C:\Program Files\Unipro UGENE\tools\hmmer3\hmmbuild.exe" -h3⤵PID:4968
-
C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exe"C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exe" --version3⤵PID:2380
-
C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exe"C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exe" "C:\Program Files\Unipro UGENE\tools\vcftools\vcf-consensus" -help3⤵PID:388
-
C:\Program Files\Unipro UGENE\tools\phyml\PhyML.exe"C:\Program Files\Unipro UGENE\tools\phyml\PhyML.exe" --help3⤵PID:4748
-
C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exe"C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exe" "C:\Program Files\Unipro UGENE\tools\samtools\vcfutils.pl"3⤵PID:1124
-
C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exe"C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exe" "C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2" --help3⤵PID:1276
-
C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2-align-s.exe"C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2-align-s.exe" --wrapper basic-0 --arg-desc4⤵PID:3512
-
C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2-align-s.exe"C:\Program Files\Unipro UGENE\tools\bowtie2\bowtie2-align-s.exe" --wrapper basic-0 --help4⤵PID:3036
-
C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exe"C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exe" "C:\Program Files\Unipro UGENE\tools\fastqc\fastqc" -v -java "C:\Program Files\Unipro UGENE\tools\java\bin\java.exe"3⤵PID:1876
-
C:\Program Files\Unipro UGENE\tools\java\bin\java.exe"C:\Program Files\Unipro UGENE\tools\java\bin\java.exe" -Xmx512m -XX:+ExitOnOutOfMemoryError -Dfastqc.show_version=true -Djava.awt.headless=true uk.ac.babraham.FastQC.FastQCApplication4⤵PID:1344
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Unipro UGENE\Qt5Core.dllFilesize
5.7MB
MD5597ed85ad126dc292bd076e9a5b6608b
SHA151e896aaba471d1ce16ebc81a31098d218c28301
SHA256d94c19a434e2fef17ca93ea1efdace37474dce9612e018e6b4c3694a7b4d2e77
SHA51212643ed63cb93a96798c98948629e3513f1abeaa4b9eb08444d693ec3993273a669f523f139c84ff0b89beb0e7336778afbe37830d7b72bd9dda2c99e336e9d7
-
C:\Program Files\Unipro UGENE\Qt5Gui.dllFilesize
6.7MB
MD53ace761376d23ea3bbb518fba9623160
SHA1343c704a4c41400b2f52e97d1875065cc5431053
SHA2565a8fdbc99b6ca04b47ae7d60366aa17a0c0282ab8751db1a4fef319f11204494
SHA512a44f623039daad3ad49984868408480fcc66043c4f858b055aa40d64b63094a0787ca195fa71eb110f1e0c715f2e79e6808ebe646a49822a2f759c60fc6b15be
-
C:\Program Files\Unipro UGENE\Qt5Network.dllFilesize
1.3MB
MD5c8e8fbfa0b6b8d57c5a5705df5aa44cd
SHA1f7d33ddcfb053318eac1ea7779ea4cd626465509
SHA25680ff946325ae4c3160448cf7cf4a3585d3ab5a8546ab092588f429b1e6d4962c
SHA512c601d871654d98fc8a16ac621cbd84360b792511c8a609da4024357782b9d11db11777d7ac55af1b1c778df0717d9630638aa77f172d4fcba22834d236a9cf0d
-
C:\Program Files\Unipro UGENE\Qt5PrintSupport.dllFilesize
314KB
MD52270a22b787010d0ab80f1469deed718
SHA1bbf2b000d50069718cfd5c3ab092e7b91f93f921
SHA2568943a4a305dd5119760639244185bb7c52327bf9341720f0e0e0b12a329e6472
SHA512fcc2b1fe9682f4b4c99a8b3407c3963f5e6f754ed60c48137e854884a077fcdc79a9e0ef5bda1e467d3d49bb98995bf47e7262ea252bcb5b7f008838bf134eb6
-
C:\Program Files\Unipro UGENE\Qt5Script.dllFilesize
1.2MB
MD515da266adbe5233583ba371977e0c3c8
SHA11c229360dbcb50c8de7217010cb1a3d6ab3e066d
SHA256e19555cac5893d21813dd5610a62f14c6d6d463dfa70329b662134d7607f35c9
SHA512e7e6fbab73e48b82e4ca3574da21e69547cef4815edb9f3233a0ad38a776f23e515cec0b497d6feb8ff4da33b371e0cf5fd04b2aa24c73b90733d99998ce8686
-
C:\Program Files\Unipro UGENE\Qt5Svg.dllFilesize
327KB
MD5b0831355a9659174c7bdc7dfd729cf5f
SHA19831c5ff2f81c207e6788f7d2ae2bb05ea5be3c9
SHA2567837ce9d8865b38da0177ff022a946a645edcd0e85e708b936ccb8430da39540
SHA51265e39972339d7894f78bd55b7c5a3183954eee3057d4dcc00cc3bf1e91b22cfceffce7acba61bd43b3c572a5b00bdb0684779ad1a76f902405afa8f4eb06cb23
-
C:\Program Files\Unipro UGENE\Qt5Widgets.dllFilesize
5.2MB
MD56138dc6612f30a96f9918b012c867a89
SHA1b43b0e1150656c96faafa748afa827774e7414e2
SHA25640eed4076ccffabe5b7e1d00baa67b5845ca45db57771042ab59f677fd229870
SHA512e61bc2c3682d1e017fd33046850b42e02c6babc7791ffdf405900164e58950fe8385b1514ff1ed3ea422b527fdbfd8705f357d16ff0f91ecab71d404af7d8590
-
C:\Program Files\Unipro UGENE\Qt5Xml.dllFilesize
213KB
MD568cfd69993c8d7e12674a5b4b7f58759
SHA1741c933e2334ca3bbf831848a27fccfffc32734d
SHA256c9d4dbcb83dbbd0b220ac6d7b76a6cab046f38acda6bef6184785c616bd54185
SHA512b4f8efdbc3d9266301d73d7ecec867b31084c2e35a97dad4d2b6a808719eaa53b8874f22084a814ec1075d127a057c5580c8c35ae3c2a16db9a5ab6f02a1a8dc
-
C:\Program Files\Unipro UGENE\U2Algorithm.dllFilesize
1.2MB
MD563ebd8afed58315e4504ac3a687d9f3e
SHA184c78d1e315bbadcb65c46ba9d9bdd3733d04405
SHA256eb54570ca630781dbf22315efac978c90e2ad6645274607863ff8a4f9d9ea31a
SHA51239ee203b8514114002c620a2f7343e3cc63944cf8a5810bfc0a6c0d81f0d31ed51755907c5918e861b7a37b691f86254cd1ae561748525c2345d1456fabc8b8e
-
C:\Program Files\Unipro UGENE\U2Core.dllFilesize
3.7MB
MD5cf0b4dd5e62ae168240d1ee781a83272
SHA192a9e14e5bec4dab9937f4cd8f6b37a8418a41ef
SHA2561708ae798ed3a23e46b78364192464169ac19bd16635e9e1616d52bec4034b9d
SHA5126029ef124a0f3bd9e2741e17133c0df861f64fcad5d4ac75b2d2a1013a3228836c8d7e584552ef295607f5518f516d3dc0b15c53a4caf914ecae6921a476a844
-
C:\Program Files\Unipro UGENE\U2Designer.dllFilesize
3.2MB
MD53bb593bca7763cefc3e4fe3634e8b908
SHA19b8cf8b2ad16e7551c5a7d6b7f8324ef620ac0c7
SHA256a889b40319fee4720504fbfbc4517f743192cb793590b31b15ccb88dc70e9e27
SHA5128928652c030c2b386819bd4a02242316649b5b6a9bcd944d516c5fda8e2def379774fd459791e9fda32617a4cf11b84bbf29a2d83cc7b4c3f29868ba1be22e6e
-
C:\Program Files\Unipro UGENE\U2Formats.dllFilesize
2.3MB
MD50ed34dd92eea1e4a73d6a4ed036e4683
SHA18d5a8b781f42070131dc40a8b80f81db8977497c
SHA25636e79757bdfe9c9dfdd2f6920366540e346d2941bfc88ad99343aa6f3a88e010
SHA512848b173e17ff3e550f39e88141472186c70cc24e635fbea367d30c8eaefe19f74cc6d15c685941ebc855ff2b82bb856b980101dd692eef02afdd6ad82f573965
-
C:\Program Files\Unipro UGENE\U2Gui.dllFilesize
2.3MB
MD5d20f3cca7d3b32cf4a7695be2dbfda5d
SHA1367ba3bcd7d17824ee3c1cbfa1acb711270f5be5
SHA2561087ada7c96048ef5cbd0c58328f30b4ac62b76564ab57302a92fd857bc9a6ec
SHA5127f467d84848f68d8c830069a2df176441a3950cafb5f75c661a48fa67ece7ed56013738d549e8b072c8969542fb7de02054e0e2d55ffc9b49259b2536cdbcd46
-
C:\Program Files\Unipro UGENE\U2Lang.dllFilesize
2.1MB
MD5c8e767c575a4eb6b408cdafe90b701da
SHA16c44c6666c81d44dde591a2c16c5859898604b55
SHA256e1f9d535128dd77895bca1ab8e224710aa5cd122a697c188957e4442024c855d
SHA5128228710ce3c6e3e9e797469a9a2764e2d0c17b2439fe544239df6f883d820eb35e4f6c626015d3491cf889f6d645d22d3124588fb1eb1ace179dadd80bd58baf
-
C:\Program Files\Unipro UGENE\U2Private.dllFilesize
499KB
MD5bb18fe48e821e41b38b3b09ce921afb6
SHA1e786a4b53e102b17ebac33b975959eb035035ca5
SHA2566f747c9300b87c14f6e78bc05df910ef34927aa9c3d48fa7a62c8a7bd868f0eb
SHA5125a3a0292fe0f415ff689d6e8a096994c0e6c8afaf01c0092190104fd8a84c0b702bc0bac0734f9a5c95af74ac31e9309a1a143741938aca008f419ce7179d2ed
-
C:\Program Files\Unipro UGENE\U2Test.dllFilesize
174KB
MD5a3f6b9b1c7e77b850286a2498335ffcb
SHA1b8c3cc3641609973a5dbcf03792718e1de31b670
SHA25624eb55db639de9bfd9f56a17f36751c3f58df6fcf678298102b71f875e7f035e
SHA512604bb9b8a6296ef07f87f8443c7a7d99439600dfcf0ce61f2b1a20799f0182b37b276687e1a9701e8b3493feddb61494287c5ce942c31c4e94d3505a7f856b14
-
C:\Program Files\Unipro UGENE\U2View.dllFilesize
4.7MB
MD513b304c3c3997810bad9a6efa0229db7
SHA12e0eaa35978e0c05c3e4faaaadcf87935fa31b1a
SHA256cc302eac63869d7e5d0b821c33989e2df6d8601acf7a07fa0163d91e0875f4b4
SHA512cbf0d2a0943a5e132cfb1589e3b06cdd51e0037a7041b498cccef1a22b07954f033a317d85e5222cb890f2ee2ca89616e76e7480eb18c0a4ffa482cc33d86530
-
C:\Program Files\Unipro UGENE\breakpad.dllFilesize
49KB
MD524c41de7e373ed3a12155e7c120303f7
SHA1048ba3d6fd6f613138d7ef875c615ae9ef0b2b3b
SHA25646c347eabff11a06b4cca30e17586d790115bceeb1d2bf4a3ba86e1aa0724629
SHA51281e6017e38bd5ffb4c4a0c16394a959661f2d2dad388c664117e2f6e4945a107ae8f4a18faa68aa576aef83bd8ba07df7fb550b94ffe88f318d63acd8b581760
-
C:\Program Files\Unipro UGENE\imageformats\qgif.dllFilesize
43KB
MD52dca355bf20dae868b4b5c5e03c4ee7e
SHA136d635bf22b8db514917080e70d849f24da485b4
SHA2561ad13a3a59210c9e9d6846ddd8caf73d92016993b1591722c8654aec412604bb
SHA51264ab1b06ad0d2cb5394bad15068768b8ff39b9e957fba73675c442714ed74eabdbb58b6b3af1a8cd13b121861a99783f92abadc491b93c9780c7bb33df6ce70b
-
C:\Program Files\Unipro UGENE\imageformats\qjpeg.dllFilesize
416KB
MD58dd6bbf14f309f562f6cd1bfaf041fd7
SHA1dbe4af501cd268641abb49aba596137b92ef3a11
SHA25620d8f15c7547fb40bf5cae8bec3f880c782cdb7859227fa7a7ddf62236f19d84
SHA5126dec359a4b37aebda328f782f6e790bdeb3b8b7c695b88dbc26a24776917834d738dc276198c102a35a81771af162d74633ef7aa8b901c74f8ed0244b89622c3
-
C:\Program Files\Unipro UGENE\imageformats\qsvg.dllFilesize
36KB
MD58d424052cd49d47ba649d9f6299fc64e
SHA17622e6207aca419f192b252a5ad3d737e37f15a4
SHA2562f04b1cdc48710d6c56f968e2e9107f5c271695f4d04c652b118defa83187083
SHA51247a32ae9583867c986a88af0e436668d69063035fecdecb119951d33da5d636d8b3c0073d82cad11960c5b0de3859870a0c08896d80f650a0a37ac79789667be
-
C:\Program Files\Unipro UGENE\imageformats\qtiff.dllFilesize
385KB
MD56cd7a60aa2e8416372a83cfa1bdaab89
SHA166d71c47a67925bca3abfd6bf9ab9ba97fec4b83
SHA25610af3e2b8ba7dc80de437eee4518df64b00adf9fc6023c8fd54f3182650525f6
SHA51272d5f257f9bd7f71295baeb7de134b1cb532b5d02d65cc09e4792ee21ecaff351981946b5ffc8d22f1c0a0a672b1f08ad47c9f7e335294e5a8486f8c049e3f0f
-
C:\Program Files\Unipro UGENE\msvcp140.dllFilesize
572KB
MD5206afdd686e4f42e3a92e688d788cf0a
SHA1b3178367052908ebd642ba485709a46b725fe73e
SHA256db8b072cbcb18cf350b82c1731e75fc02b8bcc02fe22e28ddbc3485d65f3ecad
SHA512a4dc319576a9ca4e6263f72b466749ba4150e5018602daa20b816ab461b45f19d4f9631d768fc48e975f04f791f0599f957e4220cec8128cc8e7ac96e33883bf
-
C:\Program Files\Unipro UGENE\msvcp140_1.dllFilesize
26KB
MD5af3c0ba75cf280107d52aa33af926ae8
SHA1444b89dbf382773e18e3fbc77b34817f4440160d
SHA256758f38f7f87c7ee392297c6e742f52c966e963e1cd4d8262231548a2003ffd78
SHA512c638e9f7973e409bf2e0e11bf4593376e234cd44f0e9cad499a6ff6e6e2dde06095e06ebaffdd02d4473d704006f242aa8b709d0ab97b32ec747d3f45ce93757
-
C:\Program Files\Unipro UGENE\platforms\qwindows.dllFilesize
1.4MB
MD5ba0bb2d62821ee94ef6b5a49ddbbc42d
SHA1165ff4991147c5314b80e62ca541c4cbc5424732
SHA25647ca0ca24888eb3fbffac490cbb8c15f0444959f50c8a99b361e4ae54de836de
SHA512fee807c7172144ff30e9ea18384ec0e722c8ec5b0f5ca8414aa47e3c8ecc16cb18319826dc3d4191dd1e146840719851a9116881eac4ed9834bd3f5db4f550d4
-
C:\Program Files\Unipro UGENE\plugins\biostruct3d_view.licenseFilesize
17KB
MD5ffa10f40b98be2c2bc9608f56827ed23
SHA1dc8f2e570bf431427dbc3bab9d4d551b53a60208
SHA256189b1af95d661151e054cea10c91b3d754e4de4d3fecfb074c1fb29476f7167b
SHA5121420da3215ed30afcf413935e20404cabe0723822c728ea29dcb9699533355ef1bee17660facdb55655241c2db30a7314d8ad6a4a3f72576b2721f522d487aa9
-
C:\Program Files\Unipro UGENE\styles\qwindowsvistastyle.dllFilesize
145KB
MD52578e128acd8a6ef5fc5a5f46aa43fd8
SHA10c4f5b66ba6340376bca7f1b143fe6d13b407074
SHA25611089f156619ee6644a50c961c1b8b278f905e61e1f9979f8965bc3e17a06ead
SHA5126e2d95d23bc32acc96f10d959e4a7e5a8357ad6d638d6fb502683c7e4b4ba503a6a55ca902c77fb75b636cd7cac3aa4e261ba87d0ae9e1e4d8076e4e124cc4e4
-
C:\Program Files\Unipro UGENE\tools\blast\makeblastdb.exe.manifestFilesize
406B
MD57cb71b006fcdcf8ade80e31fd5ab8060
SHA1655380fb2cca01b0ca707f748fc7dcf006732518
SHA256be8918559280a2e74748bf8f6238b568ed7cbf75183b2180a6a8a979a1ebf243
SHA512ce095bb84dbf2e72304471f97e80799185fab42b843f95bd84df4b97764786687807f057dc4434287c8982937329e664f7de476445ff6e2cbf298d7a44b48d55
-
C:\Program Files\Unipro UGENE\tools\java\bin\java.exeFilesize
207KB
MD5cab437a45738692b65dd5f822c30794d
SHA15a6800a0c6bd0bfa6cee10eade8e43b2107461db
SHA256a668db19cf5eb8944ed6343aad9409f1ab9e2b6731a9fb298f087c0d0156f7e5
SHA5121bd5c938ff5b15043f2caac4fa031e9e304ca56674e4cfafa801721a3249dd2ed1001afe482cfd70a940617c492456cf1cc3a703206ad7449e47bc35e9866a97
-
C:\Program Files\Unipro UGENE\tools\java\lib\images\cursors\invalid32x32.gifFilesize
153B
MD51e9d8f133a442da6b0c74d49bc84a341
SHA1259edc45b4569427e8319895a444f4295d54348f
SHA2561a1d3079d49583837662b84e11d8c0870698511d9110e710eb8e7eb20df7ae3b
SHA51263d6f70c8cab9735f0f857f5bf99e319f6ae98238dc7829dd706b7d6855c70be206e32e3e55df884402483cf8bebad00d139283af5c0b85dc1c5bf8f253acd37
-
C:\Program Files\Unipro UGENE\tools\mafft\usr\bin\bash.exeFilesize
4.1MB
MD59de1b7aaa1702506f2877b536e28b1ce
SHA1bbc25e35d240c25be44b499c5d64cc703d3313df
SHA2568cb0d8a627df2894665b78a64c153de8441b341722ddea0c42285449ae0a322e
SHA512b6997e7ea41449896afd86b96a2cb5c7095d9eebd80294feceb1f4cd33335918b0eaa3bb716f1c03f489e9acac4faa370e0bb6ed27969602faf68cbcd593b1fd
-
C:\Program Files\Unipro UGENE\tools\mfold\mfold-3.6\bin\myps2img.bashFilesize
617B
MD5e3056941bd15507718d2d4b9e808c7d0
SHA1de9ff3fc12304d4060e2a1d40b98e6b73cf03eef
SHA25663f155ef26f370f8e7fde423288028f355798e0923f242831d5c2c56f8ce2374
SHA512ee85f34ca427f2413e73e93e0a41004ba2a7e072b21efedf891fafa3857c4ef7aec48c77b340f5d66619fad2a87cac2599f52deb984ce2cb59665f1a275dbe84
-
C:\Program Files\Unipro UGENE\tools\mfold\mfold-3.6\share\mfold\sint6.dgFilesize
2B
MD5897316929176464ebc9ad085f31e7284
SHA109d2af8dd22201dd8d48e5dcfcaed281ff9422c7
SHA2569a271f2a916b0b6ee6cecb2426f0b3206ef074578be55d9bc94f6f3fe3ab86aa
SHA512a546d1300f49037a465ecec8bc1ebd07d57015a5ff1abfa1c94da9b30576933fb68e3898ff764d4de6e6741da822a7c93adc6e845806a266a63aa14c8bb09ebb
-
C:\Program Files\Unipro UGENE\tools\mfold\msys64\usr\bin\bash.exeFilesize
2.2MB
MD5490a9fae59062d20a29b849ba21f6760
SHA160c83b3b5f5f3ccc24740caa125015ae30872197
SHA256ece759740a984f3a068483fb1eb71e912876421e1c5ae18e004af34f1dea538f
SHA51205a3ec19e05dc48c968f6ce967ac85dd6681821bf79152b94e153a14530985564eec9279f8a261956abfe6cec0a2e1b9f89e3f146c23ec5c53610b6ca318c208
-
C:\Program Files\Unipro UGENE\tools\perl5\bin\perl.exeFilesize
143KB
MD587b3b15fdaf99a549899325c55b079ea
SHA17564aac91fb1fc17ca445caa6531be375b170b3f
SHA256a6c341a9e3d423ea4f130f44d1904a7768e6963a045425796aa8475df899a15e
SHA512efbd2173782173c47f8575804c23d59a0e83ef500563847b4e85ae291dbec4dd8f8df2ee5c0cae02a863847fbe7abd519b82ab0add8cfea412cb25482ecfad39
-
C:\Program Files\Unipro UGENE\tools\perl5\lib\Unicode\Collate\Locale\nb.plFilesize
5KB
MD566ed114afca8e09fa9af4c7011abaa0e
SHA193c34030bb195a3b9334230de8a7970adfa9ef72
SHA256a8ca3f8067a7215ec8f168a2bffe0846d1024a9138626f88e048dbb5b112c93f
SHA51290762b4df5ae25ee36bd3571437301179de15454c8ebdf5758acb86fe391cd17af4fe5fd05e1bc6be5a52e8b1a8b0986c43f86dd0ace5479083daaa7564918ab
-
C:\Program Files\Unipro UGENE\tools\python3\Lib\site-packages\pip-23.2.1.dist-info\top_level.txtFilesize
4B
MD5365c9bfeb7d89244f2ce01c1de44cb85
SHA1d7a03141d5d6b1e88b6b59ef08b6681df212c599
SHA256ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508
SHA512d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1
-
C:\Program Files\Unipro UGENE\tools\python3\python.exeFilesize
100KB
MD5243ed5d8ca0250cd2e39b9ae340a21dd
SHA1bd1df08e40c9439da337e66d091a17dd86ba3424
SHA2565a9b59b451351aa7a82f28ea3f7f4bf411c549714e4113e8f6655dc47c38ce2b
SHA5127bb79296613a120911d9afd51f9e450842fe962b6d9f16e9a50eea4c1b7d1f6af6b6cfcd597f475aeaf74e45c8241a65ddfc5a3d97c70b44e4ed358841566f17
-
C:\Program Files\Unipro UGENE\tools\trimmomatic\LICENSEFilesize
34KB
MD5d32239bcb673463ab874e80d47fae504
SHA18624bcdae55baeef00cd11d5dfcfa60f68710a02
SHA2568ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903
SHA5127633623b66b5e686bb94dd96a7cdb5a7e5ee00e87004fab416a5610d59c62badaf512a2e26e34e2455b7ed6b76690d2cd47464836d7d85d78b51d50f7e933d5c
-
C:\Program Files\Unipro UGENE\ugenedb.dllFilesize
1.1MB
MD54ebdabc471eb9d7123780c103a7c63db
SHA14c01c79349e2d7d9eb69d3fbd91b04b542da6178
SHA256703f7eecd05756411544f09ce8e6f195c9134799b1044a4e4ddf159eebd417f0
SHA512e25809348511b2cb14f7662ad3829845f7a72e16c8730b018882e61358778938faa9d3cd02585e4226d4a5bedcb56fa8be35a14bff87c9ec48f2fce5deee0d26
-
C:\Program Files\Unipro UGENE\ugeneui.exeFilesize
1.7MB
MD5e507b1eb783b3d0c66b87bee96720b0a
SHA13718357ba806e220056bc08f2186e33c2f646653
SHA2569175593c40d4190821d325d5f9dc7274c83db687c0280eb253be4b858ef5ebb1
SHA512d7856b3d813669cfaa52ad1fb39a6302764e1d0969d10103087401b07b41bf97df2f5bb2798bd022ef1ce886c892d887218851fcf7ab1a2ce7d961f0fc777eac
-
C:\Program Files\Unipro UGENE\vcruntime140.dllFilesize
99KB
MD58697c106593e93c11adc34faa483c4a0
SHA1cd080c51a97aa288ce6394d6c029c06ccb783790
SHA256ff43e813785ee948a937b642b03050bb4b1c6a5e23049646b891a66f65d4c833
SHA512724bbed7ce6f7506e5d0b43399fb3861dda6457a2ad2fafe734f8921c9a4393b480cdd8a435dbdbd188b90236cb98583d5d005e24fa80b5a0622a6322e6f3987
-
C:\Program Files\Unipro UGENE\vcruntime140_1.dllFilesize
43KB
MD521ae0d0cfe9ab13f266ad7cd683296be
SHA1f13878738f2932c56e07aa3c6325e4e19d64ae9f
SHA2567b8f70dd3bdae110e61823d1ca6fd8955a5617119f5405cdd6b14cad3656dfc7
SHA5126b2c7ce0fe32faffb68510bf8ae1b61af79b2d8a2d1b633ceba3a8e6a668a4f5179bb836c550ecac495b0fc413df5fe706cd6f42e93eb082a6c68e770339a77c
-
C:\Users\Admin\AppData\Local\Temp\nsz6C77.tmp\LangDLL.dllFilesize
5KB
MD5de3558ce305e32f742ff25b697407fec
SHA1d55c50c546001421647f2e91780c324dbb8d6ebb
SHA25698160b4ebb4870f64b13a45f5384b693614ae5ca1b5243edf461ca0b5a6d479a
SHA5127081654001cba9263e6fb8d5b8570ba29a3de89621f52524aa7941ba9e6dfd963e5ef7b073f193b9df70300af04d7f72f93d0241d8c70ccdbecfd9092e166cac
-
C:\Users\Admin\AppData\Local\Temp\nsz6C77.tmp\System.dllFilesize
11KB
MD5fbe295e5a1acfbd0a6271898f885fe6a
SHA1d6d205922e61635472efb13c2bb92c9ac6cb96da
SHA256a1390a78533c47e55cc364e97af431117126d04a7faed49390210ea3e89dd0e1
SHA5122cb596971e504eaf1ce8e3f09719ebfb3f6234cea5ca7b0d33ec7500832ff4b97ec2bbe15a1fbf7e6a5b02c59db824092b9562cd8991f4d027feab6fd3177b06
-
C:\Users\Admin\AppData\Local\Temp\nsz6C77.tmp\modern-wizard.bmpFilesize
150KB
MD559ed2684c564aa9dcb6859342a97b960
SHA1d7ca551a1340e2a31106171ead92631e79983949
SHA256d238273737a291fb4129e33415cb66131756782428b86fe13894d8bf1b4abb7c
SHA512c41433f1baf5b1826496ab9146be1b9e45e1f6208a74b54120cf421fee51900409fbc92e978d9213d4c0dcd0e937c390f782e787d8d7032fae62e1d957a3e9f6
-
C:\Users\Admin\AppData\Local\Temp\nsz6C77.tmp\nsDialogs.dllFilesize
9KB
MD5ab101f38562c8545a641e95172c354b4
SHA1ec47ac5449f6ee4b14f6dd7ddde841a3e723e567
SHA2563cdf3e24c87666ed5c582b8b028c01ee6ac16d5a9b8d8d684ae67605376786ea
SHA51272d4b6dc439f40b7d68b03353a748fc3ad7ed10b0401741c5030705d9b1adef856406075e9ce4f1a08e4345a16e1c759f636c38ad92a57ef369867a9533b7037
-
C:\Users\Admin\AppData\Roaming\Unipro\UGENE.iniFilesize
14KB
MD501b8c75484627e56d29287f562de86bc
SHA147d0e31a745aeba8313946776a6c6b407ead629f
SHA256bdebaeaa886b2495aff16d64297fae801034c3b2c820b177017f7249f3a8b0de
SHA512f6d5931be413e8d3fa51504dcdfd3b9d7d061a91567f56132b6f986b2ce9c5e9394c9d49025e693e98c154f37784a174e5dc621c000f2668554ea3525a61b176
-
C:\Users\Admin\AppData\Roaming\Unipro\UGENE.iniFilesize
15KB
MD589ac1bac02b0736e9b5968acf03410f8
SHA165a05e6ca48f918cac4972c7be4477b9a13ca931
SHA256b6ff3f3d2a00a535e75a29703c936a236c4be61a4c408c7aa7d446513125b2d4
SHA51257e24e6d34003bd7dfa9d44ab865b5929c019d03dc621bddd31692e4cd34356184b63d3d048b7b93cd7a49ed912282324a8f3ab19db4a783986d618c0bbbaca1
-
C:\Users\Admin\AppData\Roaming\Unipro\UGENE.iniFilesize
15KB
MD582edb043ff4e94935f3b1a7dd4e69292
SHA1cce13930ae054fc5d2e1504dddbafaf0c6b0a83e
SHA256235273e66d7ad1e4be2054d1ec1806564d9082e8d0f014ea96705c862eee1a5f
SHA51215c9b5987eba51411a59c0244394b3df5e12a0da77ac58b75f1369ed3c3aad05f589392a071fa15d325c26dd0a52893102c18925d8280ae935c47c7ca95e6cb9
-
C:\Users\Admin\AppData\Roaming\Unipro\UGENE.iniFilesize
14KB
MD59110979b57c746cb9d2f4f7be1a9f194
SHA1ae7913868c16a1cc7fa2ae1cc1fab182a87d065d
SHA25668146a3508c67d2f668890e54b8223511fcc5abbebbb45785888f5cdf4820de3
SHA5128f34940a0e4388391482a1753fdbb9b96f8ae70f94575a3b14b531d26a4345b7c87d5470b5a704159753ae5a48a3f3dc2d11ddd3592bca1fb394d8fe79ebdfd1
-
C:\Users\Admin\AppData\Roaming\Unipro\UGENE.iniFilesize
14KB
MD54a22e0fd45c5118332d05c98efae3c22
SHA18074310288fe21d58c507285a592b6ad03af8fff
SHA25606dbd62677301f3223035806cf8242f6a52e50ca36bf1644cd993d39a94ea2ca
SHA512dff6e85044dc1b3cd35c910220f944b78d808ca4a0734aa39f5485d8e5f7651c6e4f76d1351d05e65900b916df8737fec142cb4295b88e2caff2e783a0049278
-
C:\Users\Admin\AppData\Roaming\Unipro\UGENE.iniFilesize
14KB
MD53f4f962e7434a194d1f95c9a977c6033
SHA1f4e2bfef2c61b3fb78c495accd7a89cc16bbd86b
SHA2564999f9a1a2dd9345216003e5f797f9c051b0ce58acda412df2e0c309e90fd99d
SHA512b25b59a3fa5ecb37e5d1ea0e26c94ef9ed5819fd8cda16e31f976520c7ec157d1110aeda8d73df3845b1255401d653348525db17a766974f47aa8e95a6dba95e
-
C:\Users\Admin\AppData\Roaming\Unipro\UGENE.iniFilesize
15KB
MD5e68658381a04b7af04bbc10fcaee82b7
SHA1d8c706b4d72b468fea044a5738b55b733d977630
SHA256fc7ce72d6b071b4f78b2b34edf0544f59b0b57801d6063e233c9f9d61adeb4ea
SHA512b4518ba3dc7cbb1ec7e82d435456555702b84cb017d3a7f91de1fe258df8b0286aa2acea70aa95d0df573e794b2fa8e9654f70bb2520d22ca9ed91bea0d26ab8
-
C:\Users\Admin\AppData\Roaming\Unipro\UGENE.iniFilesize
16KB
MD54b825aabebf50bf6fc90952af0d68a7a
SHA1d6b5582cde9cb7ee3d8cb95e80aa56728d47999a
SHA256e1e48f9a9e71c181a21427ac5459b3b331bd7e680faa8c14a85650fb58394c11
SHA51214670617a9486affa27fa0abb1507dc901569475b737d091f5cca46ddfd92953bee095983905ea77c6d0d3a25cc64c745854df40e79cac22baa069b5734b9adc
-
C:\Users\Admin\AppData\Roaming\Unipro\UGENE.ini.aFyaaxFilesize
15KB
MD5b4a6017fc7ba6f6b063a85af484c8dc7
SHA18422c2dab7febcb262a761ff2c240a70560b3901
SHA2560e7bcc39932df76fb3d3dbbdb0ebcfadcdca23e6c1c3434b6391d68980b65df9
SHA51233b5d594bcb4ca627175d6d3f2a8346d6e8711d126da6d60253bf91d087d225e3121fcc1de2a459074c56daa0a1df00a14b6d7ae8e2019004dd1d00a7008e87f
-
C:\Users\Admin\AppData\Roaming\Unipro\UGENE.ini.lockFilesize
60B
MD5b8ac91119a4ae9fd7291c544f1ed0518
SHA1653874b37afa5e7a225e8e9d612dd82779497397
SHA25658d3a0f5b15d0fb07583e80427f5e34861c671ae4fef88a2eae90f68b13d9393
SHA5125ede2ec68ee99243280ba31f3ebd169b1a3c415bfcf6d9cd712d1ddde7eda34188ed2f6335ba10ee8ec5d79720bef7180a467cd0989e1e6e5a1bd2fff0a27c5d
-
memory/740-21009-0x0000000180040000-0x0000000180600000-memory.dmpFilesize
5.8MB
-
memory/740-21020-0x0000000180040000-0x0000000180600000-memory.dmpFilesize
5.8MB
-
memory/1188-20411-0x00000003FF010000-0x00000003FF05C000-memory.dmpFilesize
304KB
-
memory/1188-20410-0x0000000100400000-0x000000010059E000-memory.dmpFilesize
1.6MB
-
memory/1188-20414-0x0000000180040000-0x0000000180640000-memory.dmpFilesize
6.0MB
-
memory/1188-20413-0x00000003FE740000-0x00000003FE75D000-memory.dmpFilesize
116KB
-
memory/1188-20412-0x0000000180040000-0x0000000180640000-memory.dmpFilesize
6.0MB
-
memory/1412-20949-0x0000000180040000-0x0000000180650000-memory.dmpFilesize
6.1MB
-
memory/1412-20956-0x0000000180040000-0x0000000180650000-memory.dmpFilesize
6.1MB
-
memory/1512-20371-0x0000000100400000-0x000000010049B000-memory.dmpFilesize
620KB
-
memory/1512-20374-0x0000000180040000-0x0000000180640000-memory.dmpFilesize
6.0MB
-
memory/1544-20622-0x0000000002E40000-0x0000000002E41000-memory.dmpFilesize
4KB
-
memory/2016-20993-0x0000000180040000-0x0000000180600000-memory.dmpFilesize
5.8MB
-
memory/2016-21006-0x0000000180040000-0x0000000180600000-memory.dmpFilesize
5.8MB
-
memory/2412-20392-0x00007FFE77B70000-0x00007FFE77E72000-memory.dmpFilesize
3.0MB
-
memory/2412-20391-0x0000000100400000-0x000000010043E000-memory.dmpFilesize
248KB
-
memory/2444-20553-0x0000000000400000-0x0000000000453000-memory.dmpFilesize
332KB
-
memory/2488-20482-0x00007FF79E660000-0x00007FF79E686000-memory.dmpFilesize
152KB
-
memory/2620-20923-0x0000000180040000-0x00000001805F0000-memory.dmpFilesize
5.7MB
-
memory/2636-20350-0x0000000180040000-0x0000000180650000-memory.dmpFilesize
6.1MB
-
memory/2636-20348-0x0000000100400000-0x000000010050C000-memory.dmpFilesize
1.0MB
-
memory/2636-20349-0x0000000180040000-0x0000000180650000-memory.dmpFilesize
6.1MB
-
memory/3080-20488-0x0000000100400000-0x0000000100642000-memory.dmpFilesize
2.3MB
-
memory/3080-20493-0x0000000180040000-0x0000000180344000-memory.dmpFilesize
3.0MB
-
memory/3356-20512-0x0000000100400000-0x0000000100642000-memory.dmpFilesize
2.3MB
-
memory/3356-20989-0x0000000180040000-0x0000000180600000-memory.dmpFilesize
5.8MB
-
memory/3356-20514-0x0000000180040000-0x0000000180344000-memory.dmpFilesize
3.0MB
-
memory/3356-21412-0x0000000180040000-0x0000000180600000-memory.dmpFilesize
5.8MB
-
memory/3520-20498-0x00000005603F0000-0x0000000560500000-memory.dmpFilesize
1.1MB
-
memory/3520-20497-0x0000000430B30000-0x0000000430B52000-memory.dmpFilesize
136KB
-
memory/3520-20500-0x0000000180040000-0x0000000180344000-memory.dmpFilesize
3.0MB
-
memory/3520-20494-0x0000000100400000-0x0000000100434000-memory.dmpFilesize
208KB
-
memory/3564-20437-0x0000000180040000-0x0000000180650000-memory.dmpFilesize
6.1MB
-
memory/3564-20435-0x00000003FFB70000-0x00000003FFB8A000-memory.dmpFilesize
104KB
-
memory/3564-20433-0x00000003FE760000-0x00000003FE77E000-memory.dmpFilesize
120KB
-
memory/3564-20430-0x0000000100400000-0x00000001004C7000-memory.dmpFilesize
796KB
-
memory/3564-20432-0x0000000100400000-0x00000001004C7000-memory.dmpFilesize
796KB
-
memory/3564-20429-0x0000000100400000-0x00000001004C7000-memory.dmpFilesize
796KB
-
memory/3564-20436-0x00000003FE970000-0x00000003FEB19000-memory.dmpFilesize
1.7MB
-
memory/3856-20263-0x00007FFE7FD30000-0x00007FFE7FF78000-memory.dmpFilesize
2.3MB
-
memory/3856-20261-0x00007FFE801D0000-0x00007FFE80512000-memory.dmpFilesize
3.3MB
-
memory/3856-20273-0x00007FF763E10000-0x00007FF763FBA000-memory.dmpFilesize
1.7MB
-
memory/3856-20408-0x0000024088820000-0x0000024088830000-memory.dmpFilesize
64KB
-
memory/3856-20265-0x00007FFE7F0E0000-0x00007FFE7F621000-memory.dmpFilesize
5.3MB
-
memory/3856-20280-0x0000024088820000-0x0000024088830000-memory.dmpFilesize
64KB
-
memory/3856-20295-0x00007FFE7D980000-0x00007FFE7DC95000-memory.dmpFilesize
3.1MB
-
memory/3856-20264-0x00007FFE7F860000-0x00007FFE7FD21000-memory.dmpFilesize
4.8MB
-
memory/3872-21003-0x0000000180040000-0x0000000180600000-memory.dmpFilesize
5.8MB
-
memory/4244-20589-0x0000000002800000-0x0000000002801000-memory.dmpFilesize
4KB
-
memory/4308-20745-0x0000000180040000-0x0000000180650000-memory.dmpFilesize
6.1MB
-
memory/4308-20757-0x0000000180040000-0x0000000180650000-memory.dmpFilesize
6.1MB
-
memory/4332-20463-0x00000003FE970000-0x00000003FEB19000-memory.dmpFilesize
1.7MB
-
memory/4332-20458-0x00000003FFF40000-0x00000003FFF58000-memory.dmpFilesize
96KB
-
memory/4332-20452-0x00000003FF6B0000-0x00000003FF6DC000-memory.dmpFilesize
176KB
-
memory/4332-20460-0x00000003FF6B0000-0x00000003FF6DC000-memory.dmpFilesize
176KB
-
memory/4332-20462-0x00000003FFB70000-0x00000003FFB8A000-memory.dmpFilesize
104KB
-
memory/4332-20461-0x00000003FE760000-0x00000003FE77E000-memory.dmpFilesize
120KB
-
memory/4332-20457-0x0000000100400000-0x00000001005AE000-memory.dmpFilesize
1.7MB
-
memory/4332-20456-0x0000000180040000-0x0000000180650000-memory.dmpFilesize
6.1MB
-
memory/4332-20453-0x0000000100400000-0x00000001005AE000-memory.dmpFilesize
1.7MB
-
memory/4356-20485-0x0000000100400000-0x0000000100642000-memory.dmpFilesize
2.3MB
-
memory/4356-20487-0x0000000180040000-0x0000000180344000-memory.dmpFilesize
3.0MB
-
memory/4612-20476-0x0000000100400000-0x0000000100642000-memory.dmpFilesize
2.3MB
-
memory/4612-20506-0x0000000180040000-0x0000000180344000-memory.dmpFilesize
3.0MB
-
memory/4612-20503-0x0000000100400000-0x0000000100642000-memory.dmpFilesize
2.3MB
-
memory/4612-20499-0x0000000180040000-0x0000000180344000-memory.dmpFilesize
3.0MB
-
memory/4888-20324-0x00007FFE7F860000-0x00007FFE7FD21000-memory.dmpFilesize
4.8MB
-
memory/4888-20323-0x00007FFE7FD30000-0x00007FFE7FF78000-memory.dmpFilesize
2.3MB
-
memory/4888-20322-0x00007FFE7F0E0000-0x00007FFE7F621000-memory.dmpFilesize
5.3MB
-
memory/4916-20360-0x00000003FE740000-0x00000003FE75D000-memory.dmpFilesize
116KB
-
memory/4916-20359-0x0000000100400000-0x0000000100452000-memory.dmpFilesize
328KB
-
memory/4916-20361-0x0000000180040000-0x0000000180640000-memory.dmpFilesize
6.0MB
-
memory/4916-20455-0x0000000180040000-0x0000000180640000-memory.dmpFilesize
6.0MB
-
memory/5004-20474-0x0000000100400000-0x0000000100642000-memory.dmpFilesize
2.3MB
-
memory/5004-20496-0x0000000180040000-0x0000000180344000-memory.dmpFilesize
3.0MB
-
memory/5004-20519-0x0000000180040000-0x0000000180344000-memory.dmpFilesize
3.0MB
-
memory/5004-20517-0x0000000100400000-0x0000000100642000-memory.dmpFilesize
2.3MB
-
memory/5088-20382-0x0000000000400000-0x0000000000B0F000-memory.dmpFilesize
7.1MB