Resubmissions

26-06-2024 11:01

240626-m4v53a1gpa 6

26-06-2024 10:59

240626-m3p8es1gla 6

Analysis

  • max time kernel
    135s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-06-2024 11:01

General

  • Target

    Easy Paint Tool SAI 1.2.0/Paint Tool SAI 1.2.0/sai.exe

  • Size

    1.5MB

  • MD5

    f1b497619bfdca80d4d98507a33faea5

  • SHA1

    2ebedbd7a6582bda5eda05eaeb3ba1533233196c

  • SHA256

    260384c46834d42aa554efba76c56366338d99a81b536e5a6708f0516137fed4

  • SHA512

    a613bc8f35948e15d140d4c18703911c217e605d0d4a8c37431ee7c9153f667046968748f0754bbe7db92aefe5fd337b410f29be8fd0b204b1a510126a0e4fcf

  • SSDEEP

    24576:e8oV8kY2c+SO1h9Rey945GQtb3082fPx5BTOXyRSPzLdoEW:Gn5H2x30phTDw

Score
6/10

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 8 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 23 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\sai.exe
    "C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\sai.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    • Checks processor information in registry
    • Modifies registry class
    PID:4300
  • C:\Windows\system32\mspaint.exe
    "C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\TraceLimit.bmp"
    1⤵
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:5524
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
    1⤵
      PID:5592
    • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
      "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\Desktop\TraceConvertTo.doc" /o ""
      1⤵
      • Checks processor information in registry
      • Enumerates system info in registry
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious use of SetWindowsHookEx
      PID:1984

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolink\00.ini

      Filesize

      349B

      MD5

      7107234dfefa2cde5d5bb9426ae3b142

      SHA1

      ff350aa3e730f9e6567dcb9ef48362699112f68c

      SHA256

      c3401a06db471c24d4e8cf5a46da8b09bd18a640f4b5e0cd9b4b709f4726ea6a

      SHA512

      8d5fcecd90ec062d09b9765de90816c12c755aa9d4fa23bfada80cb256e58a2281662fb5a7615ebbf061ca001ec379216bd448ef2943e57fd0b89582eb1688cf

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolink\01.ini

      Filesize

      350B

      MD5

      3a4b6e8fe409b33c7d11a20f12bf4141

      SHA1

      92df914189166f1aae1802500c66509f288694a9

      SHA256

      b62d4e739172d109c9fb09a234bad9d2378c8de3cbd5c964090f2080171a350e

      SHA512

      432ed3a1a442651c5fdcec2f8c27e0d6e2839eef481ed9d5223eada2165908ee93a21db4caede038b57aabd72c91c6f5a8886192ab6403e51b4c4b9bd4985525

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolink\02.ini

      Filesize

      344B

      MD5

      dc1a61bcb80317021fa84cf91210796c

      SHA1

      10651b78045a16bf869a77896833eb6bdd057363

      SHA256

      509526a3761a3747ab11cbd960bc426dbc13d5b99c5371b6290eee5e749fcaac

      SHA512

      b9c276e60b63c044e72ac38c5b3d36c19a8f249199ce17f12285463d19b1bb9877c4e1c781c7620219c711c7e61917556f5cd8c6d1864cb33497d0b3d8b61058

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolink\04.ini

      Filesize

      52B

      MD5

      7b3a324b1ac005423dfe2a615bb2067d

      SHA1

      fa9c419334c6c1d9c1f0e89820c901342b2d3c96

      SHA256

      d6fa250f5ff8dc192d8fb02d92dd3deab68d7e59ea703361cba479c7a800631f

      SHA512

      2aa3b3710912787ff51765231128bbcb47d47b3cdb318c1acc61a4dd5b12d3ef2f9a43b39340d091a4c14813bd48598ada7c06bf81ea82af66e0243d53c0aa8e

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolink\06.ini

      Filesize

      349B

      MD5

      9af6127dc93f65bf4730411ee28f4beb

      SHA1

      e16f469322b0eabc33321f3b6fc3c323bb5621eb

      SHA256

      a04dd2f90a1abdc058a8e201d3a5e04eb5eb8f3a5c6eedd928319ec883ad049e

      SHA512

      9ad2afd11bd2a739d9ca995ec702aba607247b5491858e4933b4a661c090c02190698d032d873bbf800a25dd027572c236191a51e219314ac806a595c76444e2

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolink\07.ini

      Filesize

      351B

      MD5

      f5fc7650ee85bcd6b635870462f2a15c

      SHA1

      c58f4e3e6f043cd26b7cc4566158e91a6b1746af

      SHA256

      e5d857e8ba38764b61b05f32bcba18f52b9df267a2ca7bef02c0cdce76d5e747

      SHA512

      f4ac7a9275514c3c3ac9264e8a32529a604e996d51834e369e011c3b3e760f715da1e0f48935bd5aaf0df09f5df31f34145b48ac12a41a68df934889a1f5173c

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolink\08.ini

      Filesize

      343B

      MD5

      5a243bcea8cd6d27bcab559468158743

      SHA1

      e5ea3e3b6c0e5006094d1ebe3d2a94875203672a

      SHA256

      07aec461c4edb0f8d76a66e5f298cc9190e2b5c1bea4725092bbd2964dc8a96a

      SHA512

      6b99ff2ddc7f5599d10d9e896f47c1b68e38a80e9409294f8bee8ee99f7f3e137bef38f533750613a034082841f59b9cc11d80ee7819ae277b28043135dfcd37

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolink\09.ini

      Filesize

      342B

      MD5

      92faea1b8d82ec6aee561e129914f0d1

      SHA1

      2bf3d991a0925babca785ea29af692ead6213b09

      SHA256

      4732e58003250a3da4bff607c93e514ff76d65cd28727acae2cdca6746e96998

      SHA512

      0bb48945f78c78ffcebf8fab8a944a24e6d7c5f28ba0bfab2c1673cbe318ad3ace9fc971bc20b3cba808d6c74ec44f506e3ecee49a1e0fc8bc83bb15644d37c0

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\00.ini

      Filesize

      367B

      MD5

      9a2ea83b1805fd6ba05f5a31cbbf2db8

      SHA1

      7b0d0dbb416a585a09e40b40f9cb996aa8c3bc1a

      SHA256

      85fa616c456f5fdae80ffd9733180bf971231643cc1c63d8437a0764c06dbe45

      SHA512

      3008751201431e140d50a678fa0f7caa95cd6427f39d4eda86e27c211f32cdec23756630331b9778eaa1a7067d065641d8b9c3cc2da427ece56044ce90ad38e7

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\01.ini

      Filesize

      358B

      MD5

      9bad4cca4a3e6b332d87081c30cf3071

      SHA1

      d7f46113d0796b444055c45d6473780d3d95deb9

      SHA256

      3edf173ec61bdb6b3b0a9cbfa8355ac8ca6440d9be4ab48c1ec80333bae74b0f

      SHA512

      794d7096ce4a92ed75f6f5c661e53b3c7283c1e810c7a34ae02f10a9fcb45038498a12681837a67904410063b5e629c1804518aa9f43e773f486bdb9002e5c35

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\02.ini

      Filesize

      357B

      MD5

      7eaaafa1ec1ab8a9658e78c2e3d653b4

      SHA1

      ad6298d3283c922569f0a43ee18972450f28bd3e

      SHA256

      cb459785c31832cc00d4bad948c1752a610f2abc7496c5fbf31e947144c2cb5a

      SHA512

      d1f69fe6a116c09e4e82b592808fef3a705871e9fe555370000f0e0a877401c70381c56f3c5dcf761c8bf3297dddcfcd14f4284042592691ca9e15cd69318599

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\03.ini

      Filesize

      362B

      MD5

      078117d91192e1b954cc6e7a868fb79b

      SHA1

      367e547bd954b8923a052da7730be5dc40b24721

      SHA256

      ac413367939c488928407fc592ebe20e448645cda64cd3e4d3ffea6a486dbe41

      SHA512

      ea48ebf448d8dad73649e96df5b1e3198913a502e4ea55ddb043af2364c8516ae173e8ffa07ce3eb7879427569ba672365551e21892701982c6864b10c66d138

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\04.ini

      Filesize

      358B

      MD5

      483ddddae3250f84551e97fbc1c066dd

      SHA1

      0f65ada349a3f503046f3698a3c1460c31a33db4

      SHA256

      e5e06ef6920d4871d697bd2e032fe2234689a52014b1db53ddef0a70fc2fc375

      SHA512

      df5d6f05b14506155f080bd42b7f40b3db9034b7b533669c0163894d72d29f51f11cb7207e6546ca51bb2434d3a9b3893483785a65cd295b0a2bb58cd0100b24

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\05.ini

      Filesize

      358B

      MD5

      65e6b7600240cd5886f776ede8eb810b

      SHA1

      52d90a84a8076808a79e4cb1b0249b9895d13564

      SHA256

      d54dc431424671c440e3325c7ac43df8346459d8799b99f13c1ad954328fc93c

      SHA512

      85ebcfb60351477ddf8f8dee7f167bca1db172d2d6e9823778e072acdbbe01f893afebedae97e9af3db1350219cac78e700d689c36b428bce0f09dcb4d92b445

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\06.ini

      Filesize

      358B

      MD5

      71e5ea4c207aea9635a334d4d1f71975

      SHA1

      9afb224dbd477d1bb77c91dd39c3e3dfac9d6e34

      SHA256

      a8b0ef7a536334a3d8ba016c895b7b5c6e8af3f9e595206d282799868ace6c05

      SHA512

      58f5d4fc66f6263cce57a31b2d1b563bcba5b3d1e68045268670dab3ae9d8f6c26cf345901b9cb9f01081096dc682d15a992c6e652759b234a46a61218c0675c

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\07.ini

      Filesize

      364B

      MD5

      f1e2b2efc976e21aaa311ec3cb779840

      SHA1

      04c3e53723d32f1211abc556c79ceb51aa674d88

      SHA256

      42a5ef17f16932778233c2f647f469e7c4169cb51e20a16c8daebc6417ffdfd5

      SHA512

      edf917de10ca4e36d7c67069f5c67d1066317ec9217832c03f6152a1fcb3bd4e1cf00b4b3fbbbe8d51040d14cf454cb2558c394568e9f066d1e1b7998800c842

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\08.ini

      Filesize

      413B

      MD5

      d70009951383c4666e7eecd2f3b65fcb

      SHA1

      c35759fd3936d9cb8f1c55c27d5e48996b68e580

      SHA256

      25d10242bbc28be1e122355f024b9ea3dee30108c6f3b570f02e41a7df91f058

      SHA512

      2dd89a2b18d85fdc2ddcd7ab2bc655e0fb78540b02906911b65d37041886532d3cc3002a2271eca3bd8a885d7ea95ae0b26c9838925c59eda9719b19d094b494

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\09.ini

      Filesize

      401B

      MD5

      db13da1d2825fa0343ee6e6c3023470e

      SHA1

      ea9167c83bdce910f0f060ddfb181bc27b61cb42

      SHA256

      7ca9b00d2d92754bdb8e9396d537511cfae15e881c40fd944f5c03b1125a354a

      SHA512

      841092752b8cca00793421848b80de19bade80ec8bd20351fb11b56553687455d8d499ce8913f48ad0b4663badf4868f3e291a0de1a0a5f04228e0f43cc3e2b3

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\10.ini

      Filesize

      472B

      MD5

      a8f720cd6b8f338677e0739718e0e478

      SHA1

      1d7405a0cd045c0dd17e136c5548c980588afaa8

      SHA256

      a7845755eba244e903db8bd27a1f1a0ffb6e7a496cd62299daa69fb6fcfeaf30

      SHA512

      c84b7ec58cd96bed97b71996da161455713c461733cc5907162da11b53261807ac5c3c18765c66560fb277db6d5142d891ddec8611d190afb392fab7aded065f

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\11.ini

      Filesize

      374B

      MD5

      3d88106c26a1538bd0df67e2a0e6ae3e

      SHA1

      23f0be1cbb2de001357b70439a6b9cc70c7a9613

      SHA256

      9d6712a04cbd465e4b00cc172f46fd88980a7e41de8a4a30d119e563beeaa684

      SHA512

      1f70c01ee5fb71ac64e0ab37fdb9f83e49ad667bae02cbe6097bc8423b6cd3b90c1dc3fecf734764fb1152eaaabf93327ab2e2b569eb2457508f43cc0530e399

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\12.ini

      Filesize

      379B

      MD5

      090d10e588e4e8a1b439eb1cba4f1a75

      SHA1

      5043a0a1d1343e703baf3c7ca7d046f214a2a786

      SHA256

      e6d3f3c5d55680b6e35e640533c153fee9c493bfe77c97ff5327de1df4265fbb

      SHA512

      1f1743ce089034021d6c370221ab9930726ed5a726e9f61c1c3566a57dd2c51c8440c536a910236b2279d0ecba40efc2d72572aaffe6607f44d83882d986a60c

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\13.ini

      Filesize

      385B

      MD5

      57527ee88433a1cd8ea88777723ed505

      SHA1

      9e196aa5a1d58722ae088c5f93d22e15a4d385c9

      SHA256

      047ab1ee76e4265308a3ae32b3a4a5035d25a1b0b51c948a804c85ef517ef14e

      SHA512

      fda4589cec68b9c8c755def0720533c479dc1ab3adad576928917a41f95d170ed250148de9010c07bf7619b6bae802482c67f862f7d4a411b407ddb9b5c4ca18

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\14.ini

      Filesize

      375B

      MD5

      c1228b20dd2abb982bb35f8d2b297d6e

      SHA1

      2e95b9d95f4f649e36ad66ea847b1b57087ec0ec

      SHA256

      cc64324ff8429bc34b8ebed21215572a32bcdc5ff717245a4141e9e0eeb163ca

      SHA512

      6f51b5877dad5844fda346cd9d2354254de46a79f027e348d45ed3d09246381e58aa383f91ecfbf2937bbac3dcc98b2f2aca88506fccc4628d868e4f86f04096

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\15.ini

      Filesize

      380B

      MD5

      8f503ce8ab954b17901f4f4c5129c90a

      SHA1

      7193fd1e83bd26a880dcfdcd20d146d666b9dc96

      SHA256

      483e8561fa7041aa82a93f38d05bca7ec8197d719521e9a8916bb48765ac6bd6

      SHA512

      79590a4cabc6ff863c5ff99ee68b6ebe4923669e4d767d94cd6214d6fbcb8483dee30509500738b738780d5e11b8824381390212792fdf739579cc0f0e6c5bbc

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\16.ini

      Filesize

      385B

      MD5

      5493b63bcc0625d1c2017d987a8a5642

      SHA1

      b2c0cc55ca6f3d140a8de6905f0802098621eecd

      SHA256

      9b6b98102216e95f32e11efbff6bde9ca3b8a9a7edc222b4ef23e4efe22e2488

      SHA512

      b7706eeb3ea66dbb07e31b3d439882c19f1a9973dac5cbb1a2f9d8dbdd1bad9d47c8ad9d55ff992c2d986be60ca810fbcb78b337bd68c13a7a76eba402329156

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\17.ini

      Filesize

      406B

      MD5

      9099c835f116b9e1e7669acbd0222088

      SHA1

      3614259ccfedd730036805b70caac85ce3567582

      SHA256

      bad623a3d181e82b7b593689d8f5246712f925c60d279b1682d4b50ad3b325f0

      SHA512

      35e4c54e4ea22e2deeabd9445571e9df37a50d77cc77dd3b39e4188e60f59fbae6a734c20fb5607124889a75f8f8c85e62855f7e7317e37323319c8743e67f07

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\18.ini

      Filesize

      380B

      MD5

      bdc70f831886ae69e4fd77729d17cf1b

      SHA1

      66971f3a25759233d52115281b93a8151608d50d

      SHA256

      106c2832d806e39af39a3a71db43b9e2afbae49e70dedb86dabf141bae7450d4

      SHA512

      1050ddf299ae59ed3333dd7b4da994d18ec43e138b8d169fc09279c1fe42a57fe3b24e7cffd5cb6ac637706623d3aa615abee2848dbb4314676685bdf82f84d1

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\19.ini

      Filesize

      383B

      MD5

      6a9770f4bd3fc0ac15c35168a3191656

      SHA1

      576f7378baa53455b148cb5a9bf7d7a09db210e9

      SHA256

      104329a93a9c87a07b2c044ec4fd5ea0d232e3048dd31040a14dd84d2f76c87a

      SHA512

      bd696295c91ebd9863ed076c7cc2275504e64b184723d4a606e50b3a988855c322836c8c9d4f27634ea1a75a3eecf2d8fbc67c3ed1cb4eebe4ee119a7251dfff

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\20.ini

      Filesize

      381B

      MD5

      c652477af1275ec02d7794505ce46e48

      SHA1

      ef1d2524306cabcfdb395acd0b771e364eab480b

      SHA256

      e52dfe633231d88c4b4ad9bd3bc5b6151bff2f6f6a06e661216bc88a9724f422

      SHA512

      1ac6c4a2650d4cdd377d6429ca38ca49b069e7bb3d1a9fe5fed1ce79dc3c8ddef206831f18c8e4c6bb92728a08d9243f8b6220ef03e5ba08824be553452afbf3

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\21.ini

      Filesize

      367B

      MD5

      5d19c1a2421d7df35ba7b5725f977670

      SHA1

      7ead66fbfbc0bc473e0d70c661d3df3971222d39

      SHA256

      71301dedb94d6f69ff441ff5c1b802c15175817381804deb11a49443c6f6769a

      SHA512

      83e0a22a9549dad8d98b3ce49b4f01caf21ea0883650764c606751c8965ab4d8ac95f890db0eb99c6e3a8c7ac0d7be27874e5af1af5cdb065526e4500b50105e

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\22.ini

      Filesize

      378B

      MD5

      d6fe68e77aa365db39bc9d6fa16e7e6c

      SHA1

      d95a70731793addc52fa9a8a187e515990407ebf

      SHA256

      64afdcd0ee6df4f43826e1cd149f94e3f60a9a9ed890254d2fe7e41c48a518b2

      SHA512

      333def157a856c133f4895c53a85fef67c668620b728a1980bd65542192fb4a2739ae53e5d63687e8e4b0e85f0fb1baa13448af6682b6f31d75b234f89f99067

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\23.ini

      Filesize

      396B

      MD5

      dd60081d93125ff3c29ea0f2e9771abf

      SHA1

      7bf3b02f40b12ad324c9792eb5cb26d728b3276d

      SHA256

      ae1bf8c7bc478742d87dc1034dc74b796af9d38879842f3071c8105f4b643b32

      SHA512

      eacff7e7b3de343cd3eb0ad9bf07b790efbe1d2eec027b159ec14ee4230dc89bad3d2db97f2584e59c65299c2ac103572303afa8ed2e68da556042de3bd35530

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\24.ini

      Filesize

      372B

      MD5

      fefe175391c16d642fd03a25d9df72b6

      SHA1

      4cc986a6f3c611d656506cbe4cd0fe975c4175f6

      SHA256

      53a0583bca5e1c5f71e0c6ae5eb0b8d9faefcf019ba314d515abaa71bb52aa2a

      SHA512

      b7af90b053512d674af497dc47da688212579e4e0f1297eb5f79c33fb15d7000e767ecb7e577346ca2ba582ec73e44470f2201af1eb1c5c5bc10604b3a94a86f

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\25.ini

      Filesize

      369B

      MD5

      83c72c0877c8838d2fc164b3a016ee2a

      SHA1

      ebc42bcf68608607e42a9fd7b54c642e9107ac23

      SHA256

      9557f291a6184582043d7318d08852b40936aa3d2e6c9ef6e928c29b877e8269

      SHA512

      2ccc58c9f5688e7da2adf47b5d66ed54be53dbb2b047f05c9dd1ed4df0d1bf291fc3a9c4cea0ff3ffed97cc1a59d1245ca999f7eb2f4929e17ee0d4c08e10829

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\26.ini

      Filesize

      381B

      MD5

      a4df022897686dbed1066481a972d4e6

      SHA1

      cd0eca77326b0d4ee7f31e53e22b92628957b8fa

      SHA256

      8213b241cdbd7c419f7b4242f24822f25a58d718c87cc1eec8ff12c66df383ab

      SHA512

      c74d3149af6e16bcc6dbefa60aa370c66b7fcf12a6df77c0ffa4ceac9e11ec1280839c990c50e835f5443619c1577b85a85bc7ef19c4be552a916993d518d840

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\27.ini

      Filesize

      384B

      MD5

      df8d5945c042a88be678eb3b70b1db7b

      SHA1

      3b182e70da225280bc528042aa07d321efc2c985

      SHA256

      9e483f552fdad105f5f5ff0193b39d402b404362be65fc9f5e143b3b6c6315a9

      SHA512

      bad29dc9c52cab0a2b59b85a34fed4f121670afd7bcc196a97ae27aee7318f8057fb193b98f9f1c28c7e88d5a8197b9bb5f5bac1db9db73ce82cff1390601034

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\28.ini

      Filesize

      392B

      MD5

      c1fea6fe1c807c7cd6da1f78dfb04a35

      SHA1

      1e45038f42dae3bd33cac3569a96afb9a321cf74

      SHA256

      665a97b27907592ba85d52b08969949904cac9ffad35e6a93a7aed0a55c61446

      SHA512

      7716d73947f4848e0e506b13e6e12406c04b52799d432c663b817febfcbfbf95290baf806d4db578b1e1033769ea88dbd154f9b647491418301e51153b56f495

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\29.ini

      Filesize

      428B

      MD5

      696f3586ed96929713ea567a0f4b3993

      SHA1

      d24005ea4f4292e17ca0eac9fd12fc9d6782ef60

      SHA256

      ff62b903ce3eb4d056b5bd4191f2f222c9323aafbf2994664fbc39a8a157e04d

      SHA512

      ebd85b006e5870f7e7beeb7d6d2c77f364a2cd39af972bb325c879fa86616e9cf8973a480521e30f2e0c574809ce39fd1011e7c4734124c021217b3187af19a7

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\30.ini

      Filesize

      474B

      MD5

      8e33f4c1e8969a44740a42d4a4bf2df9

      SHA1

      bcfd0a517051f8a2ab353ad8d62ad39da4141b07

      SHA256

      5bd83396ec43e8de3e42d6caaf611f5174a37cbcfe4cdf5ef0f564468fbc1017

      SHA512

      5f61d6990d5a5d2fac3712e7fdf220bdcd6012ce966c46cf30efa3a0cc4ebe4a7eddd589ec975eefa05c8542dbdc3abbcc4f426aa50cee08f43901fa33c1882a

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\31.ini

      Filesize

      435B

      MD5

      e6b4cbd8ecd98f779aeb00f6b2f7f771

      SHA1

      2ed6ae21d3d7dff045f6047081c0c02ca0a30491

      SHA256

      4ec6c851477c539ae4a7ae2fd45ac47b384f5367e5326eb87e7808301e2b98ad

      SHA512

      7dca6264e36f48d4bb5ef71478aadf4d9accfd13c23c3f9d0192ea9ce49a4e6f9abef4e346d4440f886c2732cd12d64c141b1acf0397f40db0a63193f7a40572

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\32.ini

      Filesize

      365B

      MD5

      d62970d3a076d8d70c8045f23daf803f

      SHA1

      a2e630e57ff01e2b0839fb7786c5a52ee8b0818b

      SHA256

      3de87ed5cf0c1448937e34a320a5b6d70582835e4a64c47b3249aa6ae254581e

      SHA512

      84d48417776099e661465cee685807ae97931d3434c8d6ca3552af2a7d0faefd85a4b0fed4130d8f130df5ae88f6d4b32123c962729cb7e2f71a37e99a9d1536

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\33.ini

      Filesize

      377B

      MD5

      83b616873875d8d29333a7fdfee5d22d

      SHA1

      24ca13336229c5f93ec50936bcc3f15704081c97

      SHA256

      0ae58bf6e138ea000943ab59d60b1486566ddc2eb0904c9a1925b9b576a12c8d

      SHA512

      63ac6a1efd2f73858777846bc8966b664941c8f9441cbbf6580265f8d80b729ce4a25545d3fea8bd975db1aec7a3fa111c3ff28ff469b8ca48731d060b52ac21

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\34.ini

      Filesize

      402B

      MD5

      7b1bf8c5994dad4882eba2b3950cb797

      SHA1

      92766b6cd4bea9dcff73a3a27d1a6c63157a8e76

      SHA256

      23b52e1dc1744c460e55a78a776cd6a63214d111bdda15a51b2caf27d332cd90

      SHA512

      1ce96d0faa0cfa9bb913b00c95f384bca1e78dc4c3ef1d9bf3810c2591dd42dc82ea481e6cce62bd0b0ae33a7c12d299ef1e07ac76cb44dd9a25fe6fefb3bd8b

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\35.ini

      Filesize

      388B

      MD5

      1a446e424280d31cb11aa930c76ebb37

      SHA1

      5901e79cb012768cfb37fa16520d8824605db0fd

      SHA256

      50be628bbb4980adfc1e9acead09487f8edd3613682f9ecebd38ecc041bce5e5

      SHA512

      d92700e3a225d6a221b38bc63e3ac632fab6ee11f8717f43990b6e186df425e9f38581dc6898568594966508e65e87f99d97034fce48fab3a5f6aaa19850341c

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\36.ini

      Filesize

      389B

      MD5

      c7c18311baacb8a35416b3c3aa1fc232

      SHA1

      2759bd8b2723517cb2120ad371598f9afddf88a3

      SHA256

      d97da4ce94504de81c3189466a597c1f81c838af40a7795b303795437ed53470

      SHA512

      34a97d479904ada470a48fe2d3932fac21365b4c42a49f64abf071783882316fe77028b1ff2a5ba812bbd3f33751867a89ee8c1f8888dca171aba6077b327d9a

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\37.ini

      Filesize

      364B

      MD5

      2ef7ad118c126b897adfbf14661eb9df

      SHA1

      bc9d2427416fd2cdc9812c9aa847aea4c54bd7ec

      SHA256

      7490ff1f06db9cfadf64d0b5119d39f35406eddf5a321df68c1663bb61851427

      SHA512

      fbf43aa1c48b4c1ce0be46aee2bd6fc33d06bdbd41a5597beb8206bf9adbe0d0481e5c93cd5a32f97e09e45c2add41ca49fa1d90801e937c5dbaa4577f0c5c98

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\38.ini

      Filesize

      382B

      MD5

      15b682245692c59b32a688bdcdc1b794

      SHA1

      61ee1a7596052e9aaf2c4d31c74ebfea6627a6be

      SHA256

      482361204fdc3567df7907044fa076344183a70322787954927c1ca34a069d19

      SHA512

      ad1be9606d10297a8e2aac9231d2a474adf0e0ba1adbb09f5fd5b2c9cf923ccb5aacff5dfc65d57b40829c4db681e79faabb8dddf98a8079593e17f635592196

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\39.ini

      Filesize

      380B

      MD5

      4904090b33c24cf63276ecd297bdecec

      SHA1

      fc6a0c86000e1240637065adff432f6b563a324f

      SHA256

      2765970e29c5204654d45750e0a94e14fcf57f13a62a6ca97d520f94bb13cb10

      SHA512

      65e859e701f66ed09b5db2b4f6193139c53b8b9868bb44579cb47f1791f17bd1fc8f0b2d5792e57ed6a99b81388f4cd21f10112488b005d17a32561dcae62b43

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\40.ini

      Filesize

      383B

      MD5

      0cc0e8c39e3ffc964eaae3f6eaba5482

      SHA1

      072eaeda8a2ebc6d108398d650cd4ac13f0dd707

      SHA256

      1449c9b32bd5975b7c1a0f5bccba35fc29bfa3f2261906ddb22e158dc6e04d18

      SHA512

      a3e43bea9005d4a3d41753154d832370b26e10bbf9e6e69b036a18c97aa3a79fcb77e69e78437c6721027c83b5e0411139c1c3f1bcff77f7d4a2965cf8de4cad

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\41.ini

      Filesize

      381B

      MD5

      ad97d29ce60017df8a39b7d78bc1bb48

      SHA1

      45d01e6e943f2d765fc769df12fcb8ef80199ef0

      SHA256

      6e47a753826f9732b0913e73467daeab13456a07b0415ea58ccfe663606c03d4

      SHA512

      a39c6bd8310cc55df3c694d2521018194029f27cba31ab75f40a74fe962ac6407be96b560aadbc2eeea4dce3d47debf004e41c4856d2dd9866b607795722a44f

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\42.ini

      Filesize

      377B

      MD5

      47b035c7e0ed768b53c7c578f5e2488e

      SHA1

      7a31814b30de8dabf78b062fc0081eb2938fe684

      SHA256

      61a73d02896cf241c5ec447676067a9cd2c217761d94fb4ee35d3057a81d8e58

      SHA512

      99b6314fbb18f03016f4e9ca35359c884ec204809408506d951610bbcd41a3c0f53d644791a179bae569d48462e276b8330ff7ae00ec9bd205c17a9ba8625741

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\43.ini

      Filesize

      379B

      MD5

      c45f049210910d98e538734df993ec3e

      SHA1

      d7dda823f1f4d82546a8470d6e6805ccfb0b6ddc

      SHA256

      6d3e265f778397b792f2ba989b0b017458de6be5e16f300db0a362c02602ada5

      SHA512

      15bc62941e886cf2218643ef2d9a1a2af4099a5cb4ef60fe8300c0d04545dbd99a1328b1207e44cde8b5e587b64bbab76fe94b0d78999ac617bc2deb6d08f725

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\44.ini

      Filesize

      386B

      MD5

      645f0b8d1dddedef049613d218b5047d

      SHA1

      f23fa3a0ceb100526879971442258a6897e6d001

      SHA256

      3b69c603d80f0b3555fc13fd3f057918a98eb0934ba8ed9be4db530310573376

      SHA512

      afd263261b8dc186ff1781897d73014e5115e16ff73acd1434c44ad8ce1a6ce897948815c58e804519f2b1eacab44af98388c6effb55c705e2e1f945288ec88d

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\45.ini

      Filesize

      389B

      MD5

      6b19bc5380925189365dc436850c86c8

      SHA1

      e56c1868b5ae939ed0789fba1ec6f39a3e4a7e1e

      SHA256

      2113cb89d6b12434e4f99d6e7bf1e53099e468d42144be9eda99201efc8c7dee

      SHA512

      d4d9da073814e046c87e0a30e1c108db0d53e9c592d2127468278979dfbe59bec24ccbcf0e990343430aa39ea43090d0fc117ddaa33d2afc07ccebe315ad3f6c

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\46.ini

      Filesize

      384B

      MD5

      69a7a5d4c5e2ccd3f95c29356b77b270

      SHA1

      f28665ab640365929c893a86d2ebce9372d5385e

      SHA256

      3bb1a4ddbc010c0300d280bda7da923a013dba34772bba91c64ab80a972bbf50

      SHA512

      6533db77c2cbcf548308c44d154e31ec5543b32bcbc115d8528da92b7180865fd8b4817a33d92859efa93936dd1c08036f0cf039d9cf3c6b65192da24829ec65

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\47.ini

      Filesize

      429B

      MD5

      370ec217b2e2100170eed79f48c51246

      SHA1

      d39dd9719e0838b188d5c05439e4ee14fb318b24

      SHA256

      3a57175298bb6783f5df6d6369ae654f7d23c581b38ea175bd73efc2f28d1aac

      SHA512

      b8007d94b5fce907454bb9e92167ed70e53259d1895078bc7c89e84438beaae019d708d2083905320d0b6e58b43ba224d815182f0cdd3a4c4708fa74edf365f6

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\48.ini

      Filesize

      424B

      MD5

      d54867ae7ee420c55bb6b84e66a13b5b

      SHA1

      e0f19019af89e6e7875da48b1bf41d08332f4903

      SHA256

      04aecd61490d0f967e94ff52d2190abfbc772a107cb6a3a98b242ef957536bd7

      SHA512

      9191ddadef659e769569909e47fe58e55a9b3002d9e4901b0499f555ab9338f9b194325967013b1fcc28b3369444582b925c4eea1dfdce78aec8941e55c8d7c7

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\49.ini

      Filesize

      376B

      MD5

      7ba294b818241d4b00ed8f381b1a8438

      SHA1

      d1bb737fee817c88f7d57ea5602c908d49e1a909

      SHA256

      50f14c6818c667f80a399a582fca7332f9765aa3e779796114ae4305a77cab5d

      SHA512

      58af761ca63a6f6c722b0d8b9246bae7c92baa61901862e46268a6750653fa70eb671607e2c8120d16c2c1aed287572631e5cc5ccc47a5952490e53a297dbbe5

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\50.ini

      Filesize

      376B

      MD5

      e47c5ee981a208bb6f9d5746b19d5b7f

      SHA1

      b88396cdedb5a471ffd8bfeb46028e27c46bce49

      SHA256

      c3f9d2dfcf81d72de54dc9ef70d7aab7ae8650d4e0b567c2e819c62863c17462

      SHA512

      639fb14f49dcf43da108862237eb424e7692b06a185e96a2167ec4b2933adaa0f95a8d6b1be83729219c4ffeee0eabd3aa0d6f2a5b72a198132dbd09a1b0015a

    • C:\Users\Admin\AppData\Local\Temp\Easy Paint Tool SAI 1.2.0\Paint Tool SAI 1.2.0\toolnrm\51.ini

      Filesize

      378B

      MD5

      f41e02ae17171138f1a5e511beb138c0

      SHA1

      cb37891242b939cefeac61ec75714229784d8710

      SHA256

      bd2f8ea6d5909ebfa25e4cfe12d3faa22610211892b0c223cfd33d3728d610eb

      SHA512

      268a42b41d43725099b1ae53078932533fe25e12f2a81a9e9cf2e499f65574da75bb9ea786bac064d296f6b6780316be444cd6975ef33fde378090d63095bb89

    • C:\Users\Admin\AppData\Roaming\Microsoft\Office\Recent\index.dat

      Filesize

      261B

      MD5

      4de00036f0ef18cad89ecbac6f58ea72

      SHA1

      d2f71716673661afcfb80632ce2c3a5386c57ac8

      SHA256

      168965c0093ddb9543933e20f97acfdf58521515fd7238678ecd54194b5a3319

      SHA512

      7d6f4ed31eae1d1217ea26a93c8af290d582eefee65df00ebfc2040edabd869fc6d7e63d0d5a1bec140c98ef23e5483a6a757828672250fc68430b9483004b9d

    • memory/1984-1826-0x00007FFA8BC30000-0x00007FFA8BC40000-memory.dmp

      Filesize

      64KB

    • memory/1984-1824-0x00007FFA8BC30000-0x00007FFA8BC40000-memory.dmp

      Filesize

      64KB

    • memory/1984-1825-0x00007FFA8BC30000-0x00007FFA8BC40000-memory.dmp

      Filesize

      64KB

    • memory/1984-1827-0x00007FFA8BC30000-0x00007FFA8BC40000-memory.dmp

      Filesize

      64KB

    • memory/1984-1828-0x00007FFA89490000-0x00007FFA894A0000-memory.dmp

      Filesize

      64KB

    • memory/1984-1829-0x00007FFA89490000-0x00007FFA894A0000-memory.dmp

      Filesize

      64KB

    • memory/1984-1823-0x00007FFA8BC30000-0x00007FFA8BC40000-memory.dmp

      Filesize

      64KB

    • memory/1984-1876-0x00007FFA8BC30000-0x00007FFA8BC40000-memory.dmp

      Filesize

      64KB

    • memory/1984-1877-0x00007FFA8BC30000-0x00007FFA8BC40000-memory.dmp

      Filesize

      64KB

    • memory/1984-1879-0x00007FFA8BC30000-0x00007FFA8BC40000-memory.dmp

      Filesize

      64KB

    • memory/1984-1878-0x00007FFA8BC30000-0x00007FFA8BC40000-memory.dmp

      Filesize

      64KB