51c6bb9b8796709e4b4363c7ff2ef31386630113ab9544174f949b5f290d27de

Analysis

max time kernel
146s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
27/06/2024, 03:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

driver_booster_setup.exe
Size

28.3MB
MD5

3e313fcdb74146731f905eb80d49670c
SHA1

17bba8d4bcdea371e40bfd73c79e4b5940e18de4
SHA256

51c6bb9b8796709e4b4363c7ff2ef31386630113ab9544174f949b5f290d27de
SHA512

dbec84e4a7e66eb4c53ab34e13d7df5de8b0a32580d47e5a588db92b850d3b846f5970cf137f3b8f861dccef3bc88a9e4724baa24b1f22e25f9a365fbb6ad687
SSDEEP

786432:59NJrQa32GEqzgf2utR6m4SVLm8eJjbUCQJe8xQMixfHc0:5lfjECgfx4SVJe5YCH8xQMipc0

Score

7^/10

discovery

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
behavioral2/files/0x00070000000234a6-592.dat	acprotect

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	driver_booster_setup.tmp
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	driver_booster_setup.tmp

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Main\is-VOKA1.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-KBUAP.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-E6SAF.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\History\is-4LA88.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ErrCodeSpec\is-IMAOP.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ErrCodeSpec\is-SEOEM.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ErrCodeSpec\is-EKB1H.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-9PFH3.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DpInst\x64\is-AGQ9P.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DrvInstall\is-D5DR8.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\History\is-0GJDU.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-0Q85C.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\History\is-3FJ52.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Language\is-S52T9.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ErrCodeSpec\is-8MRFK.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DpInst\x64\is-S04SD.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DrvInstall\is-KNKQP.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Boost\is-RP2OE.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Apps\is-F67VM.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Apps\is-3F6RL.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-LONE9.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Language\is-1CRVA.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ErrCodeSpec\is-V2QG9.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-EPFS4.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-LLVKH.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Skin\is-O2ANO.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\LocalData\is-VQ900.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Apps\is-N9HNC.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\History\is-S444C.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ErrCodeSpec\is-MVBV2.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ErrCodeSpec\is-76IFA.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Language\is-MCMDI.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-J9F5P.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Boost\is-N08LT.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ErrCodeSpec\is-KEL5K.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Apps\is-3R445.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-359G1.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-J5U3R.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-E6939.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DpInst\x86\is-SQVN6.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ErrCodeSpec\is-NP93H.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Boost\is-53PG5.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ErrCodeSpec\is-76TJ4.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Apps\is-D9POO.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-5MMFP.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-3T062.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Language\is-ELE88.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-K6E45.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Language\is-JNTI6.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Apps\is-6ESCB.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Apps\is-QK6I5.tmp	driver_booster_setup.tmp
File opened for modification	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ScanData\scan.dat	DriverBooster.exe
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DrvInstall\is-E5UN5.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\TaskbarPin\is-9NSQ1.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Apps\is-VV52O.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\History\is-2DU5I.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Language\is-S1LC9.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DrvInstall\is-LOULV.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Boost\is-9V6PD.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Database\Scan\is-DKUFE.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Update\is-HUV5U.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-49DJ3.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\HWiNFO\is-89LF1.tmp	driver_booster_setup.tmp
File created	C:\Program Files (x86)\IObit\Driver Booster\11.5.0\History\is-P84OV.tmp	driver_booster_setup.tmp

Executes dropped EXE 17 IoCs

pid	Process
4300	driver_booster_setup.tmp
3264	setup.exe
5100	driver_booster_setup.tmp
3052	HWiNFO.exe
3204	SetupHlp.exe
956	RttHlp.exe
692	ICONPIN64.exe
4976	InstStat.exe
2372	DriverBooster.exe
2308	HWiNFO.exe
4204	Manta.exe
1584	AutoUpdate.exe
1972	ChangeIcon.exe
3948	NoteIcon.exe
2008	RttHlp.exe
3204	Manta.exe
384	Manta.exe

Loads dropped DLL 64 IoCs

pid	Process
3052	HWiNFO.exe
3204	SetupHlp.exe
3204	SetupHlp.exe
3204	SetupHlp.exe
956	RttHlp.exe
956	RttHlp.exe
956	RttHlp.exe
956	RttHlp.exe
956	RttHlp.exe
956	RttHlp.exe
956	RttHlp.exe
3532	Explorer.EXE
4976	InstStat.exe
4976	InstStat.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
4204	Manta.exe
4204	Manta.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
4204	Manta.exe
4204	Manta.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
2008	RttHlp.exe
2008	RttHlp.exe
3204	Manta.exe
3204	Manta.exe
384	Manta.exe
384	Manta.exe
384	Manta.exe
384	Manta.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	DriverBooster.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	DriverBooster.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 20 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbd	SetupHlp.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbd\shell\open\command	SetupHlp.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbop	SetupHlp.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbop\	SetupHlp.exe
Key created	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	Explorer.EXE
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.dbd	SetupHlp.exe
Key created	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings	Explorer.EXE
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbd\shell\open\command\ = "C:\\Program Files (x86)\\IObit\\Driver Booster\\11.5.0\\OfflineUpdater.exe \"%1\""	SetupHlp.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	Explorer.EXE
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.dbd\ = "DB_Open_dbd"	SetupHlp.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbd\	SetupHlp.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbop\shell\open\command	SetupHlp.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbop\shell	SetupHlp.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbop\shell\open	SetupHlp.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbop\shell\open\command\ = "C:\\Program Files (x86)\\IObit\\Driver Booster\\11.5.0\\OfflineUpdater.exe \"%1\""	SetupHlp.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbd\shell	SetupHlp.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DB_Open_dbd\shell\open	SetupHlp.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.dbop	SetupHlp.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.dbop\ = "DB_Open_dbop"	SetupHlp.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	Explorer.EXE

Suspicious behavior: EnumeratesProcesses 26 IoCs

pid	Process
4300	driver_booster_setup.tmp
4300	driver_booster_setup.tmp
4300	driver_booster_setup.tmp
4300	driver_booster_setup.tmp
3264	setup.exe
3264	setup.exe
5100	driver_booster_setup.tmp
5100	driver_booster_setup.tmp
5100	driver_booster_setup.tmp
5100	driver_booster_setup.tmp
5100	driver_booster_setup.tmp
5100	driver_booster_setup.tmp
3204	SetupHlp.exe
3204	SetupHlp.exe
5100	driver_booster_setup.tmp
5100	driver_booster_setup.tmp
4976	InstStat.exe
4976	InstStat.exe
2372	DriverBooster.exe
2372	DriverBooster.exe
4340	msedge.exe
4340	msedge.exe
1584	AutoUpdate.exe
1584	AutoUpdate.exe
4572	msedge.exe
4572	msedge.exe

Suspicious behavior: LoadsDriver 5 IoCs

pid	Process
660	Process not Found
660	Process not Found
660	Process not Found
660	Process not Found
660	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4572	msedge.exe
4572	msedge.exe

Suspicious use of AdjustPrivilegeToken 61 IoCs

description	pid	Process
Token: SeDebugPrivilege	4300	driver_booster_setup.tmp
Token: SeDebugPrivilege	5100	driver_booster_setup.tmp
Token: SeLoadDriverPrivilege	3052	HWiNFO.exe
Token: SeLoadDriverPrivilege	3052	HWiNFO.exe
Token: SeLoadDriverPrivilege	3052	HWiNFO.exe
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: 33	2372	DriverBooster.exe
Token: SeIncBasePriorityPrivilege	2372	DriverBooster.exe
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE
Token: SeShutdownPrivilege	3532	Explorer.EXE
Token: SeCreatePagefilePrivilege	3532	Explorer.EXE

Suspicious use of FindShellTrayWindow 38 IoCs

pid	Process
3264	setup.exe
5100	driver_booster_setup.tmp
692	ICONPIN64.exe
3532	Explorer.EXE
2372	DriverBooster.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
1584	AutoUpdate.exe
2372	DriverBooster.exe
3532	Explorer.EXE
3532	Explorer.EXE
2372	DriverBooster.exe
3532	Explorer.EXE
3532	Explorer.EXE
4572	msedge.exe

Suspicious use of SendNotifyMessage 28 IoCs

pid	Process
2372	DriverBooster.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
4572	msedge.exe
1584	AutoUpdate.exe
2372	DriverBooster.exe
2372	DriverBooster.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 956 wrote to memory of 4300	956	driver_booster_setup.exe	81
PID 956 wrote to memory of 4300	956	driver_booster_setup.exe	81
PID 956 wrote to memory of 4300	956	driver_booster_setup.exe	81
PID 4300 wrote to memory of 3264	4300	driver_booster_setup.tmp	82
PID 4300 wrote to memory of 3264	4300	driver_booster_setup.tmp	82
PID 4300 wrote to memory of 3264	4300	driver_booster_setup.tmp	82
PID 3264 wrote to memory of 3260	3264	setup.exe	91
PID 3264 wrote to memory of 3260	3264	setup.exe	91
PID 3264 wrote to memory of 3260	3264	setup.exe	91
PID 3260 wrote to memory of 5100	3260	driver_booster_setup.exe	92
PID 3260 wrote to memory of 5100	3260	driver_booster_setup.exe	92
PID 3260 wrote to memory of 5100	3260	driver_booster_setup.exe	92
PID 5100 wrote to memory of 3052	5100	driver_booster_setup.tmp	93
PID 5100 wrote to memory of 3052	5100	driver_booster_setup.tmp	93
PID 5100 wrote to memory of 3052	5100	driver_booster_setup.tmp	93
PID 5100 wrote to memory of 3204	5100	driver_booster_setup.tmp	95
PID 5100 wrote to memory of 3204	5100	driver_booster_setup.tmp	95
PID 5100 wrote to memory of 3204	5100	driver_booster_setup.tmp	95
PID 3204 wrote to memory of 956	3204	SetupHlp.exe	96
PID 3204 wrote to memory of 956	3204	SetupHlp.exe	96
PID 3204 wrote to memory of 956	3204	SetupHlp.exe	96
PID 5100 wrote to memory of 692	5100	driver_booster_setup.tmp	97
PID 5100 wrote to memory of 692	5100	driver_booster_setup.tmp	97
PID 5100 wrote to memory of 4976	5100	driver_booster_setup.tmp	98
PID 5100 wrote to memory of 4976	5100	driver_booster_setup.tmp	98
PID 5100 wrote to memory of 4976	5100	driver_booster_setup.tmp	98
PID 692 wrote to memory of 3532	692	ICONPIN64.exe	56
PID 3264 wrote to memory of 2372	3264	setup.exe	99
PID 3264 wrote to memory of 2372	3264	setup.exe	99
PID 3264 wrote to memory of 2372	3264	setup.exe	99
PID 3264 wrote to memory of 4572	3264	setup.exe	100
PID 3264 wrote to memory of 4572	3264	setup.exe	100
PID 4572 wrote to memory of 2080	4572	msedge.exe	101
PID 4572 wrote to memory of 2080	4572	msedge.exe	101
PID 2372 wrote to memory of 2308	2372	DriverBooster.exe	102
PID 2372 wrote to memory of 2308	2372	DriverBooster.exe	102
PID 2372 wrote to memory of 2308	2372	DriverBooster.exe	102
PID 2372 wrote to memory of 4204	2372	DriverBooster.exe	103
PID 2372 wrote to memory of 4204	2372	DriverBooster.exe	103
PID 2372 wrote to memory of 4204	2372	DriverBooster.exe	103
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104
PID 4572 wrote to memory of 1900	4572	msedge.exe	104

C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
1⤵
- Loads dropped DLL
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:3532
- C:\Users\Admin\AppData\Local\Temp\driver_booster_setup.exe
  "C:\Users\Admin\AppData\Local\Temp\driver_booster_setup.exe"
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:956
- - C:\Users\Admin\AppData\Local\Temp\is-8G7SL.tmp\driver_booster_setup.tmp
    "C:\Users\Admin\AppData\Local\Temp\is-8G7SL.tmp\driver_booster_setup.tmp" /SL5="$6016E,28950539,139264,C:\Users\Admin\AppData\Local\Temp\driver_booster_setup.exe"
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:4300
  - - C:\Users\Admin\AppData\Local\Temp\is-719CE.tmp-dbinst\setup.exe
      "C:\Users\Admin\AppData\Local\Temp\is-719CE.tmp-dbinst\setup.exe" "C:\Users\Admin\AppData\Local\Temp\driver_booster_setup.exe" /title="Driver Booster 11" /dbver=11.5.0.85 /eula="C:\Users\Admin\AppData\Local\Temp\is-719CE.tmp-dbinst\EULA.rtf" /showlearnmore /pmtproduct /nochromepmt
      4⤵
      Executes dropped EXE
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of FindShellTrayWindow
      Suspicious use of WriteProcessMemory
      PID:3264
    - - C:\Users\Admin\AppData\Local\Temp\driver_booster_setup.exe
        
        "C:\Users\Admin\AppData\Local\Temp\driver_booster_setup.exe" /sp- /verysilent /Installer /norestart /DIR="C:\Program Files (x86)\IObit\Driver Booster" /Installer-DeskIcon /Installer-TaskIcon
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:3260
      - C:\Users\Admin\AppData\Local\Temp\is-MEA9E.tmp\driver_booster_setup.tmp
        
        "C:\Users\Admin\AppData\Local\Temp\is-MEA9E.tmp\driver_booster_setup.tmp" /SL5="$D002E,28950539,139264,C:\Users\Admin\AppData\Local\Temp\driver_booster_setup.exe" /sp- /verysilent /Installer /norestart /DIR="C:\Program Files (x86)\IObit\Driver Booster" /Installer-DeskIcon /Installer-TaskIcon
        6⤵
        Checks computer location settings
        Drops file in Program Files directory
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of FindShellTrayWindow
        Suspicious use of WriteProcessMemory
        
        PID:5100
        
        C:\Program Files (x86)\IObit\Driver Booster\11.5.0\HWiNFO\HWiNFO.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\HWiNFO\HWiNFO.exe" /brandname
        7⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of AdjustPrivilegeToken
        
        PID:3052
        
        C:\Program Files (x86)\IObit\Driver Booster\11.5.0\SetupHlp.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\SetupHlp.exe" /install /setup="C:\Users\Admin\AppData\Local\Temp\driver_booster_setup.exe"
        7⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:3204
        
        C:\Program Files (x86)\IObit\Driver Booster\11.5.0\RttHlp.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\RttHlp.exe" /winstdate
        8⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:956
        
        C:\Program Files (x86)\IObit\Driver Booster\11.5.0\TaskbarPin\ICONPIN64.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\TaskbarPin\ICONPIN64.exe" pin "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DriverBooster.exe"
        7⤵
        Executes dropped EXE
        Suspicious use of FindShellTrayWindow
        Suspicious use of WriteProcessMemory
        
        PID:692
        
        C:\Program Files (x86)\IObit\Driver Booster\11.5.0\InstStat.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\InstStat.exe" /install db11
        7⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:4976
    - - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DriverBooster.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DriverBooster.exe" /autoscan
        5⤵
        Drops file in Program Files directory
        Executes dropped EXE
        Loads dropped DLL
        Checks processor information in registry
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of WriteProcessMemory
        
        PID:2372
      - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\HWiNFO\HWiNFO.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\HWiNFO\HWiNFO.exe" /brandname
        6⤵
        Executes dropped EXE
        
        PID:2308
      - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Manta.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Manta.exe" /CommStat /DoCommStat /Code="a602" /Days=0
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4204
      - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\AutoUpdate.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\AutoUpdate.exe" /main /App=db11 /MainHwnd=0
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        
        PID:1584
      - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ChangeIcon.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ChangeIcon.exe" /0 "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Main\"
        6⤵
        Executes dropped EXE
        
        PID:1972
      - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\NoteIcon.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\NoteIcon.exe" "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DriverBooster.exe"
        6⤵
        Executes dropped EXE
        
        PID:3948
      - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\RttHlp.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\RttHlp.exe" /cnt
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2008
      - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Manta.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Manta.exe" /CommStat /DoCommStat /Code="A100" /Days=0
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:3204
      - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Manta.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Manta.exe" /CommStat /DoCommStat /Code="B100" /Days=7
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:384
      - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\RttHlp.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\RttHlp.exe" /stat
        6⤵
        
        PID:3620
        
        C:\Program Files (x86)\IObit\Driver Booster\11.5.0\AUpdate.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\AUpdate.exe" /u http://stats.iobit.com/active_month.php /a db11 /p iobit /v 11.5.0.85 /t 1 /d 7 /db /user
        7⤵
        
        PID:3808
      - C:\Program Files (x86)\IObit\Driver Booster\11.5.0\SetupHlp.exe
        
        "C:\Program Files (x86)\IObit\Driver Booster\11.5.0\SetupHlp.exe" /afterupgrade
        6⤵
        
        PID:4700
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.iobit.com/appgoto.php?to=install&name=db&ver=11.5.0.85&lan=&ref=db11&type=free
        5⤵
        Enumerates system info in registry
        Suspicious behavior: EnumeratesProcesses
        Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of WriteProcessMemory
        
        PID:4572
      - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9b7b246f8,0x7ff9b7b24708,0x7ff9b7b24718
        6⤵
        
        PID:2080
      - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,17662218625989290006,9680186109372067690,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
        6⤵
        
        PID:1900
      - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,17662218625989290006,9680186109372067690,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
        6⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:4340
      - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,17662218625989290006,9680186109372067690,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8
        6⤵
        
        PID:2028
      - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,17662218625989290006,9680186109372067690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
        6⤵
        
        PID:4140
      - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,17662218625989290006,9680186109372067690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
        6⤵
        
        PID:4488

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1796

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4808

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DataState.dll

Filesize
77KB

MD5
01c2e74799bfec9b06546adcc8db2337

SHA1
d4b73ea0e83e0177eec95070826d12321df9825f

SHA256
0b9e80726a2dc59741fb7d951b1bd31de99c2c79f714f3101988b2eb3f6eeff4

SHA512
6af310e48b285176a75fe7c0b15d0c2ae1e850cf4a931eb6ba57fa6f28b9bff2168c0139988ae640411d5c2526d88677dc82eddb0ac55c015f76a7f12c6c672e

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Database\Scan\initial.wlst

Filesize
1.8MB

MD5
5c24fc72fa480bdf6d61bd208425470f

SHA1
dd870e7764eb6ea2214066536ecd87d1ebff29f5

SHA256
4553ec706ca35073ff322219eae370906e23d3faea46de579d66e9bd9480ade8

SHA512
5762280280429f9652cf5e361ae36d136fcdc70649d7054b0f564afad8da74835bc53aaa528fc7faa9d623dcc22c3c25c8963e702d4a108d974438e8a4857624

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\DriverBooster.exe

Filesize
8.6MB

MD5
f9d219df4a91903170da3a37dd24b567

SHA1
83d6a22c9d1d56911b9fbc10f0fa508d83e02e88

SHA256
550981291914ba95b75becadcd4c91a2eca009a8cd98584b5bed9140c30f2d6d

SHA512
bc49c2806a03542ead18f74179eb4b9bc64b8e0e60fb42ce03250216ebaec7859fc9119847393e9460f7b2f7f7c1c45f59bd951c3a7b3d815c4e0b9401df8e86

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\HWiNFO\HWiNFO.exe

Filesize
173KB

MD5
117e4edaacd5c4d127fe404b07cfecd4

SHA1
e041ced94ffb3bb19a64b9df3eb258aa5f59febc

SHA256
5fc8c7c6f8e56fab9595e8d50139ce7aa3413ae484ebe9ad109896b227c04d2f

SHA512
bb52e40a99d945fb0a3594c929dfd0c03a6dc5441e6402fedf913104025e9d154ab082ad0c4142959164cf73df45907fafb434112c8da882712825c5e1676b98

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\HWiNFO\HWiNFO32.dll

Filesize
1.2MB

MD5
e937e1a411075768ef3f287f9abc128a

SHA1
ee63928100563c1d846ecdc462a5c163ecce3d4c

SHA256
cb81c7cbd229b639f24db6655edc67f4c32954778d24e086d45a7229cc58351c

SHA512
a8a6123e1b88d3708ae76ab1ea2d3f15549d03549ee07fdf935357d06792fe63cceae7034e250588415040b8e11b0e892016bba165c488068c6c48f4cc7726a5

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Icons\Apps\is-VAVHB.tmp

Filesize
1KB

MD5
a364eb8919ad57f2278960cf6a062862

SHA1
dd7fa8dd5894960fa47e8c74e2acec034da803d3

SHA256
ac4531a4b4fe3b34054eb33f2caabe2776be0ea5fc5056670c139caffd51b4f4

SHA512
68e06dcbf244211caac4e386bc73856a7b4da97681e58de3470d6f1000abd336c2d13c84ee11e2bcda9a48afd176efc34f9567ef3bebd5577731956402ead96b

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\InstStat.exe

Filesize
1.6MB

MD5
b8cd832013322d22c4c026383eefcec2

SHA1
406706f1cc5276f50dea4e32d7db27c326ca37d3

SHA256
13db9a072473c27380b917b94d441cbbd34b8d8558f370495f7f6de27dcea225

SHA512
2c316adfdbac0184233b3f4bbc4babe813daa5e0d4684fdf4c959152a3bb938334db05504e8b79a56f417865666db0506b59b8fd64a708e4aac548fefb87c039

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\LocalData\WhiteList.ini

Filesize
132B

MD5
6a8b620777724e7f1038954216bcad7f

SHA1
0428a0330d06c813757c1a3bd2d78bb65b480494

SHA256
1a1dd1b93d1a490d3843bcc819d8bbe608214269fa0b9a02ed22b815e5c9780a

SHA512
521d013d3580273ecaf46ff166de01e961731a0b302be2a5a157898c4778c4b640a8f1d4a4ca3ba10687e85fae9544ba043e9040dff79eecba62448ba5f217dc

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Manta.exe

Filesize
901KB

MD5
9158a2dabd15774127f803abc02b8ed1

SHA1
c13ea54cba9c65b4d5ab1704181cfe4825c6d43f

SHA256
906a2402f95af7306384d26c7d2e3d0a1a8b7ba3770ce515f47db393ff95d2e8

SHA512
0d4ec418548b6c388eccd2814ac9284cef83f02160055b04dccf818744c38bd7bc2204168133a70ef8715ba33b5208754d9df45d5fd0bb506170e74857677c4d

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ProductNews2.dll

Filesize
2.1MB

MD5
c9684e20fb4372f243fc50d37fb19dba

SHA1
ef111eab87994f135d201c7b6b491512c6441e4e

SHA256
a7b8a67953e4ec724fe64f612ab37c2ea9709ec9b5e64103bfad871416692466

SHA512
9c2b89d088f77a46ea46627d5c31dffc22e73fbe9c317d7848315e327530dd9005e15cdcddceba0734667744d905755a1df21591d4e7365ca119af76202190ae

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Register.dll

Filesize
1.0MB

MD5
7c8d2f57f34a5d6a501813274f4febe1

SHA1
9fd6ae9bff728e3fe4e3236db43533e39aaff492

SHA256
e06648637c124f47b79f21d1e3db2eac2a39383571758594afce73935b58f88e

SHA512
a46d693b55243d5f45a07105874eaf6c67c8f5e06eb92eb5b7035808acba8e040c85ababfed061b563d7b975a23263e7ac8bd2ba589e2f3c11c8e8ff13ff3f11

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\RttHlp.exe

Filesize
135KB

MD5
a2d70fbab5181a509369d96b682fc641

SHA1
22afcdc180400c4d2b9e5a6db2b8a26bff54dd38

SHA256
8aed681ad8d660257c10d2f0e85ae673184055a341901643f27afc38e5ef8473

SHA512
219c6e7e88004fad9f4392be9a852c58fc43b7f6900e40370991427f37eaea5c18f48d2954f9479dde8bcb787345f4e292d5620add8224aec4d93d7968820b83

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\ScanData\scan.dat

Filesize
130B

MD5
f18619c87309301a492d083a3685a667

SHA1
168745a635a159181068024dec63880180a4c838

SHA256
bb7caa6db4bf960fca67bc5590d7859885646d64d01ee14a3b48c0fcb431fea7

SHA512
2145c9c45e3a5c1b827492c8edfe0a88e29912b6ac9a353d5dbd8ce3171a70bf9578f00ba5b75ae62043e69d7e72ea379938433cf12665b4d929e99b202bde22

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\SetupHlp.exe

Filesize
2.3MB

MD5
c457865cc2c3383111800d592992ff26

SHA1
ee54eb87102b8b63a60a2c268f6404e8555f4492

SHA256
791f2cbb8913d5314d9251ff20f7cace0c2a92b6475aecc8074a92639b58e4fd

SHA512
c358fefb02dcfd9e404a73c35b61cee160ef5575d4c15c31b2c11c66c709879f22dc7860c79ae9d14856903a6c18d6d0f6fe39afafc96e48a5f18668eb6cf4e9

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\SysRest.dll

Filesize
110KB

MD5
1e580b51208008ff8d9ef0763eccd721

SHA1
5e1ece1e257c43efa93f5b69e9621dc4122e9612

SHA256
9577f60b9fc028a2494a84e3268556e3ef340440b46dafa51ff9585e655c4a2c

SHA512
d2893e4acd94df1e698427fb2c94ca110fab7a64257a59f3038b94470303009fc614903655c42dcadf0458a971c8f811640052a7e375269fb01ec7e7f709c3da

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\TaskbarPin\ICONPIN64.dll

Filesize
607KB

MD5
ceec1e1c6002972827e018fc1db72a85

SHA1
099e640d502855d09f03340bbbe8e83c294db158

SHA256
97cb1c31c5ab29af3a8a78d53f48e8ebbfa11ea4632af02f8d6394db9c24df11

SHA512
2eaf0a142dc248ee1aad1de4f63ed5c04848d58319de849ea5c8608367eee9f76b50478824c362dc93a38f77c9c9215e408f0024a8526aaac438dc0b2773c35f

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\TaskbarPin\ICONPIN64.exe

Filesize
1.6MB

MD5
04dbe777a2ee9d35c452b959b17f2b5f

SHA1
07368e63efb8e2169b0dec6732d476c0b598dbbe

SHA256
0b63193c6556834c0043cf27c592eb2e76584617a17ffa4cab5f3a0f13afc473

SHA512
7d1f42b5441a9cdaed0d52bcbef216972d59a1dd9100311aaaa6006d02f92d78520ed5969fc5a61a36bb8f9255bd6af8f77f74d8bb5cfa1b5af93ba2c11c250a

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\WebRes.dll

Filesize
885KB

MD5
15cd47fd2adf99223a8e032f6872c963

SHA1
01dcd05009c130d3febae0278a6d97528e31d538

SHA256
aee0c8bd793c33c2965537a16de1d8434ab9c3682928e8bc390b63cfa6c068d3

SHA512
e0355b5c582dd8fb26d36437e5e8e54a54db79d719ba67870e085814e15472f244e7b8b671507f5eb886f434525c6609f9e080ed75ee12eae9bbeb44d4fc2f00

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\Zip.dll

Filesize
582KB

MD5
8c1858aa9763d8837d2d0dc81ed62cbc

SHA1
2d528c0179c05092c7907ac584fbf10461b0e20d

SHA256
a7a8af1a7dbafa56a1741b19cc276947fc75247c0742b1073cf6daabdf079219

SHA512
f3b9b9377bce69aa710612e60728613cdec745727b2fa89afa66690be91c68be17e8685dad65b11a18c672363d4e5af8499dbf02792ddec440b528655a85a7f7

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-I7SA6.tmp

Filesize
1.7MB

MD5
902385503375a1c52787e2c88895e030

SHA1
d3b7fab10695c7c70a611572a7f6593d3a391533

SHA256
078d662af771a3b93c44415447294db364e22710cedc274b685ec639783ac928

SHA512
48cfd677a51691906daddb5034d9098dfe7b09b35507812c6373d17bbec76618b5f914fde2d1b134d89705a03d8135f6d6ac10b87ed5f40e726479c3ed94e89c

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\is-QAIPL.tmp

Filesize
355KB

MD5
beae2f18755207f855bd745a95a0e0df

SHA1
4a97186d28354bebb8879a31a675764da456e272

SHA256
76eb04aa269163a918e09a82717d39f51bfd9934f4671f8b81eb7a71cf1b3ba4

SHA512
b0743b6a7e4f0a334ee753c26b383b521838700438da71ea6a2b4bb2e9019bac53a0982fc76e8eddff4c9a4e99a2f51f8653b12d602e5d91cee152bc6bfaf31f

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\lang.dat

Filesize
27B

MD5
25f5875159bd806eadaa7bc41cd61dc1

SHA1
02f5ae9c79c122bb52236d930c2541b2d3ead3a8

SHA256
d5062ff936c218c4c23c1f0846fa1ab4ec359be885cd2ab1cb24178da5b0ff2c

SHA512
0292ff0478ce6819d56bd430c786bb0c648895e8d9e6a689383274e37a643cca46958de23e75a25637c760911bb4328e7fb1d02882dfa42dbed7d17ee90fe8b5

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\local.dat

Filesize
1KB

MD5
89c2da9d5383a711466c79151e9fe94e

SHA1
440d79b5eb1a0efb0eb9fa6ae30b1af3bdb757a8

SHA256
abfc229576e849cfee5210c9cecd80d7d0bb0c52d6b19ab21bd89d65ac112343

SHA512
738d54d88ac76f344bdd7df31e9e80beb4321830510c016fff92d38bd78e1a19b77b7e834475898fc425fcc2f0a54b7b0ac15edb4efde0dff2e92a09ee3b673c

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\madBasic_.bpl

Filesize
211KB

MD5
641c567225e18195bc3d2d04bde7440b

SHA1
20395a482d9726ad80820c08f3a698cf227afd10

SHA256
c2df993943c87b1e0f07ddd7a807bb66c2ef518c7cf427f6aa4ba0f2543f1ea0

SHA512
1e6023d221ba16a6374cfeb939f795133130b9a71f6f57b1bc6e13e3641f879d409783cf9b1ef4b8fd79b272793ba612d679a213ff97656b3a728567588ecfb9

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\madDisAsm_.bpl

Filesize
64KB

MD5
3936a92320f7d4cec5fa903c200911c7

SHA1
a61602501ffebf8381e39015d1725f58938154ca

SHA256
2aec41414aca38de5aba1cab7bda2030e1e2b347e0ae77079533722c85fe4566

SHA512
747ea892f6e5e3b7500c363d40c5c2a62e9fcf898ade2648262a4277ad3b31e0bcd5f8672d79d176b4759790db688bf1a748b09cbcb1816288a44554016e46d3

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\madExcept_.bpl

Filesize
437KB

MD5
e8818a6b32f06089d5b6187e658684ba

SHA1
7d4f34e3a309c04df8f60e667c058e84f92db27a

SHA256
91ee84d5ab6d3b3de72a5cd74217700eb1309959095214bd2c77d12e6af81c8e

SHA512
d00ecf234cb642c4d060d15f74e4780fc3834b489516f7925249df72747e1e668c4ac66c6cc2887efde5a9c6604b91a688ba37c2a3b13ee7cf29ed7adcfa666d

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\rtl120.bpl

Filesize
1.1MB

MD5
adf82ed333fb5567f8097c7235b0e17f

SHA1
e6ccaf016fc45edcdadeb40da64c207ddb33859f

SHA256
d6dd7a4f46f2cfde9c4eb9463b79d5ff90fc690da14672ba1da39708ee1b9b50

SHA512
2253c7b51317a3b5734025b6c7639105dbc81c340703718d679a00c13d40dd74ccaba1f6d04b21ee440f19e82ba680aa4b2a6a75c618aed91bd85a132be9fc92

Download Submit
C:\Program Files (x86)\IObit\Driver Booster\11.5.0\vcl120.bpl

Filesize
1.9MB

MD5
c594d746ff6c99d140b5e8da97f12fd4

SHA1
f21742707c5f3fee776f98641f36bd755e24a7b0

SHA256
572edb7d630e9b03f93bd15135d2ca360176c1232051293663ec5b75c2428aec

SHA512
33b9902b2cf1154d850779cd012c0285882e158b9d1422c54ea9400ca348686773b6bacb760171060d1a0e620f8ff4a26ecd889dea3c454e8fc5fa59b173832b

Download Submit
C:\ProgramData\IObit\IObitRtt\DBRtt.ept

Filesize
276B

MD5
5f78f8c6d91e94cc68f60105d0db9725

SHA1
16c5a28391eaba3692afe0233382aa572fadae8c

SHA256
f6ca93cd12c98345867ac79fd11c963474f0222231eaa988601d460398758d28

SHA512
82bb6ebf6e9372054387e554bbede10e9548924b02f4ee62004cc38c08cff635f94eb98ab182cc6842b1ba1de2303196132d3da154bb61311a9f196e070f17cd

Download Submit
C:\ProgramData\IObit\IObitRtt\DBRtt.ept

Filesize
148B

MD5
131313cbc92a48f454deef96e4457d87

SHA1
9f22448ff31e79a6ebcdd194111ffca91b54effd

SHA256
2981b7a3111b563446a7272a7b859c431276545c77145246b5f5b497c09d3e78

SHA512
83c699ef7c740cc4c10857e86ff4ca2be765d6520ae15008639ae188d57a5cbec1408f555493c6a243b4e8f6fd592d9c21b33d7fdfd69cfaee9c48487e48f48d

Download Submit
C:\ProgramData\IObit\Install.ini

Filesize
97B

MD5
38118f1a7cbc8b032a7a2de0fc8e817f

SHA1
7340311c2b265a678102b41c0a8df77352915396

SHA256
f024261a6705c0e8594820b1d3e6c9d85efc884f386fa2c35f3097b38dc17edc

SHA512
1adae1d950aa6662122b132b494bd58b2dc204fd6e597b76d1b0602ce69810ebb4367d09c49babc98e99272ca27822b914b8ee7d3c7087b2ac5f163171876508

Download Submit
C:\ProgramData\ProductData\StatCache.db

Filesize
242B

MD5
c16ce8e35106fcdbd3e2f645ab0d707f

SHA1
58f48df822a528aa4a7db489b09f28e59bca75c7

SHA256
33970cbd6753b25b2222564e1d2140533177e6b41f7c0260cf632ae6a520e198

SHA512
a26980466f9091e78bc4be56ecd9f82e54479edd35cc9ed50aa6818a48ddea014fd8a779cf68d8b9c7157a146244b43bb265c793eade1b1eee1f55905d04d356

Download Submit
C:\Users\Admin\AppData\LocalLow\IObit\AUpdate.ini

Filesize
65B

MD5
9f3c2ae11d368dcabd956f2e5dc036a0

SHA1
a187954b700567b1a692454acaac373c6e839ea0

SHA256
4ef12c7a739e53edb7dd4080e9161a00d14f5d3f9efcb1448c711a061de76dac

SHA512
dc636714272203d20fcb0cc3fbae5a731af8c9d8ae37a2e0e6b553cfa16192d878dd2a5ef56449f12b694a5f8b40bb70d41d7eacbeba766c4681af1336f58408

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
1af69ce53d496eb0e02646f4634fdc1e

SHA1
e5b07a151f7d02e57a64385ee5fb08bd869ffcd8

SHA256
2498b181866015a2970c90d3646ad7e0126f773e82d77bd427bf0b80673c88ff

SHA512
5006fec20f3671ea66d3522749975e2da78300efbe437c1a1b87e4b59c97c0356b0f41748f48b63f5ad546526fc1b4c3900554caeffe8303591bf9de64f03ea8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
488185f737aa844a792f74fe1d743ae9

SHA1
d98e2b60a62091a0614abf3c99821fc9a40a4f53

SHA256
57a3d8384ac0a84eb0a21a893233faa4611e65ae4ed633267d3a5245a597e671

SHA512
a7715be4e238acb6b49381ade28289716a4a9447e9cac0dfb8e209d2ac09db74ec370b7eb862e819f8fa060ec7a6de818339c4581e5534eae57671452dd49926

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Temp\1719457916\ENGLISH.lng

Filesize
25KB

MD5
db9aeac1d5b95fe0a91de7109052bb1c

SHA1
be4936d76a69a21a31c06c87b560c454a1eda5d2

SHA256
e22df1557d7a50f85c96cf4a2c2c843a737433a56447aa0423f41ec201232d4a

SHA512
41702e00071df9aad72e19010638a89d3bcf43473754a57ab393c90f8f952b511aec2a531893e6ff94dc14cf0cddb7146cb7e1add0c55166eb07f253035e335f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Commu.ini

Filesize
233B

MD5
8556bc5465cf6c6cac57ad3d1e20bcf4

SHA1
e30ebf2049776d1cc910ea614712a089bb539ee1

SHA256
31c8302fa6abbd9300c72aa57c78a81cf073d2da53acba334f1d299ee20a2430

SHA512
952389e6051e19afe8814b88463c6b94108124071614552a99f80fc80975070ce8617a08ebe04d714759239cbe0b142e0cc27d314c341e54dde451b872423fe0

Download Submit
C:\Users\Admin\AppData\Local\Temp\HWiNFO64A_151.SYS

Filesize
61KB

MD5
b8b796586c1c177ce49dac10c57088ea

SHA1
37df4c40300da4ef18971ef4dff96c864c3e463a

SHA256
a6e75c3a21436941e9a6a111fe3a708be1753ab656ba247a40b401206096641c

SHA512
e4039f6cb66115fcd01845ccc1cf3d0cff5791f2c7b5aa32a6fe741d8317e865e608e99174ecb13d5bd1130f0b12811c8f7bfd60b0e00b869c4d84d0265ca9d5

Download Submit
C:\Users\Admin\AppData\Local\Temp\Setup Log 2024-06-27 #002.txt

Filesize
89KB

MD5
b45394b04b7360a5e3058223b91a8756

SHA1
7d259aa95e858e2e959e744a821cfb497859ddb1

SHA256
8867cbf91931017439d68ed5310a861148e829c10764dff103cba3be3cc79060

SHA512
c726de224c2bb7e3ce8309c832c9c9eaa28a7c372779d3118a170f99a6901a7037a81123b886107d0ed5744da625146557a15edfddfb0f33c65d4e3bf386b4f9

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-719CE.tmp-dbinst\setup.exe

Filesize
5.8MB

MD5
2e169828a673a1141fec2a966a3f7aa3

SHA1
78ca1d53fcce00a7f0271aa1237fb95041509f76

SHA256
23c1b303adc0fa0f93c53a33ac82ae38cdb93f4067d0d04205e8dadbe73ea50a

SHA512
dd27f81311c71510af3b271c2625dd4d59c1a753daba13d6fe33e91824bc709741936e500d44ae7339f428e8429a811e287d21a1f9913ca080a1a4441ad0c09b

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-719CE.tmp\EULA.rtf

Filesize
28KB

MD5
b0381f0ba7ead83ea3bd882c1de4cd48

SHA1
c740f811623061595d76fce2ebb4e69d34316f3b

SHA256
44bc9472169403484a0d384f1ca81989ef7e4b07441758e8a0110078933cbcb5

SHA512
6cfb8bc562d22843d043411720db97d0b4cbac96a20983d83d19e59b8428ec202f2532cc5af254438dc34fca4161abbd3f6bac8d397590e41b6d41e60700e78a

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-8G7SL.tmp\driver_booster_setup.tmp

Filesize
1.2MB

MD5
048f89f1be0ce17f10350b121c08b6bd

SHA1
d0746f79ab4c1c6712e787d30e7896cf02439d1a

SHA256
8dfc033ff5a1ebac9282f15f14ab048b73fb058fec927a1f5d188a359315c6eb

SHA512
f21b627324fb58f2a585c99df6309e11ae11f895e6f5b6f0d4f9b02368ec9982728e43a3aba5d346d3ca45419fc593293665305f067d9d9f41753d201a9ea90a

Download Submit
C:\Users\Admin\AppData\Roaming\IObit\Driver Booster\Config.ini

Filesize
85B

MD5
27d78444c8ec04fb8f47f8e8092146b7

SHA1
e0958861389fd4f119aa619b6ffdc013a45fc696

SHA256
2e5713d77fac109b8e3f3be06a51de5b2b9137192bf2ee6948c061eec371dd5c

SHA512
87c8f7b75161fa584f2a308844d2057a4082bdace958ee9019ce4507dd8e5b2b4d765ef76d90944e9c189f66b7d1ddf8c3fbdaf1f23c50e2c5f9cfda64a8181e

Download Submit
C:\Users\Admin\AppData\Roaming\IObit\Driver Booster\Config.ini

Filesize
178B

MD5
bed165931ed1d940dd0b83c6f63a32c8

SHA1
46e27cec8c802cc1709e68d97159f99f88cd692a

SHA256
9e8b31171367c15a6e24414bc1e98840c2296d5634b25575663ba0fa9de49684

SHA512
f3264b4d1b5a5cd1a26353ac2d269c35731156468be3b76de5e9e19ded7cc7ab2d6aa097913d09c608c6a50b2dde5faa982c7e53084a8220037d9a697e7ca203

Download Submit
C:\Users\Admin\AppData\Roaming\IObit\Driver Booster\Config.ini

Filesize
265B

MD5
4f7b0d2ec25094ba871740d27076a2d0

SHA1
de25971978cd8b91b508ff6eb4a5baf1a37dd454

SHA256
35302d4fb1a3999346fdfb7bd068f28f26218f0e27715efeeda5a43fd36251f2

SHA512
72065fbb1ddc1096ca0d4a6363be31297493b7a8697eb699280259a87e51f74fe28adf851d8e14d09fb099a3f4bff64a0a0fba46c7b12d2c53b14b373ed639dc

Download Submit
C:\Users\Admin\AppData\Roaming\IObit\Driver Booster\Config.ini

Filesize
293B

MD5
a12e0c4cfddf81f9c48409583a0eea90

SHA1
be36f52e9ae1fca9c07967255fbff8de02b20927

SHA256
09c1c7177bb66a383a2267dd59c3b45f16566259760275f4bf37430286485308

SHA512
6e2c373b82457f1bd71c8cbc58819d0ced5b042f502d385793598182f74a51d330811d501565a65ec853e3cd01532eb1eedbd070e262dc78e556228c01266e02

Download Submit
C:\Users\Admin\AppData\Roaming\IObit\Driver Booster\Config.ini

Filesize
872B

MD5
370b6a4f518df2d9a0282e92cf6df784

SHA1
7db909bd66c4cf618a4a0b9f7ffffc1016ef21a8

SHA256
2b1f78d54be59670e89edc069aeb0537eaa2f7bafb0fc2d780e2998fa150a4ce

SHA512
14f2187ed59a489e52f3bd1f13336f1fa75807fed04f47669c4454d427f4ce320584364ff310bc657756d8dd52800ae731946798fb787bbd35fddce204739e9e

Download Submit
C:\Users\Admin\AppData\Roaming\IObit\Driver Booster\Config.ini

Filesize
904B

MD5
b677599c4fd542ede4616d689d4d2b64

SHA1
d1e4a93ed024fdb3ca353f7abea1711c85ef943c

SHA256
fa1731013c4c9205c42f77d5fd31308df71f98ddad978f30a70500c21b76f690

SHA512
802e1de148c175ba53d2d740b943cfd128938614c51db6ae4c15256b35901e6709a40e97d20f57870e440f3c13e96f2f9d60bc5235f069774a87ac83b48edf3f

Download Submit
C:\Users\Admin\AppData\Roaming\IObit\Driver Booster\Config.ini

Filesize
1018B

MD5
66be39cff18d055b099b91da105b1f1c

SHA1
80aa223ec73fae3f479a8b75b4df704653ba8ebe

SHA256
26b7d055d658320bc3d0bf484e552f755300c6ef816dcbfb67d133a690c5f6a2

SHA512
e0f363b51761ed078a8ee7a3bbda4e6dc20b38f4884fa7a8e6d7eea02793eb0b00e40d5eebcc6a2d01b646dc45a7706d13f6f1628c0fb4a339c37592556acbc1

Download Submit
C:\Users\Admin\AppData\Roaming\IObit\Driver Booster\Config.ini

Filesize
1KB

MD5
ca7e6bde59b31e8f4da17fb23e336415

SHA1
9580997e58b0446b96974b7e9c9a0d31891a05c1

SHA256
7944360cdcb184cfaee3845ba09e5fa13574b832bd807e1494617067a65e90ba

SHA512
27f14a50efebd080b3d253a2a2b67a1b344fd413814dc34c8f30c0fc3ed62f63638fb3731da86d1ef0b8b7cfb1f85e9928144d2a9268f644a07970773f5e8025

Download Submit
C:\Users\Admin\AppData\Roaming\IObit\Driver Booster\config.ini

Filesize
618B

MD5
55b218683b0e41d10b60e3f6fe4eaa1b

SHA1
16ec4dc48979ba83d7c903d12d56ff40c701c9d8

SHA256
492de342cc3a85469af9d99b44b00988248d7885a35d275b8f74bf61a310877e

SHA512
edaf2c3c9c4f9533f39377f2da51e00c5d1fabb519ddde9fc92bed0b5603151061a5da6c2a0021c2f8e09c62f3b1951e3764f76730320c2768a4baac0ebaf867

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster.lnk

Filesize
1KB

MD5
0a68c5eee163b64cb6832c967c70c793

SHA1
43d0ce1f80dac784f78d20ca6985916fe0e4e43c

SHA256
9926863e37a2416bea5cc29ae93fc5fb09d345f9360f93acbbc5d5e9a5bb8ccc

SHA512
a17ea33a297f978dae32dc10826cc1fb65ffa6bf940c5e93142bc0d0796aa8106d4c85dbf1e3819853915ec385553cbc804d76f06a58efa481317e33daac89ea

Download Submit
C:\Windows\INF\c_volume.PNF

Filesize
4KB

MD5
8b0c8f54383cef8ac91d3c21663b21fc

SHA1
0bc698df786a3396c58ecca34207a4c81985af10

SHA256
41cef722ddac2159237cc6c4adc318e75d5b1159373d616e9bdd35f807d2280e

SHA512
80a87ef617b5fb2e8ff1cc63b45d2f7f8a368da382bb9bf6d5863f83748f3ea1ade79c6ac7a0de8203d1d43eef01a603bfbc9d47a0d3b9fa56bd71b235c6c8b0

Download Submit
memory/384-1053-0x0000000050120000-0x000000005030D000-memory.dmp

Filesize
1.9MB

Download
memory/384-1050-0x0000000000400000-0x00000000004E3000-memory.dmp

Filesize
908KB

Download
memory/384-1036-0x0000000002770000-0x000000000287F000-memory.dmp

Filesize
1.1MB

Download
memory/384-1052-0x0000000050000000-0x0000000050116000-memory.dmp

Filesize
1.1MB

Download
memory/692-768-0x0000000000400000-0x0000000000599000-memory.dmp

Filesize
1.6MB

Download
memory/956-0-0x0000000000400000-0x000000000042C000-memory.dmp

Filesize
176KB

Download
memory/956-58-0x0000000000400000-0x000000000042C000-memory.dmp

Filesize
176KB

Download
memory/956-684-0x0000000050120000-0x000000005030D000-memory.dmp

Filesize
1.9MB

Download
memory/956-682-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/956-685-0x0000000002920000-0x0000000002A2F000-memory.dmp

Filesize
1.1MB

Download
memory/956-683-0x0000000050000000-0x0000000050116000-memory.dmp

Filesize
1.1MB

Download
memory/956-676-0x0000000002920000-0x0000000002A2F000-memory.dmp

Filesize
1.1MB

Download
memory/956-2-0x0000000000401000-0x0000000000412000-memory.dmp

Filesize
68KB

Download
memory/1584-907-0x0000000004190000-0x00000000041A4000-memory.dmp

Filesize
80KB

Download
memory/1584-879-0x0000000003E00000-0x0000000003F0F000-memory.dmp

Filesize
1.1MB

Download
memory/1584-916-0x00000000064F0000-0x0000000006649000-memory.dmp

Filesize
1.3MB

Download
memory/1972-938-0x0000000000400000-0x000000000043B000-memory.dmp

Filesize
236KB

Download
memory/2008-1049-0x00000000026C0000-0x00000000027CF000-memory.dmp

Filesize
1.1MB

Download
memory/2008-1046-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/2008-1039-0x00000000026C0000-0x00000000027CF000-memory.dmp

Filesize
1.1MB

Download
memory/2008-1047-0x0000000050000000-0x0000000050116000-memory.dmp

Filesize
1.1MB

Download
memory/2008-1048-0x0000000050120000-0x000000005030D000-memory.dmp

Filesize
1.9MB

Download
memory/2308-836-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/2372-826-0x000000000B8C0000-0x000000000B8D4000-memory.dmp

Filesize
80KB

Download
memory/2372-812-0x0000000009C20000-0x0000000009D79000-memory.dmp

Filesize
1.3MB

Download
memory/2372-799-0x00000000010B0000-0x0000000001147000-memory.dmp

Filesize
604KB

Download
memory/2372-802-0x0000000006500000-0x00000000065D1000-memory.dmp

Filesize
836KB

Download
memory/2372-800-0x0000000001150000-0x000000000137F000-memory.dmp

Filesize
2.2MB

Download
memory/2372-801-0x0000000005D30000-0x0000000005E3F000-memory.dmp

Filesize
1.1MB

Download
memory/2372-803-0x00000000065E0000-0x000000000667C000-memory.dmp

Filesize
624KB

Download
memory/2372-861-0x0000000009200000-0x0000000009292000-memory.dmp

Filesize
584KB

Download
memory/3052-594-0x0000000010000000-0x0000000010237000-memory.dmp

Filesize
2.2MB

Download
memory/3052-630-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/3204-1043-0x00000000028D0000-0x00000000029DF000-memory.dmp

Filesize
1.1MB

Download
memory/3204-700-0x0000000003E60000-0x0000000003F6F000-memory.dmp

Filesize
1.1MB

Download
memory/3204-1051-0x0000000000400000-0x00000000004E3000-memory.dmp

Filesize
908KB

Download
memory/3204-698-0x0000000000400000-0x000000000064C000-memory.dmp

Filesize
2.3MB

Download
memory/3204-629-0x0000000003E60000-0x0000000003F6F000-memory.dmp

Filesize
1.1MB

Download
memory/3204-699-0x0000000050000000-0x0000000050116000-memory.dmp

Filesize
1.1MB

Download
memory/3260-740-0x0000000000400000-0x000000000042C000-memory.dmp

Filesize
176KB

Download
memory/3260-149-0x0000000000400000-0x000000000042C000-memory.dmp

Filesize
176KB

Download
memory/3264-157-0x0000000000400000-0x0000000000A0D000-memory.dmp

Filesize
6.1MB

Download
memory/3264-769-0x0000000000400000-0x0000000000A0D000-memory.dmp

Filesize
6.1MB

Download
memory/3264-774-0x0000000000400000-0x0000000000A0D000-memory.dmp

Filesize
6.1MB

Download
memory/3264-140-0x0000000000400000-0x0000000000A0D000-memory.dmp

Filesize
6.1MB

Download
memory/3264-136-0x0000000000400000-0x0000000000A0D000-memory.dmp

Filesize
6.1MB

Download
memory/3264-59-0x0000000000400000-0x0000000000A0D000-memory.dmp

Filesize
6.1MB

Download
memory/4204-876-0x0000000050120000-0x000000005030D000-memory.dmp

Filesize
1.9MB

Download
memory/4204-865-0x0000000002800000-0x000000000290F000-memory.dmp

Filesize
1.1MB

Download
memory/4204-875-0x0000000050000000-0x0000000050116000-memory.dmp

Filesize
1.1MB

Download
memory/4204-877-0x0000000002800000-0x000000000290F000-memory.dmp

Filesize
1.1MB

Download
memory/4204-874-0x0000000000400000-0x00000000004E3000-memory.dmp

Filesize
908KB

Download
memory/4300-56-0x0000000000400000-0x0000000000532000-memory.dmp

Filesize
1.2MB

Download
memory/4300-6-0x0000000000400000-0x0000000000532000-memory.dmp

Filesize
1.2MB

Download
memory/4976-756-0x0000000000400000-0x000000000059F000-memory.dmp

Filesize
1.6MB

Download
memory/4976-757-0x0000000003C70000-0x0000000003D7F000-memory.dmp

Filesize
1.1MB

Download
memory/4976-739-0x0000000003C70000-0x0000000003D7F000-memory.dmp

Filesize
1.1MB

Download
memory/5100-735-0x0000000000400000-0x0000000000532000-memory.dmp

Filesize
1.2MB

Download