Overview

overview

3

Static

static

3

A3-Antista...ND.pdf

windows7-x64

3

A3-Antista...ND.pdf

windows10-2004-x64

3

A3-Antista...ng.vbs

windows7-x64

1

A3-Antista...ng.vbs

windows10-2004-x64

1

A3-Antista...er.exe

windows7-x64

3

A3-Antista...er.exe

windows10-2004-x64

3

A3-Antista...on.ps1

windows7-x64

3

A3-Antista...on.ps1

windows10-2004-x64

3

A3-Antista...ild.js

windows7-x64

3

A3-Antista...ild.js

windows10-2004-x64

3

A3-Antista...ns.ps1

windows7-x64

3

A3-Antista...ns.ps1

windows10-2004-x64

3

A3-Antista...tt.exe

windows7-x64

1

A3-Antista...tt.exe

windows10-2004-x64

3

A3-Antista...es.exe

windows7-x64

1

A3-Antista...es.exe

windows10-2004-x64

3

A3-Antista...ey.exe

windows7-x64

1

A3-Antista...ey.exe

windows10-2004-x64

3

A3-Antista...le.exe

windows7-x64

1

A3-Antista...le.exe

windows10-2004-x64

3

A3-Antista...on.dll

windows7-x64

3

A3-Antista...on.dll

windows10-2004-x64

3

A3-Antista...ds.dll

windows7-x64

1

A3-Antista...ds.dll

windows10-2004-x64

1

A3-Antista...gr.dll

windows7-x64

1

A3-Antista...gr.dll

windows10-2004-x64

1

A3-Antista...et.dll

windows7-x64

1

A3-Antista...et.dll

windows10-2004-x64

1

A3-Antista...ut.bat

windows7-x64

1

A3-Antista...ut.bat

windows10-2004-x64

1

A3-Antista...put.py

windows7-x64

3

A3-Antista...put.py

windows10-2004-x64

3

Analysis

  • max time kernel
    83s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-08-2024 20:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    A3-Antistasi-Ultimate-stable/Tools/Builder/buildAddons.ps1

  • Size

    2KB

  • MD5

    6dbe1d4a08a38ec42d04fb9880e0243c

  • SHA1

    bf2068af3bb84fa1dc545a621314113df96f2690

  • SHA256

    ebe3115b67d4b65226a6eca48a7b37693b4b9545c84b0afd1fe20ca33a2f8ae6

  • SHA512

    310d75befe009cc463a5cea6b4db46ffadc63e69934bd852c9d3969616cc16bc8e7b2b8c475eb76fbb4a3e705dd8c22a6af237e739b52ccafc43b8effd7cdf07

Score
3/10
discoveryexecution

Malware Config

Signatures

  • Command and Scripting Interpreter: PowerShell 1 TTPs 1 IoCs

    Using powershell.exe command.

    execution
  • System Location Discovery: System Language Discovery 1 TTPs 15 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\buildAddons.ps1
    1⤵
    • Command and Scripting Interpreter: PowerShell
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1568
    • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
      "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\config_fixes C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\config_fixes.pbo
      2⤵
      • System Location Discovery: System Language Discovery
      PID:2108
    • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
      "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\core C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\core.pbo
      2⤵
        PID:3840
      • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
        "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\events C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\events.pbo
        2⤵
          PID:3328
        • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
          "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\garage C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\garage.pbo
          2⤵
            PID:4732
          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
            "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\gui C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\gui.pbo
            2⤵
              PID:1620
            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\hals C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\hals.pbo
              2⤵
                PID:2684
              • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
                "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\jeroen_arsenal C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\jeroen_arsenal.pbo
                2⤵
                  PID:4860
                • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
                  "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\logistics C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\logistics.pbo
                  2⤵
                    PID:2180
                  • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
                    "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\main_menu C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\main_menu.pbo
                    2⤵
                      PID:2096
                    • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
                      "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\maps C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\maps.pbo
                      2⤵
                        PID:2544
                      • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
                        "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\patcom C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\patcom.pbo
                        2⤵
                          PID:1756
                        • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
                          "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\scrt C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\scrt.pbo
                          2⤵
                            PID:5004
                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe
                            "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\hemtt.exe" armake pack --force C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\ultimate C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\..\build\A3A-Plus\addons\ultimate.pbo
                            2⤵
                              PID:4164
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSCreateKey.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSCreateKey.exe" a3a-plus-11-0-0-0
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:4856
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey config_fixes.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:2980
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey core.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:1912
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey events.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:772
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey garage.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:4532
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey gui.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:4248
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey hals.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:3948
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey jeroen_arsenal.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:1748
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey logistics.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:4508
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey main_menu.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:1248
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey maps.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:4120
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey patcom.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:3064
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey scrt.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:4904
                            • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\DSSignFile\DSSignFile.exe
                              "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\Tools\Builder\..\DSSignFile\DSSignFile.exe" ..\..\a3a-plus-11-0-0-0.biprivatekey ultimate.pbo
                              2⤵
                              • System Location Discovery: System Language Discovery
                              PID:4812

                          Network

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\config_fixes.pbo
                            Filesize

                            353KB

                            MD5

                            4ecd3a911e454b45c993106bf655171a

                            SHA1

                            c17cbf0ac485df1856fd2660989862a3de3054d0

                            SHA256

                            6154b785367eb9f8a0760973fa95a1807a4bd481f690acd78c6bc5e3d38524a3

                            SHA512

                            a6ce7559d37cdfa44bf7899c4f38220ae94bf82606c6b992f275234617d19fdac8c840a1dcf21dde9e2a75a9d200a00b360e99edd8a5d3619e6011e93fd954a6

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\core.pbo
                            Filesize

                            34.2MB

                            MD5

                            fc90f0ddbe4fd21c84767c80696ec604

                            SHA1

                            f7ff14ef454e8b8d7880e33e60b8c7e88598aaf6

                            SHA256

                            65c9f3c00f2e36bb40c8ff832157560a4c7d7390a16ec540dba9d65288e15021

                            SHA512

                            646cce9f522ca4467b74b13c55a672ba9fd1fa75cad75ce3466fbdc18528265d8e4e13103569addc9349a447735511caf875bf791b46569062378fd035c5599c

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\events.pbo
                            Filesize

                            12KB

                            MD5

                            2077fa4527486c9f508d708cefb51148

                            SHA1

                            9178596e0c91398f5160f66217cbe5976b255b07

                            SHA256

                            9b44d12ec30f1eb8e456e68fe7ee2a1cbaec75db12d925b5598a43f97cece39b

                            SHA512

                            8b0ea6ee7179eb0426a42f3863e881f7482de19a08b0da3bc9a2d8e096d8aefd431ed793a43e184e343495fc5ad04b48cad330b8f7075c97f0a7aae3b9b8da11

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\garage.pbo
                            Filesize

                            383KB

                            MD5

                            1198d66d02008921d955abcfed831b6f

                            SHA1

                            6f5ea928fd4d7fe758bf8fcbef935c50f5ea9e56

                            SHA256

                            fe93e8ce727aa7ab3e3001b3310ca9a1a21a14538ff8fc33edf1579d8dda0ac1

                            SHA512

                            c94d7cf5715e0ac2ba5d7daf596f5a7174c5c9588610dd36707fb376c0454da0729a9239a2b940c23d86cf87a1ec577950259970baf8c862c186c0bec28a7c7a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\gui.pbo
                            Filesize

                            1.7MB

                            MD5

                            8aa9c14119d06e6ada73fde279f919a6

                            SHA1

                            8817e7cbfdc305cab05f3aa864dfca6010ac098a

                            SHA256

                            4ba383a3bd1a94f65aa4bbb10c12df59827a5d3d96a63d5ef347ea22aa598620

                            SHA512

                            b83c1581c2a556755ad2530a693119a0028bfcee432fe103538684a578a5763e07db88b982cba96d38ba61c1a58547cfe1dba9539a65f0ed208147973918adce

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\hals.pbo
                            Filesize

                            838KB

                            MD5

                            af7486e8ec77f6a20d84dcc4cfccf012

                            SHA1

                            4832600158552c69a2139b736d8db1e24650939a

                            SHA256

                            171fa2f6cc0dfc821b4a10962b07d3ab220e5f4f28f58dd2b4dda4e78779b418

                            SHA512

                            811b57d42db5e9e496f6b8c9c7c8b127723bba882c63b6f7d250b79ea7c96e3872966545cc942a0ef74ecd26cf05783254aa4adafaf0e7bd9d4c293e6e68c1c6

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\jeroen_arsenal.pbo
                            Filesize

                            226KB

                            MD5

                            9882baa7864e68de586df75866008998

                            SHA1

                            45db0a21d1b04856a54f2aca86afe71b63d1eac5

                            SHA256

                            49c0f1a729c82a6fcb64fd96b1dcb6954b496b1d2e0450b6742bd47a2e86a350

                            SHA512

                            5cf79b460cc160771c3da391004b8af105877fb7ee42ee5b0cbd05f2435475664d3e865e6eee500464acb753e40087235d2a3d8ea0b1f2072d740cf476ed5f8f

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\logistics.pbo
                            Filesize

                            311KB

                            MD5

                            bb2eb4f26e664654876284c2a8740ab4

                            SHA1

                            6c42bc072d3385e1e9d685b0c0d4131abb57c6dc

                            SHA256

                            b34a9d51ab5e686b97fd86c13368b7b2e1dc05871a557de1e9ed0a01f6012875

                            SHA512

                            38eb0dd9f1887ea056bf44efb8affaee059a6c6399558c389c500385f8c413dcc7505edfb4574538453bb2a301727b3a95614036c11ecf114f4147b3c34f0876

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\patcom.pbo
                            Filesize

                            13.1MB

                            MD5

                            be0f3b24a4e7c45476dfc7e2ecd7cccf

                            SHA1

                            74e23932e6a9dc624c8551d8403f4f1ecd61d185

                            SHA256

                            01c116d134df9089555cf13bffc015a6931e8ac74e8d8bda79802f898b2e6977

                            SHA512

                            f21b6d0752d872b78dd4b8dd41548d2e56e174cc57eded204719d31788909e60850eaa93e942351a630acd97f1ba34a912c9fe3ac5fb472fcc754ac115dcfb9e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\scrt.pbo
                            Filesize

                            1.8MB

                            MD5

                            2c2b218bcc919a49816ef34e1ceb15a2

                            SHA1

                            a67702f68de34bdeda54d752994492dabbe5ea48

                            SHA256

                            40110411ab9f59c4c4882aa38d1e73a5ca9e1169915729320cda0a10d16e78b5

                            SHA512

                            f6440c6975f805fc1a1d480dd0d46cbfdd666ababe9d76485a626e628786192eda61977400c0997aa153b815927365b23d7762858d39839615727859d8da18bd

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\A3A-Plus\addons\ultimate.pbo
                            Filesize

                            15.2MB

                            MD5

                            c3d7605b4cbcfff7498141285bce2443

                            SHA1

                            d135d7f5bb74a751a54abdaa9f90251cd7eb71b0

                            SHA256

                            4cb90673ba90e202d9b68c913333b22b1d967f7112f63c0025f603efd48c1a84

                            SHA512

                            5b3798f3f8ee70547ffff682c01bf687c85a6ef760620ab89e1e97fc65636cf5a54e9cf9a3718e1ca63a16dad7214b64ea0828af6c5b7f7c713196ad276f1a39

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\a3a-plus-11-0-0-0.bikey
                            Filesize

                            170B

                            MD5

                            8e46fccd90efb9e5690a5f441cb46f37

                            SHA1

                            b6cd46681cf65a1a2cb0987c358f52599611570b

                            SHA256

                            2ec5299d444a9de98efab12099cfc61e41ef69548d3094243e7b2b582740f072

                            SHA512

                            532c9af5e5b0490ed543482cd8e2955d039a4054eb50cc28dc4e86a99d1c9efac97b4f42d2e2954796f9c7ae298cc082c74c1ea4f1c440cc5e87b9b59760ecf9

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\build\a3a-plus-11-0-0-0.biprivatekey
                            Filesize

                            618B

                            MD5

                            084e608e1770afbd25ead8781f6e4a34

                            SHA1

                            28a849745cfcc389404555cabbf52e93ab7ff591

                            SHA256

                            4efee89c8112a7ceb31a245bea0d604908c648c41669a97aafc9279d5d366591

                            SHA512

                            0b3c2d373e32f9c1924facb7052d863f023a893518231441a2d76c4f5aea048923a48be6c3457a5b9e5bdaebe54999811989f8cdbf667ba3952d2b8af7648d0c

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_op1jdqaq.jqu.ps1
                            Filesize

                            60B

                            MD5

                            d17fe0a3f47be24a6453e9ef58c94641

                            SHA1

                            6ab83620379fc69f80c0242105ddffd7d98d5d9d

                            SHA256

                            96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

                            SHA512

                            5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\b88d8a9bdac1533b9c61f48364256e20_acd03e19-89e2-40d7-b0f4-25b8a05635ee
                            Filesize

                            1KB

                            MD5

                            cb37c967a802efd4dc92042e3b2aedf9

                            SHA1

                            5d82f5a195d396d8e8b8df231e0f152c114c1f75

                            SHA256

                            dd2378994c6e84f516b6beeb0ab54a55dea06e5fcca245df9e484b3ebb19a243

                            SHA512

                            b7bd83208b2ffa3001b78d42363063f4114b1f25e9d2bb75f5b4218858625b2de6dd46523db34c98dc1c8e73911bd7427c32a169c6132e1a44ffc85ac566f5f4

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\b88d8a9bdac1533b9c61f48364256e20_acd03e19-89e2-40d7-b0f4-25b8a05635ee
                            Filesize

                            1KB

                            MD5

                            1fd0c6d7991346cb191b6ae1d0a59df2

                            SHA1

                            d2f85c333fd9c7c31bd18a77e4cd33ee516a3aab

                            SHA256

                            23365f69ddf3c614e163496e5eaccfbb9e19543844c53fb4c55ab856fa85223b

                            SHA512

                            da1a588d099080b92a796f9abf0f4f9a1feac5381119f290131eeca29a513d3242f02133813898766d56211053f4c6b58ed745fb1145d2144eb553ee49370b11

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\b88d8a9bdac1533b9c61f48364256e20_acd03e19-89e2-40d7-b0f4-25b8a05635ee
                            Filesize

                            1KB

                            MD5

                            d7bd4d971ad892cbfba166676ee7b6a9

                            SHA1

                            60c98b9228f649f7ab35440505482d755223e83e

                            SHA256

                            65e697f533ef302222181cb2da32998f34c8f3b3239e07be209591fae643903d

                            SHA512

                            20f64569eb019260cdc4147800160ca6a3f75c117c36748892c72cdb318ad8ca0ed27e46213fc05fa4206d14da25a0323bfdb3b8c3d86f3cee3dd1f371b28f99

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\b88d8a9bdac1533b9c61f48364256e20_acd03e19-89e2-40d7-b0f4-25b8a05635ee
                            Filesize

                            1KB

                            MD5

                            787316687cbb4351838f29cb13fe3a11

                            SHA1

                            66ec22f2bbfc15eef84c07fcd72788d2c1319352

                            SHA256

                            8ada4feb34a330daf184f4080847bac547fba2cd7355ae74b6b835a7118e0b7a

                            SHA512

                            5352d2432f60c0d2b0b344f3d6062d8f0381be1b3f0d309d776d259e7e16765316de255aaf488270b489a6d7c9cb4c34720c32d9d4ce320a03d445a685e65386

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\b88d8a9bdac1533b9c61f48364256e20_acd03e19-89e2-40d7-b0f4-25b8a05635ee
                            Filesize

                            1KB

                            MD5

                            21d5cf53f69183dbe6e715002c1566af

                            SHA1

                            7c2038089225e0602cdc5818cac5e35d939b9c42

                            SHA256

                            ab7393a34d8745a5845e4839f1b6d7b558034b1dc2396ab4d7bbc4af127089d7

                            SHA512

                            dfeb6194174abe98a4155051196d18d2c5583ebd05206bdd9543c5f94ed84032692df7db5a0caa174b30ee9715b85761f19c41497ef93898015e7cb319c1235f

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\b88d8a9bdac1533b9c61f48364256e20_acd03e19-89e2-40d7-b0f4-25b8a05635ee
                            Filesize

                            1KB

                            MD5

                            052408e69ffe2a58566b070acfb512c7

                            SHA1

                            478b394b79af6c38436ac7abb62b6fe44a8f7ce2

                            SHA256

                            f7b6fcfafec78437cea408dacfdfd581bb20846ad12372b2a683c9ee98c19007

                            SHA512

                            08808f20032e4a13c22bd642557725be945bab60b78c5e1f5da53ea6eb95979bc919830121d0f703d40f8b635eaca7800cfcbaf99519b8f66b21135ada1d307f

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\b88d8a9bdac1533b9c61f48364256e20_acd03e19-89e2-40d7-b0f4-25b8a05635ee
                            Filesize

                            1KB

                            MD5

                            544c4ce05f10d51a446b8aa03e8a7e1f

                            SHA1

                            bcd466742b1a9bd08a86923f09c3f225421dddaf

                            SHA256

                            402d07ef4505c8261d61fced8a8de8b7d783ca7442428e9a97888e935c5f8f35

                            SHA512

                            98fa4342ed519ca6081d89f08c40397e2588fbc76805ce40de405231cc680914cc707c445375978e7c67772eaa69fbc738f9df7065ced353def8e0a783a03788

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\b88d8a9bdac1533b9c61f48364256e20_acd03e19-89e2-40d7-b0f4-25b8a05635ee
                            Filesize

                            1KB

                            MD5

                            ea043a4771947b05984e9f9c877548e0

                            SHA1

                            44e53822d530f75c7bd8a7e83ef14f723e3989b0

                            SHA256

                            71efe0276620c1a57b248d8323d113387a83dde12b38206d5aebc3ccbfcfc0a9

                            SHA512

                            7cc21a0e3393d8493fbd4e1e68363a25d3b3d2a5172a6bdde0c87d45a1488dec06d36fff08f954c873a9987317bb82628ccdee804cafa45b847c29e5c91de6af

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\b88d8a9bdac1533b9c61f48364256e20_acd03e19-89e2-40d7-b0f4-25b8a05635ee
                            Filesize

                            1KB

                            MD5

                            6c354a106a13169ded7bfef156159827

                            SHA1

                            afaa457488039b2fd08ac8cdab02c5e5de142711

                            SHA256

                            fd6c486676c74701efc1e328a6619bed0ab27713854c59da19147b44b45fffa7

                            SHA512

                            181fff247c5815e1bb72dd69fda6b3d44440b7b79c576cc214d5115cd6b55cae3b97294b6d1e5d0324328de67591a040c6a274a819a79dedeb4fb4641381e500

                            Download Submit

                          • C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\b88d8a9bdac1533b9c61f48364256e20_acd03e19-89e2-40d7-b0f4-25b8a05635ee
                            Filesize

                            1KB

                            MD5

                            2a07074ec325270f44e04ec29176e609

                            SHA1

                            b985e85753225b5ea04a0ac6d8f5b29fcb3cd25a

                            SHA256

                            91a995242be6a75b470db285010ea2f89ae8e52986e211c1102cc8c52249687c

                            SHA512

                            781684f9e36ec33e864215fe98f0c48e05130beb5c6598ff7ae5815f87ab3a5705ebe741a0a3a61e53cab13b05e87d4193f6aaf9914f1ad68de8fa3a2ab52076

                            Download Submit

                          • memory/1568-0-0x00007FFF9EEC3000-0x00007FFF9EEC5000-memory.dmp

                            Filesize

                            8KB

                            Download

                          • memory/1568-11-0x00007FFF9EEC0000-0x00007FFF9F981000-memory.dmp

                            Filesize

                            10.8MB

                            Download

                          • memory/1568-12-0x00007FFF9EEC0000-0x00007FFF9F981000-memory.dmp

                            Filesize

                            10.8MB

                            Download

                          • memory/1568-29-0x00007FFF9EEC0000-0x00007FFF9F981000-memory.dmp

                            Filesize

                            10.8MB

                            Download

                          • memory/1568-1-0x000001AEF0690000-0x000001AEF06B2000-memory.dmp

                            Filesize

                            136KB

                            Download

                          • memory/1568-89-0x00007FFF9EEC0000-0x00007FFF9F981000-memory.dmp

                            Filesize

                            10.8MB

                            Download