1837fc18d5b779a7b47bb9163a7c93c995a7c814c2b38cc16a0cf2419bf8d2d1

Analysis

max time kernel
143s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
01-09-2024 13:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

HousecallLauncher64.exe
Size

3.5MB
MD5

418e07b780152848328a5157f6ab9f1a
SHA1

0f9fc8d36792ddac8a4b5b121665206719e7aad2
SHA256

1837fc18d5b779a7b47bb9163a7c93c995a7c814c2b38cc16a0cf2419bf8d2d1
SHA512

fdac16d696fffecb955188d020baaef8ab0b8ae41f418cfba2f90a7a0d0cfc8a56e1ec0941b20e3bd3f9f1defe66d93e2b327eb9b746a8e7ef705178e52682fc
SSDEEP

49152:8gJfAqJHqm4ekAKxJpmssTBSg1L0xQsUAinAqriB19QwP5Sd4B24uQ2Mss/pDsAu:8gCmZHJoWJ2oAqWBvQTETRWL

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Program Files directory 64 IoCs

Processes:

setup.exehcpackage64.exe.tmppatch64.exeHousecallLauncher64.exehousecall.bin

description	ioc	process
File opened for modification	C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Log\TmuDump.txt	setup.exe
File created	C:\Program Files\Trend Micro\HouseCall\interface\images\[email protected]	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\images\discount.png	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\css\dcn.css	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\HouseCallX_x64\housecall810_SHA2.cert	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\dbghelp.dll	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\2\536871168\BPMNT.dll	setup.exe
File created	C:\Program Files\Trend Micro\HouseCall\interface\html\DRSHouseCallPromotion.html	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\tray\ui\js\common.js	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\lib\jqgrid\i18n\grid.locale-nl.js	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\lib\jqgrid\jquery.jqGrid.min.js	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\images\icon_feedback.gif	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\images\[email protected]	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\images\[email protected]	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\css\images\ui-bg_flat_75_ffffff_40x100.png	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\AuPatch.ini	setup.exe
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\css\steps.css	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\lib\jqgrid\i18n\grid.locale-ro.js	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\hcversion64.xml	setup.exe
File opened for modification	C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip	setup.exe
File opened for modification	C:\Program Files\Trend Micro\HouseCall\pattern\ptn$agg.999	patch64.exe
File created	C:\Program Files\Trend Micro\7zS4794E208\AU\patchw64.dll	HousecallLauncher64.exe
File opened for modification	C:\Program Files\Trend Micro\HouseCall\profile	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\libexpatw.dll	housecall.bin
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\images\bg_ids_searchbar.png	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\images\btn_liner_blue_s.png	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\lib\SimplePostMessage\simple-postmessage.js	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\7zS4794E208\curl-ca-bundle.crt	HousecallLauncher64.exe
File created	C:\Program Files\Trend Micro\HouseCall\interface\lib\jqgrid\i18n\grid.locale-ja.js	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\lib\jquery\jquery-ui-1.8.24.custom.min.js	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\3\1082130432\tmwlchk.cat	setup.exe
File created	C:\Program Files\Trend Micro\HouseCall\interface\lib\jquery\jquery-ui-1.8.24.custom.min.js	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\tmfbeng.dll	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\images\[email protected]	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\ICRCHdler.dll	housecall.bin
File opened for modification	C:\Program Files\Trend Micro\7zS4794E208\AU\patchw64.dll	HousecallLauncher64.exe
File opened for modification	C:\Program Files\Trend Micro\HCBackup\hcpackage64.exe.tmp	setup.exe
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\images\bg_table_title.png	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\images\ico_email_m.png	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\tray\ui\jquery\jquery-bgiframe-2.1.1.min.js	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\curl-ca-bundle.crt	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\images\[email protected]	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\images\[email protected]	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\images\loading_24.gif	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\images\[email protected]	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\js\index.js	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\tray\ui\jquery\jquery-ui-1.8.24.custom.min.js	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HCBackup\temp_bf_2_2147420118_1725199260.len	setup.exe
File created	C:\Program Files\Trend Micro\HouseCall\tray\HouseCallTray.exe	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\3\1208090624\icrc$oth.563	setup.exe
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\lib\json\json2.js	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\images\bg_shadow.png	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\images\[email protected]	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\l10n\3rd_party_license.html	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\css\jquery-ui-1.8.6.custom.css	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\interface\images\bg_inputbox_l.png	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\css\style.css	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\tmcomm.pdb	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\tray\ui\images\bg.png	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\HouseCall\interface\images\[email protected]	hcpackage64.exe.tmp
File opened for modification	C:\Program Files\Trend Micro\HouseCall\tmfbeng.dll	hcpackage64.exe.tmp
File created	C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\AU_Down\engine\dce-dll-mssign-x64-v75-1035.zip	setup.exe
File opened for modification	C:\Program Files\Trend Micro\HouseCall\pattern\HCClean.ptn	patch64.exe

Executes dropped EXE 4 IoCs

Processes:

setup.exehcpackage64.exe.tmppatch64.exehousecall.bin

pid process

4660 setup.exe
4932 hcpackage64.exe.tmp
5676 patch64.exe
5700 housecall.bin

Loads dropped DLL 21 IoCs

Processes:

setup.exehousecall.bin

pid	process
4660	setup.exe
4660	setup.exe
4660	setup.exe
4660	setup.exe
4660	setup.exe
4660	setup.exe
4660	setup.exe
4660	setup.exe
4660	setup.exe
4660	setup.exe
5700	housecall.bin
5700	housecall.bin
5700	housecall.bin
5700	housecall.bin
5700	housecall.bin
5700	housecall.bin
5700	housecall.bin
5700	housecall.bin
5700	housecall.bin
5700	housecall.bin
5700	housecall.bin

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
discovery

System Language Discovery
T1614.001

Processes:

hcpackage64.exe.tmp

description ioc process

Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language hcpackage64.exe.tmp

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hcpackage64.exe.tmp

Modifies system certificate store 2 TTPs 13 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

Processes:

setup.exe

description	ioc	process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob = 5c000000010000000400000000080000190000000100000010000000e843ac3b52ec8c297fa948c9b1fb2819030000000100000014000000e12dfb4b41d7d9c32b30514bac1d81d8385e2d4668000000010000000800000000409120d035d9017e0000000100000008000000000063f58926d7011d0000000100000010000000f919b9ccce1e59c2e785f7dc2ccf6708140000000100000014000000daed6474149c143cabdd99a9bd5b284d8b3cc9d86200000001000000200000006fff78e400a70c11011cd85977c459fb5af96a3df0540820d0f4b8607875e58f090000000100000022000000302006082b06010505070303060a2b0601040182370a030406082b060105050703080b000000010000002a0000005300650063007400690067006f0020002800550054004e0020004f0062006a00650063007400290000000f0000000100000014000000f45a0858c9cd920e647bad539ab9f1cfc77f24cb040000000100000010000000a7f2e41606411150306b9ce3b49cb0c920000000010000006a040000308204663082034ea003020102021044be0c8b500024b411d3362de0b35f1b300d06092a864886f70d0101050500308195310b3009060355040613025553310b3009060355040813025554311730150603550407130e53616c74204c616b652043697479311e301c060355040a131554686520555345525452555354204e6574776f726b3121301f060355040b1318687474703a2f2f7777772e7573657274727573742e636f6d311d301b0603550403131455544e2d5553455246697273742d4f626a656374301e170d3939303730393138333132305a170d3139303730393138343033365a308195310b3009060355040613025553310b3009060355040813025554311730150603550407130e53616c74204c616b652043697479311e301c060355040a131554686520555345525452555354204e6574776f726b3121301f060355040b1318687474703a2f2f7777772e7573657274727573742e636f6d311d301b0603550403131455544e2d5553455246697273742d4f626a65637430820122300d06092a864886f70d01010105000382010f003082010a0282010100ceaa813fa3a36178aa31005595119e270f1f1cdf3a9b826830c04a611df12f0efabe79f7a523ef55519684cddbe3b96e3e31d80a2067c7f4d9bf94eb47043e02ce2aa25d870409f6309d188a97b2aa1cfc41d2a136cbfb3d91bae7d97035fae4e790c39ba39bd33cf5129977b1b709e068e61cb8f39463886a6afe0b76c9bef422e467b9ab1a5e77c18507dd0d6cbfee06c7776a419ea70fd7fbee9417b7fc85bea4abc41c31ddd7b6d1e4f0efdf168fb25293d7a1d489a1072ebfe10112421e1ae1d89534db647928ffba2e11c2e5e85b9248fb470bc26cdaad328341f3a5e54170fd65906dfafa51c4f9bd962b19042cd36da7dcf07f6f8365e26aab8786750203010001a381af3081ac300b0603551d0f0404030201c6300f0603551d130101ff040530030101ff301d0603551d0e04160414daed6474149c143cabdd99a9bd5b284d8b3cc9d830420603551d1f043b30393037a035a0338631687474703a2f2f63726c2e7573657274727573742e636f6d2f55544e2d5553455246697273742d4f626a6563742e63726c30290603551d250422302006082b0601050507030306082b06010505070308060a2b0601040182370a0304300d06092a864886f70d01010505000382010100081f52b1374478dbfdceb9da959698aa556480b55a40dd21a5c5c1f35f2c4cc8475a69eae8f03535f4d025f3c8a6a4874abd1bb17308bdd4c3cab635bb59867731cda78014ae13effcb148f96b25252d51b62c6d45c198c88a565d3eee434e3e6b278ed03a4b850b5fd3ed6aa775cbd15a872f3975135a72b002819fbef00f845420626c69d4e14dc60d9943010d12968c789dbf50a2b144aa6acf177acf6f0fd4f824555ff0341649663e5046c96371383162b862b9f353ad6cb52ba212aa194f09da5ee793c68e1408fef0308018a086854dc87dd78b03fe6ed5f79d16ac922ca023e59c91521f94df179473c3b3c1c17105200078bd13521da83ecd001fc8	setup.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25	setup.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\742C3192E607E424EB4549542BE1BBC53E6174E2	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\742C3192E607E424EB4549542BE1BBC53E6174E2\Blob = 5c0000000100000004000000000400007e0000000100000008000000000010c51e92d201620000000100000020000000e7685634efacf69ace939a6b255b7b4fabef42935b50a265acb5cb6027e44e7009000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030119000000010000001000000091161b894b117ecdc257628db460cc04030000000100000014000000742c3192e607e424eb4549542be1bbc53e6174e21d000000010000001000000027b3517667331ce2c1e74002b5ff2298140000000100000014000000e27f7bd877d5df9e0a3f9eb4cb0e2ea9efdb69770b000000010000004600000056006500720069005300690067006e00200043006c006100730073002000330020005000750062006c006900630020005000720069006d00610072007900200043004100000004000000010000001000000010fc635df6263e0df325be5f79cd67670f0000000100000010000000d7c63be0837dbabf881d4fbf5f986ad853000000010000002400000030223020060a2b0601040182375e010130123010060a2b0601040182373c0101030200c07a000000010000000e000000300c060a2b0601040182375e010268000000010000000800000000003db65bd9d5012000000001000000400200003082023c308201a5021070bae41d10d92934b638ca7b03ccbabf300d06092a864886f70d0101020500305f310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e31373035060355040b132e436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479301e170d3936303132393030303030305a170d3238303830313233353935395a305f310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e31373035060355040b132e436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f7269747930819f300d06092a864886f70d010101050003818d0030818902818100c95c599ef21b8a0114b410df0440dbe357af6a45408f840c0bd133d9d911cfee02581f25f72aa84405aaec031f787f9e93b99a00aa237dd6ac85a26345c77227ccf44cc67571d239ef4f42f075df0a90c68e206f980ff8ac235f702936a4c986e7b19a20cb53a585e73dbe7d9afe244533dc7615ed0fa271644c652e816845a70203010001300d06092a864886f70d010102050003818100bb4c122bcf2c26004f1413dda6fbfc0a11848cf3281c67922f7cb6c5fadff0e895bc1d8f6c2ca851cc73d8a4c053f04ed626c076015781925e21f1d1b1ffe7d02158cd6917e3441c9c194439895cdc9c000f568d0299eda290454ce4bb10a43df032030ef1cef8e8c9518ce6629fe69fc07db7729cc9363a6b9f4ea8ff640d64	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob = 5c000000010000000400000000080000190000000100000010000000d8b5fb368468620275d142ffd2aade370300000001000000140000004eb6d578499b1ccf5f581ead56be3d9b6744a5e56800000001000000000000007e000000010000000800000000c0032f2df8d6011d0000000100000010000000c6cbcafa17955c4cfd41eca0c654c3610b000000010000001200000056006500720069005300690067006e0000001400000001000000140000007fd365a7c2ddecbbf03009f34339fa02af3331336200000001000000200000009acfab7e43c8d880d06b262a94deeee4b4659989c3d0caf19baf6405e41ab7df09000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703017f000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000006300000030613021060b6086480186f8450107170630123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e91e1e972b8f467ab4e0598fa92285387dee94c9040000000100000010000000cb17e431673ee209fe455793f30afa1c2000000001000000d7040000308204d3308203bba003020102021018dad19e267de8bb4a2158cdcc6b3b4a300d06092a864886f70d01010505003081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d204735301e170d3036313130383030303030305a170d3336303731363233353935395a3081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d20473530820122300d06092a864886f70d01010105000382010f003082010a0282010100af240808297a359e600caae74b3b4edc7cbc3c451cbb2be0fe2902f95708a364851527f5f1adc831895d22e82aaaa642b38ff8b955b7b1b74bb3fe8f7e0757ecef43db66621561cf600da4d8def8e0c362083d5413eb49ca59548526e52b8f1b9febf5a191c23349d843636a524bd28fe870514dd189697bc770f6b3dc1274db7b5d4b56d396bf1577a1b0f4a225f2af1c926718e5f40604ef90b9e400e4dd3ab519ff02baf43ceee08beb378becf4d7acf2f6f03dafdd759133191d1c40cb7424192193d914feac2a52c78fd50449e48d6347883c6983cbfe47bd2b7e4fc595ae0e9dd4d143c06773e314087ee53f9f73b8330acf5d3f3487968aee53e825150203010001a381b23081af300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106306d06082b0601050507010c0461305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966301d0603551d0e041604147fd365a7c2ddecbbf03009f34339fa02af333133300d06092a864886f70d0101050500038201010093244a305f62cfd81a982f3deadc992dbd77f6a5792238ecc4a7a07812ad620e457064c5e797662d98097e5fafd6cc2865f201aa081a47def9f97c925a0869200dd93e6d6e3c0d6ed8e606914018b9f8c1eddfdb41aae09620c9cd64153881c994eea284290b136f8edb0cdd2502dba48b1944d2417a05694a584f60ca7e826a0b02aa251739b5db7fe784652a958abd86de5e8116832d10ccdefda8822a6d281f0d0bc4e5e71a2619e1f4116f10b595fce7420532dbce9d515e28b69e85d35befa57d4540728eb70e6b0e06fb33354871b89d278bc4655f0d86769c447af6955cf65d320833a454b6183f685cf2424a853854835fd1e82cf2ac11d6a8ed636a	setup.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46	setup.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob = 040000000100000010000000cb17e431673ee209fe455793f30afa1c0f0000000100000014000000e91e1e972b8f467ab4e0598fa92285387dee94c953000000010000006300000030613021060b6086480186f8450107170630123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030109000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000009acfab7e43c8d880d06b262a94deeee4b4659989c3d0caf19baf6405e41ab7df1400000001000000140000007fd365a7c2ddecbbf03009f34339fa02af3331330b000000010000001200000056006500720069005300690067006e0000001d0000000100000010000000c6cbcafa17955c4cfd41eca0c654c3617e000000010000000800000000c0032f2df8d6016800000001000000000000000300000001000000140000004eb6d578499b1ccf5f581ead56be3d9b6744a5e5190000000100000010000000d8b5fb368468620275d142ffd2aade372000000001000000d7040000308204d3308203bba003020102021018dad19e267de8bb4a2158cdcc6b3b4a300d06092a864886f70d01010505003081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d204735301e170d3036313130383030303030305a170d3336303731363233353935395a3081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d20473530820122300d06092a864886f70d01010105000382010f003082010a0282010100af240808297a359e600caae74b3b4edc7cbc3c451cbb2be0fe2902f95708a364851527f5f1adc831895d22e82aaaa642b38ff8b955b7b1b74bb3fe8f7e0757ecef43db66621561cf600da4d8def8e0c362083d5413eb49ca59548526e52b8f1b9febf5a191c23349d843636a524bd28fe870514dd189697bc770f6b3dc1274db7b5d4b56d396bf1577a1b0f4a225f2af1c926718e5f40604ef90b9e400e4dd3ab519ff02baf43ceee08beb378becf4d7acf2f6f03dafdd759133191d1c40cb7424192193d914feac2a52c78fd50449e48d6347883c6983cbfe47bd2b7e4fc595ae0e9dd4d143c06773e314087ee53f9f73b8330acf5d3f3487968aee53e825150203010001a381b23081af300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106306d06082b0601050507010c0461305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966301d0603551d0e041604147fd365a7c2ddecbbf03009f34339fa02af333133300d06092a864886f70d0101050500038201010093244a305f62cfd81a982f3deadc992dbd77f6a5792238ecc4a7a07812ad620e457064c5e797662d98097e5fafd6cc2865f201aa081a47def9f97c925a0869200dd93e6d6e3c0d6ed8e606914018b9f8c1eddfdb41aae09620c9cd64153881c994eea284290b136f8edb0cdd2502dba48b1944d2417a05694a584f60ca7e826a0b02aa251739b5db7fe784652a958abd86de5e8116832d10ccdefda8822a6d281f0d0bc4e5e71a2619e1f4116f10b595fce7420532dbce9d515e28b69e85d35befa57d4540728eb70e6b0e06fb33354871b89d278bc4655f0d86769c447af6955cf65d320833a454b6183f685cf2424a853854835fd1e82cf2ac11d6a8ed636a	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob = 0f0000000100000014000000f45a0858c9cd920e647bad539ab9f1cfc77f24cb0b000000010000002a0000005300650063007400690067006f0020002800550054004e0020004f0062006a0065006300740029000000090000000100000022000000302006082b06010505070303060a2b0601040182370a030406082b060105050703086200000001000000200000006fff78e400a70c11011cd85977c459fb5af96a3df0540820d0f4b8607875e58f140000000100000014000000daed6474149c143cabdd99a9bd5b284d8b3cc9d81d0000000100000010000000f919b9ccce1e59c2e785f7dc2ccf67087e0000000100000008000000000063f58926d70168000000010000000800000000409120d035d901030000000100000014000000e12dfb4b41d7d9c32b30514bac1d81d8385e2d4620000000010000006a040000308204663082034ea003020102021044be0c8b500024b411d3362de0b35f1b300d06092a864886f70d0101050500308195310b3009060355040613025553310b3009060355040813025554311730150603550407130e53616c74204c616b652043697479311e301c060355040a131554686520555345525452555354204e6574776f726b3121301f060355040b1318687474703a2f2f7777772e7573657274727573742e636f6d311d301b0603550403131455544e2d5553455246697273742d4f626a656374301e170d3939303730393138333132305a170d3139303730393138343033365a308195310b3009060355040613025553310b3009060355040813025554311730150603550407130e53616c74204c616b652043697479311e301c060355040a131554686520555345525452555354204e6574776f726b3121301f060355040b1318687474703a2f2f7777772e7573657274727573742e636f6d311d301b0603550403131455544e2d5553455246697273742d4f626a65637430820122300d06092a864886f70d01010105000382010f003082010a0282010100ceaa813fa3a36178aa31005595119e270f1f1cdf3a9b826830c04a611df12f0efabe79f7a523ef55519684cddbe3b96e3e31d80a2067c7f4d9bf94eb47043e02ce2aa25d870409f6309d188a97b2aa1cfc41d2a136cbfb3d91bae7d97035fae4e790c39ba39bd33cf5129977b1b709e068e61cb8f39463886a6afe0b76c9bef422e467b9ab1a5e77c18507dd0d6cbfee06c7776a419ea70fd7fbee9417b7fc85bea4abc41c31ddd7b6d1e4f0efdf168fb25293d7a1d489a1072ebfe10112421e1ae1d89534db647928ffba2e11c2e5e85b9248fb470bc26cdaad328341f3a5e54170fd65906dfafa51c4f9bd962b19042cd36da7dcf07f6f8365e26aab8786750203010001a381af3081ac300b0603551d0f0404030201c6300f0603551d130101ff040530030101ff301d0603551d0e04160414daed6474149c143cabdd99a9bd5b284d8b3cc9d830420603551d1f043b30393037a035a0338631687474703a2f2f63726c2e7573657274727573742e636f6d2f55544e2d5553455246697273742d4f626a6563742e63726c30290603551d250422302006082b0601050507030306082b06010505070308060a2b0601040182370a0304300d06092a864886f70d01010505000382010100081f52b1374478dbfdceb9da959698aa556480b55a40dd21a5c5c1f35f2c4cc8475a69eae8f03535f4d025f3c8a6a4874abd1bb17308bdd4c3cab635bb59867731cda78014ae13effcb148f96b25252d51b62c6d45c198c88a565d3eee434e3e6b278ed03a4b850b5fd3ed6aa775cbd15a872f3975135a72b002819fbef00f845420626c69d4e14dc60d9943010d12968c789dbf50a2b144aa6acf177acf6f0fd4f824555ff0341649663e5046c96371383162b862b9f353ad6cb52ba212aa194f09da5ee793c68e1408fef0308018a086854dc87dd78b03fe6ed5f79d16ac922ca023e59c91521f94df179473c3b3c1c17105200078bd13521da83ecd001fc8	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob = 040000000100000010000000a7f2e41606411150306b9ce3b49cb0c90f0000000100000014000000f45a0858c9cd920e647bad539ab9f1cfc77f24cb0b000000010000002a0000005300650063007400690067006f0020002800550054004e0020004f0062006a0065006300740029000000090000000100000022000000302006082b06010505070303060a2b0601040182370a030406082b060105050703086200000001000000200000006fff78e400a70c11011cd85977c459fb5af96a3df0540820d0f4b8607875e58f140000000100000014000000daed6474149c143cabdd99a9bd5b284d8b3cc9d81d0000000100000010000000f919b9ccce1e59c2e785f7dc2ccf67087e0000000100000008000000000063f58926d70168000000010000000800000000409120d035d901030000000100000014000000e12dfb4b41d7d9c32b30514bac1d81d8385e2d46190000000100000010000000e843ac3b52ec8c297fa948c9b1fb281920000000010000006a040000308204663082034ea003020102021044be0c8b500024b411d3362de0b35f1b300d06092a864886f70d0101050500308195310b3009060355040613025553310b3009060355040813025554311730150603550407130e53616c74204c616b652043697479311e301c060355040a131554686520555345525452555354204e6574776f726b3121301f060355040b1318687474703a2f2f7777772e7573657274727573742e636f6d311d301b0603550403131455544e2d5553455246697273742d4f626a656374301e170d3939303730393138333132305a170d3139303730393138343033365a308195310b3009060355040613025553310b3009060355040813025554311730150603550407130e53616c74204c616b652043697479311e301c060355040a131554686520555345525452555354204e6574776f726b3121301f060355040b1318687474703a2f2f7777772e7573657274727573742e636f6d311d301b0603550403131455544e2d5553455246697273742d4f626a65637430820122300d06092a864886f70d01010105000382010f003082010a0282010100ceaa813fa3a36178aa31005595119e270f1f1cdf3a9b826830c04a611df12f0efabe79f7a523ef55519684cddbe3b96e3e31d80a2067c7f4d9bf94eb47043e02ce2aa25d870409f6309d188a97b2aa1cfc41d2a136cbfb3d91bae7d97035fae4e790c39ba39bd33cf5129977b1b709e068e61cb8f39463886a6afe0b76c9bef422e467b9ab1a5e77c18507dd0d6cbfee06c7776a419ea70fd7fbee9417b7fc85bea4abc41c31ddd7b6d1e4f0efdf168fb25293d7a1d489a1072ebfe10112421e1ae1d89534db647928ffba2e11c2e5e85b9248fb470bc26cdaad328341f3a5e54170fd65906dfafa51c4f9bd962b19042cd36da7dcf07f6f8365e26aab8786750203010001a381af3081ac300b0603551d0f0404030201c6300f0603551d130101ff040530030101ff301d0603551d0e04160414daed6474149c143cabdd99a9bd5b284d8b3cc9d830420603551d1f043b30393037a035a0338631687474703a2f2f63726c2e7573657274727573742e636f6d2f55544e2d5553455246697273742d4f626a6563742e63726c30290603551d250422302006082b0601050507030306082b06010505070308060a2b0601040182370a0304300d06092a864886f70d01010505000382010100081f52b1374478dbfdceb9da959698aa556480b55a40dd21a5c5c1f35f2c4cc8475a69eae8f03535f4d025f3c8a6a4874abd1bb17308bdd4c3cab635bb59867731cda78014ae13effcb148f96b25252d51b62c6d45c198c88a565d3eee434e3e6b278ed03a4b850b5fd3ed6aa775cbd15a872f3975135a72b002819fbef00f845420626c69d4e14dc60d9943010d12968c789dbf50a2b144aa6acf177acf6f0fd4f824555ff0341649663e5046c96371383162b862b9f353ad6cb52ba212aa194f09da5ee793c68e1408fef0308018a086854dc87dd78b03fe6ed5f79d16ac922ca023e59c91521f94df179473c3b3c1c17105200078bd13521da83ecd001fc8	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob = 190000000100000010000000e843ac3b52ec8c297fa948c9b1fb2819030000000100000014000000e12dfb4b41d7d9c32b30514bac1d81d8385e2d4668000000010000000800000000409120d035d9017e0000000100000008000000000063f58926d7011d0000000100000010000000f919b9ccce1e59c2e785f7dc2ccf6708140000000100000014000000daed6474149c143cabdd99a9bd5b284d8b3cc9d86200000001000000200000006fff78e400a70c11011cd85977c459fb5af96a3df0540820d0f4b8607875e58f090000000100000022000000302006082b06010505070303060a2b0601040182370a030406082b060105050703080b000000010000002a0000005300650063007400690067006f0020002800550054004e0020004f0062006a00650063007400290000000f0000000100000014000000f45a0858c9cd920e647bad539ab9f1cfc77f24cb20000000010000006a040000308204663082034ea003020102021044be0c8b500024b411d3362de0b35f1b300d06092a864886f70d0101050500308195310b3009060355040613025553310b3009060355040813025554311730150603550407130e53616c74204c616b652043697479311e301c060355040a131554686520555345525452555354204e6574776f726b3121301f060355040b1318687474703a2f2f7777772e7573657274727573742e636f6d311d301b0603550403131455544e2d5553455246697273742d4f626a656374301e170d3939303730393138333132305a170d3139303730393138343033365a308195310b3009060355040613025553310b3009060355040813025554311730150603550407130e53616c74204c616b652043697479311e301c060355040a131554686520555345525452555354204e6574776f726b3121301f060355040b1318687474703a2f2f7777772e7573657274727573742e636f6d311d301b0603550403131455544e2d5553455246697273742d4f626a65637430820122300d06092a864886f70d01010105000382010f003082010a0282010100ceaa813fa3a36178aa31005595119e270f1f1cdf3a9b826830c04a611df12f0efabe79f7a523ef55519684cddbe3b96e3e31d80a2067c7f4d9bf94eb47043e02ce2aa25d870409f6309d188a97b2aa1cfc41d2a136cbfb3d91bae7d97035fae4e790c39ba39bd33cf5129977b1b709e068e61cb8f39463886a6afe0b76c9bef422e467b9ab1a5e77c18507dd0d6cbfee06c7776a419ea70fd7fbee9417b7fc85bea4abc41c31ddd7b6d1e4f0efdf168fb25293d7a1d489a1072ebfe10112421e1ae1d89534db647928ffba2e11c2e5e85b9248fb470bc26cdaad328341f3a5e54170fd65906dfafa51c4f9bd962b19042cd36da7dcf07f6f8365e26aab8786750203010001a381af3081ac300b0603551d0f0404030201c6300f0603551d130101ff040530030101ff301d0603551d0e04160414daed6474149c143cabdd99a9bd5b284d8b3cc9d830420603551d1f043b30393037a035a0338631687474703a2f2f63726c2e7573657274727573742e636f6d2f55544e2d5553455246697273742d4f626a6563742e63726c30290603551d250422302006082b0601050507030306082b06010505070308060a2b0601040182370a0304300d06092a864886f70d01010505000382010100081f52b1374478dbfdceb9da959698aa556480b55a40dd21a5c5c1f35f2c4cc8475a69eae8f03535f4d025f3c8a6a4874abd1bb17308bdd4c3cab635bb59867731cda78014ae13effcb148f96b25252d51b62c6d45c198c88a565d3eee434e3e6b278ed03a4b850b5fd3ed6aa775cbd15a872f3975135a72b002819fbef00f845420626c69d4e14dc60d9943010d12968c789dbf50a2b144aa6acf177acf6f0fd4f824555ff0341649663e5046c96371383162b862b9f353ad6cb52ba212aa194f09da5ee793c68e1408fef0308018a086854dc87dd78b03fe6ed5f79d16ac922ca023e59c91521f94df179473c3b3c1c17105200078bd13521da83ecd001fc8	setup.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes:

setup.exe

pid process

4660 setup.exe
4660 setup.exe
4660 setup.exe
4660 setup.exe
4660 setup.exe
4660 setup.exe
Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

housecall.bin

pid process

5700 housecall.bin
5700 housecall.bin

pid	process
5700	housecall.bin
5700	housecall.bin

Suspicious use of WriteProcessMemory 9 IoCs

Processes:

HousecallLauncher64.exesetup.exe

description	pid	process	target process
PID 2420 wrote to memory of 4660	2420	HousecallLauncher64.exe	setup.exe
PID 2420 wrote to memory of 4660	2420	HousecallLauncher64.exe	setup.exe
PID 4660 wrote to memory of 4932	4660	setup.exe	hcpackage64.exe.tmp
PID 4660 wrote to memory of 4932	4660	setup.exe	hcpackage64.exe.tmp
PID 4660 wrote to memory of 4932	4660	setup.exe	hcpackage64.exe.tmp
PID 4660 wrote to memory of 5676	4660	setup.exe	patch64.exe
PID 4660 wrote to memory of 5676	4660	setup.exe	patch64.exe
PID 4660 wrote to memory of 5700	4660	setup.exe	housecall.bin
PID 4660 wrote to memory of 5700	4660	setup.exe	housecall.bin

C:\Users\Admin\AppData\Local\Temp\HousecallLauncher64.exe
"C:\Users\Admin\AppData\Local\Temp\HousecallLauncher64.exe"
1⤵
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:2420

C:\Program Files\Trend Micro\7zS4794E208\setup.exe
.\setup.exe
2⤵
- Drops file in Program Files directory
- Executes dropped EXE
- Loads dropped DLL
- Modifies system certificate store
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4660

C:\Program Files\Trend Micro\HCBackup\hcpackage64.exe.tmp
exe.exe -y
3⤵
- Drops file in Program Files directory
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:4932

C:\Program Files\Trend Micro\7zS4794E208\AU\patch64.exe
"C:\Program Files\Trend Micro\7zS4794E208\AU\patch64.exe" "C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364" 0
3⤵
- Drops file in Program Files directory
- Executes dropped EXE
PID:5676

C:\Program Files\Trend Micro\HouseCall\housecall.bin
"housecall.bin" A9DA2DE5 CC641ADD
3⤵
- Drops file in Program Files directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:5700

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3964,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=3852 /prefetch:8
1⤵
PID:632

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Log\TmuDump.txt
Filesize
4KB

MD5
e6a6f6cd5020de1bcb2feeb8704fa4aa

SHA1
dd55321d09c3cc838757bd975ac24b5a37e92ae9

SHA256
4979c6706042d3ecd4b9080852e728416bc36b80e3a531712a1f99cfc2ba7736

SHA512
13ee77565a93c582e1e8a49df20b6fa277143082d3ddbc252d46a337359de25db0c043cb7d017df407683c92145929fed28611b2f6cd280ec92192fa753637e2

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Log\TmuDump.txt
Filesize
12KB

MD5
3060377fdec9b42ee7582e276eff16f7

SHA1
76335788202697914f55ca9a1727ec5c79da0165

SHA256
e2e65f5a0f65ba1d760c202bd9b7a9ad22b5069d031d273bc8aa1ee46a96ae4a

SHA512
9012c9990bc546d03d50775620197524a82ca3a5b4cda27272f174467e32be92a6d31c0c079d3b58d3c14be37dfef103808b6ef89e936fdd8139cc3e3284d2fa

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Log\TmuDump.txt
Filesize
25KB

MD5
5dd0e874f58bd1de4e491095effa5751

SHA1
389ff4fc0374c32f66523a6050f7d8b405fd4bb1

SHA256
d1c4684cf99166f7ff042640029e4e8b83a6378269ca80d8236dbb2fb93c1995

SHA512
4d1b4acdbe51a98f9939db7acd910d76dd6f6e979618205f28c483665c851e772c88ea90c3a6535343529bc8fc21fe7083c736da4fe7d7a509c547a792bbffa3

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Log\TmuDump.txt
Filesize
1KB

MD5
14eb47c2b074f6e70d158cea121c9272

SHA1
f79e20904dab4e678e98ef52c1487850b93771c2

SHA256
c87b76c83d2f262f834de07c2c9dc470417d740d4b2591d77db7241980518bc3

SHA512
074f23eae4d1bbcac086442dc391ae12a21d8cc65a11de56e14293356eb428564d09bc380de0cae0886bf8c06e6a9a25a435b914d4fb8a4b90e3e08691f0d5b8

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Log\TmuDump.txt
Filesize
2KB

MD5
35f74921ebc3c071fda062306cf482d4

SHA1
4fe2c96703a46cd001b814be1889ac00195cd57b

SHA256
e13686e4e2e55704834e31232d851e945b14453662177f040451a1fa09ddd828

SHA512
a07938b045e86ff1fc8be42665145669b67cb03e6b3b6ecaf8af793b9fba99d3f9623b7ab5c8e122760ff70b1e86147482fe75475bec7fea2d75c16437630987

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\2\1073872896\tscdll64.dll
Filesize
3.2MB

MD5
773a68df25ac20ba9678c8924871d4c4

SHA1
5e03406a025c39fb4781a63321a9dd93ddabc3a2

SHA256
b0517f7cc40557ea2d890d8ba7749ca76eb3b904de97218e278327d7d0500969

SHA512
0b9e8252c2c6bab4f4df056c1eda150229308608f29de0e47e9528ba19686c64ca670009ffd6a17827fb8b093cc66be317f0670250a018fc2ef2d64463e3d51d

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\2\536871168\BPMNT.dll
Filesize
102KB

MD5
af085509295b0bfb231aa6d22a3a4bb8

SHA1
f1c7034ee2a0a744dcb435adfa126ef32d74226b

SHA256
17a56305e48485335126b6638fdeade7cc1bf04bb2f1f685cccdc20befa21123

SHA512
5f5c9aaea16831cb7982c4a8fad4ad1d0dbe4d269e737d6006aacf1c0e87ba71ace9206f12635ea2cf6421b07312a65e1d5a5edc6bc5dbb783e81bbff11cc8b2

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\2\536871168\vsapi64.dll
Filesize
4.2MB

MD5
6f7ae6e85cdb94eca7a735901b931bbd

SHA1
a5006f02bd524ccd7f88f0f4770de4f8fd550c0a

SHA256
de40d2ac5f0efd162111a8152f8b4338eed9291976f89911b77b84b138edf5cb

SHA512
4d53a40639cd0d905f098232d91065b1cf8ad13b14a87845f9b3bd9bb76ea211867cbca2ec09990fcf9e6090ae8c1185d85a72d5e21b77fb176a4e58083271da

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\3\1082130432\tmwlchk.cat
Filesize
10KB

MD5
df6b04b46d7b51ef1dc89bc6ee32d2bd

SHA1
0d332d6235d9aa7a00258bebdb2e0aa811f9bef0

SHA256
958b3030696a88c0478152049c46649c80031753893aaac7fe4c3ed514f47f3f

SHA512
75fa8b523f8a711f2571cc978473b9c1ab3aca876d79ecf5a4f55261b5f590f4cf0b6889f5ecd6bc288be622c52f975d192c0b3f6b5be91593d79633c1097a46

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\3\1208221744\HCClean.ptn
Filesize
67KB

MD5
24b98ece0b3c87cf1d3418940d73a447

SHA1
ddfd79855e95b6dfda0b76be2982d1c6152016af

SHA256
6470aa02eff45470f854ff378ecaba73928cc6c8114ba1cedab97f46a023953e

SHA512
d88edf632623029a4c3698eb231f166a76a808b74dc2aadd967155388da8c46fbe215cc196762358e287f05a01ae5ab01b43cb77fab147aaefb9256eff71ee8e

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\3\1208221744\ptn$agg.999
Filesize
99KB

MD5
6eeaa78e1f4bee86af9614d49f6cc4ce

SHA1
849b11fa6e68a6fa7505c27fb4c44fae13b3e0aa

SHA256
19b8632699bddc4a79cce8a7e314b3a8bb78f4a035904f22e3c8ea90aee24041

SHA512
b711b7f72bbc295bcd112a8b946da5288c9765be2ce53ae00007da11d718e532ce30929e7e72be1dca997994699c7ed7004267f6a1057a2eda6ddbe46147de33

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\3\2048\tsc.ptn
Filesize
2.2MB

MD5
4a9faaf0e11cd3a1657954b0f9d2e713

SHA1
adab7f614976be5fc805da9e92a3fac574f2bbbf

SHA256
2f94c382b9b3c01e4870897e474c575490a609e9845026d007b47d8d4b5cbcd0

SHA512
4f35f70f11bfe9426af7aeb225f3a30f21094de2015f6ce5e5f54a91180a1c2e93ebde29a5d859896d99b8f9d9a7baaad27274b22f911859008a8f5814fe3309

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\AuPatch.ini
Filesize
2KB

MD5
bbbc3c589aae71fe2d3701c906e5cd31

SHA1
c0b5aa6f10f2a88672ea98dc3ca70fb7fa5f789e

SHA256
a2c94ca94fd997ad358a5e4cb845558b75c52505f1dbb971ca99c9bff73538e6

SHA512
32bca267d82e9c26d4d8b042f6ef5651f12b4d96070f7dca33f0a055060567cf456d5c850811205e51d466cef0e7c69c90feb12e4c14b9c3e99dd9d52301401c

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\AuResult.ini
Filesize
10B

MD5
31e43987691be249e68dc3135b18d329

SHA1
d6c2691d147b7662c199f420e7ec1182db2662c9

SHA256
232f2344e73ac59cfefc7972998b3cd0a4dbcee3631af2889eb5f585395dc814

SHA512
f9d022bed3ae58a19e8125d703eff48005400fae4c0640f3630dcf422661a7b4cb8a052f547755a7759fd0c685b4950680f24fc8f174b0969a4a26cf524426c6

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\AU_Data\AU_Temp\4660_3364\server.ini
Filesize
11KB

MD5
e8a30debe6b0ba473fb14632057c901b

SHA1
2aa4364d6cd33c7c1b89a91ea00164d01c5952a9

SHA256
778f3eccaf9882528ea9921869490a7d084d3a0cf5f4e57540f7408430a145b1

SHA512
c81a6ee84915cc595e3873f510514b2d984658e1f13469d8c02569f89afb9fc8b1cc8df48842fff6b74adc62ef4e7baf3500dec4de074e046e51ac51d7ed07df

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\GetServer.ini
Filesize
178B

MD5
8cfc333ca4e29a11b86cc03245e597c9

SHA1
025002f14e4aacd4339e01024a80441e0f26d0bd

SHA256
9d0e318a2d10dc934760909795e7e1a5c55120e501ee136362443f42ab675b88

SHA512
d18d2b21093bbc09b7a0c65c79d4590c43a769d31ce80f2095b8664cb178c0be83e8c8ce2cf123e85e35e3da19d7cd26e59e5fb6a3c5ea46581390740341ec90

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\TmUpdate64.dll
Filesize
3.6MB

MD5
b63c61906bc9aa252710cb535b47c95a

SHA1
da2303f5754a51fc87c1d74c7788fa0fdb3c025f

SHA256
a2703cd2647d6f7362ff692e904493ef5a300c82d839fd9eeaa670d66b40a7ab

SHA512
93a237547e7c0f8e5d6c0357013b3b9489dd313436d61187bf942231f09d573ce7fc8f6d7f2abba3a140d4aa184c80e5ef63e00ef32c419e5466c74d5f110849

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\aucfg.ini
Filesize
256B

MD5
af03b6da00b295f2b2dfd949b7290f53

SHA1
afa9ceadc089c98f98db3ce4856b87e1c8305285

SHA256
9808ce47e96e95c530a7b8f4afe1773c603400dc16a5085f03e44d71273e3e67

SHA512
3384635885541d65dc1ba963d72e34b653c71478ef835b80f3c1aee7d1568e9c6349e4ff1b3ba0162c41225503ee4f5c8ec5252348cc681cb0324fc31c80f31b

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\AU\patch64.exe
Filesize
1.0MB

MD5
6c552231f756555707b9aac825bac7e8

SHA1
889b760e971d5ac50c6bc69047469c8ad6266466

SHA256
b95991219d45381c2cbc8691dd7aaff710f43e66f187d3394643b075763f6a16

SHA512
7bfad529bdd2d3d50f931cb0a4180a42fbd65ce306ea834099682199c15554bc6de0620a34a4b7e5322ad4ac66df7ce95bf53f0bad8dce56f94f65bfb7e27182

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\DLConfig.xml
Filesize
1KB

MD5
0deb9afc00ea164c04e67826de4575b2

SHA1
0c045927bc96308fada0df6a36d250465ce19b24

SHA256
39fdac3a4b9e43bf1050181df2a5c659d6b7d9b4e9d919d145588c4c2fa491de

SHA512
b6f7098b600883521b3bdc6cc5d793434b1e67c00b46e83356e85dcee96985a944e38b37f8c82555948959ece14e73ccba2621115e479fc68f23b67c6bdb44bc

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\HouseCall_downloader.bmp
Filesize
250KB

MD5
50960ac419774a394710258261e2dc8b

SHA1
a7c7862392a092ba743a03dbff52b486c277dfe7

SHA256
15224bc0d04b82fba0db9ad5d7ac283ff914208b8df13e2dddc6dcdec3d127e9

SHA512
514b17583402c0f7a331e6c7478611df94bd8408d31ec49ad72abba21631538f1c2a7e8ba3190164dc29716fc367a71acac6aea58ce73286f7e1a4625ae0f99e

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\LIBEAY32.dll
Filesize
1.8MB

MD5
e71d4daf55bd190c8f33d654873edde0

SHA1
03bbac56e4e24f4533d95458d2ab0ff1ea05f2a7

SHA256
ba8cd20d40b65f346cb5a366dd06e96eee672a2511ae4c8a097000cbb4800890

SHA512
fe50e9a43593bb24cc59636fa61c7a5f53adb89f1f11cf0e13ef6e8ac70e619298ba1c4bc5f0815dcd54ad8c9813e7fbb230319ee37fd88d4b7e8a12e4658c8b

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\SSLEAY32.dll
Filesize
461KB

MD5
882e6ad0f22a8c9dbef86bbf780adbb9

SHA1
c3bffa785c9a660d95ae348bbd86d7737cffc203

SHA256
e8c3b487a1fabac82599f40af81449945b94b3f1228ca83594ce321664bebf89

SHA512
611d6269c5edb5ec0e37cd91aa8ae4807e18b4d4ef1b11778da86afc3d25a8eea245cb3a7cc4650528745ea2f1ad6d802cf4441ccee0af1ee459091803ad4cda

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\Setup.exe
Filesize
1.2MB

MD5
b820ff09ec68ab12e05d9734aeb5a39f

SHA1
b83859bad42a1950359b69b7bf6cd68bd0c3a203

SHA256
2dadd9f15a34755c145b370a3e179509d1ed035e94c5168ff7ec033cd2544ffe

SHA512
81a1ecd3379ab5c5ec0637a8b15ac86f891c5cecadd8405bcf1bafd034136b79f041095b72baaa312f3796534c7c4cd4e0dd3a60ef920cb2da9f40375f04a42b

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\curl-ca-bundle.crt
Filesize
253KB

MD5
c658d9f253217d3c010b830d05973bb7

SHA1
52b6b25d67f55a36ecc7524fd83e7e993c5b9c68

SHA256
193a35b6de7ee049ff512599dd4e8290dc30c2f47f9a3818ca8f273ffca683db

SHA512
8fc35429aa1f8f4ecb8ebeefb70e34999a438c4fef923e224a17f0af44c773cd974312b2cbf6bb0aece1e5ca737df6162d06646703c5694fe5e131b99250db83

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\dlstr.xml
Filesize
1KB

MD5
60e94a31fa1251d3aa133739d77fa17a

SHA1
59276cf0b05e40e35dc4df7c95d9b7ff1c28626a

SHA256
14e72cf1853bd1fdddb5a2fed569cfba4c406cd704e03f652323ec60dc7fe792

SHA512
10155e468ab8433f03865806529a42802500d45ee1deded25b0a4b1d29f1231362185911f10dcb6e441babc02299cd003abb5da96ea48d62ff240d8b83630711

Download Submit
C:\Program Files\Trend Micro\7zS4794E208\libcurl.dll
Filesize
603KB

MD5
2f93dfd34b562c722d9ce8b059f2768c

SHA1
497128d3cb9ee71ccc61adb414135c2c82892436

SHA256
c1ccaab383c9e3d0668c059a1b324a69e11439041a28688cacfa53627e7664dc

SHA512
73b57087ceb03cdcf6417f64e87c0a74052f8651fc9e52d233ea8a7961fc3462663d21b1ce424ca4d4960c9677f9aef367bf71c56e6b15695685628047c904b6

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\HCClean_113701.zip
Filesize
161KB

MD5
b6296232d7bc80ce7275190477622b13

SHA1
0172768fe880a8f9dbfebdbe359fdbd8af9e99c1

SHA256
79f880f33cb5a3b916c63e678d3af4524d57fe77de924c9918dceed83f339ca9

SHA512
56c05a59f68a29771902b417c93d2b28a2a6d4bf39354386b51465f125892b887c9ca5bbdf5fddf20fa053fce6dcc7da18200af4a8b5becf38d254175cbd6474

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\HCClean_113701.zip.etag
Filesize
181B

MD5
0aa9adca6f2d761ad2d971aca52d36e7

SHA1
28da02e184d51637f48a3e44b6f51a17df98a7cd

SHA256
5c225b42422882d52ba408b387cb17828ca5d00abaf923b627d08b82ba653197

SHA512
117e4d8321d5ee0f5c398e5cabbaab37527c0498ccc234705d836cb8dd1b60e04c2ca214bdbb3945fead0dfc3b32702a52889a583a39e02988f314b3151d0025

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\dce-dll-mssign-x64-v75-1035.zip
Filesize
1.3MB

MD5
727ff30f41aa7049cf44d39a48bf002a

SHA1
ab167c1264f399d54c66d830465b2a53244833b6

SHA256
885691815690b6a58a0ed3ef6a28e57f78cbbe1181cc1a067f605722569d6c7e

SHA512
e4dc64f3ce9e43675be6d74ab70b1e142d2ba6c53036857f0ca93bdedbcc2cac82f3fa03cac2d86ca7fe5ff6db0c87f7139fe630120f4fe56ac629a48d84da0d

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\dce-dll-mssign-x64-v75-1035.zip.etag
Filesize
194B

MD5
c3cc4bcce3e1c353ea671b58bcb64a9e

SHA1
6b27bf4bcf5ad4df770a445ade98d305bb1b6e95

SHA256
f4a76db6affc886669433d166639288c67dd03cfc902d85536d28a3cd698948e

SHA512
ee721b4f7146b2ae2c8c47468a73af76b8da8457563c2ca0906077fc83976327fa5f2e928b5c1aa3c4a21fb931557b63cc10873336374a04451ec2106085e1a1

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\dce-dll-mssign-x64-v75-1035.zip.etag
Filesize
194B

MD5
37bf27ee081299e71615da391e65ac8a

SHA1
21f4ed8ec5ba042ee686355ba995352de62c4e47

SHA256
e912af147412a71d5697f0886a9f72c5bc67011414d85e0fc93dfc455c8f31be

SHA512
ddd5fb861a33c5b4bc9063ec160669f480cd2784154bc8de09f1ffe7918f46644ae6355f0aedcc64e2a2463b6c543069ce555cc50e9c6caaf9758fedba9312ea

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\engv_x64dll_v22610-1017.zip
Filesize
1.9MB

MD5
331f1d1cdfd34cb1dc3d43f031412581

SHA1
6ebc47b8deb577d3c08281e95d41d402f82d8765

SHA256
2b59378eb556faab3a87fa08786b24c72134ba8c65284a903c00cc26a64f727e

SHA512
7ea0398a4476f48058e7ba3316c6e93f528564d039e6ae314e81e70c4e2e70b3e00fea0fcec3e965f99177f3f071db5e45501e496db6e1c6903285dd9f94df43

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\engv_x64dll_v22610-1017.zip.etag
Filesize
197B

MD5
75db66e759bd77d66ad88d31e373355b

SHA1
eeaf8444d18591f5cd9db5f945874aa29077634a

SHA256
3d326f15f0082530df7fe3cdae0e5748889cdcd6813771f3253ac6a451346d99

SHA512
30098679e2e986f27603b6ed0012dc4ee495a4beb8e54fba3c021e0df16e1cd3afa496507b5781d6cb14db528e6d5094658c2d113beb71f7fa83196599cc6213

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\engv_x64dll_v22610-1017.zip.etag
Filesize
196B

MD5
e560cbcfa4f2f630383bcdee8e75acff

SHA1
285f406b9e2b3adfe88f411379ccf384f61ff786

SHA256
8542a4ebe7c84e942e2ce7c7bff7bb62b9078ecda75aad815568f66b139426c4

SHA512
97f5e6de92b0cc9922e7bd891de246f051d1aa9cb5ee95ec92a1f6d02d9b07e12c972ef5162ae9df0cd9869975f7e0ba922110755040f917c29429ad321607b0

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\engv_x64dll_v22610-1017.zip.etag
Filesize
197B

MD5
aa4195f093ceaae74a9d31ca92db351d

SHA1
d4550af2cd469b0b31796657f90d81bac3671c34

SHA256
d2db28cefa76e093a62091e258e3b9f940db455e92def69406ecac674d1f7dfa

SHA512
46234feceb500a9d5b7ded14b385ec7d79f06dfe7a1d9129e2848cb93fea6c7a823e9131d242bc82a905943aba00af073724cc82fbc2cdf9f3cbd4a20b9d8c87

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip
Filesize
2KB

MD5
b61254b8ba17982ebedd5c38b3d32eb7

SHA1
a90c62190941f488795cf5555b484841dc917edd

SHA256
1e1333966f70ebe2c8fb6cdaaf08a87b1efa55a01b3cd730e33f1f22d8b3b431

SHA512
124030ff810dedfdf6fa6c7e29a53b7a234782c3ab4b286324f7c6b50de8cc73f80d030efbd91de22e4c8e79f7fb8083b7a9d67ff1224555dd1a5638847bd3bd

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip.etag
Filesize
171B

MD5
a3f1746b47326bb7a41d9effac24dc52

SHA1
060e597a2de236fc97c8d82356d64397e206a8b0

SHA256
7a034b59ce0d48d7496c211781a8e2f56dc9558449e28dbeca9596c26375c18d

SHA512
fd0281faaa3fe519f183a5bdf93dca26d2db60d16c406587cae6bf96b8daf3b11a5835a5a86417f67fe58475a4cc2a0f64436a994fd2687265eba890e11e62f1

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip
Filesize
27.0MB

MD5
a464e77c9e4eb5cfcb5d5f5373764749

SHA1
325645ef223d109fde1a6a409f8677412d346bde

SHA256
096f46957df757c12dcf296299eedeb7e92866a491639899fcd04b19d10b4d4a

SHA512
cb08ca0f8037f3a5030af88acd63446a8e19f0c5b6ea2a3a6dfa120ea00234ebfb517677c5bee20ea89677748ed4509e79e110c88fe1c9e6121acb13147599ca

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
65a68eceac36575bbfe6f8c176feaf04

SHA1
59dd0f4b5004761dd8b8379697d426ddb49287d5

SHA256
f6e03ca17348553c69e24e9ba2d2c26d9434217107c43785299dd06c9283a81e

SHA512
a109feca120f0dde86a29be9a05b9adfb9951b1434420cb486bd07f07643a1951d403edd43e70a5861164a23052f60d7c038e2333ac8fd4b449a62ae527787a6

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
a0ce035e72a29386c219da43fa101d36

SHA1
9be0ed42d237890214a86e0e02968c1f8b1d952e

SHA256
cd13972b8d913e154657c892df6c65b3257c36e8f94965e220f7d7e66eafdf33

SHA512
80c71ad31c69d51f56157490be9b3251dda7da935864c726d1825dd1072940fdd2004b8d1609695d16618f4e46102d6e3c3a2dcbdbdf052ccd4d62a269a3d2d5

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
15a832c7fd2694721f7cda780058bff4

SHA1
860226618dcb57207fcf74a95fdb3c053eefdfdc

SHA256
0c9a445c5be5129060c5fe23a7597df37a8e9a81d15eaebc4b633e323c3030e8

SHA512
25614a6bee8b8517e69867f8dbf09582ef6e37ae66e9a0b886eaa4c087cef67398ca94aaf49dd3e49b70c3d23aa301cad6bd748db5044e4072d05d80b02a92de

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
eb1f4b39fe7dcafe417b970a96815560

SHA1
de469edfdc3df0b5658a0451ff0f54d57c317cf4

SHA256
ca8dea211ce3e61838d03a307c8a8891634186decad5496de54106c369e0e15b

SHA512
033d229dcdd97fada1b512e0abe068de6f72a3fcdbc64c558eedf96e8c1526dec5ec02531a6640e391c213aa17773bff686c1010492aaf369854102d5e5de392

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
dad171fe89bf9d2d7e0032fc0c68e4ca

SHA1
8520dc1cd470aa226fe7960706e4ef4953fcb983

SHA256
107f7d4196047b99eabf2fd4f6a60a16ec35852e02d7f1fc6b52663ed60f59ce

SHA512
dc6b7e1cbdd68ae2b72c88a0d763c545a31eae29ec1099adc4858c7365e689300bab2575a61b15e9a63ea10cf504c2a38ac642a66de620feaa192fbc37cb710b

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
62c8fbeec3dcd25584a9393b89d6e2d3

SHA1
c7ca48f5dbb38945fb8bd53dbde945bd7586a21c

SHA256
478f539e70ebd4a32302bcb9e9fc5df21469b9b2fb94e6e0e91739b9ad3c40a4

SHA512
08fe49dd23acd1689312fb60e4e8b820f9aa9d4b1d20367ca698ab50391c5f008987d6e2dac65443a17e72d1ccc9c1abb0a68b31dc60c5f6f6c094a0f7e0296f

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
98d67872a1f1850e5e8a4c08ab2e7178

SHA1
8cb8375a53fc4f37897f09a3a0c1a6b1033141ae

SHA256
58a40f28d01138acfe51fb7a548fc991756a6b29b17796ba54dba68167c3cfe4

SHA512
adf7fdeae9cd69cb3f96f27bbc8daedd9373ba3b0ebdbb1b26b94e9efde04376aaaf6a41e22f7c0816df4525d53fe9371c272db0f76cdfe36e1464a893353740

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
0e444cc6dad69ce6c85f380dc2083927

SHA1
55be2381d9d3095b5d22cf1832364fb30849dafd

SHA256
2c1104b93b63e648e80b31cab1f63312686bc2e7c7d5a77df3c29d08612cabda

SHA512
eba61e6da6bb86950daee2e7796049ce5fcfb650fba5fecc8ccc7862f8d96d72ad6dd9ee518b91ec6ad192f896eebf758dc2a7335d38e787bdf17d7e9f442cb8

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
108a9a114ba502d9435db108c49e9797

SHA1
848c5fa88f938659503d9518863deedee738c2a9

SHA256
b4958003550eb3646b4f0f770cfd87dc7537c5eaf75ef1d0749b9689aa918e1c

SHA512
f6255272ab78955bf3709a7383ab306a2f10a8ff20f3d822e4c20a344f087d6a66d5e618d8214205d1c696ad675e1275890659f9ad129a0ebd597f024e4dd8fe

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
b29ceb00703db44746b6c5a30fc7644b

SHA1
08b77d2c59e6af44599aa6b0847f7c4fdf879502

SHA256
c84f3654996bda01f1e1f86a23bb2c270b47cbefdfac3b9c667bfc7cc4c4cf5e

SHA512
78fddccb0c98af09b184082f3209a9b136a7a4c4cf7356adef78d76576c522006c2e704b14239aa5adf6dd3003b0f82025d9692fad0dd201d9bd3d9ed50cedbe

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
cc9d0f789b7953619d38fccce29f95dc

SHA1
5cd86c56c24ba76bd7afc99f21bfb045ddeec167

SHA256
018e52978f8069f97b66f958463cb0ad92948884fb204df33e4c56983258aaf5

SHA512
0a351e17498b0b1b6f31dc51e0281c745a79c3ec4255444f1320956de673611522a3d63321a63fdfba09e08e658e2e79bb6a066e587e4a65d576bd13167a91b1

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
7efad5909d51885c3e7dfe64cacddab5

SHA1
73b14734fca8c32ee45be49fd235966914bfd5fe

SHA256
24d6d852721e60acc3eef24fdd4aa2a81ffcb9bae1e03ea333641d4c3f9213b5

SHA512
643cdbb9e54864618f21c0b9784ac8f9c09b64a92a5d85d0ff5e1f437aafdd2749d7b42822c4ff8cf2890854cfb1301b508adfe7df7d05b32a616d9fd106a950

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
418df7f4e5b84c16fec95673d808bba2

SHA1
c3bd7f20cdf8246a59273143362ec80b80928286

SHA256
5101224964b68beeb3cf9f804136008dae861fcd8f09471129df2c2d71f1e73b

SHA512
481f9709364398132a334e8854a1d113eaaab0b3088dfd165c7daa483d4c524594f95cbbe01cb72942b3728ce2a658a944ac01c15304c989f4a76ca27d09190b

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
191B

MD5
55f23e19f0b57bbdb9afd04e26b42389

SHA1
896bedd3667d64cc0a243ea523aa9fe1e97afaa7

SHA256
4f87058fe31f0b0fac8696a2b295d69228bbad57a1453f61dcba41c25efc77d0

SHA512
32d84a6dae52078c35d591fb3271b5e6aa951f84200757c7fa38034f4787d8ed661c355687d9a5d907954346cf8606fe194210b62b81b5f28db33f1bf2d92035

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
69d96b4afe0af9da5e9a14b58a7fdeb0

SHA1
0b20f93274b608e62be99fa8fa9cf47521bf8107

SHA256
891f617d06d4b8d508ae32002476ba5a7dc939289ecc70dcb88371b1fdfbc6ff

SHA512
9140590384f18c500585a76be604955172ef29c9a544e1ffd4c511919799ee14f39b5af312e58b907fe6f1bfd5c56fdd9d345c031a53c6e7b5de2672471f9ab2

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
fbd159c9fb3d9f7e72e01666b70c415f

SHA1
0417545f5e6f92d1018a0ffddf97f21ee01d78c4

SHA256
62b2a247f7bc1ccb91732cca8964f3acbb1e819862b8bce1b07fe993ffb27815

SHA512
029277ebc7fe822fbb703e03f39ab74082b5900ee3247a1f54e3e1d67978e2ca0be6e473a30e30db2c9567628cebfb3286d5096df4dfce5635ef319406db5efb

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
a348393aba734a0372b155ba3b7ff63b

SHA1
11247d0b7cd27a686be9602b125db12fb87ab214

SHA256
ee0840426d2792ef2b04296d3dc48c401b7dd484714324db323c1318b05abf9f

SHA512
1a8d837c60553f84d3622ece74e1586b846de1d82488fe65889cfcd52cdb8b64b54f0b16f0e1ffb874e44c53df532c25c1dd73ae39aeb32131040d5559e72d49

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
31b5ae976be3c2be6c67e2c3a9638885

SHA1
f74ced9017bd6c931e5f4918cdfa843630a7eb47

SHA256
fd59ddf6c38511d30f9a86fe6ac37b2afd5629c0439ed4fb709ba2072b39025c

SHA512
b2ac85997af0ae401a611a2eb1b571cce89b23cde8686033f4a8c7a3d1d31fc844eb9e178c41b4cc4a9a071fe19d3280ebf19ac82f063c446239dead29390616

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
72bc41176d7b36cf678f3811de73824a

SHA1
f101a2f64478068e3c4c2b1aecb9789cdf79131e

SHA256
ed30858924f666e5fbd380162c26d4cb4c562fbd604f92b65ffbc5ead74cdb0e

SHA512
d8c71081f68a1feb1b5e1b9448c576dd12d46ec0e625a70a042c439d0f8f3265edc012eefa5d751cb0e0be3e1e23f7c6fc2d456fadf5589f019d178711f7b846

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
d543cfa7d683004f5f106d3301023258

SHA1
a51396d0a53c02c2e84ec66d2a6ddbe720d0723a

SHA256
c0e07ff7db2228eb5d5cd535d7514e9b9755f415cd3a6c28f005ef2c39eb790a

SHA512
4ae8b8e69e2ed93880e95a59887b0ab7fb226bab7bde30004b321a6f394fe4086cc9020b4b88785688384056f6197d1c827482e0037b784e0b0ea380d2a714c7

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
56a0b6690654c7677f5ec53d9c356795

SHA1
5c9eba98c8c1ae83717134622d1776273369c577

SHA256
8c6aabf9651b19adf6708513ca75e02886cb6d4b91ad86c043296d54b13b40d5

SHA512
f2bbeae06b2ef389f3454cc17c11c9ec3492d1393b53769feeb9ce182b96cdf930b1dc20abf2f9f9376fbe06fb379291b35ec601b2c2725f42b684e35e4b17a4

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
62a86dc71bbbadcf91409ce657793c6d

SHA1
9a1b9eb445dadf2ce22eb1cb9055df664a613048

SHA256
98bcdeb59c328558fd7757b31fc7c67e9d330edf4278ec33f96b586a8fa5e3eb

SHA512
b65a34e0ff2976f29d9a866c099af637adf9ac8781dfc70923e6e30f9790e316f6fe86cb6a1f2e0b66961b2d032f41a660b15fe08e6a3306aad3d0b39dc9ff14

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
a064884126c3feddd8bffca84b7448db

SHA1
729312edfae309f7a0988e3c70d6eeea9a3e47d4

SHA256
42b0152af1328ef7ad19d78c1c44be7e6e4d4c91a93d1838f044574921118a40

SHA512
9516c072669e834eebaf03d62919d871710546f1f23332f918c27328b7dadc0c61dc3b59d7ae5ecbed40fe7564c1321a258ea9874b29b8f5bfc2ac09c138929e

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
f224f3548b71e3909beb6dc40120cd3b

SHA1
7e1a7952d02360c04c3c8e8c8377b5eeebe170bf

SHA256
7b3699289946c703e25692ff44e65bf11c523041c75f405458d38cd38dd78fd6

SHA512
ad0c377ba9ff98fddf00aa2589726bad1de88a4ad51e0ca3d73066d1cd945b135f34b5151d2a0a9d5921ddb714b6751d5bbc46ea5e81ba015432d5b137e17f35

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
c69806510b487eff7bf336025ff6b8fc

SHA1
9a1e6ec1d4ac6db06a4524c5767a4c758c4dc750

SHA256
5a32693364aa2dc0c51542df93c676d4ef4e6f14c9de92667a1e9871ca64514f

SHA512
7941834140b26366aeceb236122b49593302deccab9cefda09195ff3ac17c15e6b2719ce043daf92c802574c3703715125f7608707fe861ac53e4c39dfe5f5b8

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
eed4f262506c51b500a74b61e555c24d

SHA1
ce08558ea169705f1ad6d9fde1dd8ff702a8f050

SHA256
6fa9ca9e6211f90c97ebbfd3b3859674dfbb8a0cabb55e2329ad02367be37127

SHA512
9deffdfefbe2cd2e1fa2d935cf7376bfc72291a21cdd673d5948b77fac45a5e23a831eede6dab3e2a479b67e2f814ace3e40788245aaa9ed5ac3cc5c6c200512

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
3676777d04bd8c94ed2c686aaae436cb

SHA1
6556b906432ce6dd36ab9e29c094ca1ad02b3a32

SHA256
3a28ffff6bdb006c7e4fda15292ee36290b44b38569a9bde9bd949d618372dc6

SHA512
e4c2e8ea8d18db4f6ac32807067de071a1a9279a6cfe83afa55215e81920fd2eebfaca1b86816c94b1e391c2d09dc827f8b0256f636b668877d009b91f56e2fd

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
f15db55a4c0f3d75160633ed4077c8b9

SHA1
e22ab9b40c0212d8f21ac2280747ff765f946b6b

SHA256
e6a15d95a1ce7285102dd8305bb4a4f58b5b19d1c86f18a856b8a9f997f16fde

SHA512
a475cea5a4f75c8036a619028520f80e075abca603a36fef5ce10cb334384542a3141288ef065cc8f4d001c6dc3a82d5f51dec4682be8ab65d27f1f9727d81b2

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
86aa275a9d8efa2f15584767a52bc71b

SHA1
e76cefcdb4e414eda1b708fb7b7a192dacfc5652

SHA256
2677d6792837e6fb18223e8444dcc494308796568f130b0a14d54409f8e21033

SHA512
d845d0367f8ced254280af6718a3e86c03ea81b3fbc90f1f3264e30756fc15ab105fa1f4384b3c2880507b9a2bf04cb3e508a56a9e3bb4faea6ea612a7e05d24

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
357786dfcd74ba692cfd4a5e43035591

SHA1
c2872bef64a25e8d7dfe4a4b45b5464960a80b7f

SHA256
8284a84a30a6b02883065acaba71a3a893e2a21cdd106733fe58117394c7f785

SHA512
086f448a5eb833e1fe2b4beebdfa3e78cb71e88a8ab2f29f98bfd13678383a38a8a4567cfb745b05cc813840ec31415806a5b5d89e2637f1795c3687f0b40551

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
6fec8706a7603ccae5eb11eadcb5380b

SHA1
1f8d57f44f7933426888728a9eb2a038955614d4

SHA256
979a02bed5aaf01eeafabbfc636c052b9cb5b6be04e4e992f0c61f7552bb2e7e

SHA512
2dc8d7e13aa5128f0b732e7f0bd5dd2d12eb3d2e852be32c2a577345ffe23067ea335ece7fd21c097945b84a2f7c2e613873a8afc65efd375886d601ef1e5365

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
e2580aa9975b19be8e23c51aac6a3182

SHA1
9dda6fbe35590cf3ba95ecc2033780655386dc45

SHA256
fcb127b8984663a0d49cd3da8185c3beb412a19a9fae26838451cb8865ad485d

SHA512
9c42a645717ee680477779641e52e9177ac65600c2fb9bdae7014557ef70b188d92b6cf834f8aaf8657a1511c318c1d738fb27e36bc69fc07fff33922ff0b911

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
515418ab621e03d28a373b921264c6af

SHA1
f6ea546069f8d1ec3d7052db689a2a11ed8ee74e

SHA256
1f5baf4a97d05631d48eb15f5fa4e8c9c8281f898fb73b18c0e078d096ef4e85

SHA512
8ca405f5c6bd89ce378f37ae9a3af96cdc91daba853f7d5c9b569c3a650a252151cc32c7ab3cbbaf80f2f97ac91525db442ebf758a9c5de547a991c8066cf1cf

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
707a92008e9943aa2a24181ffcc7a5b2

SHA1
3ec49b5d077e199daa025a4afa6ad98db4922f32

SHA256
da0e7eafb8d88615484abedde9264f3f2df50ba64d24c8b9b550f52e9d54827f

SHA512
7ce1987b6c1127bca4cb4c8961d969a0b98c9c3eb009c45aa0b78962be8ea32bf8a52c9ec763fd22e32a1fbd17ed5d9546d4f655dd3ee0d9a588b2670015dccc

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
4a9053e42d909644ebccd50cc4b4f3eb

SHA1
dfa54da6f63b5d7e233454c9db08532c74817e27

SHA256
86f660ce0e4594ccbfab9d9c1e377e0b74fa285c3d1f5e7b92d20a073aafa004

SHA512
c27d8ef9c1db8ba432279f01bb44495f1f6e45de68ee1967b085ab291b4e1690257682f6d1e50d651c85da8a02c4adcb0d0ae91d6559f7122769e80e44942abc

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
26aaca6df38f4e6f1e24b6f7ff4e0db4

SHA1
57e459e18b523ce8ab54393e6c83139a8f955d75

SHA256
f711984dce9b5a0a261f2ef392694a14ebc681f75a19f03886204e81a3e6df42

SHA512
b8742ee48e5ad2afae76bd8bff167188664b62d9f91c5796d783554a73df62567d8696dfaf99c4bcc4b9df8ba5f676d6ba928fca2dfca393a1dacef2db10c0ff

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
7a96d59a0915d97a8b6ed67ce4a55904

SHA1
760b15f78c25ff0308de5ed3aab75e8548c8db18

SHA256
9ad4a36ce6cd75a99a3342e1586e2f9901f8e2947348d4febdd14a91d651365e

SHA512
c4ac9c8e86eedd5fcb3eea7edc1e317fbeccf2c7ba07986c47511f1d463cb39540c08afb6755465ba639d74873c9efa9c08c648f6ca3c464c61850a9b3ef0589

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
64bf0613a78b711f746b49882355613f

SHA1
6eeeabfa7b83ae0cb4780651748d8f6de37be6ea

SHA256
0fddc7a4a5947b21e77a2e1f6c5d07eadf797b482ff0d58bd6412b1f7e4e4f3c

SHA512
f63e61e7b2b3f0dbf7c684be1ecc12b104ce5556cabb37598c561f94a965e88913cc4b38b8ca001e68ba8dae88125bdaf9492abb944d98cb1537a355ed23a1ed

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
53a70fe768dcd7a89195411405ff6285

SHA1
fd1adb38c032b46d3d03fa6f195429672008b686

SHA256
2699742e482ac07b94568d7f1dc83788f3521e765a53ae9982da685d8fa82aad

SHA512
a6b62f7da9518945695f6f749d33be42b619b0a2b00e7df39b6ea23e42c74194e6aa924a90f42791c045f321007865f5bd64ccd628b41a61d4ba7c97f25b3cc1

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
d36d2b79a6306aaac3ea29e10b27c780

SHA1
aa1771b4c3d708a46f9282edf3cc5dbef3b43ffe

SHA256
594520aafddfe9561c6050f7058d88ae4ecdc2ff8fa6b0f3635fd1901c6ef4c7

SHA512
0b5600dd3a1f7698ebe9fc4622cf377e3243a7a2c22ef7996f5b202e3aaf80b7f7dd5f8b2dff53a6c15a1e902f4e6f09b737fcc8360b8f2c686193592d89b222

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
d429d5f5e3384272888cb6e65434ddeb

SHA1
b2e020936baeea149cd56daf04e65d50df951b67

SHA256
4588180a18a41d1036065e55de0cdc88efedf7e596bf790aa6ef202cefcabd5c

SHA512
7e696481db6af3785d44defa5e37cbdc862e4e57b6d374f87202aa83be6419cd932d2f9f53311e5036d4f67f5cdde5fb24a08ff0f0186c4fc88073bc702fce7c

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
38765f458a75dfb58fe0946cf21a1e7c

SHA1
889e11c713b4c091dd24f43404fb2cbb8e9d4b3f

SHA256
6400466b7982379d8d0c05d1de524a8c9d77c899800c60b4182b78a5b7b08ba6

SHA512
b631f618409e171ad8e056b189748d2761a5378ea2d70e0ebd2032528b6077f56104e1e7a78c8ce4e8772e0d1f215306d01fa88de6ea806b98506796a362021e

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
f0690a035fe06bbc6c2ef380d63e7018

SHA1
c704fb1a13e8d9660a1e074f42036c9aef655d91

SHA256
7c3db06590049c767e61c959df6f3d735e0dee999236b1a70221434f24017b58

SHA512
a7735f7c48e9bdb0af5209bcac9f9737e7c151f899d9a69577f320cf886c3a81876fedc39895afd9d019af1781b962109e7cd1dd9e21996707bd834ca3edbd06

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1956300.zip.etag
Filesize
192B

MD5
1e0b060605595a9f4462908a6c65257e

SHA1
7ee51fd7006c77910a73dee8c960830548ad2ff2

SHA256
01d27e7897bc4919171141655d397a7242db4ae3d89b53ffc15f0ee44ba80d04

SHA512
0a4073ef84c3df79b7db50ddefc2bc38b76f2d1f5aaa70b6982d855925aa3679d10ae5197cf909a1f42cf2eda4f83933b4768d367d21b3759a4fb515631c873f

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\tmwlchk_201200.zip
Filesize
194KB

MD5
43e263d918cb79cf3455816e526b6b9b

SHA1
a29d476a540caff8a5eed6f77157af0b43277ba9

SHA256
0c92c636dbd3fb66dc1004ff1dba414367885930bc2925e220b5097f221fe9c0

SHA512
8915e2909bbc5b904fe1023f5931d58a09351d3a23a99a0c2d0715b2b8a547809dda94aca238e4bfe75091eda68ac56941edcda1f85a2f8c991c0c49a91be765

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\tmwlchk_201200.zip.etag
Filesize
188B

MD5
1ff9a2d29cd009026cd1ae8bed99d385

SHA1
d9064ac5e33a36cfaff85eec4ca95646fb1db16d

SHA256
910484e240e9fa1d4b80f512dc19e615620c0c154bda8efd9f6641940e38179e

SHA512
795f7eaa11ce10583ffce2248835b7d656f2c34d81cc2fd36fcf7bc46ed673d0c00fb0ab085cb557e20174610ddd4e138d3e1a697e4192d70cc61808ab82d25d

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\tscptn.zip
Filesize
2.2MB

MD5
5abadf0fd701d8f277607bffe24014b5

SHA1
21ee488eed0cfd100f96ad9154849649afe243b1

SHA256
89c9d6213c64de1cfd8b9bce8f463e01bcf143886d2944c719d0120a15fb4200

SHA512
b6685cda8f64a374da01bad2e6e44ce702873d7998f241a778ed150ff3f6550428bb3759773841c19fcfe92ed4c8a77671c29483d78508437d714ef8dad00fb4

Download Submit
C:\Program Files\Trend Micro\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\tscptn.zip.etag
Filesize
181B

MD5
d0605530f00e98a5b6ad97473b1f3a85

SHA1
949161413bc835044af349f48d5715e3afd0c3d4

SHA256
77c20cb00ab82ccc4d5a68d6b4be7838c46bb4a8be0df86bd23c403db24a4892

SHA512
bac9b2e11e07b8b0390fd97bb33e8ced5fe1be962390857c84c6ceb11c1a5ca969d2dc7b14b0f3943af5f0b93bf3507aa2c28b7d55fce58dc2a8093ed695c23c

Download Submit
C:\Program Files\Trend Micro\HCBackup\hcpackage64.exe.tmp
Filesize
18.8MB

MD5
e3f7daeb704b3667673fd799e4baaf6a

SHA1
f01f385aa74d8589b78e3de01695828e8adce0d5

SHA256
65fa74aaf30e880ce37147629c7d32a6d71320c4b68c80cee8e4873e293df37f

SHA512
ff0c54281d4fb3b7a9ab112560b37ac3472671172a5a3c9cca54b8e6adbebeb30731ddee7774a0e0b63f81e53afa6db2033302aa7753583371e6a651bcfd7b89

Download Submit
C:\Program Files\Trend Micro\HCBackup\hcversion64.xml.tmp
Filesize
310B

MD5
c19d5810b07878caffed286525f8033d

SHA1
c87d49ec9623a8d346e835c6f69a9dc8ab3594e3

SHA256
453d1b6344ce2456349f193f5333dbaa7d3a4a89ba7f5560fad5ca05737a691f

SHA512
e912bd9154028b66ac0ebfd1a9eeaff7d761815342099dfd542b3fc7e0713ec109fd15c3938b979107a8e3f2d83a810a5d09edf9eeae9fd8cc1b3422945a4a2b

Download Submit
C:\Program Files\Trend Micro\HCBackup\temp_bf_1100000000_2147420118_1725199254.len
Filesize
1B

MD5
a87ff679a2f3e71d9181a67b7542122c

SHA1
1b6453892473a467d07372d45eb05abc2031647a

SHA256
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

SHA512
a321d8b405e3ef2604959847b36d171eebebc4a8941dc70a4784935a4fca5d5813de84dfa049f06549aa61b20848c1633ce81b675286ea8fb53db240d831c568

Download Submit
C:\Program Files\Trend Micro\HCBackup\temp_bf_1100000000_2147420118_1725199254.retry
Filesize
1B

MD5
cfcd208495d565ef66e7dff9f98764da

SHA1
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c

SHA256
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

SHA512
31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99

Download Submit
C:\Program Files\Trend Micro\HCBackup\temp_bf_2_2147420118_1725199260
Filesize
4B

MD5
f1d3ff8443297732862df21dc4e57262

SHA1
9069ca78e7450a285173431b3e52c5c25299e473

SHA256
df3f619804a92fdb4057192dc43dd748ea778adc52bc498ce80524c014b81119

SHA512
ec2d57691d9b2d40182ac565032054b7d784ba96b18bcb5be0bb4e70e3fb041eff582c8af66ee50256539f2181d7f9e53627c0189da7e75a4d5ef10ea93b20b3

Download Submit
C:\Program Files\Trend Micro\HCLauncher.log
Filesize
3KB

MD5
bb3e59d9ca6079d09d8a62ec2dc75a31

SHA1
2ab6a5ebbb84883a3e1ec1439d53ba1348f9a336

SHA256
98d58cefb39bfd98b4b11e098aab4625d01ff10350227d2ab06cc7d476b124fc

SHA512
825777fe2ab447abe57f803ce11702adeb1fc99e66078858dea8f0361916d93ae0c623f68c581762910b41013704fbb4b4e5299f71e301bb9fa2e54cc15cbba5

Download Submit
C:\Program Files\Trend Micro\HCLauncher.log
Filesize
4KB

MD5
11c47347c943978b26c5840312810246

SHA1
387257314f02dd1f3800e9e7299fc17833dea2b1

SHA256
db7832824b2c9f48de01e767701d97c33ed61034a809ee9cbe76025e1b47798d

SHA512
2aa7c231eb3ea16e1b9f7242ccf12f02dc019b28c9cd1c43542b55f4ee01c39c45a01ab31cdc63130fed7bb0408340ffe57694631dcd986dcd6ffb357b8a7ce9

Download Submit
C:\Program Files\Trend Micro\HouseCall\AU_Backup\AuBackup.ini
Filesize
285B

MD5
1e4c88a73e59474db7d3bd36b9d749f8

SHA1
7c2ded1e35c498fa092775fbeb6fa9796c6f2149

SHA256
fb60e54e81153bf61bb5978fd805c05504a8a057c5d76ffc34d7a9bd945d324d

SHA512
607223096c14a9faa7216937da386becb25f7f9c0ce694a1fc902c09c5e3c0ba2d3c51f1d3a164f8863b215f8f090b0ccca5a56efcb6d046a982e236509e5d32

Download Submit
C:\Program Files\Trend Micro\HouseCall\ICRCHdler.dll
Filesize
2.3MB

MD5
b4930aa9bab3caf6f87491c32a354c04

SHA1
6101913f51cfaa49cb55397bab7ae051df9dc4e5

SHA256
ed6129fe266dd28656bd65edd7fe5c15d6ddeea787f764a0bd4076e2e94bf1ad

SHA512
93cf1ea5027551a99e5a4ca35662508d8e5b49c543ad4c596722abab77bc809a9b5debac2fa71eba8169b875fb11ad83c6b8934b864b3f84acfc7dafc8d03d6d

Download Submit
C:\Program Files\Trend Micro\HouseCall\config.xml
Filesize
7KB

MD5
5e16756bdc9aa06e4e6b2edf955c2f52

SHA1
55c245a6a03b8c2c2f2594c4e4819a103829a038

SHA256
aa39d77fb7457ab0803e70b93e6038c7ea804e5ba5c88cbb8f3a803de66a0386

SHA512
dfd8b99a59f4d406aafc30388b98fbe4b37becf0f6d5408aa239fdf3b59cd6ba0b2d9cdd887086ba36f2a8669104bee0e3ed577028cb9460b4b85f1424fef263

Download Submit
C:\Program Files\Trend Micro\HouseCall\hc_core.dll
Filesize
9.4MB

MD5
ff40bc651649335749f494747f6ea9d2

SHA1
031ceffc97ac6c60cea3acaafce9a08c1f05dbee

SHA256
2d6633b2e5ed61a00fe79ef92259b8e1c2204bf17139913d8e9c7de45e1f006a

SHA512
e5094b0ee609c230b03f07e8d9084b4f70c95462ad32e329ac068c30211e0dc9d27ecdfa33aa04838c39a81ae1f8dc701edf6b538798532e3e17a2e3da7ea6db

Download Submit
C:\Program Files\Trend Micro\HouseCall\housecall.bin
Filesize
4.9MB

MD5
faa6d41317eb98f19e132314f5eef03d

SHA1
3c2d6fafa1459e4254d5bad9e83f15f39d59e5db

SHA256
1a794ff4a1167d221d5cc05974dedc760ca5dfc85e2e64878d1b8ef3c83d1dd7

SHA512
577f71f95f4d9ebd0bbbf5553c0c80c3f98e264b3946c4544a53514cdc44a9a3f23ae595b0eb33836ac80f9af1132d36308444aa3546d9ef03e881c38759cac4

Download Submit
C:\Program Files\Trend Micro\HouseCall\interface\lib\jquery\jquery-1.8.2.min.js
Filesize
109KB

MD5
7eb2467956657f7e0956de142ac5d5a1

SHA1
9f579c33e616d8ed81e00b2120d4688bfe1ee914

SHA256
24a5fffb954c81990cab1fda4787afbeecf81d8f2909c930f16fbb7c2325cd0b

SHA512
ecc2e09aba341137449092569de0eafb0e0dee0f963b63ee564ac45f41b4b9472b4e28e91077998736187a507b526409a764483ab7d641b4b22d248d9ba829e2

Download Submit
C:\Program Files\Trend Micro\HouseCall\libexpatw.dll
Filesize
174KB

MD5
44cfe8a291e8ca812b9fe816636fc4e5

SHA1
dc17c179c533863d428fd5ec756ae54cb465098c

SHA256
e2dd3191b96bf310dd1ddc06aa146d5e7dbb9b9a96c92b600114ff863fdd19f3

SHA512
37d687911921ce77c7932e15d785608fa3cd16863f6f07ced5200d0ff10fa9f9f7fe425a57161eee012541ba4a64210a17a0bc22585032fcb45bec683d655cd7

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\AU_Backup\AuBackup.ini
Filesize
45B

MD5
205ffbb75e9d74087ef66ffb2ca9d667

SHA1
128dd7784d1956b86ca03de60f868a425e31f3ed

SHA256
46c375e47cd022310fd852a1b1f3f1b7e743c520dc833a8b8d1d0648fe7d9110

SHA512
8f382e3c6482b30dfede41376ee7c061abbcb81e928f00becc8cc3ee3980af3902980dbc4b0e0c118ba2b2695dd5c34e4abc2e8340ba1b850bd72c2870645547

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\AU_Backup\AuBackup.ini
Filesize
232B

MD5
13b502fbc4cb5a863f4fa10949c82576

SHA1
826900c7ec6f1e2a4f1c5dc5e899ef3b0f23fa87

SHA256
43b706dccd98cedc0f66d8f4845e1f5054b81a84bcdcb86aef9ad90d311b32df

SHA512
e70dbd21f0d41fc4308fc51b95475a1958423e93e1aab911d6c310aff657227a3b33fd1c493d998496d8c3fdd62f7b73cf2a9ba68e4142cec3f2cb5419f57aa6

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\AU_Backup\AuBackup.ini
Filesize
405B

MD5
362fe6c03ea63f33f0904f25c1cfc471

SHA1
54e98d2feb1c5691bcc0b68d0c9ae434424b59bf

SHA256
f1d55421a0ba90fa5df6355d6fc9c259e4149ce5032044cea9765c805ab3b529

SHA512
b8bb819cc0c03a6a4cf84810f6330a1e58f3914153e563c540cc4f18416709f7643037eb674351b30ded1ed7fc52ccbe4a560cd33a5518e24cace9da085f3e3b

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\AU_Backup\AuBackup.ini
Filesize
658B

MD5
ef0a229c06861ab3e0044bceefd4c914

SHA1
b2f16b40a80270ade102348466f4d3a4dc19dc55

SHA256
d5b2baf039e13db87e7e1715a9cf9501ea00b9e85d70f80028d3e0de64d102c8

SHA512
955ccd99b0dfc680c4a05e0703f56dc9383b5791c9133610284231dcee0dfc29d9d2277397a092c7056f72a3d91f5bba3e8509d64bc51e416f0bfcb90544a708

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\HCFrs.ptn
Filesize
2KB

MD5
20a65888044255ce6dd903596f400b3c

SHA1
54012e7972320a9b6a5225d9aa57324e6b23ef0f

SHA256
3a1087c0f26b5d264c8fac6f93ece5f88048f3d3bd23a94ba48bb69ec18a6bb2

SHA512
8d5587f75597363c6d15cdfe05fe3f191f01e93c6d547e6744bce6be9eb7be6f48b348b4c238f05c28cad409c113ec37951177b19e1be4694b3117e5678a54fc

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\HCPolicy.ptn
Filesize
2KB

MD5
981b0927e343beb3e326142980297cab

SHA1
0e0f8fbda99f362b4e004b4a416092219aff727d

SHA256
ae95cb4064b76640568f453d586349a0f6d5a30e0f0fdd96d0e69d3730bdc5d8

SHA512
93729f187004d7c6a820754690fb1fa5814fcdb84a7aa6603ea84dbdab65a0d10e58f308d1433cb249852ead06c0ed43d72e7393c4b26eb22e90c9e17b8a2841

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\ar.ptn
Filesize
388B

MD5
91e37d8f58d55d96c504c10f6d5c4996

SHA1
148472d8555f8468f24ff50181fe43902b28d768

SHA256
31b935dfbda19d274610b1f3e9b998a14f258efc06d30cd0515b1aa51dd26a4b

SHA512
5aafaac338cb76e3d68acf0cb34c0c4382e9c2594bdd03ad7db54f1b78b7c8d822920d7f5ab6efb1b0a6e36cf326975701b3d44c07c6c2a0c26319851961b76f

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\blacklist.in
Filesize
28KB

MD5
9dc526a28970b1bcb4fb72ce25f3aa44

SHA1
6a8f388a5ed12441abf35da515c410b93a1da7e3

SHA256
341cd8e62bb2d8aaf1e9aef7870de30791b397b6e279fd88467f3d3a1905d45b

SHA512
7c1aee65e4af73a943047ab90d78a68a02de1cf74ff81569579b137f699c1b145b53fedb9294994e597fcf396592770a83b0cbf353a27d88f1b44c2f7587a93f

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\crcz.ptn
Filesize
36B

MD5
ba8e7d7a0aa5dabb50852213a9ff357d

SHA1
3525d499c677c3e7426b8c36ba4ddd0929c7514c

SHA256
18857c679c68cbd6089c2756ca8d0ea9a3edc288d4f981cc28e8b8fdd97c5326

SHA512
98616d713a113d0bde2ff249fcf054bf59837305070490a72c236ba7052eb39f6a89c1306c636c2014bfc06b06229ce586f59e602e79ef4c26ff50d3a9275bdc

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\ptn$agg.102
Filesize
68KB

MD5
250d5ea1a2acf20d01540a2d2b94f5dc

SHA1
3a3ee852eed78c8c75c5b69cec8b56879c8cbb4d

SHA256
db8ea99d3b2a0bd61de31c750f4cffd249b5000c45430a2a8c741dc85e69c278

SHA512
aeb81ff992de5fa2d8301b47f658b1f1a8dd7c76f516db0a082c6660f7ab800457dcb949ea78f6f388b6f641c07169c31fbb2f7013169ee1ee0918c495861619

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\smvptn.201
Filesize
1KB

MD5
81ae58f0fb504400175f88509d83ea46

SHA1
2a1dbfcf73648a3fbd8ece0510d0d894a4f549b7

SHA256
33cca57898b8d6e6f8f3a97c9923eb23b3a435e47613af3b38c7efb31be4ff92

SHA512
f8453f355b0543de4335adca51a248d1c4d9adc263a895722e2a31fd06583ee4feb5d971cbe0f16024737c2252e8178bd82d9c04de0bb070248fa0643f2a9ac0

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\tmwlchk.ptn
Filesize
183KB

MD5
560b674bd75262517bfbeb97d1bad87d

SHA1
a2e9ad90d8fa906c4c00bf70cc5f0a803d9c24df

SHA256
db9712763f47fe9097910fd483a483e501081dc027f01e6919845233aafb81e1

SHA512
d62cfdc839cbce64be245fe82e5cb9870a098444248f2983f122dd33bd9ca6d14ce363d6a72d54a025ac7bc022107d5f24990fd5e725adab1e76770e8a30e76b

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\tmwlchk.ptn
Filesize
16KB

MD5
bcec03bbdc050b9cfac5a4a1e02226c5

SHA1
5547661ee80ea0e00e97735359d2433b06e04647

SHA256
aae808fad2f4ed0c19d14fa3e1cf7502107a5d62658826d0fb1460d46706d5c1

SHA512
b21a3901449e9b1caa2a2c2be46e972bafa456e13addc551081690089d5a45bf3feabcabbd837c99233d067ea9a3e22c1fcbd7284aa57fea542c3afb9066b902

Download Submit
C:\Program Files\Trend Micro\HouseCall\pattern\whitelist.in
Filesize
56KB

MD5
ea01710bbd9f988adc0ab09fad474d8d

SHA1
df2a277dca3e2cc0a663484c2385768e1615270b

SHA256
3d54863449b9033bf062b2ecf5df24bffa6cc3bb9fba5fbf335a08e8b196bbf0

SHA512
58cd153f291df5adc2de0dd9a9472ac5460ca25407819f09d888fcfe6e9ee1da1ea87f27f9ca16d818c728b51938b30bf745f1ab0b91089b416e6f6f07e0e566

Download Submit
C:\Program Files\Trend Micro\HouseCall\tsc.ini
Filesize
722B

MD5
643fda4cfc799fde33bf385b5da137a6

SHA1
052e3b2ba44d10de6a20ece2b38c32c4ffef60b2

SHA256
7df443f988958d73c90614c48deefe4e1e48fc90738142026a6fba23cd2f55e2

SHA512
67445355adc2f383094efc76707b22e641772e71a3d478853705d110c9308966016d0143c9c27678e55c45d8aa6856ff56d5b47d95ad293b5d450fe95c777cd3

Download Submit

pid	process
4660	setup.exe
4932	hcpackage64.exe.tmp
5676	patch64.exe
5700	housecall.bin