Overview

overview

7

Static

static

3

XMouseButt....5.exe

windows7-x64

7

XMouseButt....5.exe

windows10-2004-x64

7

$PLUGINSDI...md.dll

windows7-x64

3

$PLUGINSDI...md.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

BugTrapU-x64.dll

windows7-x64

1

BugTrapU-x64.dll

windows10-2004-x64

1

XMouseButt...ol.exe

windows7-x64

1

XMouseButt...ol.exe

windows10-2004-x64

1

XMouseButtonHook.dll

windows7-x64

1

XMouseButtonHook.dll

windows10-2004-x64

1

uninstaller.exe

windows7-x64

7

uninstaller.exe

windows10-2004-x64

7

$PLUGINSDI...md.dll

windows7-x64

3

$PLUGINSDI...md.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    10/09/2024, 16:41

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    XMouseButtonControlSetup.2.20.5.exe

  • Size

    2.9MB

  • MD5

    2e9725bc1d71ad1b8006dfc5a2510f88

  • SHA1

    6e1f7d12881696944bf5e030a7d131b969de0c6c

  • SHA256

    2240bf5fb5d80938b0676c46ef9f84bc1739c32f60c473ff85e530ae0eca2818

  • SHA512

    62bd9cde806f83f911f1068b452084ef2adc01bc0dec2d0f668a781cc0d94e39f6e35618264d8796ca205724725abd40429f463017e6ca5caf7d683429f82d39

  • SSDEEP

    49152:n65SJw48kZN+nCYk7c44+Y0hdwn4Km2A5aT/pVE0hYYajihV2Qso0SWMrboF:tfpeno4oY0QZm2dlNJsrHM4

Score
7/10
discoverypersistence

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 9 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Program Files directory 8 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • NSIS installer 2 IoCs
    installer
  • Modifies Control Panel 2 IoCs
    evasion
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Modifies registry class 33 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\XMouseButtonControlSetup.2.20.5.exe
    "C:\Users\Admin\AppData\Local\Temp\XMouseButtonControlSetup.2.20.5.exe"
    1⤵
    • Loads dropped DLL
    • Adds Run key to start application
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    • Modifies Control Panel
    • Modifies registry class
    PID:3012
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.highrez.co.uk/scripts/postinstall.asp?package=XMouse&major=2&minor=20&build=5&revision=0&platform=x64
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:916
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:916 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1560
  • C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
    "C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe" /Installed /notportable
    1⤵
    • Executes dropped EXE
    • Loads dropped DLL
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:404

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a43c0cf3ed1d59208ccdac500f0790d7

          SHA1

          515a5ca25c1f93e2f14c162942eff1d15793e8bf

          SHA256

          d21d6c7c1a965a1e0ec6b93dd3e4e3d75e339a0b8934c44c3374ee00c69d7bbb

          SHA512

          1b7b6295950a04dda5778403c813af0d5ba2f1a7289bbb7fb92afbbf49344824279d1be2576f13a3fa683f7110fe96db7874df2db5d58992b31ab91e4a8cd6fb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6e3a8850b86a022b6c281b6eddd71ef9

          SHA1

          2fcdeec53e45eb2310bd55cbef0ee17b2a56e80e

          SHA256

          1f283dd11837f15e6328fba10e86c0fe2a6d73b42b8f5b3f65bd776c774d85c4

          SHA512

          6dcc26518dc6886855249ba9679af83100dc115d404f234455f90500f3ebbf191e5ac22d43d6270eb92be05539152481fc5fcbfe756fef115b3dfc3bf3b71095

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2e09d08de9e5cba1a5577b11736d6fea

          SHA1

          475d65c07084d81bfb5fb2f01cca477e2f24614f

          SHA256

          264cf173a4ff19bd99995e7569ac446289a28d404f71779db3950ee1295b090a

          SHA512

          3323cfc8019458db45175f8c8cdb8dcd2b731d189785d90b811335ee6a90e4352ad34d896f39112b6d0600613e3a53edaa993ff03a0aab511082410ec3229dba

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3f36e1af6fb344a06cc267e279a0bb0f

          SHA1

          4f37060e87b16ad26b51a06993d129cb490164e7

          SHA256

          efe05f42d58830e008d883a6d8c52bba753216b660e4e0f3a0a26f7323708a71

          SHA512

          5061ec10e1bb0eb6b209796463ad02d37b5970c77a5594e52e8a38b5566af883ae2e8d919184af197738b3edc596c34a404ba410eb56402f2d7ba4aaf72dbe81

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1738958d84a0355dc8c9928957326926

          SHA1

          ee310108d04662338b2e12fa3c27bad4a9efc60f

          SHA256

          cdcbf751e49fc8ec37f4eb4c3b712b501b67f82e2d7de50073172908356fab4a

          SHA512

          fcd3fdcbf0d107d77159363d8a1235c93e1f072abeef1ec26da7e60e0b73898f2601e844fa9b64cbfd3d893ec7b6bb4d4dfc573675b33e577d3174ea2e40d773

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          14ded4d5d8c4b167adfedb6ccf82eb45

          SHA1

          3e86d37c0f190152f4b87905c578b45a6e61656b

          SHA256

          5e00c3b08b726af2a829f4962ad4ba1fee68b6927d80dd925c5654aeca53f2b7

          SHA512

          0e2c8ca003dc4b1a14644e572d79637430546ff5ee0f464bff43783366b92812ba2712d1704a2900e22d1925b75c6de2fb8a371f86e65758c0c2af28e0853174

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4ba3687f1c7d3778f2353e440b4bb53a

          SHA1

          558b526aff591f80a91d833187917c24db5059a6

          SHA256

          a051a186595603180fd8149c5107f8f5e757a28571d69cc360039e95b93a7ca8

          SHA512

          57c76344b56baa10237045980ed1996269f154aaa290629889ffadb94571616c5a1c21fe827fa7a1f7339a39256ac487a3fc5d7f7ff4f28485b700bc7ed4cf30

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c602699d38e5372922ecf4a0cba1fa48

          SHA1

          c14a1b94ee2f4eb91ab81dd64987070e6ddaa91a

          SHA256

          ce8c3569d2ad263cd825e9436ba72e83fddbe030483ed9630d9e28a69d2bfbf5

          SHA512

          cc0d480b87bfff7db2c94387fb0169a88e606a08cf6941ff1310129660f6734d71b9ed215bf1f4ba260262273b7a44b0ddef643fe10bf79696c0daf49ceab071

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          28c998380cfa19fbf272c0264bdadd5f

          SHA1

          cfc7c5b4f797cae64a4c2a0d5728e684f9cad146

          SHA256

          b3dc0d6f6c04c7b46ecae76ce67b5cf16dedb087c1f2ff2569b1efc73a03cf12

          SHA512

          87fdc7b64a9a5204b818eed6bc7ba444cc78654e32d394b07191c27c7682066af9457e203252c90f99b1af9b697dba979f6fc1db42c046ff117808accf02eae7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e080d027829b18cecccce4667dde6896

          SHA1

          64fa451a1397cf9008974476878fdf42042f8d67

          SHA256

          3afb1a99296cb50da4174bbfc84c40d7ae85ec3d142b70a839f5642255867aa0

          SHA512

          e21c8d18cb74e095e2cbb21757f1f55af46e45f04643a375d77a2540d0e3a40569b1cf5979dd6123868f821dc35d5ac4dbe6d085b4994c6b3d47b0474728c0ed

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          83234f77af26486d90eab08b22136bef

          SHA1

          740ec624f2893a3a1dcf0a23ae4c3866b17cfad2

          SHA256

          5a01aef385be0975b01b64e773ecc935e3b4a75eca1b62d3fc194ea9b49923bc

          SHA512

          8296002862822bbd9421113f0accfe23793bc28ed12aa9dbd5b08f4c6724b8a12fabacd140f0004013aa025e57f2edc794973dd41a920489e15396004cee1c4d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4fa5f11a256c95b0d2fd109d69d8a17b

          SHA1

          a9ca65b9a177d7c555bc8458578f36a117d471d0

          SHA256

          22eb982a68a071973f396d2604b3257b45cb509156a20dd8d503b02997e0e81a

          SHA512

          b571a032a6dc15bd4ad0821e854bdca9cfc787dbbb1319898ba33d081b3b2418c1a658699421e490e07e04a4e8ab1cd630ffd5cccbfc047cb396173253e7abe1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          563287dbb4f2081bb9530180da42128e

          SHA1

          cc287c5657c0e5c9027f250f787ee76442ccd212

          SHA256

          a7a81082eaa86130ff42ba98c58f6456299cf1f07b47af812fc41be7af331fc5

          SHA512

          bfdf2422db2d2624d14403871cbe7c1d9dcfdea4414eaab4b312b5fdc401a12504e462199f596927eb73ef036551a9f013d510afa769ccae4df68c41c2c74f79

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          93e7fe9f94ef53ccf91d4b5dc65c87da

          SHA1

          d796fabc9cc2edb0b5b4a5e214eeb2b1ae88963f

          SHA256

          11d3b7c9d99ee476c03a7e42bfb737a11ea3ce9e58c587e9d6da05d04d7af1b0

          SHA512

          c63d02d679df336520d49c4e7b8edf1380a9dc581f808d4e3f5e14397ab8d26400f45537bd1ba35a7f9aa7c71d4aea6cc4137062c60594616ac14d98f37b34a8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dc6ccdb8cdd39084828aba882f9c1ad5

          SHA1

          43cc3086001dd2c095556148904f8ef02e10c53b

          SHA256

          1341dcce8f7734340bf03be4e797269721a3d6329072c7a231490b0073b8cbda

          SHA512

          9c588a04862b8fd38cc158a827ef4229121e1c27c9abc5d3d8c38837453496f7ac8028d9a8d0c31d892ec6169e0926f3a20352f3b5c7b3e85c3bc1a4879fc386

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a556f86624da7535b3b490c2fcdff680

          SHA1

          5b61d7fa16be53cbaa51f84ac8e490eb990aae20

          SHA256

          d440e4a7b1c14266b62796bac54a869f6368074e423b362f3477c521f5132d53

          SHA512

          6106e7b63830bb4e6b5351b7bcbb1b1152833ba3427afea2b3b286169bd5266adab832c55741bbc0ae41d2c041d268376e1b86c517b6bab3ececd8fbdc343fb0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f38f07ca1d45073b2b6092778589df63

          SHA1

          b7725eef5cdd0e3b6eeb3c6936fe300d2aaea6aa

          SHA256

          3b18b375dfa9703be5c3749e37f78ba0bbbb1e31def3c159a35c5158772d36a3

          SHA512

          3c747ef8c47bef7fd24fdf9ae4c75ef5c613449e9fb6623ec87a20a9cb5c2c45d0c08714024b813b704253a81bae35ca61269b56083e69cf64ab3d5533b4394f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          15290f3745d883daa40a390137154e12

          SHA1

          6f3765f25d7248c55fdd8d33100339f4237c0715

          SHA256

          56778d97158afe7148c815a455e3eca289932170ef30aca23b971cd4c1a583c9

          SHA512

          7d444035e4daa1520189a87ff4f2f178030f19d6a4f49659f8e218bd83f29b4a4da25c86954cbb5cb8cc88592e7363eef1c83622496885d576c640f08227945f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          51c08edc6e407fa43813021eaa417cc7

          SHA1

          fba4ae6e017dc4adf3e44bad1fbf7fcdb4c149ea

          SHA256

          23b451337ece05ae8ff622f746f78881e15ffb83bc6eec023b06b867f6057877

          SHA512

          a1b0aa33d43f374f924aa3aa01e89821e1974173925e99470c4d187c363559fabdb630cb134b78817086237753135043b2f8633bae4891d03d5685de1c0a6ec2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f21ffb34b14672493bea74aefbc80adb

          SHA1

          0cdbfa8ce7fc95f046f565c65bbd27f6b2243d98

          SHA256

          3dfc887a3e00e39c13b942a4569b37711e7b4dc00522f31dafc02f42e79e60a3

          SHA512

          3dd6e69ad77a5c0593ea4de0eb473407bd9c7ec35e3863a4a78e084f26056f845bcf0a1ba81bf7262a9ba1b991a209ea484c42acf862f23166d1673ec5cd257b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f5713ce7b29a82b525b34f0eb2860f1d

          SHA1

          c5fd95b4837a839e936c4647d7d6947ef241fc19

          SHA256

          6a589cccee0430f288173773efd1738d12e17b76c801ea9bb956d472eafbcdc6

          SHA512

          992fa4f4f8d5c6a38ec51b8caa5c745138dcb61b98f8874d95cd363237453da2b5ce39c6737ca42f3ea3ab4a2dbacc28a94e13c40ccf8a3ecd3faba35e624980

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          599a01c8eee8d6f004b028f200b6b266

          SHA1

          c708c04f3e23fbdea43fc1dc5006d1766371d313

          SHA256

          b05ee1fbed16bf10e30ccea6c97cda5f885d14a8293e75547e5513fa301017ae

          SHA512

          98b2c99a91b6c88648b88b96c2425ae7d428246de76d6268cf345550c16b8ea749a24190b106fb9597875d95cff657d1e7cb211ead62432aab8dde7bdc972204

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          54cbd756ac47d6e368e862423bfdfcb9

          SHA1

          05fde7499a9871432c4223f980e0cfa328ccab93

          SHA256

          92b7b07e20311e5276525b910adf32194f888157dcfde82968059329a17a6282

          SHA512

          11d878bfdc2f38a04916881c25971b0999f85fb79f86c92eedaec75df701049b65334983f2dc3fffb6ee2463ce19fd162f8bed42fa389bc05ce62a3cccb15410

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2b7d16b6c4efae87f22b34542b41efe3

          SHA1

          c3d6d38966a2d6ca97884410a2fb0769e1db5d57

          SHA256

          d101562ec050dd90c3719c147e308c820ebbe74f3b1bbf8ed9a16d876f75d7ba

          SHA512

          97b6030d4a210d529dc8ca6fb16fc800bd1429843fcb47629fc4fe1692a4f4880ff6e1e4651c0b23be09c750d31914deae32e1f9ecddcc75a08735ba0e52bbc7

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\guoemn1\imagestore.dat
          Filesize

          3KB

          MD5

          63b6a2f2cb263839b781b092498e3101

          SHA1

          22d83eabe842969a9fb3821cb05b24fe38fd2a2d

          SHA256

          75e5b2d8b74c6cd66b2e3dd605ae61cf8cbf6ab9f9e7499f68aee769b69bc78f

          SHA512

          1c60aade81c8fa47e9c7e9f7b8b599c30a8678af59a6eae5ac47821dd69e0737e8681e405c92a850ef96fc3caede7a0d493c5278c4125368358ea69273268b16

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB0KZ1Y4\f[1].txt
          Filesize

          181KB

          MD5

          92e6e79cfa3c5c300cc7267148df048b

          SHA1

          341f4e6d3bbcb98ec3ce7b750c531ed09a48a744

          SHA256

          628cf358f651bdb936bed2350173754b430cff114d7346ce9181025ecd01e0b2

          SHA512

          7c3ded140c79832be8514be865578ea79d149dae4bd4e069eced8de3205d1081d6d9a35d7b203cc6d8a3a776f37d2b69c49d520aa38d1c35584645d758557aa4

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WUBCGJ0A\xmbc[1].ico
          Filesize

          3KB

          MD5

          1279bf31d9659ad2017369ec1b90473c

          SHA1

          0f21c5a8266c36af7909118899e1fa07590f2df8

          SHA256

          74e3162830413f502277c221381f07b34d77a155f5cbeca379e1a4ffc29af116

          SHA512

          18ab594628c7873c56a85cc748585a3422f06d3f3ad70e5d33e86bed8bb9595d43513960731db89820d89b2ed950b48d6b891dbda768164f968ab06f5a86c277

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabB695.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarB6B7.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nst99E1.tmp\ioSpecial.ini
          Filesize

          696B

          MD5

          23739b206b14f54e941864d4c53be82b

          SHA1

          1af98d0ec163564d4224a0e5b1a1539bd38a2d3b

          SHA256

          87db48206d67c2835d2a0ecf160c3ba2c33c737c55f82e2310159cb6d8f434de

          SHA512

          78cd0d439bea206c04d02f15d465f1aa1a581914f4274fc779a468ec1ccb0301a9159cd3c0b0801982e17dd651c46163450a3159be071e69c3e2e0fd9888b4a9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nst99E1.tmp\ioSpecial.ini
          Filesize

          709B

          MD5

          1cc8bb5df5d3fd4ebe383f0694d80e90

          SHA1

          4ceb3b12f84e06dd2a52605c895d72c4eca3be9c

          SHA256

          049abfe8da7751bc54a896c59510990d95d6e9bea23f0da7e527486e19159680

          SHA512

          20f795cbaf881ef340847339ab8edd1029de44523c79f9450594d4268918fadbf2d6c2a026056ef39b32b7141314f172a7cc3d421ee7f53c4bc4c26d34000889

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nst99E1.tmp\ioSpecial.ini
          Filesize

          726B

          MD5

          4e3a630ca53fc29b479a71468a0a05a9

          SHA1

          e136728531ad831fc6df760b758960042f739160

          SHA256

          b3e34491bfc18e8ace720f6d1b3de7b3046fc80b9e630810c59a781c4c0ce369

          SHA512

          514b34e958dcd4688100e3668a2d80ea6008f077511b84d6326ea928ad8e9a36f67a99b83f66a3eb2d7f8e961d839dd4ee23533b37f6cd29273f81a17d694c67

          Download Submit

        • \Program Files\Highresolution Enterprises\X-Mouse Button Control\BugTrapU-x64.dll
          Filesize

          364KB

          MD5

          80d5f32b3fc515402b9e1fe958dedf81

          SHA1

          a80ffd7907e0de2ee4e13c592b888fe00551b7e0

          SHA256

          0ab8481b44e7d2f0d57b444689aef75b61024487a5cf188c2fc6b8de919b040a

          SHA512

          1589246cd480326ca22c2acb1129a3a90edf13b75031343061f0f4ed51580dfb890862162a65957be9026381bb24475fec6ddcb86692c5961a24b18461e5f1f0

          Download Submit

        • \Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
          Filesize

          1.7MB

          MD5

          bb632bc4c4414303c783a0153f6609f7

          SHA1

          eb16bf0d8ce0af4d72dff415741fd0d7aac3020e

          SHA256

          7cc348f8d2ee10264e136425059205cf2c17493b4f3f6a43af024aecb926d8c8

          SHA512

          15b34efe93d53e54c1527705292fbf145d6757f10dd87bc787dc40bf02f0d641468b95c571f7037417f2f626de2afcd68b5d82214e27e9e622ab0475633e9de5

          Download Submit

        • \Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonHook.dll
          Filesize

          1.0MB

          MD5

          d62a4279ebba19c9bf0037d4f7cbf0bc

          SHA1

          5257d9505cca6b75fe55dfdaf2ea83a7d2d28170

          SHA256

          c845e808dc035329a7c95c846413a7afb9976f09872ba3c05dfa5f492156eef0

          SHA512

          6895a12cddc41bf516279b1235fca238b0b3b0cef2cc25abe14a9160ed23f5bde3d476f885d674537febc7de7eb58b0824d96153c626e1563a5a8a1887fb5323

          Download Submit

        • \Program Files\Highresolution Enterprises\X-Mouse Button Control\uninstaller.exe
          Filesize

          74KB

          MD5

          bfffc38fff05079b15a5317e279dc7a9

          SHA1

          0c18db954f11646d65d0300e58fefcd9ff7634de

          SHA256

          c4e59737ffd988ef4bc7a62e3316a470b1b09a9889f65908110fba3d7b1c6500

          SHA512

          d30220e024ac242285ea757006e7da3874e5f889951de226d48c372a6a8701b76d4a917134ecc1e72c6c3a8d43444762288e7134a25d837e9f43d972675c81d6

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nst99E1.tmp\InstallOptions.dll
          Filesize

          14KB

          MD5

          d753362649aecd60ff434adf171a4e7f

          SHA1

          3b752ad064e06e21822c8958ae22e9a6bb8cf3d0

          SHA256

          8f24c6cf0b06d18f3c07e7bfca4e92afce71834663746cfaa9ddf52a25d5c586

          SHA512

          41bf41add275867553fa3bd8835cd7e2a2a362a2d5670ccbfad23700448bad9fe0f577fb6ee9d4eb81dfc10d463b325b8a873fe5912eb580936d4ad96587aa6d

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nst99E1.tmp\ShellExecAsUser.dll
          Filesize

          7KB

          MD5

          86a81b9ab7de83aa01024593a03d1872

          SHA1

          8fd7c645e6e2cb1f1bcb97b3b5f85ce1660b66be

          SHA256

          27d61cacd2995f498ba971b3b2c53330bc0e9900c9d23e57b2927aadfdee8115

          SHA512

          cc37bd5d74d185077bdf6c4a974fb29922e3177e2c5971c664f46c057aad1236e6f3f856c5d82f1d677c29896f0e3e71283ef04f886db58abae151cb27c827ac

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nst99E1.tmp\System.dll
          Filesize

          10KB

          MD5

          56a321bd011112ec5d8a32b2f6fd3231

          SHA1

          df20e3a35a1636de64df5290ae5e4e7572447f78

          SHA256

          bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

          SHA512

          5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nst99E1.tmp\nsDialogs.dll
          Filesize

          9KB

          MD5

          f832e4279c8ff9029b94027803e10e1b

          SHA1

          134ff09f9c70999da35e73f57b70522dc817e681

          SHA256

          4cd17f660560934a001fc8e6fdcea50383b78ca129fb236623a9666fcbd13061

          SHA512

          bf92b61aa267e3935f0ea7f47d8d96f09f016e648c2a7e7dcd5ecc47da864e824c592098c1e39526b643bd126c5c99d68a7040411a4cf68857df629f24d4107d

          Download Submit

        • memory/3012-232-0x00000000028D0000-0x00000000028D2000-memory.dmp

          Filesize

          8KB

          Download