4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1

Analysis

max time kernel
84s
max time network
16s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
24-10-2024 20:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Size

39.5MB
MD5

1bed0a495133dd4d6c9efaf7e71f8ef3
SHA1

a51a1d258b5cbcc93916b5eeb0d530f4b3bd94df
SHA256

4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1
SHA512

837b68de2f66e91fba29c394e4c2e4b91d735e5f9433178e95d6dda50d6f49b5d9dae43832f331e8db40b3e24b876daa8a0303d8d9cd9a6d55e758fa644b3b05
SSDEEP

786432:6/nK0CES7y1AT0JtGJSe1mSxFiOAlUrkku2ekYycaUbAV72Fb6XOSNpeeWZfKOSb:6fK0U8TA0SXFiyrkku2BYyX378b6FNEs

Score

4^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libvc1_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libflaschen_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwasapi_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\http\requests\status.xml	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libshm_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\locale\am_ET\LC_MESSAGES\vlc.mo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\playlist\jamendo.luac	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\access_output\libaccess_output_dummy_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libx264_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmicrodns_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_out\libstream_out_smem_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\playlist\vocaroo.luac	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtextst_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\video_splitter\libpanoramix_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\mux\libmux_asf_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\http\index.html	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\modules\common.luac	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\playlist\vimeo.luac	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libstl_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libgl_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\http\dialogs\offset_window.html	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libogg_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\http\mobile_equalizer.html	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\lua\http\vlm.html	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libgestures_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libreal_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libftp_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibmpeg2_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\locale\an\LC_MESSAGES\vlc.mo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libgain_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libt140_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\locale\ms\LC_MESSAGES\vlc.mo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
File created	C:\Program Files (x86)\VideoLAN\VLC\plugins\access_output\libaccess_output_http_plugin.dll	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe

Executes dropped EXE 2 IoCs

pid	Process
1616	vlc-cache-gen.exe
2704	vlc.exe

Loads dropped DLL 64 IoCs

pid	Process
3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe
1616	vlc-cache-gen.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	vlc-cache-gen.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	vlc.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.wtv\shell	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.adt\shell\PlayWithVLC\Icon = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\",0"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.spx\shell\AddToPlaylistVLC\command\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\""	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.3gp2\shell\PlayWithVLC\ = "Play with VLC media player"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ape	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.dv\ = "DV Video File (VLC)"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.rpl\ = "RPL Video File (VLC)"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.rpl\shell\Open\command	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.cue\shell\Open\command	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.zpl\shell\Open\ = "Play"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mka\shell\AddToPlaylistVLC\ = "Add to VLC media player's Playlist"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.w64\shell\PlayWithVLC	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.669\DefaultIcon	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.m2v\shell\ = "Open"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.m4v\DefaultIcon\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\",0"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.m2v\shell\AddToPlaylistVLC\command\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\""	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.zip\shell\PlayWithVLC\command\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\""	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mp4\shell\PlayWithVLC\command\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\""	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mpe\shell\AddToPlaylistVLC	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mtv\shell\AddToPlaylistVLC\Icon = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\",0"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.wav\DefaultIcon	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.aac\shell\AddToPlaylistVLC	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.au\shell\AddToPlaylistVLC\MultiSelectModel = "Player"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.snd\shell\PlayWithVLC\Icon = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\",0"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.snd\shell\AddToPlaylistVLC	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.flv\shell\AddToPlaylistVLC\MultiSelectModel = "Player"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.m2ts\shell\PlayWithVLC	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ts\shell\AddToPlaylistVLC\command\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\""	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mpeg4\shell\ = "Open"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ac3\shell\AddToPlaylistVLC\command	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mp2\shell\AddToPlaylistVLC\MultiSelectModel = "Player"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mp3\shell\PlayWithVLC\command	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mpeg4\shell\AddToPlaylistVLC\command	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ogm\shell\Open	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.rpl\DefaultIcon\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\",0"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.mpga	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.caf	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.nuv\shell\Open\command\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file \"%1\""	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mod\shell\PlayWithVLC\command	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mpeg2\shell\PlayWithVLC\Icon = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\",0"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ogx\shell\PlayWithVLC\Icon = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\",0"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.tts\shell\AddToPlaylistVLC\Icon = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\",0"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.pls\shell\AddToPlaylistVLC\command\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\""	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mod\shell\Open\ = "Play"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.wpl\shell\Open\command\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file \"%1\""	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9BE31822-FDAD-461B-AD51-BE1D1C159921}\InprocServer32\ThreadingModel = "Apartment"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.ifo	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mpa\shell\AddToPlaylistVLC\ = "Add to VLC media player's Playlist"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ogg\shell\AddToPlaylistVLC\command\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\""	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mp1\shell\Open\MultiSelectModel = "Player"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.m2ts\DefaultIcon\ = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\",0"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9BE31822-FDAD-461B-AD51-BE1D1C159921}\MiscStatus	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.drc\shell\PlayWithVLC\ = "Play with VLC media player"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mp2v\shell\AddToPlaylistVLC\ = "Add to VLC media player's Playlist"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.vlc\shell\PlayWithVLC\ = "Play with VLC media player"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.caf\shell	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mtv\shell\ = "Open"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ram\shell\Open\command	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.rec\shell\Open\command	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ifo\shell\Open	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.aif\ = "VLC.aif"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mpv2\shell\PlayWithVLC\Icon = "\"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\",0"	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VLC.m3u\shell\PlayWithVLC	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2704	vlc.exe

Suspicious behavior: EnumeratesProcesses 3 IoCs

pid	Process
3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2704	vlc.exe

Suspicious use of FindShellTrayWindow 3 IoCs

pid	Process
2704	vlc.exe
2704	vlc.exe
2704	vlc.exe

Suspicious use of SendNotifyMessage 2 IoCs

pid	Process
2704	vlc.exe
2704	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2704	vlc.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 3012 wrote to memory of 1616	3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe	30
PID 3012 wrote to memory of 1616	3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe	30
PID 3012 wrote to memory of 1616	3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe	30
PID 3012 wrote to memory of 1616	3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe	30
PID 3012 wrote to memory of 2752	3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe	33
PID 3012 wrote to memory of 2752	3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe	33
PID 3012 wrote to memory of 2752	3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe	33
PID 3012 wrote to memory of 2752	3012	4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe	33
PID 2944 wrote to memory of 2704	2944	explorer.exe	35
PID 2944 wrote to memory of 2704	2944	explorer.exe	35
PID 2944 wrote to memory of 2704	2944	explorer.exe	35
PID 2944 wrote to memory of 2704	2944	explorer.exe	35

C:\Users\Admin\AppData\Local\Temp\4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe
"C:\Users\Admin\AppData\Local\Temp\4599f5d504c127f7e2ee391f06725461b9b761492c72ac2eb98f2429f04ef5c1.exe"
1⤵
- Drops file in Program Files directory
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3012
- C:\Program Files (x86)\VideoLAN\VLC\vlc-cache-gen.exe
  "C:\Program Files (x86)\VideoLAN\VLC\vlc-cache-gen.exe" C:\Program Files (x86)\VideoLAN\VLC\plugins
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:1616
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe" "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"
  2⤵
  PID:2752

C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
1⤵
- Suspicious use of WriteProcessMemory
PID:2944
- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
  "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: AddClipboardFormatListener
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:2704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll

Filesize
2.6MB

MD5
e25413bb41c2f239ffdd3569f76e74b0

SHA1
073e2a86c5c24ede4c4ad2d8614261121a8d2661

SHA256
9126d9abf91585456000fffd9336478e91b9ea07ed2a25806a4e2e0437f96d29

SHA512
37b8339555dcf825a2e27464eb1d101f8e4b56460d1b78161e99ba6761f1a967668f11ba888a712c878d468f419a455dbc5e8e55e7fb9d4fbc87cb78f500ea9f

Download Submit
C:\Program Files (x86)\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo

Filesize
599KB

MD5
41484238fd2cd10024f73e1889cbe4c7

SHA1
498a201ca5e3ba9f1acec41f7d8ad1d88158e0ab

SHA256
03bd7223d62ce468d870e147ee617a0dcc79cf32148b8edcfd16ae83ff70b6d5

SHA512
cdf79607a993ccde7b5ea1931c24f90eb86c57ee49806949d2663d49f360995f054abb480afd9f449ae6f9eab662ee977b1c0caf33a9d7b22521883a0be528c7

Download Submit
C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_concat_plugin.dll

Filesize
33KB

MD5
ca67f21b2c6ac2f54d893ea213aafdb4

SHA1
dbde7bc732ac47a5a209da3bada4c177a7f83449

SHA256
1f7e5c42a642e221d78609329e7ceecbabc9bebc53fd5e9384bc03e0b56c6954

SHA512
7dae69aa189acfd56c6358c90abc78043073c10d8b6a24864fc4ca5792cada8f7e07f0b27249019a919feb9d08e31716e9e0f59d8bb39f059f34acfce76bcccd

Download Submit
C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll

Filesize
96KB

MD5
17b8ab424afa2738f25142865d3f1a15

SHA1
c44e6b70ff7cd3862f93d1be0eadf6d83a7319ce

SHA256
2f809273c584a698b37b59d9575b6e4c67f8695e14c8d2174f1073b68c2830fb

SHA512
50dda5bc19f7f7f6e5c55447589e4adb5e265db7dad8df46eddd8e3e956f97320aa206b5ef37d183d01d0c3e9e6538623032fde6466e3846ea58f6fe5e3acecd

Download Submit
C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_realrtsp_plugin.dll

Filesize
133KB

MD5
26a6bb2514acaed1cf6ac888fe52feae

SHA1
1b99be850dbf45325a8b1fd03bb326c4add2912f

SHA256
9d2a5c3ca02c68242e642dd65ef34621f2aaa326e8889b57a4287b6ff82c5974

SHA512
943046018a71c9a51c6661367e1b7c37b9c333e24deb819d4009e56099057b745ad04ec05fb367900a117fee131d64fd141a1e0596da6aac5aef7b5d7d51f734

Download Submit
C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_srt_plugin.dll

Filesize
3.1MB

MD5
e67ddc7e94d11b85a1f8caae43abe840

SHA1
592070ecd36feee3e48af70afe1f5ab4890ceaa0

SHA256
89410ec3a6270b5a55742e6a857067e1a1eb761facee4637fc12f42f160c0464

SHA512
a3b1da6a6db1ed5b92183a6c95e26de424dee7d3a210cb2883b3a0048c86eab621e648e6bdbfedc0ff9620faf836cf2f2cdcaa2836d68a2ff67ca1eb785b5cc7

Download Submit
C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libsdp_plugin.dll

Filesize
29KB

MD5
c09e7ef960749c414d2b8e19395923eb

SHA1
5e28f3f85ef67a61887e6d05ea659b2ab9213dba

SHA256
e11c738112e75945e8cc5dd52d05d63e3d58290f3aa9a1d529d2c96ff00e0136

SHA512
f60426f324303144e854af47c0b9200d40e234d93c15fcb5710d375d7066a866eff927e7581a163a08d8b33ee2760a771fdddb34fc9e6001de1aa2349b15d0a0

Download Submit
C:\Program Files (x86)\VideoLAN\VLC\plugins\plugins.dat.1616

Filesize
307KB

MD5
0c7e38f6db2e59b7f47d03ead44fa0cb

SHA1
70ce6ec0acf1ef5fd9353aa103d412edb03f0faf

SHA256
0950bd3b397340684e3197078c2f1fb5f1d81470dd6018fe585ac33e05503c9f

SHA512
7444e264bc74c4e7d68e17d7f2df8c55b317d7ff33b660258ae9ca0d0dcd795ced6cce8f865f8fb7d6c50b828da485eefa3ebd203aa98544e34a15b55aff6e2c

Download Submit
C:\Program Files (x86)\VideoLAN\VLC\uninstall.log

Filesize
21KB

MD5
8d0d7a4846a6c8431d99dfd305585842

SHA1
07e7d4a17f95743cdcaee69aa7dd04a14058f04b

SHA256
ded9ed3ee841ff900ffef0aea5f2bca6faa928a1917d835e70ba2e8619443112

SHA512
05eb8f88b2b33f86f1689db2495ee9bf3fd259388b7fe9da913509ebbf888e4eb5d6e1a53d5bc68bb179eb17f625ed2978576fd52dd6b354ebc2624b40776bce

Download Submit
C:\Program Files (x86)\VideoLAN\VLC\vlc-cache-gen.exe

Filesize
130KB

MD5
ae6bf70a10b13dcf06fd03561100876c

SHA1
fb1dbce6377201c843f595e7519f67ec32a43f1c

SHA256
8feae462c5df99da274b11eba9e16169fe81f0e7225e894dcdb7a87aeb5ee4f4

SHA512
743203d8b8167fffbd5317e1b45e77dfd5744b5adc95763e84607402ec99a66c59aabfb4a8f63d106b17994c602113aaf48cd9df1903080b407e874f80bc2592

Download Submit
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

Filesize
938KB

MD5
c24a1f4d433c4a2059b6e5e5898fc130

SHA1
ddf3ad54e3e39decc625dfa008cf92d8c36eb38e

SHA256
f7372cfa4a90cc5df778cf647dcb22ac8bdfd738d9374628615f580658851c0a

SHA512
989497b372b534357e98521fc074f7fc6538ac6411377dd198c6086830178bbfd9b61e23595588c825d7c9ef8346dea7e5b27052a53538e87236534e66304f11

Download Submit
\Program Files (x86)\VideoLAN\VLC\libvlc.dll

Filesize
172KB

MD5
96214b94b796bffc48d63289854ae5a2

SHA1
383bde4b3a861d47794aa4f03479a48c10a644dd

SHA256
528c416cfb4813ee5f1da52743ef4adb20043171230098b27e25d1dd90e3f288

SHA512
5243dd7153793ae33c3a25f2a92579c4e31813545680de9a0abab36e61d42655db4796a6f47606b47d6dce0d3f47754fd29fbfd18b973b029df0c543915750f3

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll

Filesize
65KB

MD5
3413bfbd579a9cd084469694f40ac3d1

SHA1
527481b266bf68276b8781844df029d5bdfd709f

SHA256
cf5ab04438caf1cbac9e3a04a98165f45c7170d164e470566ee93be853f86e55

SHA512
2205014a9a10585995d71c5d583d26de2ddd370170d8c3e8877f274cea7a5298a0188ffaec39000aaf1b7a99785237cbe4035846e6ea8029d9c60a69e49d3b22

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_wasapi_plugin.dll

Filesize
49KB

MD5
9252f60823ac999066b503ef52530017

SHA1
57aa62e77c31277a2d6f17cb2aa6b8de6dbd6af7

SHA256
5edf5db9178bb36f08388108a43def58987b3fa54f1bca1ce5910b5af88f0258

SHA512
95578b89c8912b3ecb38d8f41a05bae7940949c154f77a14b5b4f6ae59fd2e520d03cf1a7d794667cd014d6029bacc9eb619c5f626011b364aaa706aa7395f95

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libattachment_plugin.dll

Filesize
30KB

MD5
ee5fb8c20efb13d97a3aae204a01b168

SHA1
c7a0c4276d92a390ef51fcb8f6cd07170bcb85f2

SHA256
9611d0c5bf27171193f8308818e9d39db863276b37538bf72c0cffb6c1b83907

SHA512
aca28ef7ad86956f6d4cb34b6b31952ed450648d248391f86411d4730d5c628cd4108b840675df42bab8e7bce015b968342bad17302a3f2b525832ab2a20f0f9

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libcdda_plugin.dll

Filesize
173KB

MD5
0b33cd31407b20cf5bcd5820a13b611e

SHA1
2aec9166e3462162de68dd7020cbb83ba749aac5

SHA256
782652f535438116fe56bfb364a9610afcfb46759e804fe2fbb0e5825a5d834d

SHA512
774890f359f4283955fa530d141c62919fb45677bff24dd3532189df0af88bb602af50bf56a8c61cd36f821eee5d065cdd43988743f8a58413ceaa6f3aebdd27

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libdcp_plugin.dll

Filesize
2.3MB

MD5
f5a7312349db859c634be1d1066bd47b

SHA1
649af2bf52919fc2f7834ce52766588865358e96

SHA256
5e145ff22689aa0baed79fe5426d61c2cfa324c3462ed3ce1935190f59626325

SHA512
15a7bf85360be28fe68a4a48dfd9b2fc4d6179b9482e9504436a9b3af6de15a2af41f4bbbe8cf63924cfa64174f79228c5b769f6622d4ff1cec91db8725bf473

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll

Filesize
895KB

MD5
0f17254a1aee63d1e5fc5eaf38f2c346

SHA1
b90e7983b561bdd5f4c537262ab188a639c9dba9

SHA256
461617fa263027fe87fe97df455a795500766691ecf20a72ff88546fcbbff036

SHA512
452f5b66455180192d80232c58de6c9559bb3ac728fafec4cf352fa39871b91cf437a8c1d4789ee0496247ad08d6ded7b99748094d1f840f2e35bb46985b1e8c

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libdtv_plugin.dll

Filesize
871KB

MD5
118866f3cbefe8ee9652e8fc23283451

SHA1
6d5d6236131a5c1680cf70a63e8f011faa5df8c0

SHA256
9929e82b56a8675fb723ca08caa7e88a44e8ef8de852bf06a2742f39ffc57519

SHA512
42f512b0301acd4ad16cecbe1646886eb88449e5a7607f5194ad54f81a8682fbd4661e4ebd6f12001006cb404281d8de015cba17aa3d1e71c756954f3ee12b4f

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll

Filesize
216KB

MD5
b6f19759529be806fcdf6e9e323bfc1a

SHA1
43473cf94f3ead7174348c8b4928942eb6e50951

SHA256
a729f2ef61f8f1682ceef3942bb35663ee1d589a285ff4b3170c32ae393dcef4

SHA512
14c3a63e897750bc384be7937fe39419ea817a701c7f7f76f760ece1cf4ad9067b33788c7d99d3245015a046875917514e9cc1a5449a0bf07721fb46a0b03997

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll

Filesize
153KB

MD5
d111da1de38a1c1ccb2e33d4fb5129c6

SHA1
d62b3063568ddd932d0df3a8e5cddab3f90160a4

SHA256
2c5059769e1a3f8f5798564a93b302efe83171546925d2307552f5f09eb00210

SHA512
fbaca4f3cb9c32b93ae2f0afbe33e156d60a42bbb587386984690c6bfc7fc3e7bd447dde106b665b634e0175335bb3f148ad8263d31ca009539ffc321c2ec338

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll

Filesize
59KB

MD5
8fac15d2a2da66abdf345afa45ac5e3b

SHA1
553d4c9f39726d8aadb15fed7c904048928049e0

SHA256
66ef741a9282b420b09b940fbdbf666cd1625a8da18daaece036fcc4e1a74d38

SHA512
f756e3b3368245d4670cf0f86a6727858e3ead983b3e10c11d9b13e67d86b632703f44df70e648bb8edcad295744c763a268f4eb02ace0055405c3e9af124548

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libftp_plugin.dll

Filesize
114KB

MD5
298d726f80a129fcc5c7977f19c52dce

SHA1
de21b92cecfefd2145dab2e271ab0dacb79fbaa2

SHA256
ba59f6c184cf50e612a4f739984ccfdb058aa5054b0ebb0f177c14be5317e2d4

SHA512
606175c38176024edec4e421979c11edbc9e0722b9ea098f0ea9bfa184bff182cd3f233146772a79df363c564cd910f41058737fd9ad17b847588b1ad079a29d

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libhttp_plugin.dll

Filesize
65KB

MD5
78678e6a4e4a80b6eb55d07113091e1d

SHA1
ea56323cfef16e1881794d237f0ac7251c609343

SHA256
eab3fbfc93ac60203d7996156561508054532c2cd41797a1594fdf528275ea69

SHA512
f5e568652eab55eeafef00595b6ad9f1f31b1f48d6e50ba8f6da02cd14eaec2d834bba15a97e633622fb1b57535381680b84d56106d100765245e5423b61bbdd

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libhttps_plugin.dll

Filesize
138KB

MD5
7e37720847c68bd44b3a49a558c89c7c

SHA1
1de002c62c7136b50bb58741f548bbc0727d202b

SHA256
5928ec4200d4f77e7d9c8df8129dd601034eb9ad26e591b14861844206367a67

SHA512
cc0329121d6bfa07a91f6787e6e7794b3dd5a97a6fb13644bdfdd9366272f874af2bc9dad4193a8f2c06dcefcd546f32831dc24211be88b804b50dd12d5e3971

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libidummy_plugin.dll

Filesize
31KB

MD5
8cd633fb35886b6d02511fa57919e9e1

SHA1
a8e1b983b2bcde4bb5bf74ae96b598a3a6dea70f

SHA256
0d11ea6d42dc9eae222fe440c77ee72a4bd2c4d40f90d5b725ff725779641e1b

SHA512
60705f6a940690849e96b18ec4c099c683532060a64415cce2bc11521c97d1cfc5a340d2d65e93f4d0711724d57e7c94a448c4ec9665df9f5c853d56d6613954

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libimem_plugin.dll

Filesize
30KB

MD5
b0770c82314e94afd0d793774d66290b

SHA1
79b280cda1ca944478ebad7778f642d415de523a

SHA256
a5c2f2030e2cb70837d35e434d9793cafa04132e1823430ebcfbd4d985899637

SHA512
21f4780a6da31c84fbc0fe117eef11cbd796d837b7fa38ec8c5e025c8b318f0b925775a7dec1e909ee14da77d800a01115758e803ddeb605e1da0ccbff047133

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll

Filesize
1.9MB

MD5
8423845646212e8d3aee2a82bf0b46a9

SHA1
0b848df9d1378157938f7a5d67376181aa93955b

SHA256
076fcfffedd3182ddc744d82e3f7f6d224b31815fe5d3a15d75c3617fdff090e

SHA512
f30cc631858448f64390eecb54518118749871c0f4fccb516cb856f3060312ea04c5eb654a6eaa5ce2b3f40200e1311c66a405e7518482d9f21d98a8f42217c9

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\liblive555_plugin.dll

Filesize
543KB

MD5
5392a6cc88cf16c87b564dc57f055d7d

SHA1
eab6581797016ef9889673318e6d6cf35ff9413f

SHA256
f3e15aa53f90d5f6967ad4f44dac8a5cc7e71eb8d4ab3c52962eae1c2c2fe017

SHA512
46cbf5aff9f655cd795827389da516296461b2b373dba0c01c0db20bb3ef1feee7da6cb6291c737b734bfdab6164bb58de0bf144a4547afba8e3e3272f4863cb

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libnfs_plugin.dll

Filesize
262KB

MD5
f242238250a1ab457c46d51ba8e1e341

SHA1
e4a34dbcd01bc99b9a3e3d2c08af0a42f82e6b6a

SHA256
96be662dd39591a3cf11e428550e2462ccadd2b16774832da2e25ec6d9eb8201

SHA512
1efd08b9799bdd78cbc7bc5ada5c286c67fb89f79417b2df6a87678bcdd3aaa56b2277ca8af75e249dadc193dc251a789a9e87a687d1457845c15aa2d7adfb71

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\librist_plugin.dll

Filesize
105KB

MD5
904ed69fdc75faa58145ea6fa393d295

SHA1
2f181075cefba301cec87421ce960a435a84ecec

SHA256
49968d7bfe91cc43ced90a2a845ea704a1b7faf561d6c42063dee2eb02e68a6d

SHA512
5a9d7bb4f5904db21278fd154933d458f9f229fd4fcc918da22665a0778812c1fa2af7b6d024b11e2f61162a77732dd137e06bf61a7b29e06eff38ac648132af

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\librtp_plugin.dll

Filesize
544KB

MD5
f6a83acc9f8b5cba8d0fd040f8219cf9

SHA1
b1e78c3a85fc2146d687f2e814823c13438bb3e4

SHA256
e8d691dc76c0257f04f0f1032ee0636aa1dfd2b9face93e86362eca26e6b52d7

SHA512
bc1b3b1c96a84f6708c138678f91de74bc12a8923865c2ef470f2e98f2548a9df4aa50a59b5af83278328ce0e2ce84f9f8b1f9cb357d84c5f7e1c2001e157a14

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libsatip_plugin.dll

Filesize
65KB

MD5
88a996a9abe2207d25e41d46caf3cb75

SHA1
d87f14a868ae6be9662a30ae97d6250b34eacef2

SHA256
a03e4b0d2621a0977621b33992ae0c5590720a4c7df26631dd1c8a5e6fd05180

SHA512
610a7747b76039c4429548568b3b42a92895eba7e891241ffcc7a4650c2dfdf5cfa7b40f0dec7cfcce4db02be17617ee453b13c8461741e0a7627e2237a2f1ac

Download Submit
\Program Files (x86)\VideoLAN\VLC\plugins\access\libscreen_plugin.dll

Filesize
38KB

MD5
f3635f8a71c23f7d03b355a7776232aa

SHA1
1d9fa124eb6aaf9f6c384df7cff48baabdfa0372

SHA256
b339f54ce71749a1861d690a3d0279e2d7c3263ec7b02fc1d498e5cb5d618d52

SHA512
5c487d19bec89d4df452c196d82197af8f0b65d188d1a60a1ae9ded0c2aa42a31478a703e163245b7e9ecc78948bb9677fb3fda990716cc71efcc71dc080fdb5

Download Submit
\Users\Admin\AppData\Local\Temp\nsoFBDE.tmp\LangDLL.dll

Filesize
7KB

MD5
20850d4d5416fbfd6a02e8a120f360fc

SHA1
ac34f3a34aaa4a21efd6a32bc93102639170e219

SHA256
860b409b065b747aab2a9937f02d08b6fd7309993b50d8e4b53983c8c2b56b61

SHA512
c8048b9ae0ced72a384c5ab781083a76b96ae08d5c8a5c7797f75a7e54e9cd9192349f185ee88c9cf0514fc8d59e37e01d88b9c8106321c0581659ebe1d1c276

Download Submit
\Users\Admin\AppData\Local\Temp\nsoFBDE.tmp\System.dll

Filesize
26KB

MD5
4f25d99bf1375fe5e61b037b2616695d

SHA1
958fad0e54df0736ddab28ff6cb93e6ed580c862

SHA256
803931797d95777248dee4f2a563aed51fe931d2dd28faec507c69ed0f26f647

SHA512
96a8446f322cd62377a93d2088c0ce06087da27ef95a391e02c505fb4eb1d00419143d67d89494c2ef6f57ae2fd7f049c86e00858d1b193ec6dde4d0fe0e3130

Download Submit
\Users\Admin\AppData\Local\Temp\nsoFBDE.tmp\nsDialogs.dll

Filesize
12KB

MD5
2029c44871670eec937d1a8c1e9faa21

SHA1
e8d53b9e8bc475cc274d80d3836b526d8dd2747a

SHA256
a4ae6d33f940a80e8fe34537c5cc1f8b8679c979607969320cfb750c15809ac2

SHA512
6f151c9818ac2f3aef6d4cabd8122c7e22ccf0b84fa5d4bcc951f8c3d00e8c270127eac1e9d93c5f4594ac90de8aff87dc6e96562f532a3d19c0da63a28654b7

Download Submit
\Users\Admin\AppData\Local\Temp\nsoFBDE.tmp\nsExec.dll

Filesize
10KB

MD5
dcaaa39e47a9144ae10ee67b3183f4e1

SHA1
2af87fcebff57411e929dd2fce767e9a1e4d98e1

SHA256
da30c0f57a8a412bdc0fca182702f568bd91007475d1823464658fa523a4af9f

SHA512
d56997d74d841d01c62b7db4150729f395b57d065a1182249483640f80720fb6dc7a457cc3a23367982f92f85e9274507d6157f698a2e22ea11266866fb1bc2c

Download Submit
\Users\Admin\AppData\Local\Temp\nsoFBDE.tmp\nsProcess.dll

Filesize
30KB

MD5
d259bdea9552fe72bbf2dbda94ee0010

SHA1
b1095a6f44702ee793d9304f70a3b21cb8deb0a4

SHA256
e91ae55a30d0492c43ce0a27b0af0416b6b3d6deb991d84ae89a6d0ebfbe41a4

SHA512
bdd1584bd8fdf2bc76b2778c068b9a61b2069132b55614334511c42149f0d49cd3e3ce42929abb6cc299930760ecd6c26f77a2c906927577d85966e869f04e87

Download Submit
memory/1616-682-0x0000000073F20000-0x00000000741B5000-memory.dmp

Filesize
2.6MB

Download
memory/1616-681-0x00000000741C0000-0x00000000741EF000-memory.dmp

Filesize
188KB

Download
memory/1616-680-0x0000000000400000-0x0000000000424000-memory.dmp

Filesize
144KB

Download
memory/2704-739-0x0000000074080000-0x000000007409A000-memory.dmp

Filesize
104KB

Download
memory/2704-737-0x0000000074740000-0x000000007474E000-memory.dmp

Filesize
56KB

Download
memory/2704-763-0x00000000722D0000-0x0000000073363000-memory.dmp

Filesize
16.6MB

Download
memory/2704-741-0x00000000722D0000-0x0000000073363000-memory.dmp

Filesize
16.6MB

Download
memory/2704-742-0x0000000073E40000-0x0000000073EA0000-memory.dmp

Filesize
384KB

Download
memory/2704-734-0x0000000074340000-0x00000000745D5000-memory.dmp

Filesize
2.6MB

Download
memory/2704-735-0x00000000742E0000-0x00000000742F4000-memory.dmp

Filesize
80KB

Download
memory/2704-736-0x00000000742C0000-0x00000000742D3000-memory.dmp

Filesize
76KB

Download
memory/2704-738-0x00000000742A0000-0x00000000742B4000-memory.dmp

Filesize
80KB

Download
memory/2704-740-0x0000000074070000-0x000000007407F000-memory.dmp

Filesize
60KB

Download
memory/2704-732-0x00000000000C0000-0x00000000001B2000-memory.dmp

Filesize
968KB

Download
memory/2704-733-0x0000000074920000-0x000000007494F000-memory.dmp

Filesize
188KB

Download
memory/3012-731-0x0000000000400000-0x0000000000481000-memory.dmp

Filesize
516KB

Download
memory/3012-715-0x0000000000400000-0x0000000000481000-memory.dmp

Filesize
516KB

Download
memory/3012-19-0x0000000074320000-0x000000007432B000-memory.dmp

Filesize
44KB

Download
memory/3012-716-0x00000000745F0000-0x00000000745FE000-memory.dmp

Filesize
56KB

Download
memory/3012-23-0x0000000000400000-0x0000000000481000-memory.dmp

Filesize
516KB

Download
memory/3012-717-0x0000000074320000-0x000000007432B000-memory.dmp

Filesize
44KB

Download
memory/3012-17-0x0000000000400000-0x0000000000481000-memory.dmp

Filesize
516KB

Download
memory/3012-18-0x00000000745F0000-0x00000000745FE000-memory.dmp

Filesize
56KB

Download
memory/3012-22-0x0000000074320000-0x000000007432B000-memory.dmp

Filesize
44KB

Download
memory/3012-20-0x0000000000400000-0x0000000000481000-memory.dmp

Filesize
516KB

Download
memory/3012-21-0x00000000745F0000-0x00000000745FE000-memory.dmp

Filesize
56KB

Download