Overview

overview

7

Static

static

3

x-mouse-bu...-5.exe

windows7-x64

7

x-mouse-bu...-5.exe

windows10-2004-x64

7

$PLUGINSDI...md.dll

windows7-x64

3

$PLUGINSDI...md.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

BugTrapU-x64.dll

windows7-x64

1

BugTrapU-x64.dll

windows10-2004-x64

1

XMouseButt...ol.exe

windows7-x64

1

XMouseButt...ol.exe

windows10-2004-x64

1

XMouseButtonHook.dll

windows7-x64

1

XMouseButtonHook.dll

windows10-2004-x64

1

uninstaller.exe

windows7-x64

7

uninstaller.exe

windows10-2004-x64

7

$PLUGINSDI...md.dll

windows7-x64

3

$PLUGINSDI...md.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    102s
  • max time network
    108s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 06:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    x-mouse-button-control-2-20-5.exe

  • Size

    2.9MB

  • MD5

    2e9725bc1d71ad1b8006dfc5a2510f88

  • SHA1

    6e1f7d12881696944bf5e030a7d131b969de0c6c

  • SHA256

    2240bf5fb5d80938b0676c46ef9f84bc1739c32f60c473ff85e530ae0eca2818

  • SHA512

    62bd9cde806f83f911f1068b452084ef2adc01bc0dec2d0f668a781cc0d94e39f6e35618264d8796ca205724725abd40429f463017e6ca5caf7d683429f82d39

  • SSDEEP

    49152:n65SJw48kZN+nCYk7c44+Y0hdwn4Km2A5aT/pVE0hYYajihV2Qso0SWMrboF:tfpeno4oY0QZm2dlNJsrHM4

Score
7/10
discoverypersistence

Malware Config

Signatures

  • Executes dropped EXE 3 IoCs
  • Loads dropped DLL 17 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Program Files directory 8 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • NSIS installer 2 IoCs
    installer
  • Modifies Control Panel 3 IoCs
    evasion
  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Modifies registry class 33 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\x-mouse-button-control-2-20-5.exe
    "C:\Users\Admin\AppData\Local\Temp\x-mouse-button-control-2-20-5.exe"
    1⤵
    • Loads dropped DLL
    • Adds Run key to start application
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    • Modifies Control Panel
    • Modifies registry class
    PID:1964
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.highrez.co.uk/scripts/postinstall.asp?package=XMouse&major=2&minor=20&build=5&revision=0&platform=x64
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:564
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:564 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1056
  • C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
    "C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe" /Installed /notportable
    1⤵
    • Executes dropped EXE
    • Loads dropped DLL
    • Modifies Control Panel
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1240
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:1780
    • C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
      "C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe" /notportable
      1⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of SetWindowsHookEx
      PID:2656

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonHook.dll
            Filesize

            1.0MB

            MD5

            d62a4279ebba19c9bf0037d4f7cbf0bc

            SHA1

            5257d9505cca6b75fe55dfdaf2ea83a7d2d28170

            SHA256

            c845e808dc035329a7c95c846413a7afb9976f09872ba3c05dfa5f492156eef0

            SHA512

            6895a12cddc41bf516279b1235fca238b0b3b0cef2cc25abe14a9160ed23f5bde3d476f885d674537febc7de7eb58b0824d96153c626e1563a5a8a1887fb5323

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
            Filesize

            914B

            MD5

            e4a68ac854ac5242460afd72481b2a44

            SHA1

            df3c24f9bfd666761b268073fe06d1cc8d4f82a4

            SHA256

            cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

            SHA512

            5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6525274CBC2077D43D7D17A33C868C4F
            Filesize

            959B

            MD5

            d5e98140c51869fc462c8975620faa78

            SHA1

            07e032e020b72c3f192f0628a2593a19a70f069e

            SHA256

            5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e

            SHA512

            9bd164cc4b9ef07386762d3775c6d9528b82d4a9dc508c3040104b8d41cfec52eb0b7e6f8dc47c5021ce2fe3ca542c4ae2b54fd02d76b0eabd9724484621a105

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
            Filesize

            1KB

            MD5

            a266bb7dcc38a562631361bbf61dd11b

            SHA1

            3b1efd3a66ea28b16697394703a72ca340a05bd5

            SHA256

            df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

            SHA512

            0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
            Filesize

            252B

            MD5

            1574c934f2bb5faf1727767681c93eae

            SHA1

            fbd639c415469eff4fc1b2bc060c6d88d603d0eb

            SHA256

            c15e6e47fdeeb344dfbe9c15d743534a105b5761d78d98d5df99dd26a53b5b49

            SHA512

            2d7de0925e2def8ac547db12da68fbbf738e332dfa72ed50c623180a935c70ac25d7b061c0fd60306943ce151a378a1fd93a20a637e4d71080171799b26cc592

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6525274CBC2077D43D7D17A33C868C4F
            Filesize

            192B

            MD5

            2b93508f54b1b2a37eb19b61fa927ec7

            SHA1

            848e9c40ea386d5268ac14da9054eb89ef1bccfc

            SHA256

            9d450da16a47e37fbcf199892daf048ded995b8959a66e2348dd2842cd488925

            SHA512

            b6ebbb0d0d6c1b0ee4116020008364ebc1954989eca2c671350c14dd6e9e432fae5eded4c277de22824ad3f622bee2175c3b8f8590e94940962a0fcf1c00de31

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            96d2b9b6b27b3424f6866bd892b46e9e

            SHA1

            17e20032ec1f6fa7c9c22009d5044c49c6252baf

            SHA256

            2bca1526fb67bd9d22d5a8163d01eb6eaacd8a20f8f96580dc1638efccb129ab

            SHA512

            6e10d77e174ace23dfddf9cf6d929fb08392af27a454ebe445bdd23da1d19566e6cde5e8310cd2b50ff6bb014f4e66657c4dc8c118dea92813d41336e59677a0

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            84c0a8770b6667e64eea5dac2dfd075c

            SHA1

            afe0728cb4d03bfae5c26021abd7f3228ee8021e

            SHA256

            87ff7969df4356b78ba3c7b3f64b407ec78323606e22ed128d08e3f003bd4930

            SHA512

            356ee5b5cb4aa4ac04a781e11de8a52dbf3371e160f4e3254ee289b2ccb84717a7ab9d1803e1d4be473438e2784e94b56696c80be87b84004d76e7caeb3fcf0f

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            9207f41b445cb87f4d94c8615796b549

            SHA1

            32b2d44f0a3222f65182918b84a43415d13ebf0a

            SHA256

            127d88c47e0982dc385cfb07a0bf436c4af17e081eeb557e4cf245ec863c422e

            SHA512

            cdd4e78b44cccb444472caed412783c96b7af6bece94ee139e2efef5526ed4b62cbc69118875ff00086680d94ff1655c61575f552e89acb80a42828b3f9e9c3d

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            0c77d564191f63c89b97f631bbb703d6

            SHA1

            40788d4cd239b964a18d5476bd77f3a5b79d9bb1

            SHA256

            26eba0b17f5db387df213f187979b6a09809e16db1f6017280faf7b486b9ec6e

            SHA512

            4e335fc66a16ec0e7112f0c01867562953e85b1644e64bc8d7ba433b7202b4bb9fcb61338a2d59dd2923fa271c33d916b5e8b23b288f8a7e0edfd2488afdb877

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            2a91f7a11185b3afa38518fca3b487e6

            SHA1

            10d9459f230c4384c7190467f408a2e17f6e359f

            SHA256

            8521b363c5ab6302d45158a9f73406ac43c7a1672fcb0fa5974ea1991c35b4a4

            SHA512

            73fe1dbd9dc5d02c281ddd86bd0305af4ba02c3ce72b11c34021ee3ff74e94fd3218ccbf10b02ad5d4392b9c24284537ac0bf1726f6881a6f5c25233e7ec537e

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            c5e0e59f8524b34ef23a1521a3931f88

            SHA1

            d50d5c80e45a1309cdf7ec8141148642c7aeca09

            SHA256

            4476c4a551b00a88e144b46a5b977b4053308d1be020d5a0369edfedc16993d1

            SHA512

            302e6692d9e812e81c1bc685affe4126783d523d666e6c20f9a1648920b227a88b66e9b261b320dbfd1e2814705bb8fca8d6a5190a6f81f684ea001a137e85ef

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            2ef5f5d82f71f1b97375ff56ce772c68

            SHA1

            a4af2313edcd4118e55020ac46de87ec8b25f3fe

            SHA256

            8fdb49fed6da05961d49e5c2e4bb25b3b8cff2a717fb52e0f818f7d5da3d8e18

            SHA512

            08bf098129780d0637071c4523e87dfed9faa24c7b21006f446ee0a44666ae170ec6b529787f462281798cef22cfa29f913dbcd3d0ab08da5ecc8f11a7b9da19

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            b82b41f890f3ea4cb04a008db8b4c194

            SHA1

            9a5b18dac08be448037e6193d652f6e993dfc3d0

            SHA256

            1993a97f311fd206a51072b1a88913562ef6adbe0a7d0e40bc3c580fdd207e44

            SHA512

            45dbe9e38bdc88087490101fe4de0508ba1ce54a4841fef73595d4ae2288331fa82780f8e7b1b3b81737ad220f6dcf1277604816d3141c79fbed6c63acaadf0c

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            e322b23be33a292f65ed2ced635287c8

            SHA1

            edb873f4229d6383b09529f87bc21150727d9048

            SHA256

            74de4b0abb84d2cb3d9948066c475c47334e202da7324e21cbeb6dc04c7cf6ee

            SHA512

            f0adeaefb5bf94ac6176b2e9af1ef82c6444987efa81c4d8429684e90f33af8685276687550c65a2c4c2ea12a87528b8e389bc9ffe8138b7cc263c8538b6a972

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            7297f62fc2448b036f2bda04d5fe716b

            SHA1

            3a4568cbc4ce9e3736498a585f8b9757d3571d4a

            SHA256

            72a6fb227475371e89bc38930213b12816ec83eb4a675f0fc91edbb4ee3e8068

            SHA512

            22be712541d3e0ac550ce7c806e108436799a4a54932a18fe14ff477060362bd6468d71e8ea2ea8ee48ec94b340dd3bcc0ffea164de4ee240ece4c6d9eb06527

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            fafb1e40662896d7a105e34258e50ed4

            SHA1

            a75a87a540ced954d14fcc929102d4b5f8c7bd3d

            SHA256

            a3834e6dd112a0583202356df9bd64f9cb93f12aec86399beab2b735e8ef0acb

            SHA512

            c7b0c7e48dbd168faa03c677aa96d5d8d52de410f2c62c9423b1e2f246532aefa31e49a3d5494e58b9ddbcd51374cbb48beabe91b7c907129121f1498c88bf5d

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            8a08a1a315e3b67d3af655309fc454a8

            SHA1

            b9c3dc320eda1d6e4689c4412818f642ce5caa2d

            SHA256

            6f7e89c13552f1f439822c141e00d115123d615028664c674161ec815a873e37

            SHA512

            14293cbf883239538124b6b261624e6dddea4947c5cfe5d224f8975a0b63583eb60a9c3c9840b63c63e900393cbea9b9a187fb9ba58496117d9253d238f22545

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            44439fc7705bcf90804b2f76e7a6cb6f

            SHA1

            f16347d909b3c13be78ba1b8dcc15a784c611219

            SHA256

            c80b579392c2aaf72a81a51ca881ce9542cb2bd051ff3c98a8c652a9e143fce1

            SHA512

            d638edf7c130e78a146d2bfadf902708495a72dc479014321e4eda6b1af3336b7b89613b0cfba830c712ac80e33d3aad14a99375f1b36e3493e71ef49c49a83c

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            4be74987ed8e704100b3febce5e826dd

            SHA1

            cd84f435744643a88a3c2c26b5d7dbaa26534e7e

            SHA256

            403db1bb9f8c5a5e3a41ba4dcf98e4e67a8dac4385645191b082069845e0ba44

            SHA512

            dcb61d8fe488d53f7dcacea06945c17d54b70e640e7c1aa3be4a55496b92a7b6916801d82d0645b02476e75d4ddfa79feecd335c1557bb0522fd89efc8494015

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            b7ec353d85baf91f986e0738ff76c571

            SHA1

            ca6f7830eb3002fa0e6037d0cb50d531af9c7eba

            SHA256

            9444096b9d69efdfd36d9e7274ea6d08dfd5570d6944e739f1fbb85dfffe07be

            SHA512

            e01a1b2b0cea79a529026064758384188e7d01372165b798c96329871d90667903b3709c94f41803ac2e6a4082e3e2de167a85f4fb3ac3093afec0661a68ce3c

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            43ab7e9fd47908b7c8aa05af991837b1

            SHA1

            79436d26880e2826a33cb2bd4ece81792504d242

            SHA256

            0f4b8541d69bec5c60a6009d9b03cad077cb531d5e06979aa91f37159670951f

            SHA512

            931eee2c8286a6f944447b417909f9201747436493e282afbd557b6c38dcd505b382db0afdccf5f47ccab26d0ce037001bf17f952b9e69904e9f8a9fa394b2e9

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            b9f021bf0c2bdcd3baaa636d7f59cab0

            SHA1

            a2ec4338a0ca3e55e1174b4d1806f5103444f042

            SHA256

            d69a3ae4f5cbaed4cdf6dbf6a2fff0597d44f65c3ea20fcc6fdc4464f10d467d

            SHA512

            63631f1b4ae3da547e62a4eb2b13ed69b8db47ea95d2a0a67b4b9fe11127a870baf2454d98bd751ad64604a585c9658bee94f8df09674db32d3eeb91c1155a83

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            0ee707b9f6844e7b8c769c8c5f0948c9

            SHA1

            f129e8e4b47455edbd7ca2950456f838b90eb484

            SHA256

            25f981f155421159be3ebbd48ba99f761bb34b98853c5c57655f36aaca89c092

            SHA512

            1c77adbabe40bee0103671f6a309d42afde199d3b04579871afba60f0f20e301386004d01fe7aaec1a98cd69125b4b1bd02283e170f8729b08c894cbf4a1a593

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            4181bb3774ede02a6879b56338a454ab

            SHA1

            5bb2a22a5ec459cdee9679da49217ac16e0c3b6f

            SHA256

            efe45664c2693369377500ad51b740e0d380772d1c908a282fd40341fb76f30e

            SHA512

            67bbd19904d88d9a999dab04d168cb6ece8b2fa0aadf032e2846f80b000b3ea6b2a0398b0ec9b1c57e8faf4a3699515b5cbb43329a88698e633cb84e78d807f0

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            724244ac828e9a78aa61dcf9ab16ccf1

            SHA1

            f3b7515dac627213dbb4dc6d3fb7f659d56d9186

            SHA256

            2c36794c5d2cb2ad80e5b9ef5312ffa27ff87fa9ba7804f68401de089557180e

            SHA512

            f679fb1ea45d34d23b1a11bb03e31a899eac4a92a4d34afd977fef76cf7a1bf63de258d6212f96e5e3877168e1556fa20cf10028736a141e25f2cedf87038f48

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            b66a6196e38bf904892e829842171520

            SHA1

            e949a87b1bbc46837bce6a1d1cd2895897846351

            SHA256

            51eb7a376ccec39f95349da47c09477e986936a41244986584e58c8e06de8e90

            SHA512

            79c5daf13076c49b4dffc0fd4d4cc601a7721a1337644dce1329f6d9c5abff20947c08b9860247a2aadff70923571655331c0b8ec8703b045930cda460eb4cf8

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            b7ae677e253bab85a0db9b2108a789b2

            SHA1

            24f23800307b49cd503d5dcf49ad7fbc45056244

            SHA256

            d5d1734da3e340adcd683365f31fd48bec9fc96ac9f9b382f120fc215b55b5e8

            SHA512

            f2ef62e492a456f554c88e70f72df1ecf0f188f0a19ea2fd1ff87c90f5c4a3b97373613706b275c308f481cd2f4d3dcd32b0e4bc7a50ca16a6e9c88318a86657

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            e3bac147d27f63f8355fbca700c31f70

            SHA1

            4556dd0b9b44d6189ee65f533fcd5fa01bfca4f7

            SHA256

            c78b1fa61ece22c22c647742b65e2e3e92fcdd58d7c882ac261f0512a3863bd5

            SHA512

            682fb829438fe0cbc85effcf28667ad9aa94d8e891f482bb8c885bc107277dbd9fe655178552d81794b45e738d9643714ac8aeba3f47c60979a514ef6287064c

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            8712d04f690e435fc01f42c4b3922021

            SHA1

            1481ab61625e50d3d08fea27615d2ba073c8005d

            SHA256

            aa54b2d1e8e26667b7753cc45241d998802658630508725df9862a98ada76bd2

            SHA512

            b39ecffb46c3784fdb24bf3d399dd6845e01b467c98535b1ee61af465782442ad90e7cb4136b98e583fa1af5b8d1d950e16db7ecbd344e219056437e89b5afc9

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            77663cbd41907dd5c8b29eb5acca2c28

            SHA1

            724b8ae8f0854d5d3246370a69fec994a52ee5d7

            SHA256

            ea7ab8204a6c41a4b8322bba1a6aa414bc88076b2838f9f5e100ef2b0a39d339

            SHA512

            81045d6673053dd7498db4635c7b90474562d0168715a93830142fc7de4b9a65c462d362d9adfbb8a6c2bc63278745fa1a5455a649e5782e21f6faf1f0d0fb72

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
            Filesize

            242B

            MD5

            804579d4fe37c21dc194dd09ea605ad2

            SHA1

            03f24bface9b2f88090339afa7c606b781cbe802

            SHA256

            5e73e8f89e514597e4b6597ae31a262c9f1462ac1fbe17127f7a94908b415f1d

            SHA512

            12bc3a3a9e06cc19eb558e4dd82abb721c86e8d45e6231381a553950aa502b68d6eac54aad99c4f5cc868cd5ff286ede99aeaaea19ffb613c2c9a416c7ffcc7d

            Download Submit

          • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\njqq61f\imagestore.dat
            Filesize

            3KB

            MD5

            f9f3b8cc9ed7181bf132651f95c1bf27

            SHA1

            767657b38f21d9486dfbb959f6a4577e6836fd76

            SHA256

            cbcaecae198fd13972d94781483970f06f9a2bcf8ad4f35b96be276377a72d44

            SHA512

            44d1b34fb4ab61dc08ff721638dc8eab7dcb7f0117bb39c50fea44ad6f7c43ba491a32140482093907d3947406937c491e49d400175aa57d1952d7903febad4b

            Download Submit

          • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6V88JEY\xmbc[1].ico
            Filesize

            3KB

            MD5

            1279bf31d9659ad2017369ec1b90473c

            SHA1

            0f21c5a8266c36af7909118899e1fa07590f2df8

            SHA256

            74e3162830413f502277c221381f07b34d77a155f5cbeca379e1a4ffc29af116

            SHA512

            18ab594628c7873c56a85cc748585a3422f06d3f3ad70e5d33e86bed8bb9595d43513960731db89820d89b2ed950b48d6b891dbda768164f968ab06f5a86c277

            Download Submit

          • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOYL2MRI\f[1].txt
            Filesize

            189KB

            MD5

            71e50ba91af01b5210cdeabada45f6d0

            SHA1

            0ce209471894b131438a695b1de2835d6d69ed9b

            SHA256

            2176027593a83d9e6fd232e60ea7ccfeaa0d4e30fae6007234d7743b32e4d31a

            SHA512

            7ebddb5fe0b9d4ec83e206199ba87662d8b147f1a41438c764b88edfd25e189e5779ac852c296158a5401bfd9eac3d1000a264437bf5cd2472065715a325c818

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\Cab7B59.tmp
            Filesize

            70KB

            MD5

            49aebf8cbd62d92ac215b2923fb1b9f5

            SHA1

            1723be06719828dda65ad804298d0431f6aff976

            SHA256

            b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

            SHA512

            bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\Tar7B7C.tmp
            Filesize

            181KB

            MD5

            4ea6026cf93ec6338144661bf1202cd1

            SHA1

            a1dec9044f750ad887935a01430bf49322fbdcb7

            SHA256

            8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

            SHA512

            6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\nsoEF60.tmp\ioSpecial.ini
            Filesize

            696B

            MD5

            f013640ad96ceb32dfdbfd7b65bc49b5

            SHA1

            b0f2723a68f32c7da3fb49cb15b5e1aceec598bb

            SHA256

            c4192ceda6932d0a1ee57a471175b7ec2a97c297d04ffcf2ebeee29907972668

            SHA512

            97af3fe8259aa872f8d36db87bccfe00cb5f93c824283f1003377f0d77dc430b7f0229aef043075084b3baf79691aadd4ffe703dd7bd2f321f321243be699623

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\nsoEF60.tmp\ioSpecial.ini
            Filesize

            726B

            MD5

            27ca71830f6c90c685ed70df078b5471

            SHA1

            a853edbfa663f8e7a15cba68ce30e3a2ab3dfd03

            SHA256

            ebbabe06df67c5e7082e2caabb15df0e06fb3cc1c0e625b0ab1f7d3cb79a1230

            SHA512

            a4c7db0ad5a86b2c86bb45d080b5498bbcdcd8a245f9e90dc8f16541f87b38c15aa035815a536852222de32623743c4fbc80060126251a4b089fca72a6d854df

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\nsoEF60.tmp\ioSpecial.ini
            Filesize

            709B

            MD5

            28cc6adf595771d785482863a46e39ea

            SHA1

            a0ad4c4cbf0fe564033e38ab68835ff420f6d1bb

            SHA256

            39129cfff14f7b98c60abfca5e97fa1b4beea22a6f52e20b2b0e35866f3302d8

            SHA512

            f9b2ba0d6bbb5e721199c4a9e70d5f95f4e9e87c321f4814e2e9b2e964e71649a6a5297462b68e442e621f72566334c2ef4df85e5ab0b6ade02de80ece1b60f5

            Download Submit

          • C:\Users\Admin\AppData\Roaming\Highresolution Enterprises\XMouseButtonControl\Persist.xmbcps
            Filesize

            16B

            MD5

            4ae71336e44bf9bf79d2752e234818a5

            SHA1

            e129f27c5103bc5cc44bcdf0a15e160d445066ff

            SHA256

            374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

            SHA512

            0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

            Download Submit

          • C:\Users\Admin\AppData\Roaming\Highresolution Enterprises\XMouseButtonControl\XMouseButtonControl.log
            Filesize

            2KB

            MD5

            017c7f3e73eacd779f1372de37207681

            SHA1

            26afc6d620e8d57819c2e81ec2b215fbb4b84379

            SHA256

            2464e93efe73d5c97c75ec2c908ea3d40ac42e7fc6056a198e3b0feba9f25341

            SHA512

            cf84dae0de441f0e15565c62c3ad3dbf1761a8214a4ed40b303b2f08abd06af55b7f41e57297d69f595e51c4492af232d4661a9c764f6bd847d4a95eec473326

            Download Submit

          • \Program Files\Highresolution Enterprises\X-Mouse Button Control\BugTrapU-x64.dll
            Filesize

            364KB

            MD5

            80d5f32b3fc515402b9e1fe958dedf81

            SHA1

            a80ffd7907e0de2ee4e13c592b888fe00551b7e0

            SHA256

            0ab8481b44e7d2f0d57b444689aef75b61024487a5cf188c2fc6b8de919b040a

            SHA512

            1589246cd480326ca22c2acb1129a3a90edf13b75031343061f0f4ed51580dfb890862162a65957be9026381bb24475fec6ddcb86692c5961a24b18461e5f1f0

            Download Submit

          • \Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
            Filesize

            1.7MB

            MD5

            bb632bc4c4414303c783a0153f6609f7

            SHA1

            eb16bf0d8ce0af4d72dff415741fd0d7aac3020e

            SHA256

            7cc348f8d2ee10264e136425059205cf2c17493b4f3f6a43af024aecb926d8c8

            SHA512

            15b34efe93d53e54c1527705292fbf145d6757f10dd87bc787dc40bf02f0d641468b95c571f7037417f2f626de2afcd68b5d82214e27e9e622ab0475633e9de5

            Download Submit

          • \Program Files\Highresolution Enterprises\X-Mouse Button Control\uninstaller.exe
            Filesize

            74KB

            MD5

            bfffc38fff05079b15a5317e279dc7a9

            SHA1

            0c18db954f11646d65d0300e58fefcd9ff7634de

            SHA256

            c4e59737ffd988ef4bc7a62e3316a470b1b09a9889f65908110fba3d7b1c6500

            SHA512

            d30220e024ac242285ea757006e7da3874e5f889951de226d48c372a6a8701b76d4a917134ecc1e72c6c3a8d43444762288e7134a25d837e9f43d972675c81d6

            Download Submit

          • \Users\Admin\AppData\Local\Temp\nsoEF60.tmp\InstallOptions.dll
            Filesize

            14KB

            MD5

            d753362649aecd60ff434adf171a4e7f

            SHA1

            3b752ad064e06e21822c8958ae22e9a6bb8cf3d0

            SHA256

            8f24c6cf0b06d18f3c07e7bfca4e92afce71834663746cfaa9ddf52a25d5c586

            SHA512

            41bf41add275867553fa3bd8835cd7e2a2a362a2d5670ccbfad23700448bad9fe0f577fb6ee9d4eb81dfc10d463b325b8a873fe5912eb580936d4ad96587aa6d

            Download Submit

          • \Users\Admin\AppData\Local\Temp\nsoEF60.tmp\ShellExecAsUser.dll
            Filesize

            7KB

            MD5

            86a81b9ab7de83aa01024593a03d1872

            SHA1

            8fd7c645e6e2cb1f1bcb97b3b5f85ce1660b66be

            SHA256

            27d61cacd2995f498ba971b3b2c53330bc0e9900c9d23e57b2927aadfdee8115

            SHA512

            cc37bd5d74d185077bdf6c4a974fb29922e3177e2c5971c664f46c057aad1236e6f3f856c5d82f1d677c29896f0e3e71283ef04f886db58abae151cb27c827ac

            Download Submit

          • \Users\Admin\AppData\Local\Temp\nsoEF60.tmp\System.dll
            Filesize

            10KB

            MD5

            56a321bd011112ec5d8a32b2f6fd3231

            SHA1

            df20e3a35a1636de64df5290ae5e4e7572447f78

            SHA256

            bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

            SHA512

            5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

            Download Submit

          • \Users\Admin\AppData\Local\Temp\nsoEF60.tmp\nsDialogs.dll
            Filesize

            9KB

            MD5

            f832e4279c8ff9029b94027803e10e1b

            SHA1

            134ff09f9c70999da35e73f57b70522dc817e681

            SHA256

            4cd17f660560934a001fc8e6fdcea50383b78ca129fb236623a9666fcbd13061

            SHA512

            bf92b61aa267e3935f0ea7f47d8d96f09f016e648c2a7e7dcd5ecc47da864e824c592098c1e39526b643bd126c5c99d68a7040411a4cf68857df629f24d4107d

            Download Submit

          • memory/1964-232-0x00000000005F0000-0x00000000005F2000-memory.dmp

            Filesize

            8KB

            Download