Overview

overview

7

Static

static

3

XMouseButt....5.exe

windows7-x64

7

XMouseButt....5.exe

windows10-2004-x64

7

$PLUGINSDI...md.dll

windows7-x64

3

$PLUGINSDI...md.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...al.ini

windows7-x64

1

$PLUGINSDI...al.ini

windows10-2004-x64

1

$PLUGINSDI...rd.bmp

windows7-x64

3

$PLUGINSDI...rd.bmp

windows10-2004-x64

4

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

BugTrapU-x64.dll

windows7-x64

1

BugTrapU-x64.dll

windows10-2004-x64

1

XMouseButt...ol.exe

windows7-x64

1

XMouseButt...ol.exe

windows10-2004-x64

1

XMouseButtonHook.dll

windows7-x64

1

XMouseButtonHook.dll

windows10-2004-x64

1

uninstaller.exe

windows7-x64

7

uninstaller.exe

windows10-2004-x64

7

$PLUGINSDI...md.dll

windows7-x64

3

$PLUGINSDI...md.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    03-02-2025 06:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    XMouseButtonControlSetup.2.20.5.exe

  • Size

    2.9MB

  • MD5

    2e9725bc1d71ad1b8006dfc5a2510f88

  • SHA1

    6e1f7d12881696944bf5e030a7d131b969de0c6c

  • SHA256

    2240bf5fb5d80938b0676c46ef9f84bc1739c32f60c473ff85e530ae0eca2818

  • SHA512

    62bd9cde806f83f911f1068b452084ef2adc01bc0dec2d0f668a781cc0d94e39f6e35618264d8796ca205724725abd40429f463017e6ca5caf7d683429f82d39

  • SSDEEP

    49152:n65SJw48kZN+nCYk7c44+Y0hdwn4Km2A5aT/pVE0hYYajihV2Qso0SWMrboF:tfpeno4oY0QZm2dlNJsrHM4

Score
7/10
discoverypersistence

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 11 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Program Files directory 8 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • NSIS installer 2 IoCs
    installer
  • Modifies Control Panel 2 IoCs
    defense_evasion
  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Modifies registry class 33 IoCs
  • Suspicious behavior: EnumeratesProcesses 14 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 46 IoCs
  • Suspicious use of SendNotifyMessage 45 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\XMouseButtonControlSetup.2.20.5.exe
    "C:\Users\Admin\AppData\Local\Temp\XMouseButtonControlSetup.2.20.5.exe"
    1⤵
    • Loads dropped DLL
    • Adds Run key to start application
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    • Modifies Control Panel
    • Modifies registry class
    PID:2616
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://www.highrez.co.uk/scripts/postinstall.asp?package=XMouse&major=2&minor=20&build=5&revision=0&platform=x64
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1840 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2064
  • C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
    "C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe" /Installed /notportable
    1⤵
    • Executes dropped EXE
    • Loads dropped DLL
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:836
  • C:\Windows\system32\taskmgr.exe
    "C:\Windows\system32\taskmgr.exe" /4
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonHook.dll
    Filesize

    1.0MB

    MD5

    d62a4279ebba19c9bf0037d4f7cbf0bc

    SHA1

    5257d9505cca6b75fe55dfdaf2ea83a7d2d28170

    SHA256

    c845e808dc035329a7c95c846413a7afb9976f09872ba3c05dfa5f492156eef0

    SHA512

    6895a12cddc41bf516279b1235fca238b0b3b0cef2cc25abe14a9160ed23f5bde3d476f885d674537febc7de7eb58b0824d96153c626e1563a5a8a1887fb5323

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6525274CBC2077D43D7D17A33C868C4F
    Filesize

    959B

    MD5

    d5e98140c51869fc462c8975620faa78

    SHA1

    07e032e020b72c3f192f0628a2593a19a70f069e

    SHA256

    5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e

    SHA512

    9bd164cc4b9ef07386762d3775c6d9528b82d4a9dc508c3040104b8d41cfec52eb0b7e6f8dc47c5021ce2fe3ca542c4ae2b54fd02d76b0eabd9724484621a105

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    0c88395bcc5ac31fb5e1f694b32a7df5

    SHA1

    5954521b7644f946fee98582a21e7cd101e1cbf9

    SHA256

    83b303f712ea17cb39c242eb638416b2ff8ae4ce6eb827c659193aa34d4616a0

    SHA512

    03120ec42fb586f0a3e968b22138b415fa2e7b64edaeba6ab1408c982daacbe5541bddacf48441a972d4342a09da34d876016fa8641b882b483f977da4e6afcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6525274CBC2077D43D7D17A33C868C4F
    Filesize

    192B

    MD5

    48d583756ff362f4378637ccab71c962

    SHA1

    5c4d2f2626e10339bb3dd8960215b782df3bb4a3

    SHA256

    5d127ad6ba350afbf4c1716603612152dc945f22af0ea6a96b6265ff62e94547

    SHA512

    334edd42f085e39ab85c508baf933b6f7e6d9f75e5181fadfe097b550497d9a95b6b8226461c86b42843feaa072de13a578800acbb5a477cec203a3721a05aec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8256a9738b3f6ac5db9bcb7b8fb6cb9b

    SHA1

    67c13357ba7194a723c79cf474c01a740ac04896

    SHA256

    286bf48895a671e61a57842b17c3010fd9e1747a2304a331d196c31f8728aebd

    SHA512

    c35743d16fddac91498fba761306ec8dc92177fd7298a1bdc19fa9279a60f158691d4c89753cd77626cdba64b083154985f6b8236cc8cf461d92d0f78adc63ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10e8b258ac457435c0251268188bd00e

    SHA1

    627132a75bf2d522bf57561c86979a5112c6aea1

    SHA256

    312239416dab555869d0597d295867e908aca4b40697149db0d751c999891014

    SHA512

    2c651383fc1a21ab2f48673b57b1bf634a847f2448242ed42f8fa629fa137377882b67e03932e35a93a7248f1107b6d52aac9df4b2ba7c61087c2043411e9745

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9bc3ae280a0d88d27e48c847bccd14f9

    SHA1

    cb124c440332c806211785d8859ace440fb81c44

    SHA256

    257e694f97fbacf2eb86159d89f283550fa12fd44c7754359d464ef117a4765e

    SHA512

    f366d4b6023bfeaaa11640322e8dd6e35d66f405d65140c5b8ba5fc69d4c2e8ff3eadeffa63cf2541a86e95303a2d3de97f96dd67de00fa9a8fcae99fce0c413

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29678fc2884cdf533879cb220f6d4c08

    SHA1

    e992d32c3335fa00b691bcd4a70e806bccd7cdd0

    SHA256

    3053359a5c2cd28172cba3a8289e731d03beaf5c02874dc3df6f1e8737868aad

    SHA512

    a841146331760ab153cb566aedfebb5981444292b5e6543c5d713bdea60b7fd4b69971a3a2eb81254136d2c2f7c4768d170b7ead5aa58120419e23a7dbdabb3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f65acc67cb951ee1bda717e3d82fe5c3

    SHA1

    4369ab50029baaed59c0a0df20dd779b8c8980cf

    SHA256

    83a7df535c0dec72a9cc1c22f8abcb57db42443c64909ce7abea80cc5bf596c3

    SHA512

    302b1eb85893b46930999b472a7d7f9469296235f5023b67abb0bed0d046f5c60c041db84da574be487fcc2db179acd600b28a23ee0205dcfdb56df458b1f536

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bee890166ad988abe825a73a6ff2adf8

    SHA1

    a9823a3d55fa432fcc64fc3837f41811ddbed002

    SHA256

    9a82f96ce25522d56149beb9729ed07a560d3957d38bd85c09e296cd22d1bb17

    SHA512

    6ed41d2fe6f0f16d11a1dbf09712039786ef18b7f2847108d9bdadb597a412aa55ded9dc7d2947aec8771c168577c681b19aa71435d893349f975cad93b8966d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2a30897a141008d38aa24534d5a0b5e

    SHA1

    a26c755333bb2620d3d317721b768b95fa10b0e9

    SHA256

    3b5bb84aeb5f92ade873dc63d072af5ccbe702067b947e3365a068a7d48dcf44

    SHA512

    0f691263317516a0abd740f881093e1210f735529df86e21b839997eb9d4950e4b1b6192c009eda8449f1e75d387c44789cb7f0c90a63fd36df1678479fde5a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3acca739414ae8fdad7157123cfde680

    SHA1

    9a4b6ba5372eae21375c11b0eadafb0846abcf2b

    SHA256

    96761f3942176def96447ce9b2c0187ece4a3660856ed33c18cf634742a1213e

    SHA512

    a8e617a10ba3521dfbee6b0d89f9abb555a1c323f6c52f57818a17310158de8df297ba5e18cdbcd93add33dcd4145e3d968f4f686d18edd0e5d7375753851aab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0ac4a80feb1c5beb3508bedfc9ae0e8

    SHA1

    b4f09d7e25ccc72fe0aba85ff9d10fb23712abcf

    SHA256

    1302ee936a7cc3cb4ca719461573d5a165d46b650c485da3e4c34105ae237878

    SHA512

    d86290105ffd816eb42e0939c1a9e3c60504c4bf1545c4a0f3f0a5a8b0850a03dc4407215d9de217d32bafc30b1db994c2b4686c3237c0a3c146a34c06e8e22c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ee374a78f03a983b830df6a866e2bf3

    SHA1

    b57d5174f505b5c9cc789a66fda561087ed55ec7

    SHA256

    beeea24f97866a22f2546fb5112a6658295807d82370768200db2aac19d4a175

    SHA512

    ecc65e4106dc21280d6332c2b2f64a6bb1e6f6e91d5b73219ba37d9dc9502e6c2461c60356acf6cd1a5a81ac67fc67de602ceaf767c111b2bbedb8b1829f4212

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac639d56afd5a5ab90169753062ddc46

    SHA1

    8c028229560099be233ffbbbc2498e4acace7d41

    SHA256

    4ad12a0ac1bc8dc2b3bb7ab01b8cabd2a978f7725a763f2705f4c2afedad1889

    SHA512

    b8e6428acfde346c7fa7ad78ac096ba9b3b4690fe6f9d0d1e3a03860a58881ab9864e2654d49311ecd7e65cdfe31d5b3644f8f8a51f1f9609af691afce3e091e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69ac5116d6ced3e7a7ba4409d92be9f7

    SHA1

    46c50e6c6c6d2d72d682133e80eba29119c0769b

    SHA256

    3cf95414ea2ecd8886bdd0d4f5bcfbd63289152d0229de1e0383846486570b2e

    SHA512

    bf80b70c119b7fcd5119344e9a092d7e03f9ff4454daadff2e0a437925df46c9e181a51a1cf36c8fe2bf7e7265424b60aabeb68e8c98b0b97a692264ff7196ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aea6f5c4bbeaea379d2ff8d8d4afc1fa

    SHA1

    7d6486507a909597ec1a6e35325bb416df046a27

    SHA256

    91a2d8f17615953a0f03e042e508893f0882e6cd1479d980451e1b5bf098a5ab

    SHA512

    dc871a4bf2b3a3e95798a9dedd458c46bd875b2611af4be099f324b85e0279a3ccd5a33b2099449209e032c0cc6ce6d928727e2817e18b19b5b2bd751f4f54c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8901540997ec477b24268f952911504

    SHA1

    7b2a4bf5055ec086b49df667861d916fcda759b0

    SHA256

    47d20945df71f689574b926f1696bb704ce6fb1d29306936a4b96bc18846b464

    SHA512

    7ed8d93065c5ce9d00bafd1c716077cbbe040c5852f00865c5292c699c129d45f48f588bd10cbca53482527846edbeaab261b2982228392f43955820c8cd9b3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9dbf4a2332e28b1822f8f364033b7318

    SHA1

    206fe0cb8c33c56251b5d74cd23aef375be4ab0e

    SHA256

    37eab060575bb027a1600b3e935f1e71b29e9f19cf0805e54895bc4301f18bb6

    SHA512

    7846b00e152649e064f974e16e610f613432b4a4fbab39d860b9247cd7776be61c77dfb8f30c5bb696945955f2d95be419d957aa0a4fbc101f761c8465fdf12e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    94e4556e1821a37e41b96644ecee234f

    SHA1

    5c27feacebd4cb5821f92b0c951848e68f923539

    SHA256

    a906841971de1f5c9305a5a97236507bdaa18ccfae1da4a9ccebfa540d148d37

    SHA512

    a096bee5a1c70f913f26796fe5e228d53bfeebb4486cc19970c9f3089e4105d66329b315b746d7a74be24ef27b38b57e40afd1b391c8d1f7752eaeec67d53c63

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\78076te\imagestore.dat
    Filesize

    3KB

    MD5

    1b8f977b3f4a64432fb82528b8705e06

    SHA1

    ecc54242f1b1b7e79ec54773cfe9676495ba9f29

    SHA256

    8eb9b16627b5738b8c9a4d74befc14c314b7b3598cd4de089441284ba8a11aae

    SHA512

    618ab462127522779700f03a27ba4d774572e54bc0d53fead7d37462478b3bf02590eee4425a6a021a276c357acbd362b6a44ade0d006edd34eee4880ad37c4b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9GP4P3HF\f[1].txt
    Filesize

    186KB

    MD5

    abd50a94c726e84f45d1ab98ac28e049

    SHA1

    aa1fad5f787987a238bdc4e50bbd52a609a45648

    SHA256

    db70a4e6e4e88cc449b52c4b1edac0200246a14d6ac475874c14e3136275dfd3

    SHA512

    28140c9663160a8d5632a3aa91b91c13131076a144ac8385f96c034e71d0fc168dd36eebd7894df6d80e4c4993bc47262b4ea283b046083cb967b1b463e49b85

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6J4GCMD\xmbc[1].ico
    Filesize

    3KB

    MD5

    1279bf31d9659ad2017369ec1b90473c

    SHA1

    0f21c5a8266c36af7909118899e1fa07590f2df8

    SHA256

    74e3162830413f502277c221381f07b34d77a155f5cbeca379e1a4ffc29af116

    SHA512

    18ab594628c7873c56a85cc748585a3422f06d3f3ad70e5d33e86bed8bb9595d43513960731db89820d89b2ed950b48d6b891dbda768164f968ab06f5a86c277

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2A9B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2ABD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsoA41E.tmp\ioSpecial.ini
    Filesize

    696B

    MD5

    839a7c986a4d5f97f47c15e51981ef87

    SHA1

    aa59ec198c1a98bc6386b6b0a75262a93cd0a145

    SHA256

    0a081e5251e4596d918ff6fe3a511d2abe33cd811b6b027cb8b2ee32481b8fe9

    SHA512

    1f7a2659457b6a2d04293b454099c132c3eb8d2a1c5ee8f5290946c1d6e250ddc9982242b401b6545048e1f7d33fc3fb3ad0c90a23d12ee48d156d2f974a35a4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsoA41E.tmp\ioSpecial.ini
    Filesize

    726B

    MD5

    1586b0b428d04f46bedb4d4c6d4ddf46

    SHA1

    df53b4de9fd2f6dcf4776cc0edd31151f1586e9e

    SHA256

    3b8afbaba08af724454818d9b9112cfe65dcf6e8ace791fd9c6e9e006fc9485a

    SHA512

    c4fb97c6e1f84c5a2f8b38264fdc7557bd74577101528ef4c4c515fb8d70463911e5d773da4ea2c5ddd2ed4a3af739c957293a20b48067c22c1c2fd8bf2ab9b2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsoA41E.tmp\ioSpecial.ini
    Filesize

    709B

    MD5

    589ac9ea036605409a97cc52adefec25

    SHA1

    93d476ad2ab4f6a0269b005d7b7d447884ccf813

    SHA256

    52b458300176f6b7d7b8831d7b17fc4cc1ad12787c98fb2f8b52d695a412f967

    SHA512

    2fa5b53ad56190d458c3ccf8d1616b1c272468216b48a31a4547f9c23b3a7eece2a61485a4b95f470b49c51200f494032929923858da6e253817f3ce1c542243

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsoA41E.tmp\ioSpecial.ini
    Filesize

    709B

    MD5

    4c379b9ba8425f11cd6b26d3e7a2fd71

    SHA1

    5aa34902da82c7140cd29950598a3a64355ed146

    SHA256

    f0f1fe424fa56081398282cec06978c508c4f2a17e6fa9776c3e7eaff7632c12

    SHA512

    72581e7880ffa5af07096ebc5faf076ece47fe0f0a061ff5d20a96a6c4ea3c973b4b34adb7be63064df4e6babf7041a7bfa6739e10a8d16964bc36fa217ff051

    Download Submit

  • \Program Files\Highresolution Enterprises\X-Mouse Button Control\BugTrapU-x64.dll
    Filesize

    364KB

    MD5

    80d5f32b3fc515402b9e1fe958dedf81

    SHA1

    a80ffd7907e0de2ee4e13c592b888fe00551b7e0

    SHA256

    0ab8481b44e7d2f0d57b444689aef75b61024487a5cf188c2fc6b8de919b040a

    SHA512

    1589246cd480326ca22c2acb1129a3a90edf13b75031343061f0f4ed51580dfb890862162a65957be9026381bb24475fec6ddcb86692c5961a24b18461e5f1f0

    Download Submit

  • \Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
    Filesize

    1.7MB

    MD5

    bb632bc4c4414303c783a0153f6609f7

    SHA1

    eb16bf0d8ce0af4d72dff415741fd0d7aac3020e

    SHA256

    7cc348f8d2ee10264e136425059205cf2c17493b4f3f6a43af024aecb926d8c8

    SHA512

    15b34efe93d53e54c1527705292fbf145d6757f10dd87bc787dc40bf02f0d641468b95c571f7037417f2f626de2afcd68b5d82214e27e9e622ab0475633e9de5

    Download Submit

  • \Program Files\Highresolution Enterprises\X-Mouse Button Control\uninstaller.exe
    Filesize

    74KB

    MD5

    bfffc38fff05079b15a5317e279dc7a9

    SHA1

    0c18db954f11646d65d0300e58fefcd9ff7634de

    SHA256

    c4e59737ffd988ef4bc7a62e3316a470b1b09a9889f65908110fba3d7b1c6500

    SHA512

    d30220e024ac242285ea757006e7da3874e5f889951de226d48c372a6a8701b76d4a917134ecc1e72c6c3a8d43444762288e7134a25d837e9f43d972675c81d6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoA41E.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    d753362649aecd60ff434adf171a4e7f

    SHA1

    3b752ad064e06e21822c8958ae22e9a6bb8cf3d0

    SHA256

    8f24c6cf0b06d18f3c07e7bfca4e92afce71834663746cfaa9ddf52a25d5c586

    SHA512

    41bf41add275867553fa3bd8835cd7e2a2a362a2d5670ccbfad23700448bad9fe0f577fb6ee9d4eb81dfc10d463b325b8a873fe5912eb580936d4ad96587aa6d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoA41E.tmp\ShellExecAsUser.dll
    Filesize

    7KB

    MD5

    86a81b9ab7de83aa01024593a03d1872

    SHA1

    8fd7c645e6e2cb1f1bcb97b3b5f85ce1660b66be

    SHA256

    27d61cacd2995f498ba971b3b2c53330bc0e9900c9d23e57b2927aadfdee8115

    SHA512

    cc37bd5d74d185077bdf6c4a974fb29922e3177e2c5971c664f46c057aad1236e6f3f856c5d82f1d677c29896f0e3e71283ef04f886db58abae151cb27c827ac

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoA41E.tmp\System.dll
    Filesize

    10KB

    MD5

    56a321bd011112ec5d8a32b2f6fd3231

    SHA1

    df20e3a35a1636de64df5290ae5e4e7572447f78

    SHA256

    bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

    SHA512

    5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoA41E.tmp\nsDialogs.dll
    Filesize

    9KB

    MD5

    f832e4279c8ff9029b94027803e10e1b

    SHA1

    134ff09f9c70999da35e73f57b70522dc817e681

    SHA256

    4cd17f660560934a001fc8e6fdcea50383b78ca129fb236623a9666fcbd13061

    SHA512

    bf92b61aa267e3935f0ea7f47d8d96f09f016e648c2a7e7dcd5ecc47da864e824c592098c1e39526b643bd126c5c99d68a7040411a4cf68857df629f24d4107d

    Download Submit

  • memory/2616-232-0x00000000003F0000-0x00000000003F2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2860-1222-0x0000000140000000-0x00000001405E8000-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2860-1221-0x0000000140000000-0x00000001405E8000-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2860-1223-0x0000000140000000-0x00000001405E8000-memory.dmp

    Filesize

    5.9MB

    Download